14329 matches found
[SECURITY] [DLA-1157-1] openssl security update
Package : openssl Version : 1.0.1t-1+deb7u3 CVE ID : CVE-2017-3735 A security vulnerability was discovered in OpenSSL, the Secure Sockets Layer toolkit. CVE-2017-3735 It was discovered that OpenSSL is prone to a one-byte buffer overread while parsing a malformed IPAddressFamily extension in an...
[SECURITY] [DSA 4017-1] openssl1.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4017-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 03, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3998-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3998-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 11, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1128-1] qemu-kvm security update
Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u24 CVE ID : CVE-2017-14167 CVE-2017-15038 Multiple vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu. CVE-2017-14167 Incorrect validation of...
[SECURITY] [DLA 1108-1] tomcat7 security update
Package : tomcat7 Version : 7.0.28-4+deb7u15 CVE ID : CVE-2017-12616 The Tomcat security team discovered that when using a VirtualDirContext it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted...
[SECURITY] [DLA 1106-1] libgd2 security update
Package : libgd2 Version : 2.0.36rc1dfsg-6.1+deb7u10 CVE ID : CVE-2017-6362 A double-free vulnerability was discovered in the gdImagePngPtr function in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of...
[SECURITY] [DLA 1071-1] qemu-kvm security update
Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u23 CVE ID : CVE-2017-6505 CVE-2017-8309 CVE-2017-10664 CVE-2017-11434 Multiple vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu. CVE-2017-6505...
[SECURITY] [DLA 1060-1] libxml2 security update
Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy9 CVE ID : CVE-2017-0663 CVE-2017-7376 CVE-2017-0663 Invalid casting of different structs could enable an attacker to remotely execute some code within the context of an unprivileged process. CVE-2017-7376 Incorrect limit used for port values. For...
[SECURITY] [DLA 1013-1] graphite2 security update
Package : graphite2 Version : 1.3.10-1deb7u1 CVE ID : CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777 CVE-2017-7778 Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the...
[SECURITY] [DSA 3892-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3892-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 22, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3891-1] tomcat8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3891-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 22, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 678-1] qemu security update
Package : qemu Version : 1.1.2+dfsg-6+deb7u17 CVE ID : CVE-2016-8576 CVE-2016-8577 CVE-2016-8578 CVE-2016-8669 Multiple vulnerabilities have been found in QEMU: CVE-2016-8576 Quick Emulator Qemu built with the USB xHCI controller emulation support is vulnerable to an infinite loop issue. It could...
[SECURITY] [DLA 670-1] linux security update
Package : linux Version : 3.2.82-1 CVE ID : CVE-2015-8956 CVE-2016-5195 CVE-2016-7042 CVE-2016-7425 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-8956 It was discovered that missing input...
[SECURITY] [DLA 604-1] ruby-actionpack-3.2 security update
Package : ruby-actionpack-3.2 Version : 3.2.6-6+deb7u3 CVE ID : CVE-2015-7576 CVE-2016-0751 CVE-2016-0752 CVE-2016-2097 CVE-2016-2098 CVE-2016-6316 Multiple vulnerabilities have been discovered in ruby-actionpack-3.2, a web-flow and rendering framework and part of Rails: CVE-2015-7576 A flaw was...
[SECURITY] [DLA 567-2] mysql-5.5 security and regression update
Package : mysql-5.5 Version : 5.5.50-0+deb7u2 CVE ID : CVE-2016-3477 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440 Several vulnerabilities have been found in the MySQL Database Server. These vulnerabilities are addressed by upgrading MySQL to the recent upstream 5.5.50 version. Please refer to the...
[SECURITY] [DSA 3627-1] phpmyadmin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3627-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst July 24, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3624-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3624-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 21, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 515-1] libav security update
Package : libav Version : 6:0.8.17-2+deb7u2 CVE ID : CVE-2016-3062 It was discovered that there was a memory corruption issue in libav a multimedia player, server, encoder and transcoder when parsing .mp4 files which could lead to crash or possibly execute arbitrary code. For Debian 7 "Wheezy",...
[SECURITY] [DLA 497-1] wireshark security update
Package : wireshark Version : 1.12.1+g01b65bf-4+deb8u6deb7u1 CVE ID : CVE-2012-6052 CVE-2012-6053 CVE-2012-6054 CVE-2012-6055 CVE-2012-6056 CVE-2012-6057 CVE-2012-6058 CVE-2012-6059 CVE-2012-6060 CVE-2012-6061 CVE-2012-6062 CVE-2013-1572 CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576...
[SECURITY] [DSA 3588-1] symfony security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3588-1 [email protected] https://www.debian.org/security/ Luciano Bello May 29, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 484-1] graphicsmagick security update
Version : 1.3.16-1.1+deb7u1 CVE ID : CVE-2015-8808 CVE-2016-2317 CVE-2016-2318 CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 Debian Bug : 814732 Several security vulnerabilities were discovered in graphicsmagick a tool to manipulate image files. GraphicsMagick is a fork of...
