14407 matches found
[SECURITY] [DSA 4157-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4157-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 29, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4140-1] libvorbis security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4140-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 16, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1274-1] exim4 security update
Package : exim4 Version : 4.80-7+deb7u6 CVE ID : CVE-2018-6789 Debian Bug : 890000 Meh Chang discovered a buffer overflow flaw in a utility function used in the SMTP listener of Exim, a mail transport agent. A remote attacker can take advantage of this flaw to cause a denial of service, or...
[SECURITY] [DSA 4104-1] p7zip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4104-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 04, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4092-1] awstats security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4092-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 19, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1159-1] graphicsmagick security update
Package : graphicsmagick Version : 1.3.16-1.1+deb7u13 CVE ID : CVE-2017-16352 CVE-2017-16353 Maor Shwartz, Jeremy Heng and Terry Chia discovered two security vulnerabilities in Graphicsmagick, a collection of image processing tool s. CVE-2017-16352 Graphicsmagick was vulnerable to a heap-based...
[SECURITY] [DLA 1151-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb7u17 CVE ID : CVE-2016-9263 CVE-2017-14718 CVE-2017-14719 CVE-2017-14720 CVE-2017-14721 CVE-2017-14722 CVE-2017-14723 CVE-2017-14725 CVE-2017-14990 Debian Bug : 876274 877629 Several vulnerabilities were discovered in wordpress, a web blogging tool. Th...
[SECURITY] [DSA 3989-1] dnsmasq security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3989-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 02, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1105-1] clamav security update
Package : clamav Version : 0.99.2+dfsg-0+deb7u3 CVE ID : CVE-2017-6418 CVE-2017-6420 clamav is vulnerable to multiple issues that can lead to denial of service when processing untrusted content. CVE-2017-6418 out-of-bounds read in libclamav/message.c, allowing remote attackers to cause a denial o...
[SECURITY] [DSA 3966-1] ruby2.3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3966-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 05, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3963-1] mercurial security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3963-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 04, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1079-1] libdbd-mysql-perl security update
Package : libdbd-mysql-perl Version : 4.021-1+deb7u3 CVE ID : CVE-2017-10788 CVE-2017-10789 Debian Bug : 866818 866821 The Perl library for communicating with MySQL database, used in the "mysql" commandline client is vulnerable to a man in the middle attack in SSL configurations and remote crash...
[SECURITY] [DSA 3955-1] mariadb-10.1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3955-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1062-1] curl security update
Package : curl Version : 7.26.0-1+wheezy20 CVE ID : CVE-2017-1000100 CVE-2017-1000100 Wrong handling of very long filenames during TFTP might result in curl sending more than buffer size. For Debian 7 "Wheezy", this problem has been fixed in version 7.26.0-1+wheezy20. We recommend that you upgrad...
[SECURITY] [DSA 3898-1] expat security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3898-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 25, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3858-1] openjdk-7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3858-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 19, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3838-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3838-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 906-1] firefox-esr security update
Package : firefox-esr Version : 45.9.0esr-1deb7u1 CVE ID : CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448...
[SECURITY] [DLA 883-1] curl security update
Package : curl Version : 7.26.0-1+wheezy18+deb7u1 CVE ID : CVE-2017-7407 It was discovered that there was a buffer read overrun vulnerability in curl, a tool for downloading files from the internet, etc. If a "%" ended the --write-out parameter, the strings trailing NUL would be skipped and memor...
[SECURITY] [DLA 852-1] firefox-esr security update
Package : firefox-esr Version : 45.8.0esr-1deb7u1 CVE ID : CVE-2017-5398 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5405 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors,...
[SECURITY] [DLA 797-1] mysql-5.5 security update
Package : mysql-5.5 Version : 5.5.54-0+deb7u1 CVE ID : CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 Debian Bug : 851233 Several issues have been discovered in the MySQL database server. The...
[SECURITY] [DSA 3726-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3726-1 [email protected] https://www.debian.org/security/ Luciano Bello November 26, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 721-1] libgc security update
Package : libgc Version : 1:7.1-9.1+deb7u1 CVE ID : CVE-2016-9427 Debian Bug : 844771 libgc is vulnerable to integer overflows in multiple places. In some cases, when asked to allocate a huge quantity of memory, instead of failing the request, it will return a pointer to a small amount of memory...
