Lucene search
K
DebianRecent

14409 matches found

Debian
Debian
•added 2019/07/30 7:44 p.m.•181 views

[SECURITY] [DLA 1730-4] libssh2 regression update

Package : libssh2 Version : 1.4.3-4.1+deb8u5 CVE ID : CVE-2019-3860 Several more boundary checks have been backported to libssh2s src/sftp.c. Furthermore, all boundary checks in src/sftp.c now result in an LIBSSH2ERRORBUFFERTOOSMALL error code, rather than a LIBSSH2ERROR OUTOFBOUNDARY error code...

9.1CVSS6.9AI score0.05118EPSS
Exploits0
Debian
Debian
•added 2019/07/28 10:40 p.m.•184 views

[SECURITY] [DLA 1846-2] unzip regression update

Package : unzip Version : 6.0-16+deb8u5 CVE ID : CVE-2019-13232 Debian Bug : 932404 The unzip security update issued as DLA 1846-1 caused a regression when building the Firefox web browser from source. There is a zip-like file in the Firefox distribution, omni.ja, which is a zip container with th...

3.3CVSS4.2AI score0.00495EPSS
Exploits0
Debian
Debian
•added 2019/07/27 6:30 p.m.•266 views

[SECURITY] [DLA 1865-1] sdl-image1.2 security update

Package : sdl-image1.2 Version : 1.2.12-5+deb9u2 CVE ID : CVE-2018-3977 CVE-2019-5051 CVE-2019-5052 CVE-2019-7635 CVE-2019-12216 CVE-2019-12217 CVE-2019-12218 CVE-2019-12219 CVE-2019-12220 CVE-2019-12221 CVE-2019-12222 The following issues have been found in sdl-image1.2, the 1.x version of the...

8.8CVSS9.6AI score0.04515EPSS
Exploits11
Debian
Debian
•added 2019/07/27 5:46 p.m.•39 views

[SECURITY] [DSA 4489-1] patch security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4489-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 27, 2019 https://www.debian.org/security/faq -...

9.3CVSS1.6AI score0.0556EPSS
Exploits0
Debian
Debian
•added 2019/07/27 5:46 p.m.•260 views

[SECURITY] [DSA 4489-1] patch security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4489-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 27, 2019 https://www.debian.org/security/faq -...

9.3CVSS8.4AI score0.0556EPSS
Exploits0
Debian
Debian
•added 2019/07/25 9:2 p.m.•156 views

[SECURITY] [DLA 1864-1] patch security update

Package : patch Version : 2.7.5-1+deb8u3 CVE ID : CVE-2019-13638 An issue with quoting has been found in patch, a tool to apply a diff file to an original, when invoking ed. In order to avoid this, ed is now directly started instead of calling a shell which starts ed. For Debian 8 "Jessie", this...

9.3CVSS7.7AI score0.0453EPSS
Exploits0
Debian
Debian
•added 2019/07/25 6:35 p.m.•133 views

[SECURITY] [DLA 1730-3] libssh2 regression update

Package : libssh2 Version : 1.4.3-4.1+deb8u4 CVE ID : CVE-2019-3859 CVE-2019-13115 Various security problems have been additionally fixed in libssh2, an SSH client implementation written in C++. CVE-2019-3859 While investigating the impact of CVE-2019-13115 in Debian jessies version of libssh2, i...

9.3CVSS7AI score0.11659EPSS
Exploits1
Debian
Debian
•added 2019/07/25 1:8 p.m.•26 views

[SECURITY] [DSA 4488-1] exim4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4488-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2019 https://www.debian.org/security/faq -...

10CVSS2.1AI score0.08622EPSS
Exploits0
Debian
Debian
•added 2019/07/25 1:8 p.m.•84 views

[SECURITY] [DSA 4488-1] exim4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4488-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2019 https://www.debian.org/security/faq -...

10CVSS9.5AI score0.08622EPSS
Exploits0
Debian
Debian
•added 2019/07/23 9:15 p.m.•83 views

[SECURITY] [DSA 4487-1] neovim security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4487-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 23, 2019 https://www.debian.org/security/faq -...

