14333 matches found
[SECURITY] [DLA 1801-1] zookeeper security update
Package : zookeeper Version : 3.4.9-3+deb8u2 CVE ID : CVE-2019-0201 Debian Bug : 929283 It was discovered that there was an information disclosure vulnerability in zookeeper, a distributed co-ordination server. Users who were not authorised to read data were able to view the access control list...
[SECURITY] [DSA 4449-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4449-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 22, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4372-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4372-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 26, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1545-1] tomcat8 security update
Package : tomcat8 Version : 8.0.14-1+deb8u14 CVE ID : CVE-2018-11784 Sergey Bobrov discovered that when the default servlet returned a redirect to a directory e.g. redirecting to /foo/ when the user requested /foo a specially crafted URL could be used to cause the redirect to be generated to any...
[SECURITY] [DSA 5650-1] util-linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5650-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 31, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2661-1] jetty9 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2661-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 14, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4843-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4843-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 01, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2513-1] p11-kit security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2513-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk January 04, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2206-1] thunderbird security update
Package : thunderbird Version : 1:68.8.0-1deb8u1 CVE ID : CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-12397 Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the...
[SECURITY] [DLA 1677-1] firefox-esr security update
Package : firefox-esr Version : 60.5.1esr-1deb8u1 CVE ID : CVE-2018-18356 CVE-2019-5785 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For Debian 8 "Jessie", these problems have been fixed in version...
[SECURITY] [DSA 4320-1] asterisk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4320-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 16, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3182-1] vim security update
Debian LTS Advisory DLA-3182-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 08, 2022 https://wiki.debian.org/LTS Package : vim Version : 2:8.1.0875-5+deb10u3 CVE ID : CVE-2021-3927 CVE-2021-3928 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069...
[SECURITY] [DLA 2713-2] linux security update
Debian LTS Advisory DLA-2713-2 [email protected] https://www.debian.org/lts/security/ Ben Hutchings July 20, 2021 https://wiki.debian.org/LTS Package : linux Version : 4.9.272-2 CVE ID : CVE-2021-3609 CVE-2021-21781 CVE-2021-33909 CVE-2021-34693 Debian Bug : 990072 Several vulnerabiliti...
[SECURITY] [DSA 4858-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4858-1 [email protected] https://www.debian.org/security/ Michael Gilbert February 19, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1972-1] mosquitto security update
Package : mosquitto Version : 1.3.4-2+deb8u4 CVE ID : CVE-2017-7655 CVE-2018-12550 CVE-2018-12551 CVE-2019-11779 Several issues have been found in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker. CVE-2017-7655 A Null dereference vulnerability in the Mosquitto library could lead to...
[SECURITY] [DLA 1952-1] rsyslog security update
Package : rsyslog Version : 8.4.2-1+deb8u3 CVE IDs : CVE-2019-17041 CVE-2019-17042 Debian Bugs : 942065 942067 It was discovered that there were two vulnerabilities in the rsyslog system/kernel logging daemon in the parsers for AIX and Cisco log messages respectfully. For Debian 8 "Jessie", these...
[SECURITY] [DSA 4521-1] docker.io security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4521-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 09, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4447-1] intel-microcode security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4447-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 15, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1754-1] samba security update
Package : samba Version : 2:4.2.14+dfsg-0+deb8u12 CVE ID : CVE-2017-9461 CVE-2018-1050 CVE-2018-1057 CVE-2019-3880 Various vulnerabilities were discovered in Samba, SMB/CIFS file, print, and login server/client for Unix CVE-2017-9461 smbd in Samba had a denial of service vulnerability fdopenatomi...
[SECURITY] [DLA 278-2] cacti regression update
Package : cacti Version : 0.8.7g-1+squeeze8 The last update of cacti in squeeze-lts, version 0.8.7g-1+squeeze7, had two regressions that caused certain output of scripts to not be processed and caused the save button of graphs.php to not save the changes. The regressions have been fixed in...
[SECURITY] [DSA 5035-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5035-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 04, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2591-1] golang-1.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2591-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 13, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2337-1] python2.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2337-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz August 22, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2241-1] linux security update
Package : linux Version : 3.16.84-1 CVE ID : CVE-2015-8839 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612 CVE-2018-14613 CVE-2019-5108 CVE-2019-19319 CVE-2019-19447 CVE-2019-19768 CVE-2019-20636 CVE-2020-0009 CVE-2020-0543 CVE-2020-1749 CVE-2020-2732 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649...
[SECURITY] [DLA 2130-1] libapache2-mod-auth-openidc security
Package : libapache2-mod-auth-openidc Version : 1.6.0-1+deb8u3 CVE ID : CVE-2019-20479 An issue has been found in libapache2-mod-auth-openidc, an OpenID Connect authentication module for Apache. Due to insufficient validatation of URLs an Open Redirect vulnerability for URLs beginning with a slas...
[SECURITY] [DLA 2053-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1+deb8u12 CVE ID : CVE-2019-18179 Debian Bug : 945251 An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, which are in the queue where attacker doesn’t have permissions. For Debian 8 "Jessie", this problem has been fix...
