14325 matches found
[SECURITY] [DLA 2461-1] zabbix security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2461-1 [email protected] https://www.debian.org/lts/security/ November 21, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...
[SECURITY] [DLA 2403-1] rails security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2403-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 09, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4705-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4705-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 18, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2190-1] ruby-json security update
Package : ruby-json Version : 1.8.1-1+deb8u1 CVE ID : CVE-2020-10663 In ruby-json before 2.3.0, there is an unsafe object creation vulnerability. When parsing certain JSON documents, the json gem including the one bundled with Ruby can be coerced into creating arbitrary objects in the target...
[SECURITY] [DLA 2187-1] radicale security update
Package : radicale Version : 0.9-1+deb8u2 CVE ID : CVE-2017-8342 Radicale, a simple calendar and addressbook server - daemon, is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. For Debian 8 "Jessie", this problem has been fixed in version...
[SECURITY] [DLA 2182-1] git security update
Package : git Version : 1:2.1.4-2.1+deb8u10 CVE ID : CVE-2020-11008 Carlo Arenas discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providi...
[SECURITY] [DLA 2169-1] libmtp security update
Package : libmtp Version : 1.1.8-1+deb8u1 CVE ID : CVE-2017-9831 CVE-2017-9832 libmtp is a library for communicating with MTP aware devices. The Media Transfer Protocol commonly referred to as MTP is a devised set of custom extensions to support the transfer of music files on USB digital audio...
[SECURITY] [DSA 4651-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4651-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 02, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2143-1] slurm-llnl security update
Package : slurm-llnl Version : 14.03.9-5+deb8u5 CVE ID : CVE-2019-6438 CVE-2019-12838 Debian Bug : 920997 931880 Several issue were found in Simple Linux Utility for Resource Management SLURM, a cluster resource management and job scheduling system. CVE-2019-6438 SchedMD Slurm mishandles 32-bit...
[SECURITY] [DLA 2113-1] cloud-init security update
Package : cloud-init Version : 0.7.6bzr976-2+deb8u1 CVE ID : CVE-2020-8631 CVE-2020-8632 Debian Bug : 951362 951363 CVE-2020-8631 In cloud-init, relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because randstr in cloudinit/util.py calls t...
[SECURITY] [DSA 4621-1] openjdk-8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4621-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 12, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4611-1] opensmtpd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4611-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 29, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4609-1] python-apt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4609-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 23, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4559-1] proftpd-dfsg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4559-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 05, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1713-2] libsdl1.2 regression update
Package : libsdl1.2 Version : 1.2.15-10+deb8u2 CVE ID : CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638 The update of libsdl1.2 released as DLA 1713-1 led to a regression, caused by an...
[SECURITY] [DLA 1953-2] clamav regression update
Package : clamav Version : 0.101.4+dfsg-0+deb8u2 CVE ID : CVE-2019-12625 CVE-2019-12900 Debian Bug : 942172 The update of clamav released as DLA 1953-1 led to permission issues on /var/run/clamav. This caused several users to experience issues restarting the clamav daemon. This regression is caus...
[SECURITY] [DLA 1870-1] thunderbird security update
Package : thunderbird Version : 1:60.8.0-1deb8u1 CVE ID : CVE-2019-9811 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11730 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary cod...
[SECURITY] [DLA 1628-1] jasper security update
Package : jasper Version : 1.900.1-debian1-2.4+deb8u5 CVE ID : CVE-2018-18873 CVE-2018-19139 CVE-2018-19539 CVE-2018-19540 CVE-2018-19541 CVE-2018-19542 CVE-2018-20570 CVE-2018-20584 CVE-2018-20622 Multiple issues were found in the JasPer JPEG-2000 library that could lead to a denial-of-service...
[SECURITY] [DLA 1624-1] thunderbird security update
Package : thunderbird Version : 1:60.4.0-1deb8u1 CVE ID : not yet available Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. For Debian 8 "Jessie", this problem has been fixed in version 1:60.4.0-1deb8u1. We recommend...
[SECURITY] [DLA 1194-1] libxml2 security update
Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy11 CVE ID : CVE-2017-16931 CVE-2017-16932 CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a % character in a DTD name...
[SECURITY] [DSA 3587-1] libgd2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3587-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 27, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3117-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3117-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 31, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3030-1] mantis security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3030-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 20, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2816-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2816-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst December 12, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2390-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2390-1 [email protected] http://www.debian.org/security/ Florian Weimer January 15, 2012 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1044-1] New Mozilla Firefox packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1044-1 [email protected] http://www.debian.org/security/ Martin Schulze April 26th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 444-1] New Linux 2.4.17 packages fix local root exploit (ia64)
-------------------------------------------------------------------------- Debian Security Advisory DSA 444-1 [email protected] http://www.debian.org/security/ Martin Schulze February 20th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DLA 4156-1] openssh security update
Debian LTS Advisory DLA-4156-1 [email protected] https://www.debian.org/lts/security/ Colin Watson May 08, 2025 https://wiki.debian.org/LTS Package : openssh Version : 1:8.4p1-5+deb11u5 CVE ID : CVE-2025-32728 Debian Bug : 1102603...