9.3CVSS7.9AI score0.19111EPSS
Exploits5
Debian
Debian
•added 2019/07/23 5:48 p.m.•132 views

[SECURITY] [DLA 1863-1] linux-4.9 security update

Package : linux-4.9 Version : 4.9.168-1+deb9u4deb8u1 CVE ID : CVE-2019-13272 Jann Horn discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges und...

7.8CVSS6.8AI score0.52199EPSS
Exploits21
Debian
Debian
•added 2019/07/23 5:32 p.m.•179 views

[SECURITY] [DLA 1862-1] linux security update

Package : linux Version : 3.16.70-1 CVE ID : CVE-2019-2101 CVE-2019-10639 CVE-2019-13272 Debian Bug : 930904 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-2101 Andrey Konovalov discovered...

7.8CVSS7.2AI score0.94686EPSS
Exploits22
Debian
Debian
•added 2019/07/22 7:42 p.m.•172 views

[SECURITY] [DLA 1861-1] libsdl2-image security update

Package : libsdl2-image Version : 2.0.0+dfsg-3+deb8u2 CVE ID : CVE-2018-3977 CVE-2019-5052 CVE-2019-7635 CVE-2019-12216 CVE-2019-12217 CVE-2019-12218 CVE-2019-12219 CVE-2019-12220 CVE-2019-12221 CVE-2019-12222 Debian Bug : 932754, 932755 The following issues have been found in libsdl2-image, the...

8.8CVSS9.5AI score0.04515EPSS
Exploits10
Debian
Debian
•added 2019/07/22 4:16 p.m.•144 views

[SECURITY] [DLA 1860-1] libxslt security update

Package : libxslt Version : 1.1.28-2+deb8u5 CVE ID : CVE-2016-4609 CVE-2016-4610 CVE-2019-13117 CVE-2019-13118 Debian Bug : 932321 932320 Several vulnerabilities were found in libxslt the XSLT 1.0 processing library. CVE-2016-4610 Invalid memory access leading to DoS at exsltDynMapFunction. libxs...

9.8CVSS9.3AI score0.06457EPSS
Exploits0
Debian
Debian
•added 2019/07/21 9:6 p.m.•157 views

[SECURITY] [DLA 1859-1] bind9 security update

Package : bind9 Version : 1:9.9.5.dfsg-9+deb8u18 CVE ID : CVE-2018-5743 A vulnerability was found in the Bind DNS Server. Limits on simultaneous tcp connections have not been enforced correctly and could lead to exhaustion of file descriptors. In the worst case this could affect the file...

7.5CVSS7.7AI score0.06404EPSS
Exploits0
Debian
Debian
•added 2019/07/21 6:5 p.m.•146 views

[SECURITY] [DSA 4486-1] openjdk-11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4486-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 21, 2019 https://www.debian.org/security/faq -...

5.8CVSS6.9AI score0.04472EPSS
Exploits0
Debian
Debian
•added 2019/07/21 6:1 p.m.•145 views

[SECURITY] [DSA 4485-1] openjdk-8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4485-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 21, 2019 https://www.debian.org/security/faq -...

5.8CVSS6.9AI score0.04472EPSS
Exploits0
Debian
Debian
•added 2019/07/20 11:9 p.m.•107 views

[SECURITY] [DLA 1858-1] squid3 security update

Package : squid3 Version : 3.4.8-6+deb8u8 CVE ID : CVE-2019-12525 CVE-2019-12529 Squid, a high-performance proxy caching server for web clients, has been found vulnerable to denial of service attacks associated with HTTP authentication header processing. CVE-2019-12525 Due to incorrect buffer...

9.8CVSS6.7AI score0.24401EPSS
Exploits0
Debian
Debian
•added 2019/07/20 5:36 p.m.•148 views

[SECURITY] [DLA 1857-1] nss security update

Package : nss Version : 2:3.26-1+debu8u5 CVE ID : CVE-2019-11719 CVE-2019-11729 Vulnerabilities have been discovered in nss, the Mozilla Network Security Service library. CVE-2019-11719: Out-of-bounds read when importing curve25519 private key When importing a curve25519 private key in PKCS8forma...

