[SECURITY] [DLA 2364-1] netty security update

Debian LTS Advisory DLA-2364-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez September 04, 2020 https://wiki.debian.org/LTS Package : netty Version : 1:4.1.7-2+deb9u2 CVE ID : CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 CVE-2020-11612 Debian Bug : 950966 9509...

[SECURITY] [DLA 2234-1] netqmail security update

Package : netqmail Version : 1.06-6.2deb8u1 CVE ID : CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811 CVE-2020-3812 Debian Bug : 961060 There were several CVE bugs reported against src:netqmail. CVE-2005-1513 Integer overflow in the strallocreadyplus function in qmail, when running on 64 b...

[SECURITY] [DLA 2071-1] thunderbird security update

Package : thunderbird Version : 1:68.4.1-1deb8u1 CVE ID : CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or information disclosure. For Debian 8...

[SECURITY] [DSA 4571-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4571-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 17, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4570-1] mosquitto security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4570-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 17, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4499-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4499-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 12, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1872-1] python-django security update

Package : python-django Version : 1.7.11-1+deb8u7 CVE IDs : CVE-2019-14232 CVE-2019-14233 Debian Bug : 934026 It was discovered that there were two vulnerabilities in the Django web development framework: CVE-2019-14232: Prevent a possible denial-of-service in django.utils.text.Truncator. If...

[SECURITY] [DLA 1759-1] clamav security update

Package : clamav Version : 0.100.3+dfsg-0+deb8u1 CVE ID : CVE-2019-1787 CVE-2019-1788 CVE-2019-1789 Debian Bug : Out-of-bounds read and write conditions have been fixed in clamav. CVE-2019-1787 An out-of-bounds heap read condition may occur when scanning PDF documents. The defect is a failure to...

[SECURITY] [DLA 1722-1] firefox-esr security update

Package : firefox-esr Version : 60.6.0esr-1deb8u1 CVE ID : CVE-2018-18506 CVE-2019-9788 CVE-2019-9790 CVE-2019-9791 CVE-2019-9792 CVE-2019-9793 CVE-2019-9795 CVE-2019-9796 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution ...

[SECURITY] [DLA 1632-1] libsndfile security update

Package : libsndfile Version : 1.0.25-9.1+deb8u3 CVE ID : CVE-2018-19758 Debian Bug : 917416 A heap-buffer-overflow vulnerability was discovered in libsndfile, the library for reading and writing files containing sampled sound. This flaw might be triggered by remote attackers to cause denial of...

[SECURITY] [DLA 1349-1] linux-tools security update

Package : linux-tools Version : 3.2.101-1 Debian Bug : 693667 696957 708994 This update doesnt fix a vulnerability in linux-tools, but provides support for building Linux kernel modules with the "retpoline" mitigation for CVE-2017-5715 Spectre variant 2. This update also includes bug fixes from t...

[SECURITY] [DSA 4158-1] openssl1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4158-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 29, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4081-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4081-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DLA 282-1] lighttpd security update

Package : lighttpd Version : 1.4.28-2+squeeze1.7 CVE ID : CVE-2014-3566 Debian Bug : 765702 This update allows to disable SSLv3 in lighttpd in order to protect against the POODLE attack. SSLv3 is now disabled by default and can be reenabled if needed using the ssl.use-sslv3 option...

[SECURITY] [DLA 155-1] linux-2.6 security update

Package : linux-2.6 Version : 2.6.32-48squeeze11 CVE ID : CVE-2013-6885 CVE-2014-7822 CVE-2014-8133 CVE-2014-8134 CVE-2014-8160 CVE-2014-9420 CVE-2014-9584 CVE-2014-9585 CVE-2015-1421 CVE-2015-1593 This update fixes the CVEs described below. A further issue, CVE-2014-9419, was considered, but...

[SECURITY] [DSA 3142-1] eglibc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3142-1 [email protected] http://www.debian.org/security/ Florian Weimer January 27, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DLA 94-1] php5 security update

Package : php5 Version : 5.3.3-7+squeeze23 CVE ID : CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 CVE-2014-3710 CVE-2014-3668 Fix bug 68027 - fix date parsing in XMLRPC lib CVE-2014-3669 Fix bug 68044: Integer overflow in unserialize 32-bits only CVE-2014-3670 Fix bug 68113 Heap corruption in...

