14400 matches found
[SECURITY] [DLA 2597-1] velocity-tools security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2597-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb March 17, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2581-1] wpa security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2581-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 03, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2554-1] firejail security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2554-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 11, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2533-1] crmsh security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2533-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb January 25, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2453-1] restic security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2453-1 [email protected] https://www.debian.org/lts/security/ Brian May November 17, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2384-1] yaws security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2384-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 26, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4748-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4748-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 25, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2275-1] ruby-rack security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2275-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta July 10, 2020 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...
[SECURITY] [DLA 2270-1] jackson-databind security update
Package : jackson-databind Version : 2.4.2-2+deb8u15 CVE ID : CVE-2020-14060 CVE-2020-14061 CVE-2020-14062 CVE-2020-14195 There were several CVEs reported against src:jackson-databind, which are as follows: CVE-2020-14060 FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction...
[SECURITY] [DLA 2268-2] mutt regression update
Package : mutt Version : 1.5.23-3+deb8u3 CVE ID : CVE-2020-14093 CVE-2020-14954 Debian Bug : Two vulnerabilities have been discovered in mutt, a console email client. CVE-2020-14093 Mutt allowed an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. CVE-2020-14954 Mutt had a STARTT...
[SECURITY] [DLA 2230-1] php-horde security update
Package : php-horde Version : 5.2.1+debian0-2+deb8u6 CVE ID : CVE-2020-8035 The image view functionality in Horde Groupware Webmail Edition was affected by a stored Cross-Site Scripting XSS vulnerability via an SVG image upload containing a JavaScript payload. An attacker could have obtained acce...
[SECURITY] [DLA 2141-1] yubikey-val security update
Package : yubikey-val Version : 2.27-1+deb8u1 CVE ID : CVE-2020-10184 CVE-2020-10185 The following CVEs were reported against yubikey-val. CVE-2020-10184 The verify endpoint in YubiKey Validation Server before 2.40 does not check the length of SQL queries, which allows remote attackers to cause a...
[SECURITY] [DLA 2139-1] dojo security update
Package : dojo Version : 1.10.2+dfsg-1+deb8u3 CVE ID : CVE-2020-5258 CVE-2020-5259 Debian Bug : 953585 953587 The following CVEs were reported against dojo: CVE-2020-5258 In affected versions of dojo, the deepCopy method is vulnerable to Prototype Pollution. An attacker could manipulate these...
[SECURITY] [DLA 2137-1] sleuthkit security update
Package : sleuthkit Version : 4.1.3-4+deb8u2 CVE ID : CVE-2020-10232 In version 4.8.0 and earlier of The Sleuth Kit TSK, there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfsistat in fs/yaffs.c. For Debian 8 "Jessie", this problem has been fixed in...
[SECURITY] [DSA 4610-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4610-1 [email protected] https://www.debian.org/security/ Alberto Garcia January 29, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1977-1] libvncserver security update
Package : libvncserver Version : 0.9.9+dfsg2-6.1+deb8u6 CVE ID : CVE-2019-15681 Debian Bug : 943793 LibVNC contained a memory leak CWE-655 in VNC server code, which allowed an attacker to read stack memory and could be abused for information disclosure. For Debian 8 "Jessie", this problem has bee...
[SECURITY] [DLA 1926-1] thunderbird security update
Package : thunderbird Version : 1:60.9.0-1deb8u1 CVE ID : CVE-2019-11739 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11752 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site...
[SECURITY] [DSA 4495-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4495-1 [email protected] https://www.debian.org/security/ Ben Hutchings August 10, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4456-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4456-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 05, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4444-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4444-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 14, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1753-2] proftpd-dfsg regression update
Package : proftpd-dfsg Version : 1.3.5e+r1.3.5-2+deb8u1 CVE ID : not available Debian Bug : 923926 926719 The update of proftpd-dfsg issued as DLA-1753-1 caused a regression when using the sftp module. Login to the sftp server was impossible when the SFTPPAMEngine option was turned on 926719. Thi...
[SECURITY] [DLA 1695-1] sox security update
Package : sox Version : 14.4.1-5+deb8u2 CVE ID : CVE-2017-15370 CVE-2017-15372 CVE-2017-15642 CVE-2017-18189 Debian Bug : 878808, 878810, 882144, 881121 Multiple vulnerabilities have been discovered in SoX Sound eXchange, a sound processing program: CVE-2017-15370 The ImaAdpcmReadBlock function...
