14409 matches found
[SECURITY] [DSA 5681-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5681-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 06, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2557-1] linux-4.19 security update
Debian LTS Advisory DLA-2557-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings February 12, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.171-2deb9u1 CVE ID : CVE-2020-27815 CVE-2020-27825 CVE-2020-27830 CVE-2020-28374 CVE-2020-29568...
[SECURITY] [DSA 4845-1] openldap security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4845-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 03, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2509-1] tzdata new upstream version
------------------------------------------------------------------------- Debian LTS Advisory DLA-2509-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 29, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2203-1] sqlite3 security update
Package : sqlite3 Version : 3.8.7.1-1+deb8u5 CVE ID : CVE-2020-11655 It was discovered that there was a denial of service attack in the SQLite database, often embedded into other programs and servers. In the event of a semantic error in an aggregate query, SQLite did not return early from the...
[SECURITY] [DSA 4636-1] python-bleach security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4636-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2061-1] firefox-esr security update
Package : firefox-esr Version : 68.4.0esr-1deb8u1 CVE ID : CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, data exfiltration o...
[SECURITY] [DLA 2021-1] libav security update
Package : libav Version : 6:11.12-1deb8u9 CVE ID : CVE-2017-17127 CVE-2017-18245 CVE-2018-19128 CVE-2018-19130 CVE-2019-14443 CVE-2019-17542 Several security issues were fixed in libav, a multimedia library for processing audio and video files. CVE-2017-17127 The vc1decodeframe function in...
[SECURITY] [DLA 1998-1] python-psutil security update
Package : python-psutil Version : 2.1.1-1+deb8u1 CVE ID : CVE-2019-18874 Debian Bug : 944605 It was discovered that there were multiple double free vulnerabilities in python-psutil, a Python module providing convenience functions for accessing system process data. This was caused by incorrect...
[SECURITY] [DLA 1927-1] qemu security update
Package : qemu Version : 1:2.1+dfsg-12+deb8u12 CVE ID : CVE-2016-5126 CVE-2016-5403 CVE-2017-9375 CVE-2019-12068 CVE-2019-12155 CVE-2019-13164 CVE-2019-14378 CVE-2019-15890 Debian Bug : 826151 832619 864219 929353 931351 933741 933742 939868 939869 Several vulnerabilities were found in QEMU, a fa...
[SECURITY] [DSA 4490-1] subversion security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4490-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 01, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1730-1] libssh2 security update
Package : libssh2 Version : 1.4.3-4.1+deb8u2 CVE ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 Debian Bug : 924965 Several vulnerabilities have recently been discovered in libssh2, a client-side C library...
[SECURITY] [DSA 4356-1] netatalk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4356-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 20, 2018 https://www.debian.org/security/faq -...
openssl security update
Package: openssl Version: 0.9.8o-4squeeze16 CVE ID: CVE-2014-0224 CVE-2012-4929 CVE-2014-0224 This update updates the upstream fix for CVE-2014-0224 to address problems with renegotiation under some conditions. original text: KIKUCHI Masashi discovered that carefully crafted handshakes can force...
[SECURITY] [DLA 2481-1] openldap security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2481-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 04, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2241-2] linux security update
Package : linux Version : 3.16.84-1 CVE ID : CVE-2015-8839 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612 CVE-2018-14613 CVE-2019-5108 CVE-2019-19319 CVE-2019-19447 CVE-2019-19768 CVE-2019-20636 CVE-2020-0009 CVE-2020-0543 CVE-2020-1749 CVE-2020-2732 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649...
[SECURITY] [DSA 4673-1] tomcat8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4673-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 03, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2127-1] dojo security update
Package : dojo Version : 1.10.2+dfsg-1+deb8u2 CVE ID : CVE-2019-10785 Debian Bug : 952771 dojox was vulnerable to Cross-site Scripting. This was due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them. For Debian 8 "Jessie", this problem has been fix...
[SECURITY] [DLA 1981-1] cpio security update
Package : cpio Version : 2.11+dfsg-4.1+deb8u2 CVE ID : CVE-2019-14866 Debian Bug : 941412 A vulnerability was discovered in the cpio package. CVE-2019-14866 It is possible for an attacker to create a file so when backed up with cpio can generate arbitrary files in the resulting tar archive. When...
[SECURITY] [DLA 1875-1] fusiondirectory security update
Package : fusiondirectory Version : 1.0.8.2-5+deb8u2 CVE ID : CVE-2019-11187 In FusionDirectory, an LDAP web-frontend written in PHP originally derived GOsa² 2.6.x, a vulnerability was found that could theoretically lead to unauthorized access to the LDAP database managed with FusionDirectory. LD...
[SECURITY] [DSA 4491-1] proftpd-dfsg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4491-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 04, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1818-1] dbus security update
Package : dbus Version : 1.8.22-0+deb8u2 CVE ID : CVE-2019-12749 Debian Bug : 930375 Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUSCOOKIESHA1 authentication mechanism was susceptible to a...
[SECURITY] [DSA 4432-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4432-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 16, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1660-2] rssh regression update
Package : rssh Version : 2.3.4-4+deb8u3 Debian Bug : 921655 It was discovered that the fix for the security vulnerability released for rssh in 2.3.4-4+deb8u2 via DLA-1660-1 introduced a regression that blocked scp1 of multiple files from a server using rssh. Please see...
