[SECURITY] [DLA 2111-1] jackson-databind security update

Package : jackson-databind Version : 2.4.2-2+deb8u11 CVE ID : CVE-2019-20330 CVE-2020-8840 It was found that jackson-databind, a Java library used to parse JSON and other data formats, could deserialize data without proper validation, allowing a maliciously client to perform remote code execution...

[SECURITY] [DLA 2062-1] sa-exim security update

Package : sa-exim Version : 4.2.1-14+deb8u1 CVE ID : CVE-2019-19920 Debian Bug : 946829 It was found that sa-exim, the SpamAssassin filter for Exim, allows attackers to execute arbitrary code if users are allowed to run custom rules. A similar issue was fixed in spamassassin, CVE-2018-11805, whic...

[SECURITY] [DLA 2019-1] exiv2 security update

Package : exiv2 Version : 0.24-4.1+deb8u5 CVE ID : CVE-2019-17402 A corrupted or specially crafted CRW images might exceed the overall buffersize to cause a denial of service. For Debian 8 "Jessie", this problem has been fixed in version 0.24-4.1+deb8u5. We recommend that you upgrade your exiv2...

[SECURITY] [DLA 1899-1] faad2 security update

Package : faad2 Version : 2.7-8+deb8u3 CVE ID : CVE-2018-19502 CVE-2018-20196 CVE-2018-20199 CVE-2018-20360 CVE-2019-6956 CVE-2019-15296 Debian Bug : 914641 Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder: CVE-2018-19502 Heap buffer overflow in the functi...

[SECURITY] [DSA 4496-1] pango1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4496-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 11, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1642-1] postgresql-9.4 new minor release

Package : postgresql-9.4 Version : 9.4.20-0+deb8u1 The PostgreSQL project has release a new minor release of the 9.4 branch. For Debian 8 "Jessie", this has been uploaded as version 9.4.20-0+deb8u1. We recommend that you upgrade your postgresql-9.4 packages. Further information about Debian LTS...

[SECURITY] [DSA 4364-1] ruby-loofah security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4364-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4308-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4308-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 01, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1490-1] php5 security update

Package : php5 Version : 5.6.37+dfsg-0+deb8u1 CVE ID : CVE-2018-14851 CVE-2018-14883 Debian Bug : 890266 Two vulnerabilities have been discovered in php5, a server-side, HTML-embedded scripting language. One CVE-2018-14851 results in a potential denial of service out-of-bounds read and applicatio...

[SECURITY] [DSA 4280-1] openssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4280-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 22, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DLA-1474-1] openssh security update

Package : openssh Version : 1:6.7p1-5+deb8u5 CVE ID : CVE-2018-15473 Debian Bug : 906236 It was discovered that there was a user enumeration vulnerability in OpenSSH. A remote attacker couldtest whether a certain user exists on a target server. For Debian 8 "Jessie", this issue has been fixed in...

[SECURITY] [DLA 1446-1] intel-microcode security update

Package : intel-microcode Version : 3.20180703.2deb8u1 CVE ID : CVE-2018-3639 CVE-2018-3640 Security researchers identified two software analysis methods that, if used for malicious purposes, have the potential to improperly gather sensitive data from multiple types of computing devices with...

[SECURITY] [DLA 1397-1] php5 security update

Package : php5 Version : 5.6.36+dfsg-0+deb8u1 CVE ID : CVE-2018-7584 CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2018-7584 A stack-buffer-overflow while...

[SECURITY] [DSA 4082-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4082-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 09, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1097-1] tcpdump security update

Package : tcpdump Version : 4.9.2-1deb7u1 CVE ID : CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991...

[SECURITY] [DSA 3937-1] zabbix security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3937-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 12, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DLA 841-2] apache2 regression update

Package : apache2 Version : 2.2.22-13+deb7u11 CVE ID : CVE-2015-0253 CVE-2016-8743 Debian Bug : 858373 The fix for CVE-2016-8743 introduced a regression which would segfault apache workers under certain conditions 858373, an issue similar to previously fixed CVE-2015-0253. The issue was introduce...