7.5CVSS7.1AI score0.02794EPSS
Exploits0
Debian
Debian
•added 2019/07/20 2:34 p.m.•185 views

[SECURITY] [DSA 4484-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4484-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 20, 2019 https://www.debian.org/security/faq -...

7.8CVSS7AI score0.94686EPSS
Exploits22
Debian
Debian
•added 2019/07/20 2:34 p.m.•54 views

[SECURITY] [DSA 4484-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4484-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 20, 2019 https://www.debian.org/security/faq -...

7.2CVSS1.5AI score0.94686EPSS
Exploits22
Debian
Debian
•added 2019/07/19 9:45 p.m.•203 views

[SECURITY] [DLA 1856-1] patch security update

Package : patch Version : 2.7.5-1+deb8u2 CVE ID : CVE-2019-13636 Handling of symlinks in patch, a tool to apply a diff file to an original, was wrong in certain cases. For Debian 8 "Jessie", this problem has been fixed in version 2.7.5-1+deb8u2. We recommend that you upgrade your patch packages...

5.9CVSS5.9AI score0.03927EPSS
Exploits0
Debian
Debian
•added 2019/07/19 2:6 p.m.•89 views

[SECURITY] [DLA 1855-1] exiv2 security update

Package : exiv2 Version : 0.24-4.1+deb8u4 CVE ID : CVE-2019-13504 It was discovered that there was an integer overflow vulnerability in exiv2, a tool to manipulate images containing eg. EXIF metadata. This could have resulted in a denial of service via a specially- crafted file. For Debian 8...

6.5CVSS6.6AI score0.02386EPSS
Exploits2
Debian
Debian
•added 2019/07/18 8:27 p.m.•161 views

[SECURITY] [DLA 1833-2] bzip2 regression update

Package : bzip2 Version : 1.0.6-4+deb7u2 CVE ID : CVE-2019-12900 The original fix for CVE-2019-12900 in bzip2, a high-quality block-sorting file compressor, introduces regressions when extracting certain lbzip2 files which were created with a buggy libzip2. Please see https://bugs.debian.org/9312...

9.8CVSS9.7AI score0.08042EPSS
Exploits0
Debian
Debian
•added 2019/07/17 3:25 p.m.•216 views

[SECURITY] [DLA 1854-1] libonig security update

Package : libonig Version : 5.9.5-3.2+deb8u2 CVE ID : CVE-2019-13224 Debian Bug : 931878 A use-after-free in onignewdeluxe in regext.c allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacke...

9.8CVSS9.9AI score0.04047EPSS
Exploits0
Debian
Debian
•added 2019/07/16 9:14 p.m.•345 views

[SECURITY] [DSA 4483-1] libreoffice security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4483-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 16, 2019 https://www.debian.org/security/faq -...

9.8CVSS8.8AI score0.30698EPSS
Exploits5
Debian
Debian
•added 2019/07/14 8:11 p.m.•198 views

[SECURITY] [DSA 4482-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4482-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 14, 2019 https://www.debian.org/security/faq -...

9.8CVSS9.4AI score0.20271EPSS
Exploits2
Debian
Debian
•added 2019/07/13 9:20 p.m.•244 views

[SECURITY] [DLA 1853-1] libspring-java security update

Package : libspring-java Version : 3.0.6.RELEASE-17+deb8u1 CVE ID : CVE-2014-3578 CVE-2014-3625 CVE-2015-3192 CVE-2015-5211 CVE-2016-9878 Debian Bug : 760733 769698 796137 849167 Vulnerabilities have been identified in libspring-java, a modular Java/J2EE application framework. CVE-2014-3578 A...

9.6CVSS7AI score0.1005EPSS
Exploits6
Debian
Debian
•added 2019/07/13 1:36 p.m.•16 views

[SECURITY] [DSA 4481-1] ruby-mini-magick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4481-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 13, 2019 https://www.debian.org/security/faq -...

6.8CVSS2AI score0.07639EPSS
Exploits1
Debian
Debian
•added 2019/07/13 1:36 p.m.•206 views

[SECURITY] [DSA 4481-1] ruby-mini-magick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4481-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 13, 2019 https://www.debian.org/security/faq -...

