14410 matches found
[SECURITY] [DLA 1870-1] thunderbird security update
Package : thunderbird Version : 1:60.8.0-1deb8u1 CVE ID : CVE-2019-9811 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11730 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary cod...
[SECURITY] [DLA 1624-1] thunderbird security update
Package : thunderbird Version : 1:60.4.0-1deb8u1 CVE ID : not yet available Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. For Debian 8 "Jessie", this problem has been fixed in version 1:60.4.0-1deb8u1. We recommend...
[SECURITY] [DLA 1466-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.110-3+deb9u2deb8u1 CVE ID : CVE-2018-5390 CVE-2018-5391 CVE-2018-13405 Debian Bug : 893393 903122 903767 903776 903838 903914 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service...
[SECURITY] [DSA 4127-1] simplesamlphp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4127-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst March 02, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4120-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4120-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez February 22, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1194-1] libxml2 security update
Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy11 CVE ID : CVE-2017-16931 CVE-2017-16932 CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a % character in a DTD name...
[SECURITY] [DLA 628-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u5 CVE ID : CVE-2016-4473 CVE-2016-4538 CVE-2016-5114 CVE-2016-5399 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296...
[SECURITY] [DSA 3500-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3500-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini March 01, 2016 https://www.debian.org/security/faq -...
[BSA-095] Security Update for openssh
Colin Watson uploaded new packages for openssh which fixed the following security problems: CVE-2014-2532 DSA-2894-1 Jann Horn discovered that OpenSSH incorrectly handled wildcards in AcceptEnv lines. A remote attacker could use this issue to trick OpenSSH into accepting any environment variable...
[SECURITY] [DSA 2816-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2816-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst December 12, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2390-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2390-1 [email protected] http://www.debian.org/security/ Florian Weimer January 15, 2012 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2298-2] apache2 regression fix
------------------------------------------------------------------------- Debian Security Advisory DSA-2298-2 [email protected] http://www.debian.org/security/ Stefan Fritsch September 05, 2011 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1044-1] New Mozilla Firefox packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1044-1 [email protected] http://www.debian.org/security/ Martin Schulze April 26th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DLA 4156-1] openssh security update
Debian LTS Advisory DLA-4156-1 [email protected] https://www.debian.org/lts/security/ Colin Watson May 08, 2025 https://wiki.debian.org/LTS Package : openssh Version : 1:8.4p1-5+deb11u5 CVE ID : CVE-2025-32728 Debian Bug : 1102603...
[SECURITY] [DSA 5131-1] openjdk-11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5131-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 05, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5044-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5044-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 13, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4924-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4924-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4832-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4832-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 16, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4800-1] libproxy security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4800-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 28, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2467-1] lxml security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2467-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA November 26, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2459-1] golang-1.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2459-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 21, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2397-1] php7.0 security update
Debian LTS Advisory DLA-2397-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez October 06, 2020 https://wiki.debian.org/LTS Package : php7.0 Version : 7.0.33-0+deb9u10 CVE ID : CVE-2020-7070 A vulnerability was discovered in PHP, a server-side, HTML-embedded...
[SECURITY] [DSA 4757-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4757-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 31, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2233-1] python-django security update
Package : python-django Version : 1.7.11-1+deb8u9 CVE IDs : CVE-2020-13254 CVE-2020-13596 It was discovered that there were two issues in Django, the Python web development framework: CVE-2020-13254: Potential a data leakage via malformed memcached keys. In cases where a memcached backend does no...
[SECURITY] [DSA 4679-1] keystone security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4679-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 06, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2185-1] eog security update
Package : eog Version : 3.14.1-1+deb8u1 CVE ID : CVE-2016-6855 It was discovered that eog Eye of GNOME incorrectly handled certain invalid UTF-8 strings. If a user were tricked into opening a specially-crafted image, a remote attacker could use this issue to cause Eye of GNOME to crash, resulting...
[SECURITY] [DLA 2183-1] libgsf security update
Package : libgsf Version : 1.14.30-2+deb8u1 CVE ID : CVE-2016-9888 It was discovered that there was a null pointer deference exploit in libgsf, a I/O abstraction library for GNOME. An error within the "tardirectoryforfile" function could be exploited to trigger a null pointer dereference and...
[SECURITY] [DLA 2172-1] thunderbird security update
Package : thunderbird Version : 1:68.7.0-1deb8u1 CVE ID : CVE-2020-6819 CVE-2020-6820 CVE-2020-6821 CVE-2020-6822 CVE-2020-6825 Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code. For Debian 8 "Jessie",...
