14289 matches found
[SECURITY] [DLA 1887-1] freetype security update
Package : freetype Version : 2.5.2-3+deb8u3 CVE ID : CVE-2015-9290 A buffer over-read in the t1-parser of freetype, a font engine, has been found and fixed by checking limits more sensible. For Debian 8 "Jessie", this problem has been fixed in version 2.5.2-3+deb8u3. We recommend that you upgrade...
[SECURITY] [DLA 1818-1] dbus security update
Package : dbus Version : 1.8.22-0+deb8u2 CVE ID : CVE-2019-12749 Debian Bug : 930375 Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUSCOOKIESHA1 authentication mechanism was susceptible to a...
[SECURITY] [DLA 1764-1] mercurial security update
Package : mercurial Version : 3.1.2-2+deb8u7 CVE ID : CVE-2019-3902 Debian Bug : 927674 It was discovered that there was a path traversal vulnerability in the "mercurial" distributed revision version control system. Symbolic links and subrepositories could be used defeat Mercurials path-checking...
[SECURITY] [DSA 4432-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4432-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 16, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1730-1] libssh2 security update
Package : libssh2 Version : 1.4.3-4.1+deb8u2 CVE ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 Debian Bug : 924965 Several vulnerabilities have recently been discovered in libssh2, a client-side C library...
[SECURITY] [DLA 1660-2] rssh regression update
Package : rssh Version : 2.3.4-4+deb8u3 Debian Bug : 921655 It was discovered that the fix for the security vulnerability released for rssh in 2.3.4-4+deb8u2 via DLA-1660-1 introduced a regression that blocked scp1 of multiple files from a server using rssh. Please see...
[SECURITY] [DSA 5899-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5899-1 [email protected] https://www.debian.org/security/ Alberto Garcia April 10, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3341-1] curl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3341-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk February 24, 2023 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2557-1] linux-4.19 security update
Debian LTS Advisory DLA-2557-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings February 12, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.171-2deb9u1 CVE ID : CVE-2020-27815 CVE-2020-27825 CVE-2020-27830 CVE-2020-28374 CVE-2020-29568...
[SECURITY] [DLA 2542-1] tzdata new upstream version
------------------------------------------------------------------------- Debian LTS Advisory DLA-2542-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 02, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2203-1] sqlite3 security update
Package : sqlite3 Version : 3.8.7.1-1+deb8u5 CVE ID : CVE-2020-11655 It was discovered that there was a denial of service attack in the SQLite database, often embedded into other programs and servers. In the event of a semantic error in an aggregate query, SQLite did not return early from the...
[SECURITY] [DLA 1990-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.189-3+deb9u2deb8u1 CVE ID : CVE-2018-12207 CVE-2019-0154 CVE-2019-0155 CVE-2019-11135 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2018-12207 It was discovere...
[SECURITY] [DLA 1927-1] qemu security update
Package : qemu Version : 1:2.1+dfsg-12+deb8u12 CVE ID : CVE-2016-5126 CVE-2016-5403 CVE-2017-9375 CVE-2019-12068 CVE-2019-12155 CVE-2019-13164 CVE-2019-14378 CVE-2019-15890 Debian Bug : 826151 832619 864219 929353 931351 933741 933742 939868 939869 Several vulnerabilities were found in QEMU, a fa...
[SECURITY] [DLA 1888-1] imagemagick security update
Package : imagemagick Version : 8:6.8.9.9-5+deb8u17 CVE ID : CVE-2019-12974 CVE-2019-13135 CVE-2019-13295 CVE-2019-13297 CVE-2019-13304 CVE-2019-13305 CVE-2019-13306 Multiple vulnerabilities have been found in imagemagick, an image processing toolkit. CVE-2019-12974 NULL pointer dereference in...
[SECURITY] [DLA 1875-1] fusiondirectory security update
Package : fusiondirectory Version : 1.0.8.2-5+deb8u2 CVE ID : CVE-2019-11187 In FusionDirectory, an LDAP web-frontend written in PHP originally derived GOsa² 2.6.x, a vulnerability was found that could theoretically lead to unauthorized access to the LDAP database managed with FusionDirectory. LD...
[SECURITY] [DSA 4491-1] proftpd-dfsg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4491-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 04, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1780-1] firefox-esr new upstream version
Package : firefox-esr Version : 60.6.2esr-1deb8u1 Debian Bug : 928415 928449 928509 Firefox 60.6.2 ESR repairs a certificate chain issue that caused extensions to be disabled in the past few days. More information, and details of known remaining issues, can be found at...
[SECURITY] [DLA 1713-1] libsdl1.2 security update
Package : libsdl1.2 Version : 1.2.15-10+deb8u1 CVE ID : CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638 Multiple buffer overflow security issues have been found in libsdl1.2, a library that...
openssl security update
Package: openssl Version: 0.9.8o-4squeeze16 CVE ID: CVE-2014-0224 CVE-2012-4929 CVE-2014-0224 This update updates the upstream fix for CVE-2014-0224 to address problems with renegotiation under some conditions. original text: KIKUCHI Masashi discovered that carefully crafted handshakes can force...
[SECURITY] [DSA 5681-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5681-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 06, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3255-1] mplayer security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3255-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 31, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2785-1] linux-4.19 security update
Debian LTS Advisory DLA-2785-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings October 15, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.208-1deb9u1 CVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3444 CVE-2021-3600 CVE-2021-3612 CVE-2021-3653...
[SECURITY] [DSA 4927-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4927-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 05, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2537-1] ffmpeg security update
Debian LTS Advisory DLA-2537-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez January 31, 2021 https://wiki.debian.org/LTS Package : ffmpeg Version : 7:3.2.15-0+deb9u2 CVE ID : CVE-2019-17539 CVE-2020-35965 Debian Bug : 979999 Two vulnerabilities have been...
