[SECURITY] [DLA DLA-1396-1] redis security update

Package : redis Version : 2:2.8.17-1+deb8u6 CVE IDs : CVE-2018-11218, CVE-2018-11219, CVE-2018-12326 Debian Bugs : 901495, 902410 It was discovered that there were a number of vulnerabilities in redis, a persistent key-value database: CVE-2018-11218, CVE-2018-11219: Multiple heap corruption and...

[SECURITY] [DSA 4208-1] procps security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4208-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 22, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1376-1] firefox-esr security update

Package : firefox-esr Version : 52.8.0esr-1deb7u1 CVE ID : CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5178 CVE-2018-5183 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and...

[SECURITY] [DSA 4176-1] mysql-5.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4176-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 20, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4161-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4161-1 [email protected] https://www.debian.org/security/ Luciano Bello April 01, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4114-1] jackson-databind security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4114-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 15, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1230-1] xen security update

Package : xen Version : 4.1.6.lts1-11 CVE ID : CVE-2017-17044 CVE-2017-17045 CVE-2017-17563 CVE-2017-17564 CVE-2017-17565 CVE-2017-17566 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, information leaks, privilege escalation or the...

[SECURITY] [DSA 4065-1] openssl1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4065-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 17, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4032-1] imagemagick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4032-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 12, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DLA 1100-1] gdk-pixbuf security update

Package : gdk-pixbuf Version : 2.26.1-1+deb7u6 CVE ID : CVE-2017-2862 Debian Bug : 874552 Marcin Noga discovered a buffer overflow in the JPEG loader of the GDK Pixbuf library, which may result in the execution of arbitrary code if a malformed file is opened. For Debian 7 "Wheezy", these problems...

[SECURITY] [DSA 3968-1] icedove/thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3968-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 11, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DLA 993-2] linux regression update

Package : linux Version : 3.2.89-2 Debian Bug : 865303 The security update announced as DLA-993-1 caused regressions for some applications using Java - including jsvc, LibreOffice and Scilab - due to the fix for CVE-2017-1000364. Updated packages are now available to correct this issue. For...

[SECURITY] [DLA 953-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.16-1.1+deb7u7 CVE ID : CVE-2017-9098 Debian Bug : 862967 Chris Evans discovered that graphicsmagick used uninitialized memory in the RLE decoder, allowing an remote attacker to leak sensitive information from process memory space. More information are...

[SECURITY] [DSA 3849-1] kde4libs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3849-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 12, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3842-1] tomcat7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3842-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 03, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3835-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3835-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 26, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3767-1] mysql-5.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3767-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 19, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DLA 746-2] tomcat6 regression update

Package : tomcat6 Version : 6.0.45+dfsg-1deb7u5 Debian Bug : 848492 The last security update introduced a regression due to the use of StringManager in the ResourceLinkFactory class. The code was removed again since it is not strictly required to resolve CVE-2016-6797. For Debian 7 "Wheezy", thes...

[SECURITY] [DSA 3725-1] icu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3725-1 [email protected] https://www.debian.org/security/ Luciano Bello November 27, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA 634-1] dropbear security update

Package : dropbear Version : 2012.55-1.3+deb7u1 CVE IDs : CVE-2016-7406 CVE-2016-7407 It was discovered that there were two issues in dropbear, a lightweight SSH2 server and client: - CVE-2016-7406: Potential issues in exit message formatting. - CVE-2016-7407: Overflows when parsing OpenSSHs ASN....

[SECURITY] [DSA 3626-1] openssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3626-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 24, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3566-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3566-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini May 03, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3519-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3519-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 17, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3447-1] tomcat7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3447-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 17, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3377-1] mysql-5.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3377-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 24, 2015 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3333-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3333-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 12, 2015 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3332-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3332-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst August 11, 2015 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3328-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3328-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst August 04, 2015 https://www.debian.org/security/faq -...

[SECURITY] [DLA 213-1] openjdk-6 security update

Package : openjdk-6 Version : 6b35-1.13.7-1deb6u1 CVE ID : CVE-2015-0460 CVE-2015-0469 CVE-2015-0470 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of...

[SECURITY] [DSA 3197-2] openssl regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3197-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 24, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 3204-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3204-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 24, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 3198-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3198-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 20, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DLA 145-1] php5 security update

Package : php5 Version : 5.3.3-7+squeeze24 CVE ID : CVE-2014-0237 CVE-2014-0238 CVE-2014-2270 CVE-2014-8117 Brief introduction CVE-2014-0237 The cdfunpacksummaryinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial ...

[SECURITY] [DLA 114-1] heirloom-mailx security update

Package : heirloom-mailx Version : 12.4-2+deb6u1 CVE ID : CVE-2004-2771 CVE-2014-7844 Two security vulnerabilities were discovered in Heirloom mailx, an implementation of the "mail" command: CVE-2004-2771 mailx interprets interprets shell meta-characters in certain email addresses. CVE-2014-7844 ...

[SECURITY] [DSA 3034-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3034-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 25, 2014 http://www.debian.org/security/faq -...

[DLA 32-1] nspr security update

Package : nspr Version : 4.8.6-1+squeeze2 CVE ID : CVE-2014-1545 Abhiskek Arya discovered an out of bounds write in the cvtt function of the NetScape Portable Runtime Library which could result in the execution of arbitrary code...

[SECURITY] [DSA 2926-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2926-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 12, 2014 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2766-1] linux-2.6 security update

---------------------------------------------------------------------- Debian Security Advisory DSA-2766-1 [email protected] http://www.debian.org/security/ Dann Frazier September 27, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2580-1] libxml security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2580-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 02, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2556-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2556-1 [email protected] http://www.debian.org/security/ Nico Golde October 07, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2454-2] openssl incomplete fix

------------------------------------------------------------------------- Debian Security Advisory DSA-2454-2 [email protected] http://www.debian.org/security/ Raphael Geissert April 24, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2454-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2454-1 [email protected] http://www.debian.org/security/ Raphael Geissert April 19, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2412-1] libvorbis security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2412-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 19, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2399-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2399-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 31, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2310-1] linux-2.6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2310-1 [email protected] http://www.debian.org/security/ dann frazier September 22, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2305-1] vsftpd security update

-------------------------------------------------------------------------- Debian Security Advisory DSA-2305-1 [email protected] http://www.debian.org/security/ Nico Golde September 19, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2259-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2260-1 [email protected] http://www.debian.org/security/ Florian Weimer June 14, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2240-1] linux-2.6 security update

---------------------------------------------------------------------- Debian Security Advisory DSA-2240-1 [email protected] http://www.debian.org/security/ dann frazier May 24, 2011 http://www.debian.org/security/faq - ----------------------------------------------------------------------...

[SECURITY] [DSA 2176-1] cups security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2176-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 02, 2011 http://www.debian.org/security/faq -...

BSA-010 Security Update for iceweasel

Alexander Reichle-Schmehl uploaded new packages for iceweasel which fixed the following security problems: CVE-2010-3174 CVE-2010-3176 Multiple unspecified vulnerabilities in the browser engine in Iceweasel allow remote attackers to cause a denial of service memory corruption and application cras...