[SECURITY] [DSA 3773-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3773-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 27, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3689-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3689-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 08, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3666-1] mysql-5.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3666-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 14, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA 610-1] tiff3 security update

Package : tiff3 Version : 3.9.6-11+deb7u1 CVE ID : CVE-2010-2596 CVE-2013-1961 CVE-2014-8128 CVE-2014-8129 CVE-2014-9655 CVE-2015-1547 CVE-2015-8665 CVE-2015-8683 CVE-2016-3186 CVE-2016-3623 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5314 CVE-2016-5315 CVE-2016-5316 CVE-2016-5317...

[SECURITY] [DSA 3514-1] samba security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3514-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 12, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA 341-1] php5 security update

Package : php5 Version : 5.3.3.1-7+squeeze28 CVE ID : CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-6834 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 CVE-2015-7803 CVE-2015-7804 CVE-2015-6831 Use after free vulnerability was found in unserialize function. We can create ZVAL and free it via...

[SECURITY] [DSA 3290-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3290-1 [email protected] https://www.debian.org/security/ Ben Hutchings June 18, 2015 https://www.debian.org/security/faq -...

[DLA 33-1] openssl security update

Package : openssl Version : 0.9.8o-4squeeze17 CVE ID : CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510 Detailed descriptions of the vulnerabilities can be found at: https://www.openssl.org/news/secadv20140806.txt Its important that you upgrade the libssl0.9.8 package and not...

[SECURITY] [DSA 2974-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2974-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso July 08, 2014 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2228-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2228-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 01, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA-2141-2] New nss packages fix protocol design flaw

------------------------------------------------------------------------ Debian Security Advisory DSA-2141-2 [email protected] http://www.debian.org/security/ Stefan Fritsch January 06, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2122-1] New glibc packages fix local privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-2122-1 [email protected] http://www.debian.org/security/ Florian Weimer October 22, 2010 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1869-1] New curl packages fix SSL certificate verification weakness

-------------------------------------------------------------------------- Debian Security Advisory DSA-1869-1 [email protected] http://www.debian.org/security/ Nico Golde August 19th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities

---------------------------------------------------------------------- Debian Security Advisory DSA-1794-1 [email protected] http://www.debian.org/security/ dann frazier May 6, 2009 http://www.debian.org/security/faq - ----------------------------------------------------------------------...

[SECURITY] [DSA 1481-1] New Linux 2.6.18 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1428-1 [email protected] http://www.debian.org/security/ dann frazier December 10th, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 5593-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5593-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 01, 2024 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5498-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5498-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 15, 2023 https://www.debian.org/security/faq -...

[SECURITY] [DLA 3325-1] openssl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3325-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 20, 2023 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 3259-1] libjettison-java security update

Debian LTS Advisory DLA-3259-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 31, 2022 https://wiki.debian.org/LTS Package : libjettison-java Version : 1.5.3-1deb10u1 CVE ID : CVE-2022-40150 CVE-2022-45685 CVE-2022-45693 Debian Bug : 1022553 Several flaw...

[SECURITY] [DLA 3164-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3164-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb October 28, 2022 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 5218-1] zlib security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5218-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 25, 2022 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2986-1] golang-1.8 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2986-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler April 28, 2022 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 5074-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5074-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 13, 2022 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5058-1] openjdk-17 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5058-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 24, 2022 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5057-1] openjdk-11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5057-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 24, 2022 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4979-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4979-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 01, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4873-1] squid security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4873-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 23, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4855-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4855-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 17, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2507-1] libxstream-java security update

Debian LTS Advisory DLA-2507-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 31, 2020 https://wiki.debian.org/LTS Package : libxstream-java Version : 1.4.11.1-1+deb9u1 CVE ID : CVE-2020-26258 CVE-2020-26259 Debian Bug : 977625 977624 Several security...

[SECURITY] [DLA 2501-1] influxdb security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2501-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 20, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DSA 4804-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4804-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 04, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2376-1] qtbase-opensource-src security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2376-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 21, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2310-1] thunderbird security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2310-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 02, 2020 https://wiki.debian.org/LTS -...