[SECURITY] [DLA 63-1] bash security update

Package : bash Version : 4.1-3+deb6u2 CVE ID : CVE-2014-7169 Debian Bug : 762760 762761 Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into anothe...

[SECURITY] [DSA 2579-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2579-1 [email protected] http://www.debian.org/security/ Stefan Fritsch November 30, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1463-1] New postgresql-7.4 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1463-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 14, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1184-2] New Linux 2.6.8 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1184-2 [email protected] http://www.debian.org/security/ Dann Frazier September 26th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1104-1] New OpenOffice.org packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1104-1 [email protected] http://www.debian.org/security/ Martin Schulze June 30th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DLA 3909-1] zabbix security update

Debian LTS Advisory DLA-3909-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost October 03, 2024 https://wiki.debian.org/LTS Package : zabbix Version : 1:5.0.44+dfsg-1+deb11u1 CVE ID : CVE-2022-23132 CVE-2022-23133 CVE-2022-24349 CVE-2022-24917 CVE-2022-24918...

[SECURITY] [DSA 5577-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5577-1 [email protected] https://www.debian.org/security/ Andres Salomon December 13, 2023 https://www.debian.org/security/faq -...

[SECURITY] [DLA 3236-1] openexr security update

Debian LTS Advisory DLA-3236-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 12, 2022 https://wiki.debian.org/LTS Package : openexr Version : 2.2.1-4.1+deb10u2 CVE ID : CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 CVE-2021-3474 CVE-2021-3475 CVE-2021-34...

[SECURITY] [DSA 5299-1] openexr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5299-1 [email protected] https://www.debian.org/security/ Markus Koschany December 10, 2022 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5170-1] nodejs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5170-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 27, 2022 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5149-1] cups security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5149-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 26, 2022 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5087-1] cyrus-sasl2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5087-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 25, 2022 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2880-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2880-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 16, 2022 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2870-1] apache-log4j2 security update

Debian LTS Advisory DLA-2870-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 29, 2021 https://wiki.debian.org/LTS Package : apache-log4j2 Version : 2.12.4-0+deb9u1 CVE ID : CVE-2021-44832 Debian Bug : 1002813 Apache Log4j2, a Java Logging Framework, is...

[SECURITY] [DLA 2848-1] libssh2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2848-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky December 17, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2802-1] elfutils security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2802-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk October 30, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 4971-1] ntfs-3g security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4971-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 09, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2731-1] wordpress security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2731-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 04, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2711-1] thunderbird security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2711-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort July 19, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2700-1] htmldoc security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2700-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta July 01, 2021 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...

[SECURITY] [DLA 2688-1] jetty9 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2688-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler June 17, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 4912-1] exim4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4912-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 04, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2588-1] zeromq3 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2588-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky March 09, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DLA-2530-1] drupal7 security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2530-1 [email protected] https://www.debian.org/lts/security/ Gunnar Wolf January 21, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2521-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2521-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 08, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 4806-1] minidlna security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4806-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 07, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2439-1] libexif security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2439-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 07, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 4780-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4780-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4776-1] mariadb-10.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4776-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 20, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4768-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4768-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 28, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4731-1] redis security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4731-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 19, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2177-1] git security update

Package : git Version : 1:2.1.4-2.1+deb8u9 CVE ID : CVE-2020-5260 Felix Wilhelm of Google Project Zero discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline, the credential helper machinery can be fooled to return credential...

[SECURITY] [DLA 2121-1] libimobiledevice security update

Package : libimobiledevice Version : 1.1.6+dfsg-3.1+deb8u1 CVE ID : CVE-2016-5104 Debian Bug : 825553 It was discovered that libimobiledevice incorrectly handled socket permissions. A remote attacker could use this issue to access services on iOS devices, contrary to expectations. For Debian 8...