[SECURITY] [DLA 680-2] bash version number correction
Package : bash Version : 4.2+dfsg-0.1+deb7u4 CVE ID : CVE-2016-7543 This is a correction of DLA 680-1 that mentioned that bash 4.2+dfsg-0.1+deb7u3 was corrected. The corrected package version was 4.2+dfsg-0.1+deb7u4. For completeness the text from DLA 680-1 available below with only corrected...
[SECURITY] [DLA 679-1] qemu-kvm security update
Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u17 CVE ID : CVE-2016-8576 CVE-2016-8577 CVE-2016-8578 CVE-2016-8669 Multiple vulnerabilities have been found in qemu-kvm: CVE-2016-8576 qemu-kvm built with the USB xHCI controller emulation support is vulnerable to an infinite loop issue. It could...
[SECURITY] [DSA 3673-2] openssl regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3673-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 23, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3669-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3669-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 15, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3658-1] libidn security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3658-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 01, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 563-1] libgd2 security update
Package : libgd2 Version : 2.0.36rc1dfsg-6.1+deb7u5 CVE ID : CVE-2016-6161 A global out of bounds read when encoding gif from malformed input was found in this software. When given invalid inputs, we might be fed the EOF marker before it is actually the EOF. The gif logic assumes once it sees the...
[SECURITY] [DSA 3624-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3624-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 21, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3591-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3591-1 [email protected] https://www.debian.org/security/ Luciano Bello June 01, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 491-1] postgresql-9.1 bugfix update
Package : postgresql-9.1 Version : 9.1.22-0+deb7u1 The PostgreSQL project released a new version of the PostgreSQL 9.1 branch: Clear the OpenSSL error queue before OpenSSL calls, rather than assuming its clear already; and make sure we leave it clear afterwards Peter Geoghegan, Dave Vitek, Peter...
[SECURITY] [DLA 486-1] imagemagick security update
Package : imagemagick Version : 8:6.7.7.10-5+deb7u5 CVE ID : CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 Debian Bug : 823542 Nikolay Ermishkin from the Mail.Ru Security Team and Stewie discovered several vulnerabilities in ImageMagick, a program suite for image...
[SECURITY] [DLA 472-2] icedove regression update
Package : icedove Version : 31.8.0-1deb7u1.1 CVE ID : CVE-2016-1979 CVE-2016-2805 CVE-2016-2807 Debian Bug : 823430 The security update for icedove did not build on armhf. This is resolved by this upload. The text of the original DLA follows: Multiple security issues have been found in Icedove,...
[SECURITY] [DLA 450-1] gdk-pixbuf security update
Package : gdk-pixbuf Version : 2.26.1-1+deb7u4 CVE ID : CVE-2015-7552 CVE-2015-7674 A heap-based buffer overflow has been discovered in gdk-pixbuf, a library for image loading and saving facilities, fast scaling and compositing of pixbufs, that allows remote attackers to cause a denial of service...
[SECURITY] [DSA 3531-1] chromum-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3531-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 25, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3508-1] jasper security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3508-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 06, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3507-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3507-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 05, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3503-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3503-1 [email protected] https://www.debian.org/security/ Ben Hutchings March 03, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3486-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3486-1 [email protected] https://www.debian.org/security/ Michael Gilbert February 21, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3456-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3456-1 [email protected] https://www.debian.org/security/ Michael Gilbert January 27, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 385-1] isc-dhcp security update
Package : isc-dhcp Version : 4.1.1-P1-15+squeeze9 CVE ID : CVE-2015-8605 Debian Bug : 810875 It was discovered that a maliciously crafted packet can crash any of the isc-dhcp applications. This includes the DHCP client, relay, and server application. Only IPv4 setups are affected. We recommend th...
[SECURITY] [DSA 3436-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3436-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 08, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3428-1] tomcat8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3428-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 18, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3397-1] wpa security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3397-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 10, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3380-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3380-1 [email protected] https://www.debian.org/security/ Florian Weimer October 27, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3377-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3377-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 24, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DLA 321-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb6u8 CVE ID : CVE-2015-5714 CVE-2015-5715 Debian Bug : 799140 Various security issue have been fixed in the Debian LTS squeeze version of the Wordpress content management system. CVE-2015-5714 A cross-site scripting vulnerability when processing shortco...
[SECURITY] [DSA 3367-1] wireshark security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3367-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 24, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3295-1] cacti security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3295-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 24, 2015 https://www.debian.org/security/faq -...