7.8CVSS7.6AI score0.07639EPSS
Exploits1
Debian
Debian
•added 2019/07/11 8:59 p.m.•193 views

[SECURITY] [DSA 4480-1] redis security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4480-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 11, 2019 https://www.debian.org/security/faq -...

7.2CVSS8.2AI score0.26048EPSS
Exploits0
Debian
Debian
•added 2019/07/11 8:56 p.m.•194 views

[SECURITY] [DSA 4479-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4479-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 11, 2019 https://www.debian.org/security/faq -...

9.8CVSS9.3AI score0.20271EPSS
Exploits2
Debian
Debian
•added 2019/07/11 5:9 p.m.•121 views

[SECURITY] [DLA 1852-1] python3.4 security update

Package : python3.4 Version : 3.4.2-1+deb8u5 CVE ID : CVE-2019-9948 The urllib library in Python ships support for a second, not well known URL scheme for accessing local files "localfile://". This scheme can be used to circumvent protections that try to block local file access and only block the...

9.1CVSS9.5AI score0.11844EPSS
Exploits1
Debian
Debian
•added 2019/07/10 8:24 p.m.•169 views

[SECURITY] [DSA 4478-1] dosbox security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4478-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 10, 2019 https://www.debian.org/security/faq -...

9.8CVSS10AI score0.06685EPSS
Exploits1
Debian
Debian
•added 2019/07/10 6:17 p.m.•161 views

[SECURITY] [DLA 1851-1] openjpeg2 security update

Package : openjpeg2 Version : 2.1.0-2+deb8u7 CVE ID : CVE-2016-9112 CVE-2018-20847 Debian Bug : 931294 844551 Two security vulnerabilities were discovered in openjpeg2, a JPEG 2000 image library. CVE-2016-9112 A floating point exception or divide by zero in the function opjpinextcprl may lead to ...

8.8CVSS8.2AI score0.03168EPSS
Exploits2
Debian
Debian
•added 2019/07/10 1:45 p.m.•89 views

[SECURITY] [DLA 1850-1] redis security update

Package : redis Version : 2:2.8.17-1+deb8u7 CVE ID : CVE-2019-10192 Debian Bug : 931625 It was discovered that there were two heap buffer overflows in the Hyperloglog functionality provided by the Redis in-memory key-value database. For Debian 8 "Jessie", these issues have been fixed in redis...

7.2CVSS7.6AI score0.26048EPSS
Exploits0
Debian
Debian
•added 2019/07/09 6:25 a.m.•138 views

[SECURITY] [DLA 1848-1] libspring-security-2.0-java security update

Package : libspring-security-2.0-java Version : 2.0.7.RELEASE-3+deb8u2 CVE ID : CVE-2019-11272 Spring Security support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is leveraging PlaintextPasswordEncoder and a user has a null...

7.5CVSS7.2AI score0.0137EPSS
Exploits0
Debian
Debian
•added 2019/07/08 5:5 p.m.•126 views

[SECURITY] [DLA 1849-1] zeromq3 security update

Package : zeromq3 Version : 4.0.5+dfsg-2+deb8u2 CVE ID : CVE-2019-13132 Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket...

9.8CVSS9.4AI score0.42464EPSS
Exploits1
Debian
Debian
•added 2019/07/08 4:13 p.m.•36 views

[SECURITY] [DSA 4477-1] zeromq3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4477-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 08, 2019 https://www.debian.org/security/faq -...

7.5CVSS2.5AI score0.42464EPSS
Exploits1
Debian
Debian
•added 2019/07/08 4:13 p.m.•127 views

[SECURITY] [DSA 4477-1] zeromq3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4477-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 08, 2019 https://www.debian.org/security/faq -...

9.8CVSS9.4AI score0.42464EPSS
Exploits1
Debian
Debian
•added 2019/07/07 8:11 p.m.•222 views

[SECURITY] [DLA 1847-1] squid3 security update

Package : squid3 Version : 3.4.8-6+deb8u7 CVE ID : CVE-2019-13345 Debian Bug : 931478 It was discovered that there were multiple cross-site scripting vulnerabilities in the squid3 caching proxy server. For Debian 8 "Jessie", these issues have been fixed in squid3 version 3.4.8-6+deb8u7. We...

6.1CVSS8.5AI score0.74477EPSS
Exploits1
Debian
Debian
•added 2019/07/07 8:9 p.m.•228 views

[SECURITY] [DLA 1846-1] unzip security update

Package : unzip Version : 6.0-16+deb8u4 CVE ID : CVE-2019-13232 Debian Bug : 931433 David Fifield discovered a way to construct non-recursive "zip bombs" that achieve a high compression ratio by overlapping files inside the zip container. However the output size increases quadratically in the inp...

3.3CVSS4.3AI score0.00495EPSS
Exploits0
Debian
Debian
•added 2019/07/07 5:23 p.m.•201 views

[SECURITY] [DLA 1845-1] dosbox security update

Package : dosbox Version : 0.74-4+deb8u1 CVE ID : CVE-2019-7165 CVE-2019-12594 Debian Bug : 931222 Several security vulnerabilities were discovered in DOSBox, an emulator for running old DOS programs. CVE-2019-7165 A very long line inside a bat file would overflow the parsing buffer which could b...

9.8CVSS10AI score0.06685EPSS
Exploits1
Debian
Debian
•added 2019/07/05 6:3 p.m.•342 views

[SECURITY] [DSA 4476-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4476-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 05, 2019 https://www.debian.org/security/faq -...

7.5CVSS7.3AI score0.05399EPSS
Exploits0
Debian
Debian
•added 2019/07/04 1:21 p.m.•156 views

[SECURITY] [DLA 1844-1] lemonldap-ng security update

Package : lemonldap-ng Version : 1.3.3-1+deb8u2 CVE ID : CVE-2019-13031 Debian Bug : 931117 It was discovered that there was a XML external entity vulnerability in the lemonldap-ng single-sign on system. This may have led to the disclosure of confidential data, denial of service, server side...

8.1CVSS8AI score0.01934EPSS
Exploits0
Debian
Debian
•added 2019/07/03 1:18 p.m.•111 views

[SECURITY] [DLA 1843-1] pdns security update

Package : pdns Version : 3.4.1-4+deb8u10 CVE ID : CVE-2019-10162 CVE-2019-10163 Two vulnerabilities have been discovered in pdns, an authoritative DNS server which may result in denial of service via malformed zone records and excessive NOTIFY packets in a master/slave setup. CVE-2019-10162 An...

7.5CVSS7AI score0.01691EPSS
Exploits0
Debian
Debian
•added 2019/07/01 9:12 p.m.•128 views

[SECURITY] [DSA 4475-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4475-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 01, 2019 https://www.debian.org/security/faq -...

7.4CVSS6.3AI score0.05701EPSS
Exploits0
Debian
Debian
•added 2019/07/01 9:5 p.m.•78 views

[SECURITY] [DSA 4474-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4474-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 01, 2019 https://www.debian.org/security/faq -...

10CVSS9.9AI score0.55874EPSS
Exploits10
Debian
Debian
•added 2019/07/01 8:56 p.m.•60 views

[SECURITY] [DLA 1842-1] python-django security update

Package : python-django Version : 1.7.11-1+deb8u6 CVE ID : CVE-2019-12308 Debian Bug : 931316 It was discovered that the Django Python web development framework did not correct identify HTTP connections when a reverse proxy connected via HTTPS. When deployed behind a reverse-proxy connecting to...

6.1CVSS6.6AI score0.02563EPSS
Exploits0
Debian
Debian
•added 2019/07/01 11:45 a.m.•72 views

[SECURITY] [DLA 1837-2] rdesktop regression update

Package : rdesktop Version : 1.8.6-0+deb8u2 Debian Bug : 930511 The update for rdesktop released as 1.8.6-0+deb8u1 introduced a regression which broke RDP protocol negotiation. Updated rdesktop packages are now available to correct this issue. For Debian 8 "Jessie", this problem has been fixed in...

6.8AI score
Exploits0
Total number of security vulnerabilities14409