[SECURITY] [DLA 2266-1] nss security update

Package : nss Version : 2:3.26-1+debu8u11 CVE ID : CVE-2020-12399 CVE-2020-12402 Several vulnerabilities were fixed in nss, the Network Security Service libraries. CVE-2020-12399 Force a fixed length for DSA exponentiation. CVE-2020-12402 Side channel vulnerabilities during RSA key generation. Fo...

[SECURITY] [DSA 4664-1] mailman security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4664-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst April 26, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2157-1] weechat security update

Package : weechat Version : 1.0.1-1+deb8u3 CVE ID : CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 Several issues have been found in weechat, a fast, light and extensible chat client. All issues are about crafted messages, that could result in a buffer overflow and application crash. This could cause ...

[SECURITY] [DLA 2096-1] ruby-rack-cors security update

Package : ruby-rack-cors Version : 0.2.9-1+deb8u1 CVE ID : CVE-2019-18978 This package allowed ../ directory traversal to access private resources because resource matching did not ensure that pathnames were in a canonical format. For Debian 8 "Jessie", this problem has been fixed in version...

[SECURITY] [DLA 2059-1] git security update

Package : git Version : 1:2.1.4-2.1+deb8u8 CVE ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1353 CVE-2019-1387 Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. CVE-2019-1348 It was reported that the --export-marks option of git...

[SECURITY] [DLA 1953-1] clamav security update

Package : clamav Version : 0.101.4+dfsg-0+deb8u1 CVE ID : CVE-2019-12625 CVE-2019-12900 Debian Bug : 34359 It was discovered that clamav, the open source antivirus engine, is affected by the following security vulnerabilities: CVE-2019-12625 Denial of Service DoS vulnerability, resulting from...

[SECURITY] [DSA 4509-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4509-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1400-1] tomcat7 security update

Package : tomcat7 Version : 7.0.56-3+really7.0.88-1 CVE ID : CVE-2017-7674 CVE-2017-12616 CVE-2018-1304 CVE-2018-1305 CVE-2018-8014 Debian Bug : 802312 898935 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2017-7674 The CORS Filter in Apache Tomcat...

[SECURITY] [DLA 1325-1] drupal7 security update

Package : drupal7 Version : 7.14-2+deb7u18 CVE ID : CVE-2018-7600 Jasper Mattsson found a remote code execution vulnerability in the Drupal content management system. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being...

[SECURITY] [DSA 4082-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4082-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 09, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4073-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4073-1 [email protected] https://www.debian.org/security/ Ben Hutchings December 23, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1081-1] imagemagick security update

Package : imagemagick Version : 6.7.7.10-5+deb7u16 CVE ID : CVE-2017-8352 CVE-2017-9144 CVE-2017-9501 CVE-2017-10928 CVE-2017-10995 CVE-2017-11141 CVE-2017-11170 CVE-2017-11188 CVE-2017-11352 CVE-2017-11360 CVE-2017-11446 CVE-2017-11448 CVE-2017-11449 CVE-2017-11450 CVE-2017-11478 CVE-2017-11505...

[SECURITY] [DLA 988-1] rt-authen-externalauth security update

Package : rt-authen-externalauth Version : 0.10-4+deb7u1 CVE ID : CVE-2017-5361 It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI database mode is...

[SECURITY] [DSA 3860-1] samba security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3860-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 24, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3804-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3804-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 08, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3198-2] php5 regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3198-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 28, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 3180-1] libarchive security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3180-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini March 05, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2581-1] mysql-5.1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2581-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez December 04, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2406-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2406-1 [email protected] http://www.debian.org/security/ Florian Weimer February 09, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1436-1 [email protected] http://www.debian.org/security/ dann frazier December 20th, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 921-1] New Linux 2.4.27 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 921-1 [email protected] http://www.debian.org/security/ Martin Schulze December 14th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 5637-1] squid security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5637-1 [email protected] https://www.debian.org/security/ Markus Koschany March 08, 2024 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5312-1] libjettison-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5312-1 [email protected] https://www.debian.org/security/ Markus Koschany January 11, 2023 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5265-1] tomcat9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5265-1 [email protected] https://www.debian.org/security/ Markus Koschany October 29, 2022 https://www.debian.org/security/faq -...

