14333 matches found
[SECURITY] [DLA 2228-2] json-c regression update
Package : json-c Version : 0.11-4+deb8u2 CVE ID : CVE-2020-12762 Debian Bug : 960326 The json-c shared library had an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend. This follow-up version now uses an upstream sanctioned patch that was...
[SECURITY] [DSA 4674-1] roundcube security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4674-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 05, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2153-1] jackson-databind security update
Package : jackson-databind Version : 2.4.2-2+deb8u13 CVE ID : CVE-2020-10672 CVE-2020-10673 The following CVEs were reported against jackson-databind. CVE-2020-10672 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to...
[SECURITY] [DSA 4618-1] libexif security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4618-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 06, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2086-1] wget security update
Package : wget Version : 1.16-1+deb8u7 CVE ID : CVE-2016-7098 An issue has been found in wget, a tool to retrieve files from the web. A race condition might occur as files rejected by an access list are kept on the disk for the duration of a HTTP connection. For Debian 8 "Jessie", this problem ha...
[SECURITY] [DLA 2038-2] x2goclient regression update
Package : x2goclient Version : 4.0.3.1-4+deb8u1 Debian Bug : 947129 A change introduced in libssh 0.6.3-4+deb8u4 which got released as DLA 2038-1 has broken x2goclients way of scping session setup files from client to server, resulting in an error message shown in a GUI error dialog box during...
[SECURITY] [DLA 1712-1] libsndfile security update
Package : libsndfile Version : 1.0.25-9.1+deb8u4 CVE ID : CVE-2019-3832 It was found that the fix for CVE-2018-19758 was incomplete. That has been addressed in this update. The description for CVE-2018-19758 follows: A heap-buffer-overflow vulnerability was discovered in libsndfile, the library f...
[SECURITY] [DLA 1711-1] systemd security update
Package : systemd Version : 215-17+deb8u11 CVE ID : CVE-2019-3815 Debian Bug : 924060 A memory leak was discovered in the backport of fixes for CVE-2018-16864 in systemd-journald. Function dispatchmessagereal in journald-server.c does not free allocated memory to store the CMDLINE= entry. A local...
[SECURITY] [DLA 1675-1] python-gnupg security update
Package : python-gnupg Version : 0.3.6-1+deb8u1 CVE ID : CVE-2019-6690 Alexander Kjäll and Stig Palmquist discovered a vulnerability in python-gnupg, a wrapper around GNU Privacy Guard. It was possible to inject data through the passphrase property of the gnupg.GPG.encrypt and gnupg.GPG.decrypt...
[SECURITY] [DSA 4164-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4164-1 [email protected] https://www.debian.org/security/ Stefan Fritsch April 03, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1153-1] icedove/thunderbird security update
Package : thunderbird Version : 1:52.4.0-1deb7u1 CVE ID : CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825 Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors,...
[SECURITY] [DLA 1036-1] gsoap security update
Package : gsoap Version : 2.8.7-2+deb7u1 CVE ID : CVE-2017-9765 A vulnerability was discovered in gsoap, a library for the development of SOAP web services and clients, that may be exposed with a large and specific XML message over 2 GB in size. After receiving this 2 GB message, a buffer overflo...
[SECURITY] [DLA 818-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u7 CVE ID : CVE-2016-2554 CVE-2016-3141 CVE-2016-3142 CVE-2016-4342 CVE-2016-9934 CVE-2016-9935 CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 PHP-Bugs : 71323 70979 71039 71459 71391 71335 Several issues have been discovered in PHP recursive...
[SECURITY] [DLA 628-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u5 CVE ID : CVE-2016-4473 CVE-2016-4538 CVE-2016-5114 CVE-2016-5399 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296...
[SECURITY] [DLA 499-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u3 CVE ID : CVE-2015-8865 CVE-2015-8866 CVE-2015-8878 CVE-2015-8879 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 CVE-2016-4343 CVE-2016-4537 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 CVE-2015-8865 The...
[SECURITY] [DSA 3344-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3344-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 27, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DLA 4138-1] distro-info-data database update
Debian LTS Advisory DLA-4138-1 [email protected] https://www.debian.org/lts/security/ Stefano Rivera April 26, 2025 https://wiki.debian.org/LTS Package : distro-info-data Version : 0.51+deb11u8 This is a routine update of the distro-info-data database for Debian LTS users. It adds Ubunt...
