14407 matches found
[SECURITY] [DLA 744-1] icu security update
Package : icu Version : 4.8.1.1-12+deb7u6 CVE ID : CVE-2014-9911 CVE-2016-7415 Debian Bug : 838694 Brief introduction CVE-2014-9911 Michele Spagnuolo discovered a buffer overflow vulnerability which might allow remote attackers to cause a denial of service or possibly execute arbitrary code via...
[SECURITY] [DLA 727-1] gst-plugins-good0.10 security update
Package : gst-plugins-good0.10 Version : 0.10.31-3+nmu1+deb7u1 CVE ID : CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 Chris Evans discovered that the GStreamer 0.10 plugin used to decode files in the FLIC format allowed execution of arbitrary code. Further details can be found in his advisory at...
[SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3724-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 24, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 708-1] mysql-5.5 security update
Package : mysql-5.5 Version : 5.5.53-0+deb7u1 CVE ID : CVE-2016-5584 CVE-2016-7440 Debian Bug : 841050 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.53, which includes additional changes, such...
[SECURITY] [DSA 3715-1] moin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3715-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 15, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3707-1] openjdk-7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3707-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 07, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 696-1] bind9 security update
Package : bind9 Version : 1:9.8.4.dfsg.P1-6+nmu2+deb7u13 CVE ID : CVE-2016-8864 Tony Finch and Marco Davids reported an assertion failure in BIND, a DNS server implementation, which causes the server process to terminate. This denial-of-service vulnerability is related to a defect in the processi...
[SECURITY] [DSA 3701-2] nginx regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3701-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 28, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 584-1] libsys-syslog-perl security update
Package : libsys-syslog-perl Version : 0.29-1+deb7u1 CVE ID : CVE-2016-1238 John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory which might be changed to another directory...
[SECURITY] [DLA 585-1] firefox-esr security update
Package : firefox-esr Version : 45.3.0esr-1deb7u1 CVE ID : CVE-2016-2830 CVE-2016-2836 CVE-2016-2837 CVE-2016-2838 CVE-2016-5252 CVE-2016-5254 CVE-2016-5258 CVE-2016-5259 CVE-2016-5262 CVE-2016-5263 CVE-2016-5264 CVE-2016-5265 Multiple security issues have been found in the Mozilla Firefox web...
[SECURITY] [DLA 534-1] libgd2 security update
Package : libgd2 Version : 2.0.36rc1dfsg-6.1+deb7u4 CVE ID : CVE-2016-5766 CVE-2016-5766 Integer Overflow in gd2GetHeader resulting in heap overflow. For Debian 7 "Wheezy", these problems have been fixed in version 2.0.36rc1dfsg-6.1+deb7u4. We recommend that you upgrade your libgd2 packages...
[SECURITY] [DLA 455-1] asterisk security update
Package : asterisk Version : 1:1.8.13.1dfsg1-3+deb7u4 CVE ID : CVE-2014-2286 CVE-2014-4046 CVE-2014-6610 CVE-2014-8412 CVE-2014-8418 CVE-2015-3008 Debian Bug : 741313 762164 771463 782411 CVE-2014-6610 Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6...
[SECURITY] [DSA 3554-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3554-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 21, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3532-1] quagga security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3532-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 27, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3531-1] chromum-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3531-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 25, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3515-1] graphite2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3515-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 13, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 411-1] eglibc security update
Package : eglibc Version : eglibc2.11.3-4+deb6u9 CVE ID : CVE-2014-9761 CVE-2015-8776 CVE-2015-8778 CVE-2015-8779 Several vulnerabilities have been fixed in the Debian GNU C Library, eglibc: CVE-2014-9761 The maths nan function wrongly handled payload strings, yielding to an unbounded stack...
[SECURITY] [DSA 3464-1] rails security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3464-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 31, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 404-1] nginx security update
Package : nginx Version : 0.7.67-3+squeeze4+deb6u1 CVE ID : CVE-2016-0742 Debian Bug : 812806 It was discovered that there was a invalid pointer deference in nginx, a small, powerful, scalable web/proxy server. An invalid pointer dereference might occur during DNS server response processing,...
[SECURITY] [DSA 3437-1] gnutls26 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3437-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 09, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 365-1] foomatic-filters security update
Package : foomatic-filters Version : 4.0.5-6+squeeze2+deb6u11 CVE ID : CVE-2015-8327 Debian Bug : 806886 It was discovered that there was an injection vulnerability in foomatic-filters which is used by printer spoolers to convert incoming PostScript data into the printers native format. For Debia...
[SECURITY] [DSA 3395-2] krb5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3395-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 12, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DLA 340-1] krb5 security update
Package : krb5 Version : 1.8.3+dfsg-4squeeze10 CVE ID : CVE-2015-2695 CVE-2015-2697 Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-2695 It was discovered that...
[SECURITY] [DSA 3395-1] krb5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3395-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 06, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3394-1] libreoffice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3394-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 05, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DLA 339-1] libhtml-scrubber-perl security update
Package : libhtml-scrubber-perl Version : 0.08-4+deb6u1 CVE ID : CVE-2015-5667 Debian bug : 803943 HTML::Scrubber is vulnerable to a cross-site scripting XSS vulnerability when the comment feature is enabled. It allows remote attackers to inject arbitrary web script or HTML via a crafted comment...
[SECURITY] [DSA 3360-1] icu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3360-1 [email protected] https://www.debian.org/security/ Laszlo Boszormenyi GCS September 15, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3336-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3336-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3325-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3325-1 [email protected] https://www.debian.org/security/ Stefan Fritsch August 01, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3322-1] ruby-rack security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3322-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 31, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3285-1] qemu-kvm security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3285-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 13, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3267-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3267-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 22, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3265-1] zendframework security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3265-1 [email protected] http://www.debian.org/security/ David Prévot May 20, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3235-1] openjdk-7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3235-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 24, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3229-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3229-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 19, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3057-2] libxml2 regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3057-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 07, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3215-1] libgd2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3215-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini April 06, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3205-1] batik security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3205-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 27, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3193-1] tcpdump security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3193-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 17, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3174-1] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3174-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 25, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3171-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3171-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 23, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 151-1] libxml2 security update
Package : libxml2 Version : 2.7.8.dfsg-2+squeeze11 CVE ID : CVE-2014-0191 CVE-2014-3660 Debian Bug : 768089 It was discovered that the update released for libxml2 in DSA 2978 fixing CVE-2014-0191 was incomplete. This caused libxml2 to still fetch external entities regardless of whether entity...
[SECURITY] [DSA 3139-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3139-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 25, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3113-1] unzip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3113-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 28, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3090-1] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3090-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 04, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 86-1] file security update
Package : file Version : 5.04-5+squeeze8 CVE ID : CVE-2014-3710 Debian Bug : 768806 Francisco Alonso of Red Hat Product Security found an issue in the file utility: when checking ELF files, note headers are incorrectly checked, thus potentially allowing attackers to cause a denial of service...
[SECURITY] [DSA 3071-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3071-1 [email protected] http://www.debian.org/security/ Sebastien Delafond November 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3071-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3071-1 [email protected] http://www.debian.org/security/ Sebastien Delafond November 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 80-1] libxml2 security update
Package : libxml2 Version : 2.7.8.dfsg-2+squeeze10 CVE ID : CVE-2014-0191 CVE-2014-3660 Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by ...
[SECURITY] [DSA 3055-1] pidgin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3055-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 23, 2014 http://www.debian.org/security/faq -...