14325 matches found
[SECURITY] [DLA 1821-1] phpmyadmin security update
Package : phpmyadmin Version : 4:4.2.12-2+deb8u6 CVE ID : CVE-2016-6606 CVE-2016-6607 CVE-2016-6611 CVE-2016-6612 CVE-2016-6613 CVE-2016-6624 CVE-2016-6626 CVE-2016-6627 CVE-2016-6628 CVE-2016-6630 CVE-2016-6631 CVE-2016-6632 CVE-2016-9849 CVE-2016-9850 CVE-2016-9861 CVE-2016-9864 CVE-2019-12616...
[SECURITY] [DLA 1741-1] php5 security update
Package : php5 Version : 5.6.40+dfsg-0+deb8u2 CVE ID : CVE-2019-9022 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 Several vulnerabilities have been found in php5, a server-side, HTML-embedded scripting language. CVE-2019-9637 rename across the device may allow unwanted...
[SECURITY] [DLA 1653-1] postgis security update
Package : postgis Version : 2.1.4+dfsg-3+deb8u1 CVE ID : CVE-2017-18359 It was found that the function STAsX3D in PostGIS, a module that adds spatial objects to the PostgreSQL object-relational database, did not handle empty values properly, allowing malicious users to cause denial of service or...
[SECURITY] [DLA 3876-1] setuptools security update
Debian LTS Advisory DLA-3876-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert September 05, 2024 https://wiki.debian.org/LTS Package : setuptools Version : 52.0.0-4+deb11u1 CVE ID : CVE-2022-40897 CVE-2024-6345 Debian Bug : Brief introduction CVE-2022-40897...
[SECURITY] [DSA 4603-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4603-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 17, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4562-1] chromium security update
-------------------------------------------------------------------------- Debian Security Advisory DSA-4562-1 [email protected] https://www.debian.org/security/ Michael Gilbert November 10, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1935-1] e2fsprogs security update
Package : e2fsprogs Version : 1.42.12-2+deb8u1 CVE ID : CVE-2019-5094 Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code. Fo...
[SECURITY] [DLA 1807-1] vcftools security update
Package : vcftools Version : 0.1.12+dfsg-1+deb8u1 CVE ID : CVE-2018-11099 CVE-2018-11129 CVE-2018-11130 Webin security lab - dbapp security Ltd found three issues in vcftools, a collection of tools to work with VCF files. Different functions in header.cpp are vulnerable to denial of services due ...
[SECURITY] [DSA 4442-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4442-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 12, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1731-1] linux security update
Package : linux Version : 3.16.64-1 CVE ID : CVE-2016-10741 CVE-2017-5753 CVE-2017-13305 CVE-2018-3639 CVE-2018-5848 CVE-2018-5953 CVE-2018-12896 CVE-2018-13053 CVE-2018-16862 CVE-2018-16884 CVE-2018-17972 CVE-2018-18281 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169...
[SECURITY] [DLA 1670-1] ghostscript security update
Package : ghostscript Version : 9.26adfsg-0+deb8u1 CVE ID : CVE-2019-6116 Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed despite the...
[SECURITY] [DLA 770-1] libphp-phpmailer security update
Package : libphp-phpmailer Version : 5.1-1.2 CVE ID : CVE-2016-10033 Debian Bug : 849365 Dawid Golunski discovered that PHPMailer, a popular library to send email from PHP applications, allowed a remote attacker to execute code if they were able to provide a crafted Sender address. Note that for...
[SECURITY] [DLA 3962-1] glib2.0 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3962-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 23, 2024 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2094-1] sudo security update
Package : sudo Version : 1.8.10p3-1+deb8u7 CVE ID : CVE-2019-18634 A stack-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users, triggerable when configured with the pwfeedback option enabled. An unprivileged user can take...
[SECURITY] [DLA 1986-1] ruby-haml security update
Package : ruby-haml Version : 4.0.5-2+deb8u1 CVE ID : CVE-2017-1002201 In haml, when using user input to perform tasks on the server, characters like " must be escaped properly. In this case, the character was missed. An attacker can manipulate the input to introduce additional attributes,...
[SECURITY] [DLA 1800-1] firefox-esr security update
Package : firefox-esr Version : 60.7.0esr-1deb8u1 CVE ID : CVE-2018-18511 CVE-2019-5798 CVE-2019-7317 CVE-2019-9797 CVE-2019-9800 CVE-2019-9816 CVE-2019-9817 CVE-2019-9819 CVE-2019-9820 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11698 Multiple security issues have been found in the...
[SECURITY] [DSA 4448-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4448-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 22, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1445-1] busybox security update
Package : busybox Version : 1:1.22.0-9+deb8u2 CVE ID : CVE-2011-5325 CVE-2014-9645 CVE-2015-9261 CVE-2016-2147 CVE-2016-2148 CVE-2017-15873 CVE-2017-16544 CVE-2018-1000517 Debian Bug : 902724 882258 879732 818497 818499 803097 802702 Busybox, utility programs for small and embedded systems, was...
[SECURITY] [DLA 2635-1] libspring-java security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2635-1 [email protected] https://www.debian.org/lts/security/ April 23, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...
