14289 matches found
[SECURITY] [DLA 2975-1] openjpeg2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2975-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky April 10, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2842-1] apache-log4j2 security update
Debian LTS Advisory DLA-2842-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 12, 2021 https://wiki.debian.org/LTS Package : apache-log4j2 Version : 2.7-2+deb9u1 CVE ID : CVE-2021-44228 Debian Bug : 1001478 Chen Zhaojun of Alibaba Cloud Security Team...
[SECURITY] [DSA 4915-1] postgresql-11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4915-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 13, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2631-1] zabbix security update
From: Sylvain Beucler [email protected] To: [email protected] Subject: SECURITY DLA 2631-1 zabbix security update - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2631-1 [email protected]...
[SECURITY] [DLA 2207-1] libntlm security update
Package : libntlm Version : 1.4-3+deb8u1 CVE ID : CVE-2019-17455 It was discovered that libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in...
[SECURITY] [DLA 2198-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1+deb8u15 CVE ID : CVE-2020-1770 CVE-2020-1772 CVE-2020-1774 Several vulnerabilities have been discovered in otrs2 Open source Ticket Request System CVE-2020-1770 Support bundle generated files could contain sensitive information that might be unwanted to be...
[SECURITY] [DLA 2160-1] php5 security update
Package : php5 Version : 5.6.40+dfsg-0+deb8u10 CVE ID : CVE-2020-7062 CVE-2020-7063 Two security issues have been identified and fixed in php5, a server-side, HTML-embedded scripting language. CVE-2020-7062 is about a possible null pointer derefernce, which would likely lead to a crash, during a...
[SECURITY] [DSA 4626-1] php7.3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4626-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 17, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4573-1] symfony security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4573-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 18, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1901-1] dovecot security update
Package : dovecot Version : 1:2.2.13-12deb8u7 CVE ID : CVE-2019-11500 Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve protocol parsers in the Dovecot email server do not properly validate input both pre- and post-login. A remote attacker can take advantage of this flaw to...
[SECURITY] [DLA 1869-1] firefox-esr security update
Package : firefox-esr Version : 60.8.0esr-1deb8u1 CVE ID : CVE-2019-9811 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11730 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the...
[SECURITY] [DLA 1683-1] rdesktop security update
Package : rdesktop Version : 1.8.4-0+deb8u1 CVE ID : CVE-2018-8791 CVE-2018-8792 CVE-2018-8793 CVE-2018-8794 CVE-2018-8795 CVE-2018-8796 CVE-2018-8797 CVE-2018-8798 CVE-2018-8799 CVE-2018-8800 CVE-2018-20174 CVE-2018-20175 CVE-2018-20176 CVE-2018-20177 CVE-2018-20178 CVE-2018-20179 CVE-2018-20180...
[SECURITY] [DSA 4354-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4354-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 12, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3694-1] openssh security update
Debian LTS Advisory DLA-3694-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón December 25, 2023 https://wiki.debian.org/LTS Package : openssh Version : 1:7.9p1-10+deb10u4 CVE ID : CVE-2021-41617 CVE-2023-48795 CVE-2023-51385 Debian Bug : 995130 Several...
[SECURITY] [DLA 2952-1] openssl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2952-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 17, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2664-1] curl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2664-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 17, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2650-1] exim4 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2650-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz May 05, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4897-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4897-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 22, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2564-1] php-horde-text-filter security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2564-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler February 18, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2444-1] tcpdump security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2444-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 10, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2280-1] python3.5 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2280-1 [email protected] https://www.debian.org/lts/security/ July 15, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package :...
[SECURITY] [DLA 2104-1] thunderbird security update
Package : thunderbird Version : 1:68.5.0-1deb8u1 CVE ID : CVE-2020-6792 CVE-2020-6793 CVE-2020-6794 CVE-2020-6795 CVE-2020-6798 CVE-2020-6800 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. For Debian 8 "Jessie", the...
[SECURITY] [DLA 2097-1] ppp security update
Package : ppp Version : 2.4.6-3.1+deb8u1 CVE ID : CVE-2020-8597 Debian Bug : 950618 Ilja Van Sprundel discovered a buffer overflow vulnerability in ppp, the Point-to-Point Protocol daemon. When receiving an EAP Request message in client mode, an attacker was able to overflow the rhostname array b...
