14409 matches found
[SECURITY] [DLA 2018-1] proftpd-dfsg security update
Package : proftpd-dfsg Version : 1.3.5e+r1.3.5-2+deb8u5 CVE ID : CVE-2019-19269 In modtls a crash with empty CRL was fixed. For Debian 8 "Jessie", this problem has been fixed in version 1.3.5e+r1.3.5-2+deb8u5. We recommend that you upgrade your proftpd-dfsg packages. Further information about...
[SECURITY] [DLA 1999-1] symfony security update
Package : symfony Version : 2.3.21+dfsg-4+deb8u6 CVE ID : CVE-2019-18886 CVE-2019-18887 CVE-2019-18888 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. For Debian ...
[SECURITY] [DSA 4538-1] wpa security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4538-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez September 29, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4407-1] xmltooling security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4407-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 12, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1600-1] libarchive security update
Package : libarchive Version : 3.1.2-11+deb8u4 CVE ID : CVE-2015-8915 CVE-2016-8687 CVE-2016-8688 CVE-2016-8689 CVE-2016-10209 CVE-2016-10349 CVE-2016-10350 CVE-2017-5601 CVE-2017-14166 CVE-2017-14501 CVE-2017-14502 CVE-2017-14503 Debian Bug : 853278 875960 875974 875966 874539 840934 840935 8616...
[SECURITY] [DLA 1392-1] linux security update
Package : linux Version : 3.2.102-1 CVE ID : CVE-2018-1093 CVE-2018-1130 CVE-2018-8897 CVE-2018-10940 Debian Bug : 898100 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service. CVE-2018-1093 Wen Xu reported that a crafted ext4 filesystem image could...
[SECURITY] [DLA 2676-1] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2676-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb June 05, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2323-1] linux-4.19 new package
Debian LTS Advisory DLA-2323-1 [email protected] https://www.debian.org/lts/security/ August 12, 2020 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.132-1deb9u1 CVE ID : CVE-2019-18814 CVE-2019-18885 CVE-2019-20810 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768...
[SECURITY] [DSA 4616-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4616-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 02, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1971-1] libarchive security update
Package : libarchive Version : 3.1.2-11+deb8u8 CVE ID : CVE-2019-18408 An issue has been found in libarchive, a multi-format archive and compression library. In case of a crafted archive containing several parts and one part being corrupt, there would be an use-after-free for the next part of the...
[SECURITY] [DLA 1885-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.168-1+deb9u5deb8u1 CVE ID : CVE-2017-18509 CVE-2018-5995 CVE-2018-20836 CVE-2018-20856 CVE-2019-1125 CVE-2019-3882 CVE-2019-3900 CVE-2019-10207 CVE-2019-10638 CVE-2019-10639 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 Several vulnerabilities have...
[SECURITY] [DLA 1614-1] openjpeg2 security update
Package : openjpeg2 Version : 2.1.0-2+deb8u6 CVE ID : CVE-2018-6616 CVE-2018-14423 Debian Bug : 904873, 889683 Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec. CVE-2018-6616 Excessive iteration in the opjt1encodecblks function openjp2/t1.c. Remote...
[SECURITY] [DLA 1612-1] libarchive security update
Package : libarchive Version : 3.1.2-11+deb8u6 CVE ID : CVE-2018-1000877 CVE-2018-1000878 Debian Bug : 916964 916963 Daniel Axtens discovered a double-free and use-after-free vulnerability in libarchives RAR decoder that can result in a denial-of-service application crash or may have other...
[SECURITY] [DLA 4246-1] libowasp-esapi-java security update
Debian LTS Advisory DLA-4246-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 22, 2025 https://wiki.debian.org/LTS Package : libowasp-esapi-java Version : 2.4.0.0-0+deb11u1 CVE ID : CVE-2022-23457 CVE-2022-24891 CVE-2025-5878 Debian Bug : 1010339 1109378...
[SECURITY] [DLA 2935-1] expat security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2935-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 07, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5083-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5083-1 [email protected] https://www.debian.org/security/ Alberto Garcia February 19, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4963-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4963-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 24, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4950-1] ansible security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4950-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 07, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2193-1] openjdk-7 security update
Package : openjdk-7 Version : 7u261-2.6.22-1deb8u1 CVE ID : CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, insecure TLS...
[SECURITY] [DLA 1931-2] libgcrypt20 regression update
Package : libgcrypt20 Version : 1.6.3-2+deb8u8 CVE ID : CVE-2019-13627 It was discovered that the fix to address an ECDSA timing attack in the libgcrypt20 cryptographic library was incomplete. For Debian 8 "Jessie", this issue has been fixed in libgcrypt20 version 1.6.3-2+deb8u8. Thanks to Albert...
[SECURITY] [DLA 1735-1] ruby2.1 security update
Package : ruby2.1 Version : 2.1.5-2+deb8u7 CVE ID : CVE-2019-8320 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 Several vulnerabilities have been discovered in rubygems embedded in ruby2.1, the interpreted scripting language. CVE-2019-8320 A Directory Traversal issue was discovered in...
[SECURITY] [DLA 1682-1] uriparser security update
Package : uriparser Version : 0.8.0.1-2+deb8u2 CVE ID : CVE-2018-20721 Joergen Ibsen reported an issue with uriparser, a URI parsing library compliant with RFC 3986. An Out-of-bounds read for incomplete URIs with IPv6 addresses with embedded IPv4 address, e.g. "//::44.1", were possible. For Debia...
