14409 matches found
[SECURITY] [DSA 4446-1] lemonldap-ng security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4446-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5376-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5376-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 20, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2569-1] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2569-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 19, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2478-1] postgresql-9.6 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2478-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 02, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2361-1] libx11 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2361-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 01, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4680-1] tomcat9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4680-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 06, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1940-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.189-3+deb9u1deb8u1 CVE ID : CVE-2019-14821 CVE-2019-14835 CVE-2019-15117 CVE-2019-15118 CVE-2019-15902 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-14821...
[SECURITY] [DLA 1933-1] ruby-nokogiri security update
Package : ruby-nokogiri Version : 1.6.3.1+ds-1+deb8u1 CVE ID : CVE-2019-5477 A command injection vulnerability in Nokogiri allows commands to be executed in a subprocess by Rubys Kernel.open method. For Debian 8 "Jessie", this problem has been fixed in version 1.6.3.1+ds-1+deb8u1. We recommend th...
[SECURITY] [DLA 1871-1] vim security update
Package : vim Version : 2:7.4.488-7+deb8u4 CVE ID : CVE-2017-11109 CVE-2017-17087 CVE-2019-12735 Debian Bug : 867720 930020 Several minor issues have been fixed in vim, a highly configurable text editor. CVE-2017-11109 Vim allows attackers to cause a denial of service invalid free or possibly hav...
[SECURITY] [DLA 1732-1] openjdk-7 security update
Package : openjdk-7 Version : 7u211-2.6.17-1deb8u1 CVE ID : CVE-2019-2422 A memory disclosure vulnerability was discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in information disclosure or bypass of sandbox restrictions. For Debian 8 "Jessie", this problem has been...
[SECURITY] [DLA 1718-1] sqlalchemy security update
Package : sqlalchemy Version : 0.9.8+dfsg-0.1+deb8u1 CVE ID : CVE-2019-7164 CVE-2019-7548 Debian Bug : 922669 Two vulnerabilities were discovered in SQLALchemy, a Python SQL Toolkit and Object Relational Mapper. CVE-2019-7164 SQLAlchemy allows SQL Injection via the orderby parameter. CVE-2019-754...
[SECURITY] [DLA 1650-1] rssh security update
Package : rssh Version : 2.3.4-4+deb8u1 CVE ID : CVE-2019-1000018 Debian Bug : 919623 The ESnet security team discovered a vulnerability in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve Subversion, rdist and/or rsync operations. Missing validation in the scp...
[SECURITY] [DLA 1608-1] php5 security update
Package : php5 Version : 5.6.39+dfsg-0+deb8u1 CVE ID : CVE-2018-19518 CVE-2018-19935 Vulnerabilities have been discovered in php5, a server-side, HTML-embedded scripting language. Note that this update includes a change to the default behavior for IMAP connections. See below for details...
[SECURITY] [DLA 1606-1] gcc-4.9 bugfix update
Package : gcc-4.9 Version : 4.9.2-10+deb8u2 Debian Bug : 727621 This update fixes libstdc++ std::future support on armel, which is necessary to get firefox-esr and thunderbird updates built on that architecture. For Debian 8 "Jessie", this problem has been fixed in version 4.9.2-10+deb8u2. Furthe...
[SECURITY] [DLA 1544-1] tomcat7 security update
Package : tomcat7 Version : 7.0.56-3+really7.0.91-1 CVE ID : CVE-2018-11784 Sergey Bobrov discovered that when the default servlet returned a redirect to a directory e.g. redirecting to /foo/ when the user requested /foo a specially crafted URL could be used to cause the redirect to be generated ...
[SECURITY] [DSA 5895-1] xz-utils security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5895-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 05, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3588-1] vim security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3588-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès September 29, 2023 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5085-1] expat security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5085-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 22, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5050-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5050-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 20, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2638-1] jackson-databind security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2638-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta April 25, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2558-1] xterm security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2558-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 14, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2488-2] python-apt regression update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2488-2 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 26, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4625-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4625-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 15, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1817-1] libgd2 security update
Package : libgd2 Version : 2.1.0-5+deb8u13 CVE ID : CVE-2019-11038 Debian Bug : 929821 An unitialized read was discovered in the XBM support of libgd2, a library for programmatic graphics creation and manipulation. The unitialized read might lead to information disclosure. For Debian 8 "Jessie",...
[SECURITY] [DSA 4443-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4443-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 14, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1756-1] libxslt security update
Package : libxslt Version : 1.1.28-2+deb8u4 CVE ID : CVE-2019-11068 Debian Bug : 926895 It was discovered that there was a authentication bypass vulnerability in libxslt, a widely-used library for transforming files from XML to other arbitrary format. The xsltCheckRead and xsltCheckWrite routines...