[SECURITY] [DLA 2971-1] firefox-esr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2971-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 07, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2931-1] cyrus-sasl2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2931-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz March 06, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5046-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5046-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 14, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5000-2] openjdk-11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5000-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 22, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5001-1] redis security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5001-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 05, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2743-2] amd64-microcode update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2743-2 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta October 18, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4980-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4980-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 03, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2709-1] firefox-esr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2709-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort July 15, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4936-1] libuv1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4936-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 05, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2621-1] php-pear security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2621-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler April 08, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4854-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4854-1 [email protected] https://www.debian.org/security/ Alberto Garcia February 17, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4846-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4846-1 [email protected] https://www.debian.org/security/ Michael Gilbert February 07, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2540-1] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2540-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 01, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2536-1] libsdl2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2536-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 30, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4836-1] openvswitch security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4836-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 22, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2469-1] qemu security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2469-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 29, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2432-1] jupyter-notebook security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2432-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA November 19, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4793-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4793-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 18, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2412-1] openjdk-8 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2412-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 23, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2201-1] ntp security update
Package : ntp Version : 1:4.2.6.p5+dfsg-7+deb8u3 CVE ID : CVE-2020-11868 A Denial of Service DoS vulnerability was discovered in the network time protocol server/client, ntp. ntp allowed an "off-path" attacker to block unauthenticated synchronisation via a server mode packet with a spoofed source...
[SECURITY] [DLA 2191-1] dom4j security update
Package : dom4j Version : 1.6.1+dfsg.3-2+deb8u2 CVE ID : CVE-2020-10683 Debian Bug : 958055 A flaw was found in dom4j library. By using the default SaxReader provided by Dom4J, external DTDs and External Entities are allowed, resulting in a possible XXE. For Debian 8 "Jessie", this problem has be...
[SECURITY] [DLA 2186-1] ncmpc security update
Package : ncmpc Version : 0.24-1+deb8u1 CVE ID : CVE-2018-9240 It has been discovered a NULL pointer dereference could happen in ncmpc, an ncurses-based audio player. This could result in a crash and a denial of service. For Debian 8 "Jessie", this problem has been fixed in version 0.24-1+deb8u1...
[SECURITY] [DLA 2131-1] rrdtool security update
Package : rrdtool Version : 1.4.8-1.2+deb8u1 CVE ID : CVE-2014-6262 Multiple format string vulnerabilities in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted third argume...
[SECURITY] [DLA 2007-1] ruby2.1 security update
Package : ruby2.1 Version : 2.1.5-2+deb8u8 CVE ID : CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 Several flaws have been found in ruby2.1, an interpreter of an object-oriented scripting language. CVE-2019-15845 Path matching might pass in File.fnmatch and File.fnmatch? due to a NUL...
[SECURITY] [DSA 4504-1] vlc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4504-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 20, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4436-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4436-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 28, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1762-2] systemd regression update
Package : systemd Version : 215-17+deb8u13 In the recently uploaded systemd security update 215-17+deb8u12 via DLA-1762-1, a regression was discovered in the fix for CVE-2017-18078. The observation of Debian jessie LTS users was, that after upgrading to +deb8u12 temporary files would not have the...
[SECURITY] [DLA 1531-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.110-3+deb9u5deb8u1 CVE ID : CVE-2018-6554 CVE-2018-6555 CVE-2018-7755 CVE-2018-9363 CVE-2018-9516 CVE-2018-10902 CVE-2018-10938 CVE-2018-13099 CVE-2018-14609 CVE-2018-14617 CVE-2018-14633 CVE-2018-14678 CVE-2018-14734 CVE-2018-15572 CVE-2018-15594 CVE-2018-16276...
[SECURITY] [DLA 132-1] openssl security update
Package : openssl Version : 0.9.8o-4squeeze19 CVE ID : CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues:...
[SECURITY] [DLA 118-1] linux-2.6 security update
Package : linux-2.6 Version : 2.6.32-48squeeze10 CVE ID : CVE-2014-3185 CVE-2014-3687 CVE-2014-3688 CVE-2014-6410 CVE-2014-7841 CVE-2014-8709 CVE-2014-8884 Non-maintainer upload by the Squeeze LTS and Kernel Teams. New upstream stable release 2.6.32.65, see http://lkml.org/lkml/2014/12/13/81 for...
[SECURITY] [DSA 2262-2] php5 update
------------------------------------------------------------------------- Debian Security Advisory DSA-2266-2 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 01, 2011 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2189-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2189-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano March 10, 2011 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1304-1] New Linux kernel 2.6.8 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1304-1 [email protected] http://www.debian.org/security/ Dann Frazier June 16th, 2007 http://www.debian.org/security/faq -...