14323 matches found
[SECURITY] [DLA 1970-1] php5 security update
Package : php5 Version : 5.6.40+dfsg-0+deb8u7 CVE ID : CVE-2019-11043 Emil Lerner, beched and d90pwn found a buffer underflow in php5-fpm, a Fast Process Manager for the PHP language, which can lead to remote code execution. Instances are vulnerable depending on the web server configuration, in...
[SECURITY] [DSA 4550-1] file security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4550-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4530-1] expat security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4530-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 22, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1810-1] tomcat7 security update
Package : tomcat7 Version : 7.0.56-3+really7.0.94-1 CVE ID : CVE-2019-0221 Nightwatch Cybersecurity Research team identified a XSS vulnerability in tomcat7. The SSI printenv command echoes user provided data without escaping. SSI is disabled by default. The printenv command is intended for...
[SECURITY] [DSA 4497-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4497-1 [email protected] https://www.debian.org/security/ Ben Hutchings August 13, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4465-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4465-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 17, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4393-1] systemd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4393-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 18, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4596-1] tomcat8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4596-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4534-1] golang-1.11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4534-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 27, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1884-1] linux security update
Package : linux Version : 3.16.72-1 CVE ID : CVE-2017-18509 CVE-2018-20836 CVE-2019-1125 CVE-2019-3900 CVE-2019-10207 CVE-2019-10638 CVE-2019-13631 CVE-2019-14283 CVE-2019-14284 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of...
[SECURITY] [DLA 1883-1] tomcat8 security update
Package : tomcat8 Version : 8.0.14-1+deb8u15 CVE ID : CVE-2016-5388 CVE-2018-8014 CVE-2019-0221 Debian Bug : 929895 898935 Several minor issues have been fixed in tomcat8, a Java Servlet and JSP engine. CVE-2016-5388 Apache Tomcat, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18...
[SECURITY] [DSA 4481-1] ruby-mini-magick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4481-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 13, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1758-1] debian-security-support update
Package : debian-security-support Version : 2019.02.02deb8u1 debian-security-support, the Debian security support coverage checker, has been updated in jessie. The jessie relevant changes are: Mark spice-xpi as end-of-life for Jessie. Add edk2 to security-support-ended.deb8 Add robocode to...
[SECURITY] [DSA 4430-1] wpa security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4430-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez April 10, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4591-1] cyrus-sasl2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4591-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 20, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4535-1] e2fsprogs security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4535-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 27, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1856-1] patch security update
Package : patch Version : 2.7.5-1+deb8u2 CVE ID : CVE-2019-13636 Handling of symlinks in patch, a tool to apply a diff file to an original, was wrong in certain cases. For Debian 8 "Jessie", this problem has been fixed in version 2.7.5-1+deb8u2. We recommend that you upgrade your patch packages...
[SECURITY] [DLA 1651-1] libgd2 security update
Package : libgd2 Version : 2.1.0-5+deb8u12 CVE ID : CVE-2018-5711 CVE-2018-1000222 CVE-2019-6977 CVE-2019-6978 Several issues in libgd2, a graphics library that allows to quickly draw images, have been found. CVE-2019-6977 A potential double free in gdImagePtr has been reported by Solmaz Salimi...
[SECURITY] [DLA 2571-1] openvswitch security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2571-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz February 19, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 1963-2] poppler regression update
Package : poppler Version : 0.180.26.5-2+deb8u13 CVE ID : CVE-2019-10871 Debian Bug : 942503 The fix for CVE-2019-10871 broke xpdf. This change has been reverted until a better fix can be developed. For Debian 8 "Jessie", this problem has been fixed in version 0.180.26.5-2+deb8u13. We recommend...
[SECURITY] [DLA 1907-1] libav security update
Package : libav Version : 6:11.12-1deb8u8 CVE ID : CVE-2017-9987 CVE-2018-5766 CVE-2018-11102 CVE-2019-14372 CVE-2019-14442 Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. CVE-2017-9987 In Libav, there was a heap-based buffer overflow...
[SECURITY] [DLA 1823-1] linux security update
Package : linux Version : 3.16.68-2 CVE ID : CVE-2019-3846 CVE-2019-5489 CVE-2019-10126 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11810 CVE-2019-11833 CVE-2019-11884 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of...
[SECURITY] [DLA-1657-1] debian-security-support enigmail end of life
Package : debian-security-support Version : 2019.02.01deb8u1 debian-security-support, the Debian security support coverage checker, has been updated in jessie. This marks the end of life of the Enigmail package in jessie. After many months of work to try backporting the various changes and fixes...
[SECURITY] [DSA 4380-1] golang-1.8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4380-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4920-1] libx11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4920-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 24, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4594-1] openssl1.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4594-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1845-1] dosbox security update
Package : dosbox Version : 0.74-4+deb8u1 CVE ID : CVE-2019-7165 CVE-2019-12594 Debian Bug : 931222 Several security vulnerabilities were discovered in DOSBox, an emulator for running old DOS programs. CVE-2019-7165 A very long line inside a bat file would overflow the parsing buffer which could b...
[SECURITY] [DLA 1707-1] symfony security update
Package : symfony Version : 2.3.21+dfsg-4+deb8u4 CVE ID : CVE-2017-16652 CVE-2017-16654 CVE-2018-11385 CVE-2018-11408 CVE-2018-14773 CVE-2018-19789 CVE-2018-19790 Several security vulnerabilities have been discovered in symfony, a PHP web application framework. Numerous symfony components are...
[SECURITY] [DSA 4384-1] libgd2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4384-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 04, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5197-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5197-1 [email protected] https://www.debian.org/security/ Markus Koschany August 01, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4508-1] h2o security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4508-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 24, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4482-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4482-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 14, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4379-1] golang-1.7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4379-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2019 https://www.debian.org/security/faq -...
[SECURITY] DLA-862-1: sitesummary regression update
Package : sitesummary Version : 0.1.8+deb7u2 Debian Bug : 852623 The fix for CVE-2016-8743 in apache2 2.2.22-13+deb7u8 DLA-841-1 caused 852623 in sitesummary, breaking the sitesummary-upload functionality. To address this sitesummary-upload needs to be changed to send CRLF \r\n line endings to be...
[SECURITY] [DLA 1820-1] thunderbird security update
Package : thunderbird Version : 1:60.7.1-1deb8u1 CVE ID : CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read. For Debian 8 "Jessie", these proble...
[SECURITY] [DSA 2094-1] New Linux 2.6.26 packages fix several issues
---------------------------------------------------------------------- Debian Security Advisory DSA-2094-1 [email protected] http://www.debian.org/security/ dann frazier August 19, 2010 http://www.debian.org/security/faq - ----------------------------------------------------------------------...
[SECURITY] [DSA 4912-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4912-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 04, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1921-1] dnsmasq security update
Package : dnsmasq Version : 2.72-3+deb8u5 CVE ID : CVE-2019-14513 Samuel R Lovejoy discovered a security vulnerability in dnsmasq. Carefully crafted packets by DNS servers might result in out of bounds read operations, potentially leading to a crash and denial of service. For Debian 8 "Jessie",...
[SECURITY] [DSA 4518-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4518-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 07, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1702-1] advancecomp security update
Package : advancecomp Version : 1.19-1+deb8u1 CVE ID : CVE-2018-1056 CVE-2019-9210 Debian Bug : 889270 923416 Several vulnerabilities were discovered in advancecomp, a collection of recompression utilities. CVE-2018-1056 Joonun Jang discovered that the advzip tool was prone to a heap-based buffer...
[SECURITY] [DLA 1696-1] ceph security update
Package : ceph Version : 0.80.7-2+deb8u3 CVE ID : CVE-2018-14662 CVE-2018-16846 Debian Bug : 921948 921947 Several vulnerabilities were discovered in Ceph, a distributed storage and file system. CVE-2018-14662 It was found that authenticated ceph users with read only permissions could steal...
[SECURITY] [DLA 1672-1] curl security update
Package : curl Version : 7.38.0-4+deb8u14 CVE IDs : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 It was discovered that there were three vulnerabilities in the curl command-line HTTP etc. client: CVE-2018-16890: A heap buffer out-of-bounds read vulnerability in the handling of NTLM type-2 messages...
[SECURITY] [DSA 5523-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5523-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 11, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3063-1] systemd security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3063-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler June 30, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 1805-1] minissdpd security update
Package : minissdpd Version : 1.2.20130907-3+deb8u2 CVE ID : CVE-2019-12106 Debian Bug : 929297 It was discovered that there was a use after free vulnerability in minissdpd, a network device discovery daemon. A remote attacker could abuse this to crash the process. For Debian 8 "Jessie", this iss...
[SECURITY] [DSA 4401-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4401-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 01, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4369-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4369-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 14, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2023-1] openjdk-7 security update
Package : openjdk-7 Version : 7u241-2.6.20-1deb8u1 CVE ID : CVE-2019-2894 CVE-2019-2933 CVE-2019-2945 CVE-2019-2949 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2987 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 Several...
[SECURITY] [DSA 4479-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4479-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 11, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4453-1] openjdk-8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4453-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 29, 2019 https://www.debian.org/security/faq -...