[SECURITY] [DSA 4349-1] tiff security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4349-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 30, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1524-1] libxml2 security update
Package : libxml2 Version : 2.9.1+dfsg1-5+deb8u7 CVE ID : CVE-2017-18258 CVE-2018-9251 CVE-2018-14404 CVE-2018-14567 CVE-2018-14404 Fix of a NULL pointer dereference which might result in a crash and thus in a denial of service. CVE-2018-14567 and CVE-2018-9251 Approvement in LZMA error handling...
[SECURITY] [DSA 4217-1] wireshark security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4217-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 03, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4124-1] lucene-solr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4124-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 27, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1139-1] imagemagick security update
Package : imagemagick Version : 8:6.7.7.10-5+deb7u18 CVE ID : CVE-2017-15277 CVE-2017-15281 Debian Bug : 878578 878579 This update fixes two vulnerabilities in ImageMagick: CVE-2017-15277 An uninitialized data structure could lead to information disclosure when reading a specially crafted GIF fil...
[SECURITY] [DLA 781-1] asterisk security update
Package : asterisk Version : 1:1.8.13.1dfsg1-3+deb7u5 CVE ID : CVE-2014-2287 CVE-2016-7551 Debian Bug : 838832 741313 Two security vulnerabilities were discovered in Asterisk, an Open Source PBX and telephony toolkit. CVE-2014-2287 channels/chansip.c in Asterisk when chansip has a certain...
[SECURITY] [DSA 3739-1] tomcat8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3739-1 [email protected] https://www.debian.org/security/ Sebastien Delafond December 18, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 483-1] expat security update
Package : expat Version : 2.1.0-1+deb7u3 CVE ID : CVE-2016-0718 Gustavo Grieco discovered that Expat, a XML parsing C library, does not properly handle certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. A remote attacker can take...
[SECURITY] [DSA 3580-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3580-1 [email protected] https://www.debian.org/security/ Luciano Bello May 16, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3514-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3514-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 12, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3433-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3433-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 02, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 361-1] bouncycastle security update
Package : bouncycastle Version : 1.44+dfsg-2+deb6u1 CVE ID : CVE-2015-7940 Debian Bug : 802671 The Bouncy Castle Java library before 1.51 does not validate that a point is within the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic...
[SECURITY] [DLA 322-1] commons-httpclient security update
Package : commons-httpclient Version : 3.1-9+deb6u2 CVE ID : CVE-2015-5262 Trevin Beattie 1 discovered an issue where one could observe hanging threads in a multi-threaded Java application. After debugging the issue, it became evident that the hanging threads were caused by the SSL initialization...
[SECURITY] [DSA 3313-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3313-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3260-1] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3260-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 13, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2923-1] openjdk-7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2923-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 05, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2460-1] asterisk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2460-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 25, 2012 http://www.debian.org/security/faq -...
[Backports-security-announce] Security Update for xulrunner
Alexander Reichle-Schmehl uploaded new packages for xulrunner which fixed the following security problems: CVE-2010-1211 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of...
[SECURITY] [DSA 1844-1] New Linux 2.6.24 packages fix several vulnerabilities
---------------------------------------------------------------------- Debian Security Advisory DSA-1844-1 [email protected] http://www.debian.org/security/ Dann Frazier July 28, 2009 http://www.debian.org/security/faq - ----------------------------------------------------------------------...
[SECURITY] [DSA 1653-1] New Linux 2.6.18 packages fix several vulnerabilities
---------------------------------------------------------------------- Debian Security Advisory DSA-1653-1 [email protected] http://www.debian.org/security/ dann frazier Oct 13, 2008 http://www.debian.org/security/faq - ----------------------------------------------------------------------...
[SECURITY] [DSA 1515-1] New libnet-dns-perl packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1515-1 [email protected] http://www.debian.org/security/ Florian Weimer March 11, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1490-1] New tk8.3 packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1490-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 10, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1195-1] new openssl096 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1195-1 [email protected] http://www.debian.org/security/ Noah Meyerhans October 10, 2006 - ------------------------------------------------------------------------ Package : openssl096...
[SECURITY] [DSA 1167-1] New apache packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1167-1 [email protected] http://www.debian.org/security/ Steve Kemp September 4th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1103-1] New Linux kernel 2.6.8 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1103-1 [email protected] http://www.debian.org/security/ Dann Frazier, Troy Heber June 27th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 922-1] New Linux 2.6.8 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 922-1 [email protected] http://www.debian.org/security/ Martin Schulze December 14th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 506-1] New neon packages fix buffer overflow
-------------------------------------------------------------------------- Debian Security Advisory DSA 506-1 [email protected] http://www.debian.org/security/ Martin Schulze May 19th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DLA 3638-1] h2o security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3638-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky October 29, 2023 https://wiki.debian.org/LTS -...