[SECURITY] [DLA 2005-1] tnef security update
Package : tnef Version : 1.4.9-1+deb8u4 CVE ID : CVE-2019-18849 Debian Bug : 944851 In tnef, an attacker may be able to write to the victims .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving...
[SECURITY] [DLA 1779-1] 389-ds-base security update
Package : 389-ds-base Version : 1.3.3.5-4+deb8u6 CVE ID : CVE-2019-3883 Debian Bug : 927939 In 389-ds-base up to version 1.4.1.2, requests were handled by worker threads. Each socket had been waited for by the worker for at most ioblocktimeout seconds. However, this timeout applied only to...
[SECURITY] [DLA 1723-1] cron security update
Package : cron Version : 3.0pl1-127+deb8u2 CVE ID : CVE-2017-9525 CVE-2019-9704 CVE-2019-9705 CVE-2019-9706 Debian Bug : 809167 Various security problems have been discovered in Debians CRON scheduler. CVE-2017-9525 Fix group crontab to root escalation via the Debian packages postinst script as...
[SECURITY] [DLA 1716-1] ikiwiki security update
Package : ikiwiki Version : 3.20141016.4+deb8u1 CVE ID : CVE-2019-9187 The ikiwiki maintainers discovered that the aggregate plugin did not use LWPx::ParanoidAgent. On sites where the aggregate plugin is enabled, authorized wiki editors could tell ikiwiki to fetch potentially undesired URIs even ...
[SECURITY] [DLA 1704-1] nss security update
Package : nss Version : 2:3.26-1+debu8u4 CVE ID : CVE-2018-12404 CVE-2018-18508 Debian Bug : 921614 Vulnerabilities have been discovered in nss, the Mozilla Network Security Service library. CVE-2018-12404 Cache side-channel variant of the Bleichenbacher attack CVE-2018-18508 NULL pointer...
[SECURITY] [DLA 1618-1] libsndfile security update
Package : libsndfile Version : 1.0.25-9.1+deb8u2 CVE ID : CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365 CVE-2017-14245 CVE-2017-14246 CVE-2017-14634 CVE-2017-17456 CVE-2017-17457 CVE-2018-13139 CVE-2018-19432 CVE-2018-19661 CVE-2018-19662 Multiple vulnerabilities have been found in...
[SECURITY] [DLA 1546-1] moin security update
Package : moin Version : 1.9.8-1+deb8u2 CVE ID : CVE-2017-5934 Debian Bug : 910776 Nitin Venkatesh discovered a cross-site scripting vulnerability in moin, a Python clone of WikiWiki. A remote attacker can conduct cross-site scripting attacks via the GUI editors link dialogue. This only affects...
[SECURITY] [DLA 2662-1] postgresql-9.6 security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2662-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta May 15, 2021 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...
[SECURITY] [DSA 4860-1] openldap security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4860-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 20, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2483-1] linux-4.19 security update
Debian LTS Advisory DLA-2483-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings December 05, 2020 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.160-2deb9u1 CVE ID : CVE-2019-19039 CVE-2019-19377 CVE-2019-19770 CVE-2019-19816 CVE-2020-0423...
[SECURITY] [DLA 2399-1] packagekit security update
Debian LTS Advisory DLA-2399-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez October 07, 2020 https://wiki.debian.org/LTS Package : packagekit Version : 1.1.5-2+deb9u2 CVE ID : CVE-2020-16121 CVE-2020-16122 Two vulnerabilities have been discovered in...
[SECURITY] [DLA 2388-1] nss security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2388-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 29, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4565-1] intel-microcode security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4565-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 13, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4503-1] golang-1.11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4503-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 18, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1719-1] libjpeg-turbo security update
Package : libjpeg-turbo Version : 1:1.3.1-12+deb8u2 CVE ID : CVE-2018-14498 Debian Bug : 924678 It was discovered that there was a denial of service vulnerability in the libjpeg-turbo CPU-optimised JPEG image library. A heap-based buffer over-read could be triggered by a specially-crafted bitmap...
[SECURITY] [DSA 5586-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5586-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 22, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3008-1] openssl security update
Debian LTS Advisory DLA-3008-1 [email protected] https://www.debian.org/lts/security/ Stefano Rivera May 14, 2022 https://wiki.debian.org/LTS Package : openssl Version : 1.1.0l-1deb9u6 CVE ID : CVE-2022-1292 The crehash script does not properly sanitise shell metacharacters to prevent...
[SECURITY] [DLA 2701-1] openexr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2701-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler July 03, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4882-1] openjpeg2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4882-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 01, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4869-1] tiff security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4869-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 12, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2492-1] openssl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2492-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 14, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4640-1] graphicsmagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4640-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 15, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2114-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.210-1deb8u1 CVE ID : CVE-2018-13093 CVE-2018-13094 CVE-2018-20976 CVE-2018-21008 CVE-2019-0136 CVE-2019-2215 CVE-2019-10220 CVE-2019-14615 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14895 CVE-2019-14896 CVE-2019-14897 CVE-2019-14901 CVE-2019-15098...
[SECURITY] [DSA 4475-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4475-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 01, 2019 https://www.debian.org/security/faq -...