[SECURITY] [DLA 3137-1] nodejs security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3137-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler October 05, 2022 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 3086-1] maven-shared-utils security update

Debian LTS Advisory DLA-3086-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 29, 2022 https://wiki.debian.org/LTS Package : maven-shared-utils Version : 3.3.0-1+deb10u1 CVE ID : CVE-2022-29599 Debian Bug : 1012314 It was discovered that the Commandline...

[SECURITY] [DLA 2993-1] libz-mingw-w64 security update

-------------------------------------------------------------------------- Debian LTS Advisory DLA-2993-1 [email protected] https://www.debian.org/lts/security/ Andreas Rönnquist May 04, 2022 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2919-1] python2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2919-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky February 12, 2022 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 4960-1] haproxy security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4960-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2740-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2740-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 12, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2722-1] libsndfile security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2722-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 30, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 4932-1] tor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4932-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 18, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2634-1] openjdk-8 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2634-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 23, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2609-1] thunderbird security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2609-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 26, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2560-1] qemu security update

Debian LTS Advisory DLA-2560-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler February 18, 2021 https://wiki.debian.org/LTS Package : qemu Version : 1:2.8+dfsg-6+deb9u13 CVE ID : CVE-2020-15469 CVE-2020-15859 CVE-2020-25084 CVE-2020-28916 CVE-2020-29130...

[SECURITY] [DSA 4852-1] openvswitch security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4852-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 15, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2524-1] spice-vdagent security update

Debian LTS Advisory DLA-2524-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA January 13, 2021 https://wiki.debian.org/LTS Package : spice-vdagent Version : 0.17.0-1+deb9u1 CVE ID : CVE-2017-15108 CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 Debian Bug...

[SECURITY] [DLA 2480-1] salt security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2480-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA December 04, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2470-1] zsh security update

Debian LTS Advisory DLA-2470-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 30, 2020 https://wiki.debian.org/LTS Package : zsh Version : 5.3.1-4+deb9u4 CVE ID : CVE-2017-18206 CVE-2018-0502 CVE-2018-1071 CVE-2018-1083 CVE-2018-1100 CVE-2018-13259...

[SECURITY] [DSA 4772-1] httpcomponents-client security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4772-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 14, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4755-1] openexr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4755-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 29, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4749-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4749-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4746-1] net-snmp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4746-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 15, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4733-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4733-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 24, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2199-1] openldap security update

Package : openldap Version : 2.4.40+dfsg-1+deb8u6 CVE ID : CVE-2020-12243 A vulnerability was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. LDAP search filters with nested boolean expressions can result in denial of service slapd daemon crash. For...

[SECURITY] [DLA 2166-1] libpam-krb5 security update

Package : libpam-krb5 Version : 4.6-3+deb8u1 CVE ID : CVE-2020-10595 The krb5 PAM module pamkrb5.so had a buffer overflow that might have caused remote code execution in situations involving supplemental prompting by a Kerberos library. It might have overflown a buffer provided by the underlying...

[SECURITY] [DLA 1903-1] subversion security update

Package : subversion Version : 1.8.10-6+deb8u7 CVE ID : CVE-2018-11782 CVE-2019-0203 Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-11782 Ace Olszowka reported that the...

[SECURITY] [DLA 1877-1] otrs2 security update

Package : otrs2 Version : 3.3.18-1+deb8u11 CVE ID : CVE-2018-11563 CVE-2019-12746 CVE-2019-13458 Several security issues have been fixed in otrs2, a well known trouble ticket system. CVE-2018-11563 An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose...

[SECURITY] [DSA 4465-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4465-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 17, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1751-1] suricata security update

Package : suricata Version : 2.0.7-2+deb8u4 CVE ID : CVE-2018-10242 CVE-2018-10243 Multiple vulnerabilities have been found in suricata, the network threat detection engine: CVE-2018-10242 Missing length check causing out-of-bounds read in SSHParseBanner app-layer-ssh.c. Remote attackers might...