14289 matches found
[SECURITY] [DLA 2033-1] php-horde security update
Package : php-horde Version : 5.2.1+debian0-2+deb8u5 CVE ID : CVE-2019-12095 A vulnerability has been found in php-horde, the Horde Application Framework, which may result in information disclosure via cross-site scripting. For Debian 8 "Jessie", this problem has been fixed in version...
[SECURITY] [DLA 1991-1] libssh2 security update
Package : libssh2 Version : 1.4.3-4.1+deb8u6 CVE ID : CVE-2019-17498 Debian Bug : 943562 In libssh2, SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server m...
[SECURITY] [DLA 1796-1] jruby security update
Package : jruby Version : 1.5.6-9+deb8u1 CVE ID : CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 Debian Bug : 895778 925987 Multiple vulnerabilities have been discovered in jruby, Java...
[SECURITY] [DSA 4435-1] libpng1.6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4435-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 27, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4433-1] ruby2.3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4433-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 16, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1690-1] liblivemedia security update
Package : liblivemedia Version : 2014.01.13-1+deb8u2 CVE ID : CVE-2019-6256 CVE-2019-7314 Debian Bug : 919529 Multiple vulnerabilities have been discovered in liblivemedia, the LIVE555 RTSP server library: CVE-2019-6256 liblivemedia servers with RTSP-over-HTTP tunneling enabled are vulnerable to ...
[SECURITY] [DLA 1686-1] freedink-dfarc security update
Package : freedink-dfarc Version : 3.12-1+deb8u1 CVE ID : CVE-2018-0496 Sylvain Beucler and Dan Walma discovered several directory traversal issues in DFArc, a frontend and extensions manager for the Dink Smallwood game, allowing an attacker to overwrite arbitrary files on the users system. For...
[SECURITY] [DLA 1656-1] agg security update
Package : agg Version : 2.5+dfsg1-9+deb8u1 CVE ID : CVE-2019-6245 Debian Bug : 919322 A stack overflow vulnerability was discovered in AGG, the AntiGrain Geometry graphical toolkit, that may lead to code execution if a malformed file is processed. Since AGG only provides a static library, the...
[SECURITY] [DSA 5150-1] rsyslog security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5150-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 28, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5096-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5096-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 09, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2713-1] linux security update
Debian LTS Advisory DLA-2713-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings July 20, 2021 https://wiki.debian.org/LTS Package : linux Version : 4.9.272-2 CVE ID : CVE-2021-3609 CVE-2021-21781 CVE-2021-33909 CVE-2021-34693 Debian Bug : 990072 Brief introduction...
[SECURITY] [DSA 4884-1] ldb security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4884-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 02, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2610-1] linux-4.19 security update
Debian LTS Advisory DLA-2610-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 30, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.181-1deb9u1 CVE ID : CVE-2020-27170 CVE-2020-27171 CVE-2021-3348 CVE-2021-3428 CVE-2021-26930 CVE-2021-26931...
[SECURITY] [DLA 2550-1] openjpeg2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2550-1 [email protected] https://www.debian.org/lts/security/ Brian May February 09, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 1985-1] djvulibre security update
Package : djvulibre Version : 3.5.25.4-4+deb8u2 CVE ID : CVE-2019-18804 It was discovered that there was a NULL pointer dereference issue in the IW44 encoder/decoder within DjVu, a set of compression technologies for high-resolution ssues. For Debian 8 "Jessie", this issue has been fixed in...
[SECURITY] [DLA 1950-1] openjpeg2 security update
Package : openjpeg2 Version : 2.1.0-2+deb8u8 CVE ID : CVE-2018-21010 Debian Bug : 939553 A heap buffer overflow vulnerability was discovered in openjpeg2, the open-source JPEG 2000 codec. This vulnerability is caused by insufficient validation of width and height of image components in...
[SECURITY] [DLA 1947-1] libreoffice security update
Package : libreoffice Version : 1:4.3.3-2+deb8u13 CVE ID : CVE-2019-9848 CVE-2019-9849 CVE-2019-9850 CVE-2019-9851 CVE-2019-9852 CVE-2019-9853 CVE-2019-9854 Several vulnerabilities were discovered in LibreOffice, the office productivity suite. CVE-2019-9848 Nils Emmerich discovered that malicious...
[SECURITY] [DSA 4524-1] dino-im security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4524-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 16, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1815-1] poppler security update
Package : poppler Version : 0.26.5-2+deb8u10 CVE ID : CVE-2019-10872 CVE-2019-12293 CVE-2019-12360 Several vulnerabilities have been found in the poppler PDF rendering library, which could result in denial of service or possibly other unspecified impact when processing malformed or maliciously...
[SECURITY] [DSA 4395-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4395-1 [email protected] https://www.debian.org/security/ Michael Gilbert February 18, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1652-1] libvncserver security update
Package : libvncserver Version : 0.9.9+dfsg2-6.1+deb8u5 CVE ID : CVE-2018-15126 CVE-2018-20748 CVE-2018-20749 CVE-2018-20750 A vulnerability was found by Kaspersky Lab in libvncserver, a C library to implement VNC server/client functionalities. In addition, some of the vulnerabilities addressed i...