[SECURITY] [DLA 2458-1] drupal7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2458-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 19, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 1911-1] exim4 security update
Package : exim4 Version : 4.84.2-2+deb8u6 CVE ID : CVE-2019-15846 "Zerons" and Qualys discovered that a buffer overflow triggerable in the TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code with root privileges. For Debian 8 "Jessie", this proble...
[SECURITY] [DSA 4399-1] ikiwiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4399-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 28, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5854-1] bind9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5854-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 29, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3990-1] avahi security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3990-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 09, 2024 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2605-1] mariadb-10.1 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2605-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky March 22, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2534-1] sudo security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2534-1 [email protected] https://www.debian.org/lts/security/ Salvatore Bonaccorso January 26, 2021 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 1945-1] openconnect security update
Package : openconnect Version : 6.00-2+deb8u1 CVE ID : CVE-2019-16239 Debian Bug : 940871 A vulnerability was discovered by Lukas Kupczyk of the Advanced Research Team at CrowdStrike Intelligence in OpenConnect, an open client for Cisco AnyConnect, Pulse, GlobalProtect VPN. A malicious HTTP serve...
[SECURITY] [DSA 4537-1] file-roller security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4537-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 28, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4512-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4512-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 02, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4417-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4417-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 24, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5851-1] pdns-recursor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5852-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 28, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5448-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5448-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 05, 2023 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4923-1] webkit2gtk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4923-1 [email protected] https://www.debian.org/security/ Alberto Garcia May 30, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2420-1] linux security update
Debian LTS Advisory DLA-2420-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings October 29, 2020 https://wiki.debian.org/LTS Package : linux Version : 4.9.240-1 CVE ID : CVE-2019-9445 CVE-2019-19073 CVE-2019-19074 CVE-2019-19448 CVE-2020-12351 CVE-2020-12352...
[SECURITY] [DLA 2391-1] ruby2.3 security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2391-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta October 01, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4721-1] ruby2.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4721-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 08, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2217-1] tomcat7 security update
Package : tomcat7 Version : 7.0.56-3+really7.0.100-1+deb8u1 CVE ID : CVE-2020-9484 Debian Bug : 961209 It was discovered that there was a potential remote code execution via deserialization in tomcat7, a server for HTTP and Java "servlets". For Debian 8 "Jessie", this issue has been fixed in...
[SECURITY] [DLA 2004-1] 389-ds-base security update
Package : 389-ds-base Version : 1.3.3.5-4+deb8u7 CVE ID : CVE-2019-14824 Debian Bug : 944150 A flaw was found in the deref plugin of 389-ds-base where it could use the search permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private...
[SECURITY] [DSA 4543-1] sudo security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4543-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 14, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1946-1] novnc security update
Package : novnc Version : 1:0.4+dfsg+1+20131010+gitf68af8af3d-4+deb8u1 CVE ID : CVE-2017-18635 An XSS vulnerability was discovered in noVNC in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server...
[SECURITY] [DLA 1857-1] nss security update
Package : nss Version : 2:3.26-1+debu8u5 CVE ID : CVE-2019-11719 CVE-2019-11729 Vulnerabilities have been discovered in nss, the Mozilla Network Security Service library. CVE-2019-11719: Out-of-bounds read when importing curve25519 private key When importing a curve25519 private key in PKCS8forma...
[SECURITY] [DLA 1783-1] atftp security update
Package : atftp Version : 0.7.git20120829-1+deb8u1 CVE ID : CVE-2019-11365 CVE-2019-11366 Denis Andzakovic discovered two vulnerabilities in atftp, the advanced TFTP server which could result in denial of service by sending malformed packets. For Debian 8 "Jessie", these problems have been fixed ...
[SECURITY] [DLA 1685-1] drupal7 security update
Package : drupal7 Version : 7.32-1+deb8u15 CVE ID : CVE-2019-6338 Drupal core uses the third-party PEAR ArchiveTar library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details. Also a possible regression caused by CVE-2019-63...
[SECURITY] [DSA 5678-1] glibc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5678-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 03, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2884-1] wordpress security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2884-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta January 17, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 4696-1] nodejs security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4696-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 06, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1908-1] pump security update
Package : pump Version : 0.8.24-7+deb8u1 Debian Bug : 933674 It was discovered that there was an arbitrary code execution vulnerability in the pump BOOTP and DHCP client. When copying the body of the server response, the ethernet packet length could be forged leading to being able to overwrite up...
[SECURITY] [DSA 4409-1] neutron security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4409-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 18, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1698-1] file security update
Package : file Version : 1:5.22+15-2+deb8u5 CVE ID : CVE-2019-8905 CVE-2019-8907 Potential buffer over-reads in readelf.c have been found in file, a popular file type guesser. For Debian 8 "Jessie", these problems have been fixed in version 1:5.22+15-2+deb8u5. We recommend that you upgrade your...
[SECURITY] [DLA 1643-1] krb5 security update
Package : krb5 Version : 1.12.1+dfsg-19+deb8u5 CVE ID : CVE-2018-5729 CVE-2018-5730 CVE-2018-20217 krb5, a MIT Kerberos implementation, had several flaws in LDAP DN checking, which could be used to circumvent a DN containership check by supplying special parameters to some calls. Further an...