[SECURITY] [DSA 4632-1] ppp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4632-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 22, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4618-1] libexif security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4618-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 06, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2082-1] unzip security update
Package : unzip Version : 6.0-16+deb8u6 CVE ID : CVE-2018-1000035 An issue has been found in unzip, a de-archiver for .zip files. While processing a password protected archive, a heap-based buffer overflow could happen, that allows an attacker to perform a denial of service or to possibly achieve...
[SECURITY] [DSA 4571-2] enigmail update
------------------------------------------------------------------------- Debian Security Advisory DSA-4571-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 24, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1969-1] file security update
Package : file Version : 1:5.22+15-2+deb8u6 CVE ID : CVE-2019-18218 An issue has been found in file, a tool to determine file types by using magic numbers. The number of CDFVECTOR elements had to be restricted in order to prevent a heap-based buffer overflow 4-byte out-of-bounds write. For Debian...
[SECURITY] [DLA 1942-2] phpbb3 regression update
This is a follow-up to DLA-1942-1. There was some confusion about the correct fix for CVE-2019-13776. The correct announcement for this DLA should have been: Package : phpbb3 Version : 3.0.12-5+deb8u4 CVE ID : CVE-2019-13776 CVE-2019-16993 CVE-2019-16993 In phpBB, includes/acp/acpbbcodes.php had...
[SECURITY] [DLA 1757-1] cacti security update
Package : cacti Version : 0.8.8b+dfsg-8+deb8u7 CVE ID : CVE-2019-11025 Debian Bug : 926700 It was discovered that there were a number of cross-site scripting vulnerabilities XSS in cacti, a web-based front-end for the RRDTool monitoring tool. For Debian 8 "Jessie", this issue has been fixed in...
[SECURITY] [DLA 1711-1] systemd security update
Package : systemd Version : 215-17+deb8u11 CVE ID : CVE-2019-3815 Debian Bug : 924060 A memory leak was discovered in the backport of fixes for CVE-2018-16864 in systemd-journald. Function dispatchmessagereal in journald-server.c does not free allocated memory to store the CMDLINE= entry. A local...
[SECURITY] [DLA 1681-1] gsoap security update
Package : gsoap Version : 2.8.17-1+deb8u2 CVE ID : CVE-2019-7659 It was discovered that there was a denial of service vulnerability in gsoap a C/C++ language binding used for SOAP-based web services. For Debian 8 "Jessie", this issue has been fixed in gsoap version 2.8.17-1+deb8u2. We recommend...
[SECURITY] [DLA 1531-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.110-3+deb9u5deb8u1 CVE ID : CVE-2018-6554 CVE-2018-6555 CVE-2018-7755 CVE-2018-9363 CVE-2018-9516 CVE-2018-10902 CVE-2018-10938 CVE-2018-13099 CVE-2018-14609 CVE-2018-14617 CVE-2018-14633 CVE-2018-14678 CVE-2018-14734 CVE-2018-15572 CVE-2018-15594 CVE-2018-16276...
[SECURITY] [DLA 1150-1] wpa security update
Package : wpa Version : 1.0-3+deb7u5 CVE ID : CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 A vulnerability was found in how WPA code can be triggered to reconfigure WPA/WPA2/RSN keys TK, GTK, or IGTK by...
[SECURITY] [DSA 3791-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3791-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 22, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 818-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u7 CVE ID : CVE-2016-2554 CVE-2016-3141 CVE-2016-3142 CVE-2016-4342 CVE-2016-9934 CVE-2016-9935 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 PHP-Bugs : 71323 70979 71039 71459 71391 71335 Several issues have been discovered in PHP recursive...
[SECURITY] [DLA 237-1] mercurial security update
Package : mercurial Version : 1.6.4-1+deb6u1 CVE ID : CVE-2014-9390 CVE-2014-9462 CVE-2014-9462 Jesse Hertz of Matasano Security discovered that Mercurial, a distributed version control system, is prone to a command injection vulnerability via a crafted repository name in a clone command...
[SECURITY] [DSA 2408-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2408-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 13, 2012 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1067-1] New Linux kernel 2.4.16 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1067-1 [email protected] http://www.debian.org/security/ Martin Schulze, Dann Frazier May 20th, 2006 http://www.debian.org/security/faq -...
[BSA-121] Security Update for python-django
Colin Watson uploaded new packages for python-django which fixed the following security problems: CVE-2024-45230 Potential denial-of-service vulnerability in django.utils.html.urlize. urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific...
[SECURITY] [DSA 5680-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5680-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 06, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5587-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5587-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 23, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3620-1] poppler security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3620-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk October 16, 2023 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5108-1] tiff security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5108-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 24, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5001-1] redis security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5001-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 05, 2021 https://www.debian.org/security/faq -...