14409 matches found
[SECURITY] [DSA 4376-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4376-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 30, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4359-1] wireshark security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4359-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA-1588-1] icecast2 security update
Package : icecast2 Version : 2.4.0-1.1+deb8u2 CVE ID : CVE-2018-18820 Debian Bug : 912611 A buffer overflow was discovered in the URL-authentication backend of the icecast2, the popular open source streaming media server. If the backend is enabled, then any malicious HTTP client can send a reques...
[SECURITY] [DLA 2732-1] openexr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2732-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler August 04, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2666-1] libx11 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2666-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 24, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4898-1] wpa security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4898-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 22, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2550-1] openjpeg2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2550-1 [email protected] https://www.debian.org/lts/security/ Brian May February 09, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2228-1] json-c security update
Package : json-c Version : 0.11-4+deb8u1 CVE ID : CVE-2020-12762 Debian Bug : 960326 The json-c shared library had an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend. For Debian 8 "Jessie", this problem has been fixed in version 0.11-4+deb8u1. ...
[SECURITY] [DSA 4677-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4677-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 06, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4667-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4667-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4644-1] tor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4644-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 20, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4590-1] cyrus-imapd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4590-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 19, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1991-1] libssh2 security update
Package : libssh2 Version : 1.4.3-4.1+deb8u6 CVE ID : CVE-2019-17498 Debian Bug : 943562 In libssh2, SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server m...
[SECURITY] [DLA 1985-1] djvulibre security update
Package : djvulibre Version : 3.5.25.4-4+deb8u2 CVE ID : CVE-2019-18804 It was discovered that there was a NULL pointer dereference issue in the IW44 encoder/decoder within DjVu, a set of compression technologies for high-resolution ssues. For Debian 8 "Jessie", this issue has been fixed in...
[SECURITY] [DSA 4547-1] tcpdump security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4547-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 21, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1950-1] openjpeg2 security update
Package : openjpeg2 Version : 2.1.0-2+deb8u8 CVE ID : CVE-2018-21010 Debian Bug : 939553 A heap buffer overflow vulnerability was discovered in openjpeg2, the open-source JPEG 2000 codec. This vulnerability is caused by insufficient validation of width and height of image components in...
[SECURITY] [DLA 1796-1] jruby security update
Package : jruby Version : 1.5.6-9+deb8u1 CVE ID : CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 Debian Bug : 895778 925987 Multiple vulnerabilities have been discovered in jruby, Java...
[SECURITY] [DLA 1684-1] systemd security update
Package : systemd Version : 215-17+deb8u10 CVE ID : CVE-2019-6454 Chris Coulson discovered a flaw in systemd leading to denial of service. An unprivileged user could take advantage of this issue to crash PID1 by sending a specially crafted D-Bus message on the system bus. For Debian 8 "Jessie",...
[SECURITY] [DSA 4395-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4395-1 [email protected] https://www.debian.org/security/ Michael Gilbert February 18, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4386-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4386-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini February 06, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1656-1] agg security update
Package : agg Version : 2.5+dfsg1-9+deb8u1 CVE ID : CVE-2019-6245 Debian Bug : 919322 A stack overflow vulnerability was discovered in AGG, the AntiGrain Geometry graphical toolkit, that may lead to code execution if a malformed file is processed. Since AGG only provides a static library, the...
[SECURITY] [DSA 4347-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4347-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 29, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3085-1] curl security update
Debian LTS Advisory DLA-3085-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 29, 2022 https://wiki.debian.org/LTS Package : curl Version : 7.64.0-4+deb10u3 CVE ID : CVE-2021-22898 CVE-2021-22924 CVE-2021-22946 CVE-2021-22947 CVE-2022-22576 CVE-2022-27776...
[SECURITY] [DLA 2690-1] linux-4.19 security update
Debian LTS Advisory DLA-2690-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings June 22, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.194-1deb9u1 CVE ID : CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-25670 CVE-2020-25671 CVE-2020-2567...
[SECURITY] [DSA 4884-1] ldb security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4884-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 02, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2610-1] linux-4.19 security update
Debian LTS Advisory DLA-2610-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 30, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.181-1deb9u1 CVE ID : CVE-2020-27170 CVE-2020-27171 CVE-2021-3348 CVE-2021-3428 CVE-2021-26930 CVE-2021-26931...
[SECURITY] [DSA 4653-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4653-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 04, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4528-1] bird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4528-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 19, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1815-1] poppler security update
Package : poppler Version : 0.26.5-2+deb8u10 CVE ID : CVE-2019-10872 CVE-2019-12293 CVE-2019-12360 Several vulnerabilities have been found in the poppler PDF rendering library, which could result in denial of service or possibly other unspecified impact when processing malformed or maliciously...
