14313 matches found
[SECURITY] [DLA 1715-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.144-3.1deb8u1 CVE ID : CVE-2017-18249 CVE-2018-1128 CVE-2018-1129 CVE-2018-3639 CVE-2018-5391 CVE-2018-5848 CVE-2018-6554 CVE-2018-12896 CVE-2018-13053 CVE-2018-13096 CVE-2018-13097 CVE-2018-13100 CVE-2018-13406 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612...
[SECURITY] [DLA 1557-1] tiff security update
Package : tiff Version : 4.0.3-12.3+deb8u7 CVE ID : CVE-2018-17100 CVE-2018-17101 CVE-2018-18557 CVE-2018-17100 An int32 overflow can cause a denial of service application crash or possibly have unspecified other impact via a crafted image file CVE-2018-17101 Out-of-bounds writes can cause a deni...
[SECURITY] [DSA 4328-1] xorg-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4328-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4327-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4327-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4324-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4324-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 24, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4326-1] openjdk-8
------------------------------------------------------------------------- Debian Security Advisory DSA-4326-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4403-1] php7.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4403-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 08, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4341-1] mariadb-10.1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4341-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4325-1] mosquitto security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4325-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1551-1] exiv2 security update
Package : exiv2 Version : 0.24-4.1+deb8u2 CVE ID : CVE-2018-10958 CVE-2018-10999 CVE-2018-16336 A vulnerability has been discovered in exiv2 CVE-2018-16336, a C++ library and a command line utility to manage image metadata, resulting in remote denial of service heap-based buffer over-read/overflo...
[SECURITY] [DLA 1554-2] 389-ds-base regression update
Package : 389-ds-base Version : 1.3.3.5-4+deb8u5 A regression was found in the recent security update for 389-ds-base the 389 Directory Server, announced as DLA-1554-2, caused by an incomplete fix for CVE-2018-14648. The regression caused the server to crash when processing requests with empty...
[SECURITY] [DLA 1553-1] clamav security update
Package : clamav Version : 0.100.2+dfsg-0+deb8u1 CVE ID : CVE-2018-15378 Debian Bug : 910430 ClamAV is an anti-virus utility for Unix, whose upstream developers have released the version 0.100.2. Installing this new version is required to make use of all current virus signatures and to avoid...
[SECURITY] [DLA 1554-1] 389-ds-base security update
Package : 389-ds-base Version : 1.3.3.5-4+deb8u4 CVE ID : CVE-2018-14648 It was discovered that 389-ds-base the 389 Directory Server is vulnerable to search queries with malformed values in the dosearch function servers/slapd/search.c. Attackers could leverage this vulnerability by sending crafte...
[SECURITY] [DSA 4367-1] systemd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4367-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1889-1] python3.4 security update
Package : python3.4 Version : 3.4.2-1+deb8u6 CVE ID : CVE-2018-20852 A vulnerability has been discovered in Python, an interactive high-level object-oriented language, that is relevant for cookie handling. By using a malicious server an attacker might steal cookies that are meant for other domain...
[SECURITY] [DSA 4483-1] libreoffice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4483-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 16, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3796-2] sitesummary regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3796-2 [email protected] https://www.debian.org/security/ Sebastien Delafond March 20, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4476-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4476-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 05, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1831-1] jackson-databind security update
Package : jackson-databind Version : 2.4.2-2+deb8u7 CVE ID : CVE-2019-12384 CVE-2019-12814 Debian Bug : 930750 More Polymorphic Typing issues were discovered in jackson-databind. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and...
[SECURITY] [DLA 1904-1] libextractor security update
Package : libextractor Version : 1:1.3-2+deb8u5 CVE ID : CVE-2019-15531 jianglin found an issue in libextractor, a library that extracts meta-data from files of arbitrary type. A crafted file could result in a heap-buffer-overflow vulnerability in function EXTRACTORdviextractmethod in...
[SECURITY] [DLA 1638-1] libjpeg-turbo security update
Package : libjpeg-turbo Version : 1:1.3.1-12+deb8u1 CVE ID : CVE-2016-3616 CVE-2018-1152 CVE-2018-11212 CVE-2018-11213 CVE-2018-11214 Debian Bug : 819969 902950 902176 Several vulnerabilities have been resolved in libjpeg-turbo, Debians default JPEG implemenation. CVE-2016-3616 The cjpeg utility ...
[SECURITY] [DLA 1943-1] jackson-databind security update
Package : jackson-databind Version : 2.4.2-2+deb8u9 CVE ID : CVE-2019-14540 CVE-2019-16335 CVE-2019-16942 CVE-2019-16943 Debian Bug : 940498 941530 More deserialization flaws were discovered in jackson-databind relating to the classes in com.zaxxer.hikari.HikariConfig,...
[SECURITY] [DLA 2672-1] imagemagick security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2672-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky June 02, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2573-1] libzstd security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2573-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 20, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4340-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4340-1 [email protected] https://www.debian.org/security/ Michael Gilbert November 18, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4509-2] subversion update
------------------------------------------------------------------------- Debian Security Advisory DSA-4509-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 2, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3783-1] expat security update
Debian LTS Advisory DLA-3783-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost April 07, 2024 https://wiki.debian.org/LTS Package : expat Version : 2.2.6-2+deb10u7 CVE ID : CVE-2023-52425 Debian Bug : 1063238 Expat, an XML parsing C library has been found to have an...
