14333 matches found
[SECURITY] [DSA 4959-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4959-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 15, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2632-1] thunderbird security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2632-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 22, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4878-1] pygments security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4878-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 27, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2344-1] mongodb security update
Debian LTS Advisory DLA-2344-1 [email protected] https://www.debian.org/lts/security/ August 24, 2020 https://wiki.debian.org/LTS Package : mongodb Version : 1:3.2.11-2+deb9u2 CVE ID : CVE-2020-7923 Debian Bug : A denial of service vulnerability was discovered in mongodb, an...
[SECURITY] [DLA 2245-1] mysql-connector-java security update
Package : mysql-connector-java Version : 5.1.49-0+deb8u1 CVE ID : CVE-2020-2875 CVE-2020-2933 CVE-2020-2934 Several issues were discovered in mysql-connector-java, a Java database JDBC driver for MySQL, that allow attackers to update, insert or delete access to some of MySQL Connectors accessible...
[SECURITY] [DLA 2115-2] proftpd-dfsg regression update
Package : proftpd-dfsg Version : 1.3.5e+r1.3.5-2+deb8u7 CVE ID : CVE-2020-9273 It was discovered that there was a regression in a previous fix for a use-after-free vulnerability in the proftpd-dfsg FTP server. Exploitation of the original vulnerability within the memory pool handling could have...
[SECURITY] [DLA 2070-1] ruby-excon security update
Package : ruby-excon Version : 0.33.0-2+deb8u1 CVE ID : CVE-2019-16779 Debian Bug : 946904 In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted such as by a timeout would leave data on the socket. Subsequent requests wou...
[SECURITY] [DLA 2049-1] imagemagick security update
Package : imagemagick Version : 8:6.8.9.9-5+deb8u19 CVE ID : CVE-2019-19948 CVE-2019-19949 Debian Bug : 947309 947308 Multiple vulnerabilities have been found in imagemagick, an image processing toolkit. CVE-2019-19948 Heap-buffer-overflow in WriteSGIImage coders/sgi.c caused by insufficient...
[SECURITY] [DSA 4583-1] spip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4583-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 13, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1939-1] poppler security update
Package : poppler Version : 0.26.5-2+deb8u11 CVE ID : CVE-2018-20650 CVE-2018-21009 CVE-2019-12493 Several issues in poppler, a PDF rendering library, have been fixed. CVE-2018-20650 A missing check for the dict data type could lead to a denial of service. CVE-2018-21009 An integer overflow might...
[SECURITY] [DSA 4474-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4474-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 01, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1623-1] tar security update
Package : tar Version : 1.27.1-2+deb8u2 CVE ID : CVE-2018-20482 Debian Bug : 917377 It was discovered that there was a potential denial of service vulnerability in tar, the GNU version of the tar UNIX archiving utility. The --sparse argument looped endlessly if the file shrank whilst it was being...
[SECURITY] [DSA 4350-1] policykit-1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4350-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 06, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4280-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4280-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 22, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1383-1] xen security update
Package : xen Version : 4.1.6.lts1-14 CVE ID : CVE-2018-8897 CVE-2018-10981 CVE-2018-10982 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, informations leaks or privilege escalation. For Debian 7 "Wheezy", these problems have been fixe...
[SECURITY] [DLA 553-1] apache2 security update
Package : apache2 Version : 2.2.22-13+deb7u7 CVE ID : CVE-2016-5387 Scott Geary of VendHQ discovered that the Apache HTTPD server used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain...
[SECURITY] [DSA 3290-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3290-1 [email protected] https://www.debian.org/security/ Ben Hutchings June 18, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 1428-2] New Linux 2.6.18 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1428-2 [email protected] http://www.debian.org/security/ dann frazier December 11th, 2007 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1286-1] New Linux 2.6.18 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1286-1 [email protected] http://www.debian.org/security/ Dann Frazier May 2nd, 2007 http://www.debian.org/security/faq -...
[SECURITY] [DLA 4057-1] openssh security update
Debian LTS Advisory DLA-4057-1 [email protected] https://www.debian.org/lts/security/ Colin Watson February 18, 2025 https://wiki.debian.org/LTS Package : openssh Version : 1:8.4p1-5+deb11u4 CVE ID : CVE-2025-26465 The Qualys Threat Research Unit TRU discovered that the OpenSSH client i...