[SECURITY] [DLA 447-1] mysql-5.5 security update
Package : mysql-5.5 Version : 5.5.49-0+deb7u1 CVE ID : CVE-2016-0640 CVE-2016-0641 CVE-2016-0642 CVE-2016-0643 CVE-2016-0644 CVE-2016-0646 CVE-2016-0647 CVE-2016-0648 CVE-2016-0649 CVE-2016-0650 CVE-2016-0666 CVE-2016-2047 Debian Bug : 821100 Several vulnerabilities have been discovereded in the...
[SECURITY] [DSA 3506-1] libav security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3506-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 04, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3459-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3459-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 28, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3386-1] unzip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3386-1 [email protected] https://www.debian.org/security/ Laszlo Boszormenyi GCS October 31, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3372-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3372-1 [email protected] https://www.debian.org/security/ Ben Hutchings October 13, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3328-2] wordpress regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3328-2 [email protected] https://www.debian.org/security/ Thijs Kinkhorst August 04, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3325-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3325-1 [email protected] https://www.debian.org/security/ Stefan Fritsch August 01, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DLA 278-1] cacti security update
Package : cacti Version : 0.8.7g-1+squeeze7 CVE ID : CVE-2015-4634 Debian Bug : NA Several SQL injection vulnerabilities were discovered in cacti, a frontend to rrdtool for monitoring systems and service: CVE-2015-4634 SQL injection vulnerability in Cacti before 0.8.8e allows remote attackers to...
[SECURITY] [DLA 211-1] curl security update
Package : curl Version : 7.21.0-2.1+squeeze12 CVE ID : CVE-2015-3143 CVE-2015-3148 Several vulnerabilities were discovered in cURL, an URL transfer library: CVE-2015-3143 NTLM-authenticated connections could be wrongly reused for requests without any credentials set, leading to HTTP requests bein...
[SECURITY] [DSA 3144-1] openjdk-7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3144-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 29, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3087-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3087-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 04, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 81-1] openssl security update
Package : openssl Version : 0.9.8o-4squeeze18 CVE ID : CVE-2014-3567 CVE-2014-3568 CVE-2014-3569 Several vulnerabilities have been found in OpenSSL. CVE-2014-3566 "POODLE" A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher...
[SECURITY] [DSA 2987-1] openjdk-7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2987-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 23, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2955-1] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2955-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2883-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2883-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 23, 2014 http://www.debian.org/security/faq -...
[BSA-091] Security Update for nss
intrigeri uploaded new packages for nss which fixed the following security problems: CVE-2013-1739 DSA-2790-1 A flaw was found in the way the Mozilla Network Security Service library nss read uninitialized data when there was a decryption failure. A remote attacker could use this flaw to cause a...
[SECURITY] [DSA 2857-1] libspring-java security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2857-1 [email protected] http://www.debian.org/security/ Markus Koschany February 08, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2634-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2634-1 [email protected] http://www.debian.org/security/ Nico Golde February 27, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2548-1] iceape security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2458-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 24, 2012 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2432-1] libyaml-libyaml-perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2432-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 12, 2012 http://www.debian.org/security/faq -...
[BSA-056] Security update for Iceweasel
I uploaded new packages for icewease which fixed the following security problems: CVE-2011-3647 "mozbugra4" discovered a privilege escalation vulnerability in addon handling. CVE-2011-3648 Yosuke Hasegawa discovered that incorrect handling of Shift-JIS encodings could lead to cross-site scripting...
[SECURITY] [DSA 2343-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2343-1 [email protected] http://www.debian.org/security/ Raphael Geissert November 09, 2011 http://www.debian.org/security/faq -...
[BSA-040] Security Update for iceweasel
Mike Hommey uploaded new packages for iceweasel which fixed the following security problems: CVE-2011-0083 / CVE-2011-2363 "regenrecht" discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code. CVE-2011-0085 "regenrecht" discovered a use-after-free in...
[BSA-038] Security Update for icedove
Christoph Göhre uploaded new packages for icedove which fixed the following security problems: CVE-2011-0083 Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists allows remote attackers to cause a denial of service application crash...
[BSA-020] Security Update for openoffice.org
Rene Engelhard uploaded new packages for OpenOffice.org which fixed the following security problems: CVE-2010-3450 = =20 = =20 During an internal security audit within Red Hat, a directory = =20 traversal vulnerability has been discovered in the way = =20 OpenOffice.org 3.1.1 through 3.2.1...
BSA-010 Security Update for iceweasel
Alexander Reichle-Schmehl uploaded new packages for iceweasel which fixed the following security problems: CVE-2010-3174 CVE-2010-3176 Multiple unspecified vulnerabilities in the browser engine in Iceweasel allow remote attackers to cause a denial of service memory corruption and application cras...
BSA-005 Security Update for postgresql-8.4
Gerfried Fuchs uploaded new packages for postgresql-8.4 which fixed the following security problem: CVE-2010-3433 The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before...
[SECURITY] [DSA 2111-1] New squid3 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2111-1 [email protected] http://www.debian.org/security/ Steffen Joeris September 19, 2010 http://www.debian.org/security/faq -...
[Backports-security-announce] Security Update for xulrunner
Alexander Reichle-Schmehl uploaded new packages for packagename which fixed the following security problems: CVE-2008-5913 The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number...