[SECURITY] [DLA 2043-2] gdk-pixbuf regression update
Package : gdk-pixbuf Version : 2.31.1-2+deb8u9 While preparing a fix for CVE-2017-6314 an unknown symbol guintcheckedmul was introduced. For Debian 8 "Jessie", this problem has been fixed in version 2.31.1-2+deb8u9. We recommend that you upgrade your gdk-pixbuf packages. Further information about...
[SECURITY] [DLA 2002-1] libice security update
Package : libice Version : 2:1.0.9-1+deb8u1 CVE ID : CVE-2017-2626 It has been found, that libice, an X11 Inter-Client Exchange library, uses weak entropy to generate keys. Using arc4randombuf from libbsd should avoid this flaw. For Debian 8 "Jessie", this problem has been fixed in version...
[SECURITY] [DLA 1914-1] icedtea-web security update
Package : icedtea-web Version : 1.5.3-1+deb8u1 CVE ID : CVE-2019-10181 CVE-2019-10182 CVE-2019-10185 Debian Bug : 934319 Several security vulnerabilities were found in icedtea-web, an implementation of the Java Network Launching Protocol JNLP. CVE-2019-10181 It was found that in icedtea-web...
[SECURITY] [DLA 1763-1] putty security update
Package : putty Version : 0.63-10+deb8u2 CVE ID : CVE-2019-9894 CVE-2019-9897 CVE-2019-9898 Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could...
[SECURITY] [DSA 4395-2] chromium regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4395-2 [email protected] https://www.debian.org/security/ Michael Gilbert February 26, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4308-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4308-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 01, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4017-1] openssl1.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4017-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 03, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3198-2] php5 regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3198-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 28, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 5658-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5658-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3772-1] python3.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3772-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk March 24, 2024 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2773-1] curl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2773-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 30, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2716-1] pillow security update
Debian LTS Advisory DLA-2716-1 [email protected] https://www.debian.org/lts/security/ Neil Williams July 22, 2021 https://wiki.debian.org/LTS Package : pillow Version : 4.0.0-4+deb9u3 CVE ID : CVE-2020-35653 CVE-2021-25290 CVE-2021-28676 CVE-2021-28677 CVE-2021-34552 Debian Bug : 991293...
[SECURITY] [DLA 2590-1] pygments security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2590-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 12, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4861-1] screen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4861-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 21, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4676-2] salt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4676-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 07, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2142-1] slirp security update
Package : slirp Version : 1:1.0.17-7+deb8u2 CVE ID : CVE-2020-8608 It was discovered that there was a buffer overflow vulnerability in slirp, a SLIP/PPP emulator for using a dial up shell account. This was caused by the incorrect usage of return values from snprintf3. For Debian 8 "Jessie", this...
[SECURITY] [DLA 2133-1] tomcat7 security update
Package : tomcat7 Version : 7.0.56-3+really7.0.100-1 CVE ID : CVE-2019-17569 CVE-2020-1935 CVE-2020-1938 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2019-17569 The refactoring in 7.0.98 introduced a regression. The result of the regression was...
[SECURITY] [DSA 4582-1] davical security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4582-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 13, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1878-1] php5 security update
Package : php5 Version : 5.6.40+dfsg-0+deb8u5 CVE ID : CVE-2019-11041 CVE-2019-11042 Two heap buffer overflows were found in the EXIF parsing code of PHP, a widely-used open source general purpose scripting language. For Debian 8 "Jessie", these problems have been fixed in version...
[SECURITY] [DSA 5880-1] freetype security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5880-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 17, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3203-1] nginx security update
Debian LTS Advisory DLA-3203-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 23, 2022 https://wiki.debian.org/LTS Package : nginx Version : 1.14.2-2+deb10u5 CVE ID : CVE-2021-3618 CVE-2022-41741 CVE-2022-41742 Debian Bug : 991328 It was discovered that...
[SECURITY] [DLA 2776-1] apache2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2776-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler October 02, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4946-1] openjdk-11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4946-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 29, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4870-1] pygments security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4870-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 12, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4830-2] flatpak regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4830-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 22, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2156-1] e2fsprogs security update
Package : e2fsprogs Version : 1.42.12-2+deb8u2 CVE ID : CVE-2019-5188 An issue has been found in e2fsprogs, a package that contains ext2/ext3/ext4 file system utilities. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can...
[SECURITY] [DSA 4604-1] cacti security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4604-1 [email protected] https://www.debian.org/security/ Hugo Lefeuvre January 19, 2020 https://www.debian.org/security/faq -...