14355 matches found
[SECURITY] [DSA 4191-2] redmine regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4191-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 03, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4216-1] prosody security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4216-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 02, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4216-1] prosody security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4216-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 02, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4215-1] batik security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4215-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 02, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4215-1] batik security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4215-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 02, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4214-1] zookeeper security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4214-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 01, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1393-1] Debian 7 Long Term Support reaching end-of-life
The Debian Long Term Support LTS Team hereby announces that Debian 7 "Wheezy" support has reached its end-of-life on May 31, 2018, five years after its initial release on May 4, 2013. Debian will not provide further security updates for Debian 7. A subset of Wheezy packages will be supported by...
[SECURITY] [DLA 1392-1] linux security update
Package : linux Version : 3.2.102-1 CVE ID : CVE-2018-1093 CVE-2018-1130 CVE-2018-8897 CVE-2018-10940 Debian Bug : 898100 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service. CVE-2018-1093 Wen Xu reported that a crafted ext4 filesystem image could...
[SECURITY] [DLA 1391-1] tiff security update
Package : tiff Version : 4.0.2-6+deb7u21 CVE ID : CVE-2017-11613 CVE-2018-5784 Debian Bug : 869823 890441 Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service: CVE-2017-11613 Ddenial of service vulnerability in the...
[SECURITY] [DLA 1390-1] procps security update
Package : procps Version : 1:3.3.3.3+deb7u1 CVE ID : CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 Debian Bug : 899170 The Qualys Research Labs discovered multiple vulnerabilities in procps, a set of command line and full screen utilities for browsing procfs. The Common...
[SECURITY] [DLA 1389-1] apache2 security update
Package : apache2 Version : 2.2.22-13+deb7u13 CVE ID : CVE-2017-15710 CVE-2018-1301 CVE-2018-1312 Debian Bug : Several vulnerabilities have been found in the Apache HTTPD server. CVE-2017-15710 Alex Nichols and Jakob Hirsch reported that modauthnzldap, if configured with AuthLDAPCharsetConfig,...
[SECURITY] [DSA 4213-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4213-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 29, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4213-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4213-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 29, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4212-1] git security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4212-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 29, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4212-1] git security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4212-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 29, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1388-1] wireshark security update
Package : wireshark Version : 1.12.1+g01b65bf-4+deb8u6deb7u11 CVE ID : CVE-2018-9258 CVE-2018-9260 CVE-2018-9261 CVE-2018-9263 CVE-2018-9268 CVE-2018-9269 CVE-2018-9270 CVE-2018-11358 CVE-2018-11362 Several issues that could result in a crash within different dissectors have been fixed. Other...
[SECURITY] [DLA 1387-1] cups security update
Package : cups Version : 1.5.3-5+deb7u8 CVE ID : CVE-2017-18248 CVE-2017-18248 It was found that by submitting a print job with an invalid username, the CUPS server can be crashed, when D-Bus support is enabled which is the case for Debian. For Debian 7 "Wheezy", these problems have been fixed in...
[SECURITY] [DSA 4206-2] gitlab regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4206-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 26, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4206-2] gitlab regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-4206-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 26, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1386-1] ming security update
Package : ming Version : 1:0.4.4-1.1+deb7u9 CVE ID : CVE-2018-7866 CVE-2018-7873 CVE-2018-7876 CVE-2018-9009 CVE-2018-9132 Multiple vulnerabilities have been discovered in Ming: CVE-2018-7866 NULL pointer dereference in the newVar3 function util/decompile.c. Remote attackers might leverage this...
[SECURITY] [DSA 4211-1] xdg-utils security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4211-1 [email protected] https://www.debian.org/security/ Luciano Bello May 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4211-1] xdg-utils security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4211-1 [email protected] https://www.debian.org/security/ Luciano Bello May 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1385-1] batik security update
Package : batik Version : 1.7+dfsg-3+deb7u3 CVE ID : CVE-2018-8013 Debian Bug : 899374 Man Yue Mo discovered a security vulnerability in Apache Batik, an SVG image library. A missing check for the class type before calling newInstance when deserializing a subclass of AbstractDocument could lead t...
[SECURITY] [DLA 1383-1] xen security update
Package : xen Version : 4.1.6.lts1-14 CVE ID : CVE-2018-8897 CVE-2018-10981 CVE-2018-10982 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, informations leaks or privilege escalation. For Debian 7 "Wheezy", these problems have been fixe...