[SECURITY] [DSA 4433-1] ruby2.3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4433-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 16, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1686-1] freedink-dfarc security update
Package : freedink-dfarc Version : 3.12-1+deb8u1 CVE ID : CVE-2018-0496 Sylvain Beucler and Dan Walma discovered several directory traversal issues in DFArc, a frontend and extensions manager for the Dink Smallwood game, allowing an attacker to overwrite arbitrary files on the users system. For...
[SECURITY] [DLA 1652-1] libvncserver security update
Package : libvncserver Version : 0.9.9+dfsg2-6.1+deb8u5 CVE ID : CVE-2018-15126 CVE-2018-20748 CVE-2018-20749 CVE-2018-20750 A vulnerability was found by Kaspersky Lab in libvncserver, a C library to implement VNC server/client functionalities. In addition, some of the vulnerabilities addressed i...
[SECURITY] [DLA 2743-1] amd64-microcode security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2743-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 16, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2713-1] linux security update
Debian LTS Advisory DLA-2713-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings July 20, 2021 https://wiki.debian.org/LTS Package : linux Version : 4.9.272-2 CVE ID : CVE-2021-3609 CVE-2021-21781 CVE-2021-33909 CVE-2021-34693 Debian Bug : 990072 Brief introduction...
[SECURITY] [DLA 2667-1] djvulibre security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2667-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 26, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2653-1] libxml2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2653-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 10, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2602-1] imagemagick security update
Debian LTS Advisory DLA-2602-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany March 23, 2021 https://wiki.debian.org/LTS Package : imagemagick Version : 8:6.9.7.4+dfsg-11+deb9u12 CVE ID : CVE-2020-25666 CVE-2020-25675 CVE-2020-25676 CVE-2020-27754 CVE-2020-27757...
[SECURITY] [DLA 2518-1] cairo security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2518-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta January 06, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2277-1] openjpeg2 security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2277-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta July 11, 2020 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...
[SECURITY] [DLA 2125-1] collabtive security update
Package : collabtive Version : 2.0+dfsg-5+deb8u1 CVE ID : CVE-2015-0258 An issue has been found in collabtive, a web-based project management software. Due to missing checks an attacker could upload scripts, which would execute code on the server by accessing for example avatar images. For Debian...
[SECURITY] [DLA 1947-1] libreoffice security update
Package : libreoffice Version : 1:4.3.3-2+deb8u13 CVE ID : CVE-2019-9848 CVE-2019-9849 CVE-2019-9850 CVE-2019-9851 CVE-2019-9852 CVE-2019-9853 CVE-2019-9854 Several vulnerabilities were discovered in LibreOffice, the office productivity suite. CVE-2019-9848 Nils Emmerich discovered that malicious...
[SECURITY] [DSA 4524-1] dino-im security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4524-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 16, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1843-1] pdns security update
Package : pdns Version : 3.4.1-4+deb8u10 CVE ID : CVE-2019-10162 CVE-2019-10163 Two vulnerabilities have been discovered in pdns, an authoritative DNS server which may result in denial of service via malformed zone records and excessive NOTIFY packets in a master/slave setup. CVE-2019-10162 An...
[SECURITY] [DLA 1816-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1+deb8u10 CVE ID : CVE-2019-12248 CVE-2019-12497 Two security vulnerabilities were discovered in the Open Ticket Request System that could lead to information disclosure or privilege escalation. New configuration options were added to resolve those problems...
[SECURITY] [DSA 5477-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5477-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 14, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2771-1] krb5 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2771-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 30, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2680-1] nginx security update
Debian LTS Advisory DLA-2680-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 07, 2021 https://wiki.debian.org/LTS Package : nginx Version : 1.10.3-1+deb9u7 CVE ID : CVE-2017-20005 Jamie Landeg-Jones and Manfred Paul discovered a buffer overflow vulnerabilit...
[SECURITY] [DLA 2355-1] bind9 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2355-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz August 29, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 1988-1] ampache security update
Package : ampache Version : 3.6-rzb2752+dfsg-5+deb8u1 CVE ID : CVE-2019-12385 CVE-2019-12386 Several vulnerabilities were discovered in Ampache, a web-based audio file management system. CVE-2019-12385 A stored XSS exists in the localplay.php LocalPlay "add instance" functionality. The injected...
[SECURITY] [DLA 1792-2] cups-filters regression update
Package : cups-filters Version : 1.0.61-5+deb8u4 Debian Bug : 926576 928936 928952 The update for ghostscript released as DLA-1792-1 uncovered an issue in cups-filters which was using the undocumented Ghostscript internal "pdfdict" now hidden in the ghostscript update. Updated cups-filters packag...