14333 matches found
[SECURITY] [DSA 4209-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4209-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4182-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4182-1 [email protected] https://www.debian.org/security/ Michael Gilbert April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4176-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4176-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 20, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4157-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4157-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 29, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4155-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4155-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1322-1] graphicsmagick security update
Package : graphicsmagick Version : 1.3.16-1.1+deb7u19 CVE ID : CVE-2017-18219 CVE-2017-18220 CVE-2017-18229 CVE-2017-18230 CVE-2017-18231 CVE-2018-9018 Various security issues were discovered in Graphicsmagick, a collection of image processing tools. CVE-2017-18219 An allocation failure...
[SECURITY] [DSA 4143-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4143-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4135-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4135-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 13, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4114-1] jackson-databind security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4114-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 15, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4105-1] mpv security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4105-1 [email protected] https://www.debian.org/security/ February 06, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
[SECURITY] [DSA 4091-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4091-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 18, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1226-1] wireshark security update
Package : wireshark Version : 1.12.1+g01b65bf-4+deb8u6deb7u8 CVE ID : CVE-2017-11408 CVE-2017-17083 CVE-2017-17084 CVE-2017-17085 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for CIP Safety, IWARPMPA, NetBIOS, Profinet I/O and...
[SECURITY] [DSA 4053-1] exim4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4053-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 30, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3989-1] dnsmasq security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3989-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 02, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1116-1] poppler security update
Package : poppler Version : 0.18.4-6+deb7u3 CVE ID : CVE-2017-14517 CVE-2017-14519 CVE-2017-14617 Debian Bug : 876086 876385 876079 It was discovered that poppler, a PDF rendering library, was affected by several denial-of-service application crash, null pointer dereferences and memory corruption...
[SECURITY] [DSA 3966-1] ruby2.3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3966-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 05, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3963-1] mercurial security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3963-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 04, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1079-1] libdbd-mysql-perl security update
Package : libdbd-mysql-perl Version : 4.021-1+deb7u3 CVE ID : CVE-2017-10788 CVE-2017-10789 Debian Bug : 866818 866821 The Perl library for communicating with MySQL database, used in the "mysql" commandline client is vulnerable to a man in the middle attack in SSL configurations and remote crash...
[SECURITY] [DLA 1070-1] qemu security update
Package : qemu Version : 1.1.2+dfsg-6+deb7u23 CVE ID : CVE-2017-6505 CVE-2017-8309 CVE-2017-10664 CVE-2017-11434 Multiple vulnerabilities were discovered in qemu, a fast processor emulator. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-6505 Denial of...
[SECURITY] [DSA 3955-1] mariadb-10.1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3955-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1062-1] curl security update
Package : curl Version : 7.26.0-1+wheezy20 CVE ID : CVE-2017-1000100 CVE-2017-1000100 Wrong handling of very long filenames during TFTP might result in curl sending more than buffer size. For Debian 7 "Wheezy", this problem has been fixed in version 7.26.0-1+wheezy20. We recommend that you upgrad...
[SECURITY] [DLA 1051-1] postgresql-9.1 security update
Package : postgresql-9.1 Version : 9.1.24-0+deb7u1 CVE ID : CVE-2017-7486 CVE-2017-7546 CVE-2017-7547 Debian Bug : Several vulnerabilities have been found in the PostgreSQL database system: CVE-2017-7486 Andrew Wheelwright discovered that user mappings were insufficiently restricted. CVE-2017-754...
[SECURITY] [DSA 3929-1] libsoup2.4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3929-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 10, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3928-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3928-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 10, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3898-1] expat security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3898-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 25, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 965-1] qemu-kvm security update
Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u22 CVE ID : CVE-2016-9602 CVE-2017-7377 CVE-2017-7471 CVE-2017-7493 CVE-2017-8086 Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu...
[SECURITY] [DLA 906-1] firefox-esr security update
Package : firefox-esr Version : 45.9.0esr-1deb7u1 CVE ID : CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448...
[SECURITY] [DSA 3829-1] bouncycastle security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3829-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 11, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 852-1] firefox-esr security update
Package : firefox-esr Version : 45.8.0esr-1deb7u1 CVE ID : CVE-2017-5398 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5405 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors,...
[SECURITY] [DSA 3795-1] bind9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3795-1 [email protected] https://www.debian.org/security/ Michael Gilbert February 26, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 830-1] gst-plugins-bad0.10 security update
Package : gst-plugins-bad0.10 Version : 0.10.23-7.1+deb7u5 CVE ID : CVE-2017-5843 CVE-2017-5848 Some memory management issues were found in the GStreamer "bad" plugins: CVE-2017-5843 A use after free issue was found in the mxfdemux element, which can can be triggered via a maliciously crafted fil...