[SECURITY] [DLA 2242-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.210-1+deb9u1deb8u1 CVE ID : CVE-2019-2182 CVE-2019-5108 CVE-2019-19319 CVE-2019-19462 CVE-2019-19768 CVE-2019-20806 CVE-2019-20811 CVE-2020-0543 CVE-2020-2732 CVE-2020-8428 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-9383 CVE-2020-10711 CVE-2020-10732...
[SECURITY] [DLA 2127-1] dojo security update
Package : dojo Version : 1.10.2+dfsg-1+deb8u2 CVE ID : CVE-2019-10785 Debian Bug : 952771 dojox was vulnerable to Cross-site Scripting. This was due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them. For Debian 8 "Jessie", this problem has been fix...
[SECURITY] [DLA 2050-1] php5 security update
Package : php5 Version : 5.6.40+dfsg-0+deb8u8 CVE ID : CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050 Several security bugs have been identified and fixed in php5, a server-side, HTML-embedded scripting language. The affected components include the exif module and handling of filenam...
[SECURITY] [DLA-1874-1] postgresql-9.4 security update
Package : postgresql-9.4 Version : 9.4.24-0+deb8u1 CVE ID : CVE-2019-10208 CVE-2019-10208: TYPE in pgtemp executes arbitrary SQL during SECURITY DEFINER execution Versions Affected: 9.4 - 11 Given a suitable SECURITY DEFINER function, an attacker can execute arbitrary SQL under the identity of th...
[SECURITY] [DLA 1745-1] libdatetime-timezone-perl new upstream version
Package : libdatetime-timezone-perl Version : 1:1.75-2+2019a This update includes the changes in tzdata 2019a for the Perl bindings. For the list of changes, see DLA-1744-1. For Debian 8 "Jessie", this problem has been fixed in version 1:1.75-2+2019a. We recommend that you upgrade your...
[SECURITY] [DSA 4356-1] netatalk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4356-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 20, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5868-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5868-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 18, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5703-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5703-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 02, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2623-1] qemu security update
Debian LTS Advisory DLA-2623-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 10, 2021 https://wiki.debian.org/LTS Package : qemu Version : 1:2.8+dfsg-6+deb9u14 CVE ID : CVE-2020-17380 CVE-2021-3392 CVE-2021-3409 CVE-2021-3416 CVE-2021-20203 CVE-2021-20255...
[SECURITY] [DSA 4889-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4889-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 10, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2481-1] openldap security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2481-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 04, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2463-1] samba security update
Debian LTS Advisory DLA-2463-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez November 22, 2020 https://wiki.debian.org/LTS Package : samba Version : 2:4.5.16+dfsg-1+deb9u3 CVE ID : CVE-2020-1472 CVE-2020-10704 CVE-2020-10730 CVE-2020-10745 CVE-2020-10760...
[SECURITY] [DLA 2241-2] linux security update
Package : linux Version : 3.16.84-1 CVE ID : CVE-2015-8839 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612 CVE-2018-14613 CVE-2019-5108 CVE-2019-19319 CVE-2019-19447 CVE-2019-19768 CVE-2019-20636 CVE-2020-0009 CVE-2020-0543 CVE-2020-1749 CVE-2020-2732 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649...
[SECURITY] [DSA 4681-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4681-1 [email protected] https://www.debian.org/security/ Alberto Garcia May 07, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2188-1] php5 security update
Package : php5 Version : 5.6.40+dfsg-0+deb8u11 CVE ID : CVE-2020-7064 CVE-2020-7066 CVE-2020-7067 Three issues have been found in php5, a server-side, HTML-embedded scripting language. CVE-2020-7064 A one byte out-of-bounds read, which could potentially lead to information disclosure or crash...
[SECURITY] [DSA 4623-1] postgresql-11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4623-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 13, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2090-1] qemu security update
Package : qemu Version : 1:2.1+dfsg-12+deb8u13 CVE ID : CVE-2020-7039 Debian Bug : 949085 tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanag es memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds acces s whi...
[SECURITY] [DLA 1974-1] proftpd-dfsg security update
Package : proftpd-dfsg Version : 1.3.5e+r1.3.5-2+deb8u4 CVE ID : CVE-2019-18217 An issue has been found in proftp-dfsg, a versatile, virtual-hosting FTP daemon. Due to incorrect handling of overly long commands, a remote unauthenticated user could trigger a denial-of-service by reaching an endles...
[SECURITY] [DLA 1958-1] libdatetime-timezone-perl new upstream version
Package : libdatetime-timezone-perl Version : 1:1.75-2+2019c This update includes the changes in tzdata 2019c for the Perl bindings. For the list of changes, see DLA-1957-1. For Debian 8 "Jessie", this problem has been fixed in version 1:1.75-2+2019c. We recommend that you upgrade your...
[SECURITY] [DLA 1753-1] proftpd-dfsg security update
Package : proftpd-dfsg Version : 1.3.5e-0+deb8u1 CVE ID : not-available Debian Bug : 923926 Several memory leaks were discovered in proftpd-dfsg, a versatile, virtual-hosting FTP daemon, when modfacl or modsftp is used which could lead to memory exhaustion and a denial-of-service. For Debian 8...
[SECURITY] [DSA 4427-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4427-1 [email protected] https://www.debian.org/security/ Sebastien Delafond April 08, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4346-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4346-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 27, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5673-1] glibc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5673-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 23, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2786-1] nghttp2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2786-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky October 16, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2723-1] linuxptp security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2723-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 31, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4933-1] nettle security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4933-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 18, 2021 https://www.debian.org/security/faq -...