[SECURITY] [DLA 1586-1] openssl security update
Package : openssl Version : 1.0.1t-1+deb8u10 CVE ID : CVE-2018-0735 CVE-2018-5407 CVE-2018-0735 Samuel Weiser reported a timing vulnerability in the OpenSSL ECDSA signature generation, which might leak information to recover the private key. CVE-2018-5407 Alejandro Cabrera Aldaya, Billy Brumley,...
[SECURITY] [DLA 1580-1] systemd security update
Package : systemd Version : 215-17+deb8u8 CVE ID : CVE-2018-1049 CVE-2018-15686 CVE-2018-15688 Debian Bug : 912005 912008 systemd was found to suffer from multiple security vulnerabilities ranging from denial of service attacks to possible root privilege escalation. CVE-2018-1049 A race condition...
[SECURITY] [DLA 3804-1] nghttp2 security update
Debian LTS Advisory DLA-3804-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin April 30, 2024 https://wiki.debian.org/LTS Package : nghttp2 Version : 1.36.0-2+deb10u3 CVE ID : CVE-2024-28182 Debian Bug : 1068415 Bartek Nowotarskis discovered that nghttp2, a set of...
[SECURITY] [DLA 2686-1] python-urllib3 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2686-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA June 15, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4323-1] drupal7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4323-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 18, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1552-1] ghostscript security update
Package : ghostscript Version : 9.06dfsg-2+deb8u11 CVE ID : CVE-2018-17961 CVE-2018-18073 CVE-2018-18284 Debian Bug : 910678 910758 911175 This is a follow-up update for the recently discovered -dSAFER issues reported by Tavis Ormandy. Tavis Ormandy discovered multiple vulnerabilites in...
[SECURITY] [DSA 4463-1] znc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4463-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 14, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1906-1] python2.7 security update
Package : python2.7 Version : 2.7.9-2+deb8u4 CVE ID : CVE-2018-20852 A vulnerability has been discovered in Python, an interactive high-level object-oriented language, that is relevant for cookie handling. By using a malicious server an attacker might steal cookies that are meant for other domain...
[SECURITY] [DLA 1550-1] drupal7 security update
Package : drupal7 Version : 7.32-1+deb8u13 Debian Bugs : 911336 911337 It was discovered that there was a remote code execution and an external URL injection vulnerability in the Drupal content management framework. For more information, please see: https://www.drupal.org/sa-core-2018-006 For...
[SECURITY] [DSA 4529-1] php7.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4529-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 20, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2586-1] linux security update
Debian LTS Advisory DLA-2586-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 08, 2021 https://wiki.debian.org/LTS Package : linux Version : 4.9.258-1 CVE ID : CVE-2019-19318 CVE-2019-19813 CVE-2019-19816 CVE-2020-27815 CVE-2020-27825 CVE-2020-28374...
[SECURITY] [DSA 4509-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4509-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4906-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4906-1 [email protected] https://www.debian.org/security/ Michael Gilbert April 27, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1637-1] apt security update (amended)
Package : apt Version : 1.0.9.8.5 CVE ID : CVE-2019-3462 Debian Bug : amended to refer to jessie in the sources.list entry below, instead of stable Max Justicz discovered a vulnerability in APT, the high level package manager. The code handling HTTP redirects in the HTTP transport method doesnt...
[SECURITY] [DLA 1669-1] libreoffice security update
Package : libreoffice Version : 1:4.3.3-2+deb8u12 CVE ID : CVE-2018-16858 Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document. For Debian 8 "Jessie", this problem has been fixed in version...
[SECURITY] [DLA 1582-1] liblivemedia security update
Package : liblivemedia Version : 2014.01.13-1+deb8u1 CVE ID : CVE-2018-4013 A stack based buffer overflow vulnerability was found in liblivemedia, the LIVE555 RTSP server library. This issue might be leveraged by remote attackers to cause code execution, by sending a crafted packet. For Debian 8...
[SECURITY] [DLA 2494-1] linux security update
Debian LTS Advisory DLA-2494-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings December 18, 2020 https://wiki.debian.org/LTS Package : linux Version : 4.9.246-2 CVE ID : CVE-2020-0427 CVE-2020-8694 CVE-2020-14351 CVE-2020-25645 CVE-2020-25656 CVE-2020-25668...
[SECURITY] [DSA 4502-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4502-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 16, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1803-1] php5 security update
Package : php5 Version : 5.6.40+dfsg-0+deb8u3 CVE ID : CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 A read past allocated buffer vulnerability and two heap-buffer overflow vulnerabilites were discovered in the PHP5 programming language within the Exif image module. For Debian 8 "Jessie", these...
[SECURITY] [DLA 3942-2] openssl regression update
Debian LTS Advisory DLA-3942-2 [email protected] https://www.debian.org/lts/security/ Sean Whitton November 03, 2024 https://wiki.debian.org/LTS Package : openssl Version : 1.1.1w-0+deb11u2 CVE ID : CVE-2023-5678 CVE-2024-0727 CVE-2024-2511 CVE-2024-4741 CVE-2024-5535 CVE-2024-9143 Debi...
[SECURITY] [DLA 3331-1] python-cryptography security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3331-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 21, 2023 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 3769-1] thunderbird security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3769-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 23, 2024 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5221-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5221-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 29, 2022 https://www.debian.org/security/faq -...