[SECURITY] [DLA 813-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb7u13 CVE ID : CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612 Debian Bug : 851310 852767 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common...
[SECURITY] [DSA 3774-1] lcms2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3774-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 29, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 776-1] samba security update
Package : samba Version : 2:3.6.6-6+deb7u11 CVE ID : CVE-2016-2125 Simo Sorce of Red Hat discovered that the Samba client code always requests a forwardable ticket when using Kerberos authentication. A target server, which must be in the current or trusted domain/realm, is given a valid general...
[SECURITY] [DLA 733-1] openafs security update
Package : openafs Version : 1.6.1-3+deb7u7 CVE ID : CVE-2016-9772 It was discovered that there was an information leak vulnerability in openafs, a distributed filesystem. Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain dead directory...
[SECURITY] [DLA 730-1] firefox-esr security update
Package : firefox-esr Version : 45.5.1esr-1deb7u1 CVE ID : CVE-2016-5290 CVE-2016-5291 CVE-2016-5296 CVE-2016-5297 CVE-2016-9064 CVE-2016-9066 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation erro...
[SECURITY] [DSA 3726-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3726-1 [email protected] https://www.debian.org/security/ Luciano Bello November 26, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 721-1] libgc security update
Package : libgc Version : 1:7.1-9.1+deb7u1 CVE ID : CVE-2016-9427 Debian Bug : 844771 libgc is vulnerable to integer overflows in multiple places. In some cases, when asked to allocate a huge quantity of memory, instead of failing the request, it will return a pointer to a small amount of memory...
[SECURITY] [DLA 679-1] qemu-kvm security update
Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u17 CVE ID : CVE-2016-8576 CVE-2016-8577 CVE-2016-8578 CVE-2016-8669 Multiple vulnerabilities have been found in qemu-kvm: CVE-2016-8576 qemu-kvm built with the USB xHCI controller emulation support is vulnerable to an infinite loop issue. It could...
[SECURITY] [DLA 658-1] icedove security update
Package : icedove Version : 45.4.0-1deb7u1 CVE ID : CVE-2016-5278, CVE-2016-5270, CVE-2016-5272, CVE-2016-5276, CVE-2016-5277, CVE-2016-5280, CVE-2016-5281, CVE-2016-5284, CVE-2016-5250, CVE-2016-5261, CVE-2016-5257 Multiple security issues have been found in Icedove, Debians version of the Mozil...
[SECURITY] [DSA 3680-1] bind9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3680-1 [email protected] https://www.debian.org/security/ Florian Weimer September 27, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 633-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb7u12 CVE ID : CVE-2015-8834 CVE-2016-4029 CVE-2016-5836 CVE-2016-6634 CVE-2016-6635 CVE-2016-7168 CVE-2016-7169 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the...
[SECURITY] [DSA 3669-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3669-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 15, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 623-1] tomcat7 security update
Package : tomcat7 Version : 7.0.28-4+deb7u6 CVE ID : CVE-2016-1240 Dawid Golunski from legalhackers.com discovered that Debians version of Tomcat 7 was vulnerable to a local privilege escalation. Local attackers who have gained access to the server in the context of the tomcat7 user through a...
[SECURITY] [DLA 611-1] jsch security update
Package : jsch Version : 0.1.42-2+deb7u1 CVE ID : CVE-2016-5725 It was discovered that there was a path traversal vulnerability in jsch, a pure Java implementation of the SSH2 protocol. For Debian 7 "Wheezy", this issue has been fixed in jsch version 0.1.42-2+deb7u1. We recommend that you upgrade...
[SECURITY] [DSA 3658-1] libidn security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3658-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 01, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 578-1] openssh security update
Package : openssh Version : 6.0p1-4+deb7u5 CVE ID : CVE-2016-6210 OpenSSH secure shell client and server had a user enumeration problem reported. CVE-2016-6210 User enumeration via covert timing channel For Debian 7 "Wheezy", this problem has been fixed in version 6.0p1-4+deb7u5. We recommend tha...
[SECURITY] [DLA 571-1] xen security update
Package : xen Version : 4.1.6.lts1-1 CVE ID : CVE-2014-3672 CVE-2016-3158 CVE-2016-3159 CVE-2016-3710 CVE-2016-3712 CVE-2016-3960 CVE-2016-4480 CVE-2016-6258 Debian Bug : Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifi...
[SECURITY] [DSA 3619-1] libgd2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3619-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 15, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 546-2] clamav version update
Package : clamav Version : 0.99.2+dfsg-0+deb7u2 DLA 546-1 was incorrectly released before updated clamav packages were available and there were subsequent issues with the acceptance of the package which have since been corrected. Updates are now available for all supported LTS architectures. We...