[SECURITY] [DSA 3659-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3659-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 04, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2786-1] nghttp2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2786-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky October 16, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4944-1] krb5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4944-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4888-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4888-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 10, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2242-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.210-1+deb9u1deb8u1 CVE ID : CVE-2019-2182 CVE-2019-5108 CVE-2019-19319 CVE-2019-19462 CVE-2019-19768 CVE-2019-20806 CVE-2019-20811 CVE-2020-0543 CVE-2020-2732 CVE-2020-8428 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-9383 CVE-2020-10711 CVE-2020-10732...
[SECURITY] [DLA 2216-1] ruby-rack security update
Package : ruby-rack Version : 1.5.2-3+deb8u3 CVE ID : CVE-2020-8161 There was a possible directory traversal vulnerability in the Rack::Directory app that is bundled with Rack. If certain directories exist in a director that is managed by Rack::Directory, an attacker could, using this...
[SECURITY] [DLA 2135-1] jackson-databind security update
Package : jackson-databind Version : 2.4.2-2+deb8u12 CVE ID : CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 The following CVEs were reported for jackson-databind source package. CVE-2020-9546 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and...
[SECURITY] [DSA 4601-1] ldm security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4601-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 09, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4561-1] fribidi security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4561-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 08, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1979-1] italc security update
Package : italc Version : 1:2.0.2+dfsg1-2+deb8u1 CVE ID : CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054 CVE-2014-6055 CVE-2016-9941 CVE-2016-9942 CVE-2018-6307 CVE-2018-7225 CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023...
[SECURITY] [DLA 1967-1] libpcap security update
Package : libpcap Version : 1.6.2-2+deb8u1 CVE ID : CVE-2019-15165 Debian Bug : 941697 libpcap Packet CAPture, a low-level network monitoring library, does not properly validate the PHB header length before allocating memory. This update added sanity checks for PHB header length. For Debian 8...
[SECURITY] [DLA 1631-1] libcaca security update
Package : libcaca Version : 0.99.beta19-2+deb8u1 CVE ID : CVE-2018-20544 CVE-2018-20546 CVE-2018-20547 CVE-2018-20549 Debian Bug : 917807 Several vulnerabilities were discovered in libcaca, a graphics library that outputs text: integer overflows, floating point exceptions or invalid memory reads...
[SECURITY] [DSA 5492-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5492-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 09, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2714-1] linux-4.19 security update
Debian LTS Advisory DLA-2714-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings July 20, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.194-3deb9u1 CVE ID : CVE-2020-36311 CVE-2021-3609 CVE-2021-33909 CVE-2021-34693 Debian Bug : 990072 Several...
[SECURITY] [DSA 4844-1] dnsmasq security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4844-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 02, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2425-1] openldap security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2425-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 01, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4697-1] gnutls28 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4697-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 06, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2220-1] cracklib2 security update
Package : cracklib2 Version : 2.9.2-1+deb8u1 CVE ID : CVE-2016-6318 It was discovered that there was a stack-based buffer overflow when parsing large GECOS fields in cracklib2, a pro-active password checker library. For Debian 8 "Jessie", this problem has been fixed in version 2.9.2-1+deb8u1. We...
[SECURITY] [DSA 4641-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4641-1 [email protected] https://www.debian.org/security/ Alberto Garcia March 16, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2085-1] zlib security update
Package : zlib Version : 1:1.2.8.dfsg-2+deb8u1 CVE ID : CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Several issues have been found in zlib, a compression library. They are basically about improper big-endian CRC calculation, improper left shift of negative integers and improper pointe...
[SECURITY] [DLA 1990-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.189-3+deb9u2deb8u1 CVE ID : CVE-2018-12207 CVE-2019-0154 CVE-2019-0155 CVE-2019-11135 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2018-12207 It was discovere...
[SECURITY] [DSA 4542-1] jackson-databind security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4542-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 06, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1887-1] freetype security update
Package : freetype Version : 2.5.2-3+deb8u3 CVE ID : CVE-2015-9290 A buffer over-read in the t1-parser of freetype, a font engine, has been found and fixed by checking limits more sensible. For Debian 8 "Jessie", this problem has been fixed in version 2.5.2-3+deb8u3. We recommend that you upgrade...
[SECURITY] [DLA 1765-1] gpac security update
Package : gpac Version : 0.5.0+svn5324dfsg1-1+deb8u3 CVE ID : CVE-2019-11221 CVE-2019-11222 Several issues have been found for gpac, an Open Source multimedia framework. Using crafted files one can trigger buffer overflow issues that could be used to crash the application. For Debian 8 "Jessie",...
[SECURITY] [DLA 1764-1] mercurial security update
Package : mercurial Version : 3.1.2-2+deb8u7 CVE ID : CVE-2019-3902 Debian Bug : 927674 It was discovered that there was a path traversal vulnerability in the "mercurial" distributed revision version control system. Symbolic links and subrepositories could be used defeat Mercurials path-checking...
[SECURITY] [DSA 4389-1] libu2f-host security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4389-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 11, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1609-1] libapache-mod-jk security update
Package : libapache-mod-jk Version : 1.2.46-0+deb8u1 CVE ID : CVE-2018-11759 A vulnerability has been discovered in libapache-mod-jk, the Apache 2 connector for the Tomcat Java servlet engine. The libapache-mod-jk connector is susceptible to information disclosure and privilege escalation because...
[SECURITY] [DLA 1506-1] intel-microcode security update
Package : intel-microcode Version : 3.20180807a.1deb8u1 CVE ID : CVE-2018-3615, CVE-2018-3620, CVE-2018-3646 CVE-2018-3639, CVE-2018-3640, CVE-2017-5715 Security researchers identified speculative execution side-channel methods which have the potential to improperly gather sensitive data from...