[SECURITY] [DSA 5522-2] tomcat9 regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-5522-2 [email protected] https://www.debian.org/security/ Markus Koschany October 12, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5497-1] libwebp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5497-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 13, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5394-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5394-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 30, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5333-1] tiff security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5333-1 [email protected] https://www.debian.org/security/ Aron Xu January 29, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3006-1] openjdk-8 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3006-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 14, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5123-1] xz-utils security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5123-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 18, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2881-1] thunderbird security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2881-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 16, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4978-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4978-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 25, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4940-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4940-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 18, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2645-1] edk2 security update
Debian LTS Advisory DLA-2645-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany April 29, 2021 https://wiki.debian.org/LTS Package : edk2 Version : 020161202.7bbe0b3e-1+deb9u2 CVE ID : CVE-2019-0161 CVE-2019-14558 CVE-2019-14559 CVE-2019-14562 CVE-2019-14563...
[SECURITY] [DSA 4827-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4827-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 07, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4796-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4796-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 21, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4766-1] rails security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4766-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 24, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2210-1] apt security update
Package : apt Version : 1.0.9.8.6 CVE ID : CVE-2020-3810 When normalizing ar member names by removing trailing whitespace and slashes, an out-out-bound read can be caused if the ar member name consists only of such characters, because the code did not stop at 0, but would wrap around and continue...
[SECURITY] [DLA 2176-1] inetutils security update
Package : inetutils Version : 2:1.9.2.39.3a460-3+deb8u1 CVE ID : CVE-2020-10188 Debian Bug : 956084 NOTE: This DLA was intially sent on 2020-04-14 but for reasons unknown failed to reach the mailing list. It is being re-sent now to ensure that it appears in the mailing list archive. No new versio...
[SECURITY] [DLA 2164-1] gst-plugins-bad0.10 security update
Package : gst-plugins-bad0.10 Version : 0.10.23-7.4+deb8u3 CVE ID : CVE-2015-0797 CVE-2016-9809 CVE-2017-5843 CVE-2017-5848 Several issues have been found in gst-plugins-bad0.10, a package containing GStreamer plugins from the "bad" set. All issues are about use-after-free, out of bounds reads or...
[SECURITY] [DLA 1975-1] spip security update
Package : spip Version : 3.0.17-2+deb8u5 CVE ID : CVE-2019-16391 CVE-2019-16392 CVE-2019-16393 CVE-2019-16394 It was discovered that SPIP, a website engine for publishing, would allow unauthenticated users to modify published content and write to the database, perform cross-site request forgeries...
[SECURITY] [DLA 1705-1] sox security update
Package : sox Version : 14.4.1-5+deb8u3 CVE ID : CVE-2017-11332 CVE-2017-11358 CVE-2017-11359 CVE-2017-15371 Debian Bug : 878809 870328 Multiple vulnerabilities have been discovered in SoX Sound eXchange, a sound processing program: CVE-2017-11332 The startread function wav.c is affected by a...
[SECURITY] [DSA 4164-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4164-1 [email protected] https://www.debian.org/security/ Stefan Fritsch April 03, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3602-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3602-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 14, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3602-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3602-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 14, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 139-1] eglibc security update
Package : eglibc Version : 2.11.3-4+deb6u4 CVE ID : CVE-2015-0235 A vulnerability has been fixed in eglibc, Debians version of the GNU C library: CVE-2015-0235 Qualys discovered that the gethostbyname and gethostbyname2 functions were subject to a buffer overflow if provided with a crafted IP...
[Backports-security-announce] Security update for silc-client/silc-toolkit
Jérémy Bobbio uploaded new packages for silc-client/silc-toolkit which fixed the following security problems: DSA 1879-1 Several vulnerabilities have been discovered in the software suite for the SILC protocol, a network protocol designed to provide end-to-end security for conferencing services...
[SECURITY] [DSA 442-1] New Linux 2.4.17 packages fix local root exploits and more (s390)
-------------------------------------------------------------------------- Debian Security Advisory DSA 442-1 [email protected] http://www.debian.org/security/ Martin Schulze February 19th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DLA 4130-1] shadow security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4130-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler April 18, 2025 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 3778-1] libvirt security update
Debian LTS Advisory DLA-3778-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin April 01, 2024 https://wiki.debian.org/LTS Package : libvirt Version : 5.0.0-4+deb10u2 CVE ID : CVE-2020-10703 CVE-2020-12430 CVE-2020-25637 CVE-2021-3631 CVE-2021-3667 CVE-2021-3975...
[SECURITY] [DSA 5330-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5330-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 27, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5135-1] postgresql-11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5135-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 12, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2989-1] ghostscript security update
Debian LTS Advisory DLA-2989-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany May 01, 2022 https://wiki.debian.org/LTS Package : ghostscript Version : 9.26adfsg-0+deb9u9 CVE ID : CVE-2019-25059 A security vulnerability was found in Ghostscript, the GPL...
[SECURITY] [DSA 4916-2] prosody regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4916-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 21, 2021 https://www.debian.org/security/faq -...