[SECURITY] [DLA 3508-1] linux security update
Debian LTS Advisory DLA-3508-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings July 27, 2023 https://wiki.debian.org/LTS Package : linux Version : 4.19.289-1 CVE ID : CVE-2023-1380 CVE-2023-2002 CVE-2023-2007 CVE-2023-2269 CVE-2023-3090 CVE-2023-3111 CVE-2023-3141...
[SECURITY] [DLA 3160-1] tomcat9 security update
Debian LTS Advisory DLA-3160-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 26, 2022 https://wiki.debian.org/LTS Package : tomcat9 Version : 9.0.31-1deb10u7 CVE ID : CVE-2021-43980 CVE-2022-23181 CVE-2022-29885 Several security vulnerabilities have been...
[SECURITY] [DSA 5196-1] libpgjava security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5196-1 [email protected] https://www.debian.org/security/ Markus Koschany July 31, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5161-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5161-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 11, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4924-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4924-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4899-1] openjdk-11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4899-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 23, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4885-1] netty security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4885-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 05, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2556-1] unbound1.9 security update
Debian LTS Advisory DLA-2556-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 12, 2021 https://wiki.debian.org/LTS Package : unbound1.9 Version : 1.9.0-2+deb10u2deb9u1 CVE ID : CVE-2020-12662 CVE-2020-12663 CVE-2020-28935 Debian Bug : 977165 Several...
[SECURITY] [DLA 2527-1] snapd security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2527-1 [email protected] https://www.debian.org/lts/security/ Brian May January 18, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4832-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4832-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 16, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2459-1] golang-1.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2459-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 21, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4679-1] keystone security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4679-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 06, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4665-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4665-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 27, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2183-1] libgsf security update
Package : libgsf Version : 1.14.30-2+deb8u1 CVE ID : CVE-2016-9888 It was discovered that there was a null pointer deference exploit in libgsf, a I/O abstraction library for GNOME. An error within the "tardirectoryforfile" function could be exploited to trigger a null pointer dereference and...
[SECURITY] [DLA 2172-1] thunderbird security update
Package : thunderbird Version : 1:68.7.0-1deb8u1 CVE ID : CVE-2020-6819 CVE-2020-6820 CVE-2020-6821 CVE-2020-6822 CVE-2020-6825 Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code. For Debian 8 "Jessie",...
[SECURITY] [DLA 2082-1] unzip security update
Package : unzip Version : 6.0-16+deb8u6 CVE ID : CVE-2018-1000035 An issue has been found in unzip, a de-archiver for .zip files. While processing a password protected archive, a heap-based buffer overflow could happen, that allows an attacker to perform a denial of service or to possibly achieve...
[SECURITY] [DLA 2060-1] phpmyadmin security update
Package : phpmyadmin Version : 4:4.2.12-2+deb8u8 CVE ID : CVE-2020-5504 Debian Bug : 948718 In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. ...
[SECURITY] [DSA 4589-1] debian-edu-config security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4589-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 18, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2035-1] libpgf security update
Package : libpgf Version : 6.14.12-3+deb8u1 CVE ID : CVE-2015-6673 An issue has been found in libpgf, a library to handle Progressive Graphics File PGF. Due to lack of validation of ColorTableSize, a use-after-free issue might appear in Decoder.cpp For Debian 8 "Jessie", this problem has been fix...
[SECURITY] [DSA 4571-2] enigmail update
------------------------------------------------------------------------- Debian Security Advisory DSA-4571-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 24, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1969-1] file security update
Package : file Version : 1:5.22+15-2+deb8u6 CVE ID : CVE-2019-18218 An issue has been found in file, a tool to determine file types by using magic numbers. The number of CDFVECTOR elements had to be restricted in order to prevent a heap-based buffer overflow 4-byte out-of-bounds write. For Debian...
[SECURITY] [DLA 1942-2] phpbb3 regression update
This is a follow-up to DLA-1942-1. There was some confusion about the correct fix for CVE-2019-13776. The correct announcement for this DLA should have been: Package : phpbb3 Version : 3.0.12-5+deb8u4 CVE ID : CVE-2019-13776 CVE-2019-16993 CVE-2019-16993 In phpBB, includes/acp/acpbbcodes.php had...