[SECURITY] [DSA 5899-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5899-1 [email protected] https://www.debian.org/security/ Alberto Garcia April 10, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5703-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5703-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 02, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3694-1] openssh security update
Debian LTS Advisory DLA-3694-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón December 25, 2023 https://wiki.debian.org/LTS Package : openssh Version : 1:7.9p1-10+deb10u4 CVE ID : CVE-2021-41617 CVE-2023-48795 CVE-2023-51385 Debian Bug : 995130 Several...
[SECURITY] [DLA 3341-1] curl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3341-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk February 24, 2023 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 3255-1] mplayer security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3255-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 31, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2785-1] linux-4.19 security update
Debian LTS Advisory DLA-2785-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings October 15, 2021 https://wiki.debian.org/LTS Package : linux-4.19 Version : 4.19.208-1deb9u1 CVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3444 CVE-2021-3600 CVE-2021-3612 CVE-2021-3653...
[SECURITY] [DLA 2542-1] tzdata new upstream version
------------------------------------------------------------------------- Debian LTS Advisory DLA-2542-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 02, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2537-1] ffmpeg security update
Debian LTS Advisory DLA-2537-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez January 31, 2021 https://wiki.debian.org/LTS Package : ffmpeg Version : 7:3.2.15-0+deb9u2 CVE ID : CVE-2019-17539 CVE-2020-35965 Debian Bug : 979999 Two vulnerabilities have been...
[SECURITY] [DLA 2463-1] samba security update
Debian LTS Advisory DLA-2463-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez November 22, 2020 https://wiki.debian.org/LTS Package : samba Version : 2:4.5.16+dfsg-1+deb9u3 CVE ID : CVE-2020-1472 CVE-2020-10704 CVE-2020-10730 CVE-2020-10745 CVE-2020-10760...
[SECURITY] [DLA 2219-1] feh security update
Package : feh Version : 2.12-1+deb8u1 CVE ID : CVE-2017-7875 Tobias Stoeckmann discovered that it was possible to trigger an out-of-boundary heap write with the image viewer feh while receiving an IPC message. For Debian 8 "Jessie", this problem has been fixed in version 2.12-1+deb8u1. We recomme...
[SECURITY] [DLA 1888-1] imagemagick security update
Package : imagemagick Version : 8:6.8.9.9-5+deb8u17 CVE ID : CVE-2019-12974 CVE-2019-13135 CVE-2019-13295 CVE-2019-13297 CVE-2019-13304 CVE-2019-13305 CVE-2019-13306 Multiple vulnerabilities have been found in imagemagick, an image processing toolkit. CVE-2019-12974 NULL pointer dereference in...
[SECURITY] [DLA-1874-1] postgresql-9.4 security update
Package : postgresql-9.4 Version : 9.4.24-0+deb8u1 CVE ID : CVE-2019-10208 CVE-2019-10208: TYPE in pgtemp executes arbitrary SQL during SECURITY DEFINER execution Versions Affected: 9.4 - 11 Given a suitable SECURITY DEFINER function, an attacker can execute arbitrary SQL under the identity of th...
[SECURITY] [DLA 1780-1] firefox-esr new upstream version
Package : firefox-esr Version : 60.6.2esr-1deb8u1 Debian Bug : 928415 928449 928509 Firefox 60.6.2 ESR repairs a certificate chain issue that caused extensions to be disabled in the past few days. More information, and details of known remaining issues, can be found at...
[SECURITY] [DLA 1745-1] libdatetime-timezone-perl new upstream version
Package : libdatetime-timezone-perl Version : 1:1.75-2+2019a This update includes the changes in tzdata 2019a for the Perl bindings. For the list of changes, see DLA-1744-1. For Debian 8 "Jessie", this problem has been fixed in version 1:1.75-2+2019a. We recommend that you upgrade your...
[SECURITY] [DLA 1713-1] libsdl1.2 security update
Package : libsdl1.2 Version : 1.2.15-10+deb8u1 CVE ID : CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638 Multiple buffer overflow security issues have been found in libsdl1.2, a library that...
[SECURITY] [DSA 5868-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5868-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 18, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3099-1] qemu security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3099-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA September 05, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4927-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4927-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 05, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2623-1] qemu security update
Debian LTS Advisory DLA-2623-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 10, 2021 https://wiki.debian.org/LTS Package : qemu Version : 1:2.8+dfsg-6+deb9u14 CVE ID : CVE-2020-17380 CVE-2021-3392 CVE-2021-3409 CVE-2021-3416 CVE-2021-20203 CVE-2021-20255...
[SECURITY] [DSA 4889-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4889-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 10, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4817-1] php-pear security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4817-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 19, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4687-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4687-1 [email protected] https://www.debian.org/security/ Florian Weimer May 16, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4681-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4681-1 [email protected] https://www.debian.org/security/ Alberto Garcia May 07, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4627-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4627-1 [email protected] https://www.debian.org/security/ Alberto Garcia February 17, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2050-1] php5 security update
Package : php5 Version : 5.6.40+dfsg-0+deb8u8 CVE ID : CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050 Several security bugs have been identified and fixed in php5, a server-side, HTML-embedded scripting language. The affected components include the exif module and handling of filenam...
[SECURITY] [DLA 1974-1] proftpd-dfsg security update
Package : proftpd-dfsg Version : 1.3.5e+r1.3.5-2+deb8u4 CVE ID : CVE-2019-18217 An issue has been found in proftp-dfsg, a versatile, virtual-hosting FTP daemon. Due to incorrect handling of overly long commands, a remote unauthenticated user could trigger a denial-of-service by reaching an endles...