[SECURITY] [DSA 4347-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4347-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 29, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3085-1] curl security update
Debian LTS Advisory DLA-3085-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 29, 2022 https://wiki.debian.org/LTS Package : curl Version : 7.64.0-4+deb10u3 CVE ID : CVE-2021-22898 CVE-2021-22924 CVE-2021-22946 CVE-2021-22947 CVE-2022-22576 CVE-2022-27776...
[SECURITY] [DLA 2743-1] amd64-microcode security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2743-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 16, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2732-1] openexr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2732-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler August 04, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2690-1] linux-4.19 security update
Debian LTS Advisory DLA-2690-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings June 22, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.194-1deb9u1 CVE ID : CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-25670 CVE-2020-25671 CVE-2020-2567...
[SECURITY] [DLA 2667-1] djvulibre security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2667-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 26, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2653-1] libxml2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2653-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 10, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2633-1] firefox-esr security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2633-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta April 23, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4898-1] wpa security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4898-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 22, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2355-1] bind9 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2355-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz August 29, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2125-1] collabtive security update
Package : collabtive Version : 2.0+dfsg-5+deb8u1 CVE ID : CVE-2015-0258 An issue has been found in collabtive, a web-based project management software. Due to missing checks an attacker could upload scripts, which would execute code on the server by accessing for example avatar images. For Debian...
[SECURITY] [DSA 4528-1] bird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4528-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 19, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1792-2] cups-filters regression update
Package : cups-filters Version : 1.0.61-5+deb8u4 Debian Bug : 926576 928936 928952 The update for ghostscript released as DLA-1792-1 uncovered an issue in cups-filters which was using the undocumented Ghostscript internal "pdfdict" now hidden in the ghostscript update. Updated cups-filters packag...
[SECURITY] [DSA 4445-1] drupal7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4445-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2668-1] samba security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2668-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA May 29, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2518-1] cairo security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2518-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta January 06, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 1988-1] ampache security update
Package : ampache Version : 3.6-rzb2752+dfsg-5+deb8u1 CVE ID : CVE-2019-12385 CVE-2019-12386 Several vulnerabilities were discovered in Ampache, a web-based audio file management system. CVE-2019-12385 A stored XSS exists in the localplay.php LocalPlay "add instance" functionality. The injected...
[SECURITY] [DLA 1816-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1+deb8u10 CVE ID : CVE-2019-12248 CVE-2019-12497 Two security vulnerabilities were discovered in the Open Ticket Request System that could lead to information disclosure or privilege escalation. New configuration options were added to resolve those problems...
[SECURITY] [DLA 1732-1] openjdk-7 security update
Package : openjdk-7 Version : 7u211-2.6.17-1deb8u1 CVE ID : CVE-2019-2422 A memory disclosure vulnerability was discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in information disclosure or bypass of sandbox restrictions. For Debian 8 "Jessie", this problem has been...
[SECURITY] [DLA 1650-1] rssh security update
Package : rssh Version : 2.3.4-4+deb8u1 CVE ID : CVE-2019-1000018 Debian Bug : 919623 The ESnet security team discovered a vulnerability in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve Subversion, rdist and/or rsync operations. Missing validation in the scp...
[SECURITY] [DLA 1544-1] tomcat7 security update
Package : tomcat7 Version : 7.0.56-3+really7.0.91-1 CVE ID : CVE-2018-11784 Sergey Bobrov discovered that when the default servlet returned a redirect to a directory e.g. redirecting to /foo/ when the user requested /foo a specially crafted URL could be used to cause the redirect to be generated ...
[SECURITY] [DSA 5902-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5902-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5376-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5376-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 20, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2771-1] krb5 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2771-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 30, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2680-1] nginx security update
Debian LTS Advisory DLA-2680-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 07, 2021 https://wiki.debian.org/LTS Package : nginx Version : 1.10.3-1+deb9u7 CVE ID : CVE-2017-20005 Jamie Landeg-Jones and Manfred Paul discovered a buffer overflow vulnerabilit...
[SECURITY] [DLA 2602-1] imagemagick security update
Debian LTS Advisory DLA-2602-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany March 23, 2021 https://wiki.debian.org/LTS Package : imagemagick Version : 8:6.9.7.4+dfsg-11+deb9u12 CVE ID : CVE-2020-25666 CVE-2020-25675 CVE-2020-25676 CVE-2020-27754 CVE-2020-27757...
[SECURITY] [DLA 2361-1] libx11 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2361-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 01, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2277-1] openjpeg2 security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2277-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta July 11, 2020 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...
[SECURITY] [DLA 1940-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.189-3+deb9u1deb8u1 CVE ID : CVE-2019-14821 CVE-2019-14835 CVE-2019-15117 CVE-2019-15118 CVE-2019-15902 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-14821...