[SECURITY] [DLA 547-2] graphicsmagick regression update

Package : graphicsmagick Version : 1.3.16-1.1+deb7u6 CVE ID : CVE-2016-5240 Debian Bug : N/A The fix for CVE-2016-5240 was improperly applied which resulted in GraphicsMagick crashing instead of entering an infinite loop with the given proof of concept. Furthermore, the original announcement...

[SECURITY] [DLA 877-1] tiff security update

Package : tiff Version : 4.0.2-6+deb7u11 CVE ID : CVE-2016-10266 CVE-2016-10267 CVE-2016-10268 CVE-2016-10269 libtiff is vulnerable to multiple buffer overflows and integer overflows that can lead to application crashes denial of service or worse. CVE-2016-10266 Integer overflow that can lead to...

[SECURITY] [DSA 3795-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3795-1 [email protected] https://www.debian.org/security/ Michael Gilbert February 26, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DLA 824-1] libevent security update

Package : libevent Version : 2.0.19-stable-3+deb7u2 CVE ID : CVE-2016-10195 CVE-2016-10196 CVE-2016-10197 Debian Bug : 854092 Several vulnerabilities were discovered in libevent, an asynchronous event notification library. They would lead to Denial Of Service via application crash, or remote code...

[SECURITY] [DSA 3757-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3757-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 11, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3751-1] libgd2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3751-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 01, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DLA 764-1] qemu security update

Package : qemu Version : 1.1.2+dfsg-6+deb7u19 CVE ID : CVE-2016-9911 CVE-2016-9921 CVE-2016-9922 Multiple vulnerabilities have been found in QEMU: CVE-2016-9911 Quick Emulator Qemu built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing...

[SECURITY] [DSA 3464-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3464-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 31, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3257-1] mercurial security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3257-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 11, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DLA 89-1] nss security update

Package : nss Version : 3.12.8-1+squeeze10 CVE ID : CVE-2014-1544 In nss, a set of libraries designed to support cross-platform development of security-enabled client and server applications, Tyson Smith and Jesse Schwartzentruber discovered a use-after-free vulnerability that allows remote...

[SECURITY] [DLA 57-1] libstruts1.2-java security update

Package : libstruts1.2-java Version : 1.2.9-4+deb6u1 CVE ID : CVE-2014-0114 It was discovered that missing access checks in the Struts ActionForm object could result in the execution of arbitrary code. This update fixes this problem...

[SECURITY] [DSA 2934-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2934-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 19, 2014 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2920-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2920-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 03, 2014 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2742-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2742-1 [email protected] http://www.debian.org/security/ August 26, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package...

[SECURITY] [DSA 2701-1] krb5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2701-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 29, 2013 http://www.debian.org/security/faq -...

[BSA-078] Security Update for freetype

I uploaded new packages for freetype which fixed the following security problems: CVE-2012-5668: NULL Pointer Dereference in bdffreefont. CVE-2012-5669: Out-of-bounds read in bdfparseglyphs. CVE-2012-5670: Out-of-bounds write in bdfparseglyphs. For the squeeze-backports distribution the problems...

[SECURITY] [DSA 2599-1] nss security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2599-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 06, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2588-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2588-1 [email protected] http://www.debian.org/security/ December 16, 2012 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

[SECURITY] [DSA 2583-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2583-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez December 08, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2544-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2544-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 08, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2466-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2466-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 09, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2450-1] samba security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2450-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 12, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2394-1] libxml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2394-1 [email protected] http://www.debian.org/security/ Luciano Bello January 27, 2012 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2375-1] krb5. krb5-appl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2375-1 [email protected] http://www.debian.org/security/ Florian Weimer December 26, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2354-1] cups security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2354-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez November 28, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2273-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2273-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 06, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2178-1] pango1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2178-1 [email protected] http://www.debian.org/security/ Florian Weimer March 02, 2011 http://www.debian.org/security/faq -...

[BSA-023] Security Update for drupal6

Gerfried Fuchs uploaded new packages for drupal6 which fixed the following security problems: CVE-2010-2250 A user-supplied value is directly output during installation allowing a malicious user to craft a URL and perform a cross-site scripting attack. The exploit can only be conducted on sites n...

[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities

------------------------------------------------------------------------- Debian Security Advisory DSA-2143-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 14, 2011 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2122-2] New glibc packages fix privilege escalation

------------------------------------------------------------------------- Debian Security Advisory DSA-2122-2 [email protected] http://www.debian.org/security/ Florian Weimer January 11, 2011 http://www.debian.org/security/faq -...

[BSA-013] Security Update for iceweasel

Mike Hommey uploaded new packages for iceweasel which fixed the following security problems: CVE-2010-3776 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before...

[SECURITY] [DSA-2035-1] New apache2 packages fix several issues

------------------------------------------------------------------------ Debian Security Advisory DSA-2035-1 [email protected] http://www.debian.org/security/ Stefan Fritsch April 17, 2010 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1880-1] New OpenOffice.org packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1880-1 [email protected] http://www.debian.org/security/ Martin Schulze September 4th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1833-2] New dhcp3 packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1833-2 [email protected] http://www.debian.org/security/ Florian Weimer August 25, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1870-1] New pidgin packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA-1870-1 [email protected] http://www.debian.org/security/ Nico Golde August 19th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1742-1] New libsnd packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA-1742-1 [email protected] http://www.debian.org/security/ Nico Golde March 16th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1719-1] New gnutls13 packages fix certificate validation

------------------------------------------------------------------------ Debian Security Advisory DSA-1719-1 [email protected] http://www.debian.org/security/ Florian Weimer February 10, 2009 http://www.debian.org/security/faq -...

[Backports-security-announce] Security Update for nagios3

Jan Wagner uploaded a new package for nagios3 which fixed the following security problem: CVE-2008-5028, SA32610 and Debian Bug 504894 Andreas Ericsson has discovered a vulnerability in Nagios, which can be exploited by malicious people to conduct cross-site request forgery attacks. The applicati...

[Backports-security-announce] Security Update for vim

Norbert Tretkowski uploaded new packages for vim which fixed the following security problems: CVE-2008-4101, Debian Bug 500381 Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to 1 execute arbitrary shell commands by entering a K keystro...

[SECURITY] [DSA 1616-2] New clamav packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1616-2 [email protected] http://www.debian.org/security/ Devin Carraway July 26, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1612-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 21, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1569-3] New cacti packages fix regression

------------------------------------------------------------------------ Debian Security Advisory DSA-1569-3 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 15, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass

------------------------------------------------------------------------ Debian Security Advisory DSA-1608-1 [email protected] http://www.debian.org/security/ Devin Carraway July 13, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1524-1] New krb5 packages fix multiple vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1524-1 [email protected] http://www.debian.org/security/ Noah Meyerhans March 18, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1505-1] New alsa-driver packages fix kernel memory leak

------------------------------------------------------------------------ Debian Security Advisory DSA-1505 [email protected] http://www.debian.org/security/ dann frazier February 22, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1496-1] New mplayer packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1496-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 12, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1413-1 [email protected] http://www.debian.org/security/ Noah Meyerhans November 26, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1338-1] New iceweasel packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1338-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 23rd, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1249-1] New xfree86 packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 1249-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 15th, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1242-1] New elog packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1242-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 27th, 2006 http://www.debian.org/security/faq -...