[SECURITY] [DLA 1384-1] xdg-utils security update
Package : xdg-utils Version : 1.1.0rc1+git20111210-6+deb7u4 CVE ID : CVE-2017-18266 Debian Bug : 898317 It was found that the openenvvar function in xdg-utils does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers t...
[SECURITY] [DLA 1382-1] thunderbird security update
Package : thunderbird Version : 1:52.8.0-1deb7u1 CVE ID : CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5159 CVE-2018-5161 CVE-2018-5162 CVE-2018-5168 CVE-2018-5170 CVE-2018-5178 CVE-2018-5183 CVE-2018-5184 CVE-2018-5185 Multiple security issues have been found in Thunderbird, which may lead...
[SECURITY] [DSA 4210-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4210-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4209-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4209-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1381-1] imagemagick security update
Package : imagemagick Version : 8:6.7.7.10-5+deb7u22 CVE ID : CVE-2017-18271 CVE-2017-18273 CVE-2018-11251 Several security vulnerabilities were discovered in ImageMagick, an image manipulation program, that allow remote attackers to cause a denial of service via CPU exhaustion infinite loop or...
[SECURITY] [DSA 4208-1] procps security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4208-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 22, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4208-1] procps security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4208-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 22, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4207-1] packagekit security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4207-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 22, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4207-1] packagekit security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4207-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 22, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4206-1] gitlab security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4206-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 21, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4205-1] Advance notification for upcoming end-of-life for
Debian oldstable -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4205-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 18, 2018 https://www.debian.org/security/faq...
[SECURITY] [DSA 4204-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4204-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 18, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4204-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4204-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 18, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1380-1] libmad security update
Package : libmad Version : 0.15.1b-7+deb7u1 CVE ID : CVE-2017-8372 CVE-2017-8373 CVE-2017-8374 Several vulnerabilities were discovered in MAD, an MPEG audio decoder library, which could result in denial of service if a malformed audio file is processed. For Debian 7 "Wheezy", these problems have...
[SECURITY] [DSA 4203-1] vlc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4203-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4202-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4202-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini May 16, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1379-1] curl security update
Package : curl Version : 7.26.0-1+wheezy25+deb7u1 CVE ID : CVE-2018-1000301 Debian Bug : 898856 It was discovered that there was an issue in the curl a command-line tool for downloading eg. data over HTTP. curl could have be tricked into reading data beyond the end of a heap based buffer used to...
[SECURITY] [DSA 4201-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4201-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 15, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4200-1] kwallet-pam security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4200-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1378-1] tiff3 security update
Package : tiff3 Version : 3.9.6-11+deb7u11 CVE ID : CVE-2018-8905 Debian Bug : 893806 A heap-based buffer overflow was discovered in the LZWDecodeCompat function in tiflzw.c LibTIFF 4.0.9 and earlier. This vulnerability might be leveraged by remote attackers to crash the client via a crafted TIFF...
[SECURITY] [DLA 1377-1] tiff security update
Package : tiff Version : 4.0.2-6+deb7u20 CVE ID : CVE-2018-8905 Debian Bug : 893806 A heap-based buffer overflow was discovered in the LZWDecodeCompat function in tiflzw.c LibTIFF 4.0.9 and earlier. This vulnerability might be leveraged by remote attackers to crash the client via a crafted TIFF L...
[SECURITY] [DLA 1376-1] firefox-esr security update
Package : firefox-esr Version : 52.8.0esr-1deb7u1 CVE ID : CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5178 CVE-2018-5183 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and...
[SECURITY] [DLA 1375-1] wget security update
Package : wget Version : 1.13.4-3+deb7u6 CVE ID : CVE-2018-0494 Debian Bug : 898076 Harry Sintonen have discovered a cookie injection vulnerability in wget caused by insufficient input validation, enabling an external attacker to inject arbitrary cookie values cookie jar file, adding new or...
[SECURITY] [DLA 1374-1] firebird2.5 security update
Package : firebird2.5 Version : 2.5.2.26540.ds4-1deb7u4 CVE ID : CVE-2017-11509 An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. The only known solution is to disable external UDF libraries from bei...
[SECURITY] [DSA 4199-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4199-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 10, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1373-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u14 CVE ID : CVE-2018-10545 CVE-2018-10547 CVE-2018-10548 Several issues have been discovered in PHP recursive acronym for PHP: Hypertext Preprocessor, a widely-used open source general-purpose scripting language that is especially suited for web development...