14344 matches found
[SECURITY] [DSA 4848-1] golang-1.11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4848-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 08, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2472-1] mutt security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2472-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 30, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4744-1] roundcube security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4744-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 12, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4701-1] intel-microcode security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4701-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 11, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4675-1] graphicsmagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4675-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 05, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4669-1] nodejs security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4669-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 29, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4650-1] qbittorrent security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4650-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 02, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2168-1] libplist security update
Package : libplist Version : 1.11-3+deb8u1 CVE ID : CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-6435 CVE-2017-6436 CVE-2017-6439 CVE-2017-7982 Debian Bug : 851196 852385 854000 860945 libplist is a library for reading and writing the Apple binary and XML property lists format...
[SECURITY] [DSA 4645-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4645-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 22, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2102-1] firefox-esr security update
Package : firefox-esr Version : 68.5.0esr-1deb8u1 CVE ID : CVE-2020-6796 CVE-2020-6798 CVE-2020-6800 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For Debian 8 "Jessie", these problems have been fixe...
[SECURITY] [DSA 4617-1] qtbase-opensource-src security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4617-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 03, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2077-1] tomcat7 security update
Package : tomcat7 Version : 7.0.56-3+really7.0.99-1 CVE ID : CVE-2019-12418 CVE-2019-17563 Two security vulnerabilities have been fixed in the Tomcat servlet and JSP engine. CVE-2019-12418 When Apache Tomcat is configured with the JMX Remote Lifecycle Listener, a local attacker without access to...
[SECURITY] [DSA 4602-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4602-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 13, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1714-2] libsdl2 regression update
Package : libsdl2 Version : 2.0.2+dfsg1-6+deb8u2 CVE ID : CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638 The update of libsdl2 released as DLA 1714-1 led to several regressions, as reported ...
[SECURITY] [DSA 4544-1] unbound security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4544-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 16, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1939-1] poppler security update
Package : poppler Version : 0.26.5-2+deb8u11 CVE ID : CVE-2018-20650 CVE-2018-21009 CVE-2019-12493 Several issues in poppler, a PDF rendering library, have been fixed. CVE-2018-20650 A missing check for the dict data type could lead to a denial of service. CVE-2018-21009 An integer overflow might...
[SECURITY] [DLA 1916-1] opensc security update
Package : opensc Version : 0.16.0-3+deb8u1 CVE ID : CVE-2018-16391 CVE-2018-16392 CVE-2018-16393 CVE-2018-16418 CVE-2018-16419 CVE-2018-16420 CVE-2018-16421 CVE-2018-16422 CVE-2018-16423 CVE-2018-16424 CVE-2018-16425 CVE-2018-16426 CVE-2018-16427 CVE-2019-15945 CVE-2019-15946 Debian Bug : 909444...
[SECURITY] [DLA 1912-1] expat security update
Package : expat Version : 2.1.0-6+deb8u6 CVE IDs : CVE-2019-15903 Debian Bug : 939394 It was discovered that there was a heap-based buffer overread vulnerability in expat, an XML parsing library. A specially-crafted XML input could fool the parser into changing from DTD parsing to document parsin...
[SECURITY] [DLA 1893-1] cups security update
Package : cups Version : 1.7.5-11+deb8u5 CVE ID : CVE-2019-8675 CVE-2019-8696 Two issues have been found in cups, the Common UNIX Printing Systemtm. Basically both CVEs CVE-2019-8675 and CVE-2019-8696 are about stack-buffer-overflow in two functions of libcup. One happens in asn1gettype the other...
[SECURITY] [DSA 4424-1] pdns security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4424-1 [email protected] https://www.debian.org/security/ Sebastien Delafond April 04, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1635-1] sssd security update
Package : sssd Version : 1.11.7-3+deb8u2 CVE ID : CVE-2019-3811 Debian Bug : 919051 A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return / the root directory instead of the empty string / no home directory. This could impact services that...
[SECURITY] [DSA 4179-1] linux-tools security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4179-1 [email protected] https://www.debian.org/security/ Ben Hutchings April 24, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1339-1] openjdk-7 security update
Package : openjdk-7 Version : 7u171-2.6.13-1deb7u1 CVE ID : CVE-2018-2579 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 Debian Bug : 891330 Several vulnerabiliti...
[SECURITY] [DLA 770-2] libphp-phpmailer regression update
Package : libphp-phpmailer Version : 5.1-1.2 CVE ID : CVE-2016-10033 Debian Bug : 849365 Dawid Golunski discovered that PHPMailer, a popular library to send email from PHP applications, allowed a remote attacker to execute code if they were able to provide a crafted Sender address. Note that for...