[SECURITY] [DLA 1694-1] qemu security update
Package : qemu Version : 1:2.1+dfsg-12+deb8u10 CVE ID : CVE-2018-12617 CVE-2018-16872 CVE-2019-6778 Debian Bug : 916397, 902725, 921525 Several vulnerabilities were found in QEMU, a fast processor emulator: CVE-2018-12617 The qmpguestfileread function qga/commands-posix.c is affected by an intege...
[SECURITY] [DSA 3896-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3896-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 22, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2742-1] ffmpeg security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2742-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky August 14, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2733-1] tomcat8 security update
Debian LTS Advisory DLA-2733-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 05, 2021 https://wiki.debian.org/LTS Package : tomcat8 Version : 8.5.54-0+deb9u7 CVE ID : CVE-2021-30640 CVE-2021-33037 Debian Bug : 991046 991046 Several security vulnerabilitie...
[SECURITY] [DLA 2695-1] klibc security update
Debian LTS Advisory DLA-2695-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings June 28, 2021 https://wiki.debian.org/LTS Package : klibc Version : 2.0.4-9+deb9u1 CVE ID : CVE-2021-31870 CVE-2021-31871 CVE-2021-31872 CVE-2021-31873 Debian Bug : 989505 Several...
[SECURITY] [DLA 2596-1] shadow security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2596-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 17, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2366-1] imagemagick security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2366-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 07, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4600-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4600-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 09, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2055-1] igraph security update
Package : igraph Version : 0.7.1-2+deb8u1 CVE ID : CVE-2018-20349 An issue has been found in igraph, a library for creating and manipulating graphs. A NULL pointer dereference vulneribility was detected in igraphistrdiff. For Debian 8 "Jessie", this problem has been fixed in version 0.7.1-2+deb8u...
[SECURITY] [DLA 2017-1] asterisk security update
Package : asterisk Version : 1:11.13.1dfsg-2+deb8u7 CVE ID : CVE-2019-13161 CVE-2019-18610 CVE-2019-18790 Several vulnerabilites are fixed in Asterisk, an Open Source PBX and telephony toolkit. CVE-2019-13161 An attacker was able to crash Asterisk when handling an SDP answer to an outgoing T.38...
[SECURITY] [DLA 2000-1] pam-python security update
Package : pam-python Version : 1.0.4-1.1+deb8u1 CVE ID : CVE-2019-16729 Debian Bug : 942514 It was discovered that pam-python, a PAM Module that runs the Python interpreter, has an issue in regard to the default environment variable handling of Python. This issue could allow for local root...
[SECURITY] [DSA 4572-1] slurm-llnl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4572-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 18, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1937-1] httpie security update
Package : httpie Version : 0.8.0-1+deb8u1 CVE ID : CVE-2019-10751 Debian Bug : 940058 An open redirect, that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in his o...
[SECURITY] [DLA 1931-1] libgcrypt20 security update
Package : libgcrypt20 Version : 1.6.3-2+deb8u6 CVE ID : CVE-2019-13627 Debian Bug : 938938 It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. For Debian 8 "Jessie", this issue has been fixed in libgcrypt20 version 1.6.3-2+deb8u6. We recommend that you...
[SECURITY] [DLA 1867-1] wpa security update
Package : wpa Version : 2.3-1+deb8u8 CVE ID : CVE-2019-9495 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499 CVE-2019-11555 Debian Bug : 927463 Several vulnerabilities were discovered in WPA supplicant / hostapd. Some of them could only partially be mitigated, please read below for details. CVE-2019-949...
[SECURITY] [DLA 1858-1] squid3 security update
Package : squid3 Version : 3.4.8-6+deb8u8 CVE ID : CVE-2019-12525 CVE-2019-12529 Squid, a high-performance proxy caching server for web clients, has been found vulnerable to denial of service attacks associated with HTTP authentication header processing. CVE-2019-12525 Due to incorrect buffer...
[SECURITY] [DLA 1680-1] tiff security update
Package : tiff Version : 4.0.3-12.3+deb8u8 CVE ID : CVE-2018-17000 CVE-2018-19210 CVE-2019-7663 Brief introduction CVE-2018-17000 A NULL pointer dereference in the function TIFFmemcmp at tifunix.c called from TIFFWriteDirectoryTagTransferfunction allows an attacker to cause a denial-of-service...
[SECURITY] [DSA 4958-1] exiv2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4958-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 13, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2663-1] libimage-exiftool-perl security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2663-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta May 16, 2021 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...
[SECURITY] [DSA 4851-1] subversion security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4851-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 13, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2491-1] openexr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2491-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb December 13, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4792-1] openldap security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4792-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 17, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2128-1] openjdk-7 security update
Package : openjdk-7 Version : 7u251-2.6.21-1deb8u1 CVE ID : CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of...
[SECURITY] [DSA 4628-1] php7.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4628-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 18, 2020 https://www.debian.org/security/faq -...