14333 matches found
[SECURITY] [DSA 4784-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4784-1 [email protected] https://www.debian.org/security/ Sebastien Delafond November 06, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2410-1] bluez security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2410-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb October 21, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2380-1] ruby-gon security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2380-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 26, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4767-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4767-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 25, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4764-1] inspircd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4764-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 18, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4751-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4751-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 27, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2320-1] golang-github-seccomp-libseccomp-golang security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2320-1 [email protected] https://www.debian.org/lts/security/ August 10, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...
[SECURITY] [DLA 2299-1] net-snmp security update
Package : net-snmp Version : 5.7.3+dfsg-1.7+deb9u2 Debian Bug : 965166 A privilege escalation vulnerability vulnerability was discovered in Net-SNMP, a set of tools for collecting and organising information about devices on computer networks. Upstream notes that: It is still possible to enable th...
[SECURITY] [DSA 4701-1] intel-microcode security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4701-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 11, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2204-1] mailman security update
Package : mailman Version : 1:2.1.18-2+deb8u6 CVE ID : CVE-2020-12108 It was discovered that there was an arbitrary content injection vulnerability in the Mailman mailing list manager. For Debian 8 "Jessie", this issue has been fixed in mailman version 1:2.1.18-2+deb8u6. We recommend that you...
[SECURITY] [DLA 2195-1] w3m security update
Package : w3m Version : 0.5.3-19+deb8u3 CVE ID : CVE-2018-6196 CVE-2018-6197 Two issues have been found in w3m, WWW browsable pager with excellent tables/frames support. One issue is related to a stack overflow, the other one is a fix for a null pointer dereference. Brief introduction CVE-2018-61...
[SECURITY] [DLA 2112-1] python-reportlab security update
Package : python-reportlab Version : 3.1.8-3+deb8u2 CVE ID : CVE-2019-17626 Debian Bug : 942763 It was found that ReportLab, a Python library to create PDF documents, did not properly parse color strings, allowing an attacker to execute arbitrary code through a crafted input document. For Debian ...
[SECURITY] [DLA 2039-1] libvorbis security update
Package : libvorbis Version : 1.3.4-2+deb8u3 CVE ID : CVE-2017-11333 CVE-2017-14633 Two issues have been found in libvorbis, a decoder library for Vorbis General Audio Compression Codec. 2017-14633 In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function...
[SECURITY] [DLA 1978-1] python-ecdsa security update
Package : python-ecdsa Version : 0.11-1+deb8u1 CVE ID : CVE-2019-14853 CVE-2019-14859 It was discovered that python-ecdsa, a cryptographic signature library for Python, did not correctly verify DER encoded signatures. Malformed signatures could lead to unexpected exceptions and in some cases did...
[SECURITY] [DLA 1922-1] wpa security update
Package : wpa Version : 2.3-1+deb8u9 CVE ID : CVE-2019-16275 Debian Bug : 940080 hostapd and wpasupplicant when controlling AP mode did not perform sufficient source address validation for some received Management frames and this could result in ending up sending a frame that caused associated...
[SECURITY] [DLA 1504-1] ghostscript security update
Package : ghostscript Version : 9.06dfsg-2+deb8u8 CVE ID : CVE-2018-11645 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16509 CVE-2018-16511 CVE-2018-16513 CVE-2018-16539 CVE-2018-16540 CVE-2018-16541 CVE-2018-16542 CVE-2018-16585 CVE-2018-16802 Debian Bug : 907332 908305...
[SECURITY] [DLA 1479-1] twitter-bootstrap3 security update
Package : twitter-bootstrap3 Version : 3.2.0+dfsg-1+deb7u1 CVE ID : CVE-2018-14040 Debian Bug : 907414 The Bootstrap framework was found to have cross-site scripting vulnerabilities in the "collapse" plugin. For Debian 8 "Jessie", this problem has been fixed in version 3.2.0+dfsg-1+deb7u1. We...
[SECURITY] [DSA 4218-1] memcached security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4218-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 06, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4190-1] jackson-databind security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4190-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 03, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4184-1] sdl-image1.2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4184-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1335-1] zsh security update
Package : zsh Version : 4.3.17-1+deb7u2 CVE ID : CVE-2018-1071 CVE-2018-1083 Debian Bug : 894044 894043 Two security vulnerabilities were discovered in the Z shell. CVE-2018-1071 Stack-based buffer overflow in the exec.c:hashcmd function. A local attacker could exploit this to cause a denial of...
[SECURITY] [DLA 1248-1] libgd2 security update
Package : libgd2 Version : 2.0.36rc1dfsg-6.1+deb7u11 CVE ID : CVE-2018-5711 Debian Bug : 887485 It was discovered that there was a denial-of-service attack in the libgd2 image library. A corrupt file could have exploited a signedness confusion leading to an infinite loop. For Debian 7 "Wheezy",...