[SECURITY] [DSA 3530-1] tomcat6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3530-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 25, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 2994-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2994-1 [email protected] http://www.debian.org/security/ Raphael Geissert July 31, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 5103-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5103-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 15, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2679-1] thunderbird security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2679-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 07, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2645-1] edk2 security update
Debian LTS Advisory DLA-2645-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 29, 2021 https://wiki.debian.org/LTS Package : edk2 Version : 020161202.7bbe0b3e-1+deb9u2 CVE ID : CVE-2019-0161 CVE-2019-14558 CVE-2019-14559 CVE-2019-14562 CVE-2019-14563...
[SECURITY] [DSA 4875-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4875-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 25, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2535-1] ansible security update
Debian LTS Advisory DLA-2535-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 27, 2021 https://wiki.debian.org/LTS Package : ansible Version : 2.2.1.0-2+deb9u2 CVE ID : CVE-2017-7481 CVE-2019-10156 CVE-2019-14846 CVE-2019-14904 Debian Bug : 862666 930065...
[SECURITY] [DLA 2460-1] golang-1.8 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2460-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 21, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2278-2] squid3 regression update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2278-2 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 13, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2146-1] libvncserver security update
Package : libvncserver Version : 0.9.9+dfsg2-6.1+deb8u7 CVE ID : CVE-2019-15690 Debian Bug : 954163 In libvncserver, through libvncclient/cursor.c, there is a possibility of a heap overflow, as reported by Pavel Cheremushkin. For Debian 8 "Jessie", this problem has been fixed in version...
[SECURITY] [DSA 4622-1] postgresql-9.6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4622-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 13, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2098-1] ipmitool security update
Package : ipmitool Version : 1.8.14-4+deb8u1 CVE ID : CVE-2020-5208 Debian Bug : 950761 Christopher Ertl found that multiple functions in ipmitool neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on t...
[SECURITY] [DLA 2070-1] ruby-excon security update
Package : ruby-excon Version : 0.33.0-2+deb8u1 CVE ID : CVE-2019-16779 Debian Bug : 946904 In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted such as by a timeout would leave data on the socket. Subsequent requests wou...
[SECURITY] [DSA 4575-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4575-1 [email protected] https://www.debian.org/security/ Michael Gilbert November 24, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4569-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4569-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 14, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4554-1] ruby-loofah security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4554-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 28, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4539-2] openssh regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4539-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 07, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1941-1] netty security update
Package : netty Version : 1:3.2.6.Final-2+deb8u1 CVE ID : CVE-2019-16869 Netty mishandled whitespace before the colon in HTTP headers such as a “Transfer-Encoding : chunked” line, which lead to HTTP request smuggling. For Debian 8 "Jessie", this problem has been fixed in version...
[SECURITY] [DLA 1729-1] wireshark security update
Package : wireshark Version : 1.12.1+g01b65bf-4+deb8u18 CVE ID : CVE-2017-9344 CVE-2017-9349 CVE-2019-9209 Several vulnerabilities have been found in wireshark, a network traffic analyzer. CVE-2019-9209: Preventing the crash of the ASN.1 BER and related dissectors by avoiding a buffer overflow...
[SECURITY] [DLA 1709-1] waagent security update
Package : waagent Version : 2.2.18-3deb8u2 CVE ID : CVE-2019-0804 Francis McBratney discovered that the Windows Azure Linux Agent created swap files with world-readable permissions, resulting in information disclosure. For Debian 8 "Jessie", this problem has been fixed in version 2.2.18-3deb8u2. ...
[SECURITY] [DLA 1627-1] qtbase-opensource-src security update
Package : qtbase-opensource-src Version : 5.3.2+dfsg-4+deb8u3 CVE ID : CVE-2018-15518 CVE-2018-19870 CVE-2018-19873 Multiple issues were fixed in Qt. CVE-2018-15518 A double-free or corruption during parsing of a specially crafted illegal XML document. CVE-2018-19870 A malformed GIF image might...
[SECURITY] [DSA 4318-1] moin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4318-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 15, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 792-1] libphp-swiftmailer security update
Package : libphp-swiftmailer Version : 4.1.5-1+deb7u1 CVE ID : CVE-2016-10074 Debian Bug : 849626 Dawid Golunski from legalhackers-com 1 discovered that the mail transport in Swift Mailer allowed remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code...
[SECURITY] [DSA 3169-1] eglibc security update
---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2784-1] xorg-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2784-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 22, 2013 http://www.debian.org/security/faq -...
[BSA-034] Security Update for iceweasel
Mike Hommey uploaded new packages for iceweasel which fixed the following security problems: CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081 "Scoobidiver", Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren...