14343 matches found
[SECURITY] [DLA 1477-1] libgit2 security update
Package : libgit2 Version : 0.21.1-3+deb8u1 CVE ID : CVE-2018-10887 CVE-2018-10888 CVE-2018-15501 CVE-2018-15501 A potential out-of-bounds read when processing a "ng" smart packet might lead to a Denial of Service. CVE-2018-10887 A flaw has been discovered that may lead to an integer overflow whi...
[SECURITY] [DSA 4279-2] linux regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4279-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 22, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4279-2] linux regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4279-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 22, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1475-1] tomcat-native security update
Package : tomcat-native Version : 1.1.32repack-2+deb8u2 CVE ID : CVE-2018-8019 CVE-2018-8020 When using an OCSP responder Tomcat Native did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to...
[SECURITY] [DSA 4280-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4280-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 22, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4280-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4280-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 22, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA-1474-1] openssh security update
Package : openssh Version : 1:6.7p1-5+deb8u5 CVE ID : CVE-2018-15473 Debian Bug : 906236 It was discovered that there was a user enumeration vulnerability in OpenSSH. A remote attacker couldtest whether a certain user exists on a target server. For Debian 8 "Jessie", this issue has been fixed in...
[SECURITY] [DLA 1473-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1+deb8u5 CVE ID : CVE-2018-14593 Francesco Sirocco discovered a privilege escalation flaw in otrs2, the Open Ticket Request System. An attacker who is logged into OTRS as a user may escalate their privileges by accessing a specially crafted URL. For Debian 8...
[SECURITY] [DLA 1461-1] clamav security update
Package : clamav Version : 0.100.1+dfsg-0+deb8u1 CVE ID : CVE-2018-0360 CVE-2018-0361 Debian Bug : 902601 903896 905044 ClamAV, an anti-virus utility for Unix, has released the version 0.100.1. Installing this new version is required to make use of all current virus signatures and to avoid...
[SECURITY] [DLA 1472-1] libcgroup security update
Package : libcgroup Version : 0.41-6+deb8u1 CVE ID : CVE-2018-14348 Debian Bug : 906308 The cgrulesengd daemon in libcgroup creates log files with world readable and writable permissions due to a reset of the file mode creation mask umask0. For Debian 8 "Jessie", this problem has been fixed in...
[SECURITY] [DSA 4279-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4279-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 20, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4279-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4279-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 20, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1471-1] kamailio security update
Package : kamailio Version : 4.2.0-2+deb8u4 CVE ID : CVE-2018-14767 CVE-2018-14767 Fix for missing input validation, which could result in denial of service and potentially the execution of arbitrary code. For Debian 8 "Jessie", this problem has been fixed in version 4.2.0-2+deb8u4. We recommend...
[SECURITY] [DSA 4278-1] jetty9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4278-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 19, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1470-1] confuse security update
Package : confuse Version : 2.7-5+deb8u1 CVE ID : CVE-2018-14447 Debian Bug : 904159 An out of bound read was discoverd in libConfuse, a configuration file parser library. CVE-2018-14447 An out of bound read in trimwhitespace, fixed thanks to Sebastian Roland [email protected]. For Debian 8...
[SECURITY] [DLA-1469-1] libxcursor security update
Package : libxcursor Version : 1:1.1.14-1+deb8u2 CVE ID : CVE-2015-9262 Debian Bug : 906012 It was discovered that there was a denial of service or potentially code execution vulnerability in libxcursor, a library designed to help locate and load cursors for the X Window System. For Debian 8...
[SECURITY] [DSA 4277-1] mutt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4277-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4277-1] mutt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4277-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4276-1] php-horde-image security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4276-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4276-1] php-horde-image security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4276-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4275-1] keystone security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4275-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 16, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4274-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4274-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 16, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4273-1] intel-microcode security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4273-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 16, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1468-1] fuse security update
Package : fuse Version : 2.9.3-15+deb8u3 CVE ID : CVE-2018-10906 CVE-2018-10906 This is a fix for a restriction bypass of the "allowother" option when SELinux is active. For Debian 8 "Jessie", this problem has been fixed in version 2.9.3-15+deb8u3. We recommend that you upgrade your fuse packages...
[SECURITY] [DLA 1466-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.110-3+deb9u2deb8u1 CVE ID : CVE-2018-5390 CVE-2018-5391 CVE-2018-13405 Debian Bug : 893393 903122 903767 903776 903838 903914 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service...
[SECURITY] [DLA 1467-1] ruby-zip security update
Package : ruby-zip Version : 1.1.6-1+deb8u2 CVE ID : CVE-2018-1000544 Debian Bug : 902720 It was found that rubyzip, a Ruby module for reading and writing zip files, contained a Directory Traversal vulnerability that can be exploited to write arbitrary files to the filesystem. For Debian 8...
[SECURITY] [DLA 1464-1] postgresql-9.4 security update
Package : postgresql-9.4 Version : 9.4.19-0+deb8u1 CVE ID : CVE-2018-10915 An unprivileged user of dblink or postgresfdw could bypass the checks intended to prevent use of server-side credentials, such as a /.pgpass file owned by the operating-system user running the server. Servers allowing peer...
[SECURITY] [DSA 4272-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4272-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 14, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4272-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4272-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 14, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4271-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4271-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 14, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4271-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4271-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 14, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4270-1] gdm3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4270-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 13, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4270-1] gdm3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4270-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 13, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1465-1] blender security update
Package : blender Version : 2.72.b+dfsg0-3+deb8u1 CVE ID : CVE-2017-2899 CVE-2017-2900 CVE-2017-2901 CVE-2017-2902 CVE-2017-2903 CVE-2017-2904 CVE-2017-2905 CVE-2017-2906 CVE-2017-2907 CVE-2017-2908 CVE-2017-2918 CVE-2017-12081 CVE-2017-12082 CVE-2017-12086 CVE-2017-12099 CVE-2017-12100...
[SECURITY] [DSA 4269-1] postgresql-9.6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4269-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 10, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4268-1] openjdk-8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4268-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 10, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1463-1] sam2p security update
Package : sam2p Version : 0.49.2-3+deb8u3 CVE ID : CVE-2018-12578 CVE-2018-12601 Various vulnerabilities leading to denial of service or possible unspecified other impacts were discovered in sam2p, an utility to convert raster images to EPS, PDF, and other formats. CVE-2018-12578 A...
[SECURITY] [DLA 1462-1] wpa security update
Package : wpa Version : 2.3-1+deb8u6 CVE ID : CVE-2018-14526 Debian Bug : 905739 The following vulnerability was discovered in wpasupplicant. CVE-2018-14526: | An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 | through 2.6. Under certain conditions, the integrity of EAPOL-Key |...
[SECURITY] [DSA 4267-1] kamailio security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4267-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 08, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4267-1] kamailio security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4267-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 08, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1437-2] slurm-llnl regression update
Package : slurm-llnl Version : 14.03.9-5+deb8u4 CVE ID : CVE-2018-10995 Debian Bug : 893044 The security update for slurm-llnl introduced a regression in the fix for CVE-2018-10995 which broke accounting. For Debian 8 "Jessie", this problem has been fixed in version 14.03.9-5+deb8u4. We recommend...
[SECURITY] [DSA 4266-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4266-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 06, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4266-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4266-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 06, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA-1460-1] libmspack security update
Package : libmspack Version : 0.5-1+deb8u2 CVE ID : CVE-2018-14681 CVE-2018-14682 CVE-2018-14679 CVE-2018-14680 Debian Bugs : 904799 904800 904801 904802 It was discovered that there were several vulnerabilities in libsmpack, a library used to handle Microsoft compression formats. A remote attack...
[SECURITY] [DLA 1458-1] xml-security-c security update
Package : xml-security-c Version : 1.7.2-3+deb8u1 CVE ID : not yet available Debian Bug : 905332 It was discovered that the Apache XML Security for C++ library performed insufficient validation of KeyInfo hints, which could result in denial of service via NULL pointer dereferences when processing...
[SECURITY] [DLA-1459-1] cgit security update
Package : cgit Version : 0.10.2.git2.0.1-3+deb8u2 CVE ID : CVE-2018-14912 Debian Bug : 905382 It was discovered that there was a directory traversal vulnerability in cgit, a web frontend for Git repositories. For Debian 8 "Jessie", this issue has been fixed in cgit version 0.10.2.git2.0.1-3+deb8u...
[SECURITY] [DSA 4265-1] xml-security-c security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4265-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 05, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4264-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4264-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 05, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1457-1] ant security update
Package : ant Version : 1.9.4-3+deb8u2 CVE ID : TEMP-0904191-9063D5 Debian Bug : 904191 The fix for CVE-2018-10886 was incomplete in the previous upload. New changes was implemented upstream which check and resolve symlinks before expanding the archives. For Debian 8 "Jessie", this problem has be...
[SECURITY] [DSA 4263-1] cgit security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4263-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 04, 2018 https://www.debian.org/security/faq -...