[SECURITY] [DSA 4061-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4061-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 10, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4012-1] libav security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4012-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 31, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3954-1] openjdk-7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3954-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 25, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3945-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3945-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3942-1] supervisor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3942-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 13, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1055-1] libgd2 security update
Package : libgd2 Version : 2.0.36rc1dfsg-6.1+deb7u9 CVE ID : CVE-2017-7890 Matviy Kotoniy reported that the gdImageCreateFromGifCtx function used to load images from GIF format files in libgd2, a library for programmatic graphics creation and manipulation, does not zero stack allocated color map...
[SECURITY] [DLA 993-1] linux security update
Package : linux Version : 3.2.89-1 CVE ID : CVE-2017-0605 CVE-2017-7487 CVE-2017-7645 CVE-2017-7895 CVE-2017-8890 CVE-2017-8924 CVE-2017-8925 CVE-2017-9074 CVE-2017-9075 CVE-2017-9076 CVE-2017-9077 CVE-2017-9242 CVE-2017-1000364 Several vulnerabilities have been discovered in the Linux kernel tha...
[SECURITY] [DLA 951-1] samba security update
Package : samba Version : 2:3.6.6-6+deb7u13 CVE ID : CVE-2017-7494 steelo discovered a remote code execution vulnerability in Samba, a SMB/CIFS file, print, and login server for Unix. A malicious client with access to a writable share, can take advantage of this flaw by uploading a shared library...
[SECURITY] [DSA 3859-1] dropbear security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3859-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 19, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3732-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3732-1 [email protected] https://www.debian.org/security/ Sebastien Delafond December 13, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 569-1] xmlrpc-epi security update
Package : xmlrpc-epi Version : 0.54.2-1+deb7u1 CVE ID : CVE-2016-6296 Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2 allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact...
[SECURITY] [DLA 529-1] tomcat7 security update
Package : tomcat7 Version : 7.0.28-4+deb7u5 CVE ID : CVE-2016-3092 A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer 4096 bytes used to read the uploaded file. This caused the file...
[SECURITY] [DSA 3597-1] expat security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3597-1 [email protected] https://www.debian.org/security/ Luciano Bello June 07, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 507-1] nss security update
Package : nss Version : 2:3.14.5-1+deb7u7 CVE ID : CVE-2015-4000 Debian Bug : N/A A vulnerability has been found in nss. CVE-2015-4000 With TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which...
[SECURITY] [DSA 3473-1] nginx security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3473-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 11, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3448-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3448-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 19, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3434-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3434-1 [email protected] https://www.debian.org/security/ Ben Hutchings January 05, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3413-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3413-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 04, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DLA 316-1] eglibc security update
Package : eglibc Version : 2.11.3-4+deb6u7 CVE ID : CVE-2014-8121 Bug-Reference : 779587 Several vulnerabilities have been discovered in eglibc that may lead to a privilege escalation or denial of service. Glibc pointer guarding weakness A weakness in the dynamic loader prior has been found. The...
[SECURITY] [DSA 3364-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3364-1 [email protected] https://www.debian.org/security/ Ben Hutchings September 21, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3361-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3361-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 18, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3338-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3338-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini August 18, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DLA 246-2] linux-2.6 regression update
Package : linux-2.6 Version : 2.6.32-48squeeze13 CVE ID : CVE-2011-5321 CVE-2012-6689 CVE-2014-3184 CVE-2014-8159 CVE-2014-9683 CVE-2014-9728 CVE-2014-9729 CVE-2014-9730 CVE-2014-9731 CVE-2015-1805 CVE-2015-2041 CVE-2015-2042 CVE-2015-2830 CVE-2015-2922 CVE-2015-3339 CVE-2015-4167 Debian Bug :...
[SECURITY] [DSA 3197-2] openssl regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3197-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 24, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3147-1] openjdk-6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3147-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 30, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3075-1] drupal7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3075-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 20, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 50-1] file security update
Package : file Version : 5.04-5+squeeze7 CVE ID : CVE-2014-3538 CVE-2014-3587 Debian Bug : - CVE-2014-3538 file does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service CPU consumption. CVE-2014-3587 Integer overflow in t...
[DLA 43-1] eglibc security update
Package : eglibc Version : 2.11.3-4+deb6u1 CVE ID : CVE-2014-0475 CVE-2014-5119 CVE-2014-0475 Stephane Chazelas discovered that the GNU C library, glibc, processed ".." path segments in locale-related environment variables, possibly allowing attackers to circumvent intended restrictions, such as...