14345 matches found
[SECURITY] [DLA 1371-1] tzdata new upstream release
Package : tzdata Version : 2018e-0+deb7u1 This update includes the changes in tzdata 2018e. Notable changes are: - North Korea switches back to +09 on 2018-05-05. For Debian 7 "Wheezy", these problems have been fixed in version 2018e-0+deb7u1. We recommend that you upgrade your tzdata packages...
[SECURITY] [DSA 4192-1] libmad security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4192-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 04, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1370-1] quassel security update
Package : quassel Version : 0.8.0-1+deb7u4 CVE ID : CVE-2018-1000178 It was found that the Quassel IRC client was vulnerable to a remote code execution vulnerability due to insufficient checks in the deserializer code. For Debian 7 "Wheezy", these problems have been fixed in version 0.8.0-1+deb7u...
[SECURITY] [DSA 4191-1] redmine security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4191-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 03, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4191-1] redmine security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4191-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 03, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4190-1] jackson-databind security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4190-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 03, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4190-1] jackson-databind security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4190-1 [email protected] https://www.debian.org/security/ Sebastien Delafond May 03, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4189-1] quassel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4189-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 02, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1369-1] linux security update
Package : linux Version : 3.2.101-1 CVE ID : CVE-2017-0861 CVE-2017-5715 CVE-2017-13166 CVE-2017-16526 CVE-2017-16911 CVE-2017-16912 CVE-2017-16913 CVE-2017-16914 CVE-2017-18017 CVE-2017-18203 CVE-2017-18216 CVE-2018-1068 CVE-2018-1092 CVE-2018-5332 CVE-2018-5333 CVE-2018-5750 CVE-2018-5803...
[SECURITY] [DSA 4188-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4188-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 01, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4188-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4188-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 01, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4187-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4187-1 [email protected] https://www.debian.org/security/ Ben Hutchings May 01, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4187-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4187-1 [email protected] https://www.debian.org/security/ Ben Hutchings May 01, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1368-1] libvorbis security update
Package : libvorbis Version : 1.3.2-1.3+deb7u1 CVE ID : CVE-2017-11333 CVE-2017-14632 CVE-2017-14633 CVE-2018-5146 Serious vulnerabilities were found in the libvorbis library, commonly used to encode and decode audio in OGG containers. 2017-14633 In Xiph.Org libvorbis 1.3.5, an out-of-bounds arra...
[SECURITY] [DSA 4186-1] gunicorn security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4186-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4185-1] openjdk-8 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4185-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4184-1] sdl-image1.2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4184-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4184-1] sdl-image1.2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4184-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1367-1] slurm-llnl security update
Package : slurm-llnl Version : 2.3.4-2+deb7u2 CVE ID : CVE-2018-7033 CVE-2018-7033 An issue that could be used for SQL Injection attacks against SlurmDBD has been fixed. For Debian 7 "Wheezy", these problems have been fixed in version 2.3.4-2+deb7u2. We recommend that you upgrade your slurm-llnl...
[SECURITY] [DSA 4183-1] tor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4183-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4183-1] tor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4183-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4181-1] roundcube security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4181-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4181-1] roundcube security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4181-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4182-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4182-1 [email protected] https://www.debian.org/security/ Michael Gilbert April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4182-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4182-1 [email protected] https://www.debian.org/security/ Michael Gilbert April 28, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1366-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb7u21 CVE ID : CVE-2018-10100 CVE-2018-10102 Debian Bug : 895034 Two vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following issues. CVE-2018-10100 The redirection URL...
[SECURITY] [DLA 1365-1] drupal7 security update
Package : drupal7 Version : 7.14-2+deb7u19 CVE ID : CVE-2018-7602 Debian Bug : 895778 A remote code execution vulnerability has been found within multiple subsystems of Drupal. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site...
[SECURITY] [DLA 1364-1] openslp-dfsg security update
Package : openslp-dfsg Version : 1.2.1-9+deb7u2 CVE ID : CVE-2017-17833 CVE-2017-17833 An issue has been found in openslp that is related to heap memory corruption, which may result in a denial-of-service or remote code execution. For Debian 7 "Wheezy", these problems have been fixed in version...
[SECURITY] [DSA 4180-1] drupal7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4180-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4180-1] drupal7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4180-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 25, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1363-1] ghostscript security update
Package : ghostscript Version : 9.05dfsg-6.3+deb7u8 CVE ID : CVE-2018-10194 Debian Bug : 896069 It was discovered that the settextdistance function in base/gdevpdts.c in the pdfwrite component in Ghostscript does not prevent overflows in text-positioning calculation, which allows remote attackers...
[SECURITY] [DLA 1362-1] gcc-4.9-backport new package
Package : gcc-4.9-backport Version : 4.9.2-10+deb7u1 GCC 4.9 has been packaged as gcc-4.9-backport for Debian 7. This package will be needed by future updates to linux, and possibly other packages, to implement the "retpoline" mitigation for CVE-2017-5715 Spectre variant 2. Further information...
[SECURITY] [DLA 1361-1] psensor security update
Package : psensor Version : 0.6.2.17-2+deb7u1 CVE ID : CVE-2014-10073 Debian Bug : 896195 It was discovered that psensor, a server for monitoring hardware sensors remotely, was prone to a directory traversal vulnerability because the createresponse function in server/server.c lacks a check for...
[SECURITY] [DLA 1360-1] lucene-solr security update
Package : lucene-solr Version : 3.6.0+dfsg-1+deb7u4 CVE ID : CVE-2018-1308 Debian Bug : 896604 It was discovered that there was an XML external entity expansion XXE vulnerability in lucene-solr, a search engine library for Java. It could be exploited to read arbitrary local files from the Solr...
[SECURITY] [DSA 4179-1] linux-tools security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4179-1 [email protected] https://www.debian.org/security/ Ben Hutchings April 24, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4179-1] linux-tools security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4179-1 [email protected] https://www.debian.org/security/ Ben Hutchings April 24, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1359-1] ruby1.8 security update
Package : ruby1.8 Version : 1.8.7.358-7.1+deb7u6 CVE ID : CVE-2017-17742 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 Multiple vulnerabilities were found in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following...
[SECURITY] [DLA 1358-1] ruby1.9.1 security update
Package : ruby1.9.1 Version : 1.9.3.194-8.1+deb7u8 CVE ID : CVE-2017-17742 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 Multiple vulnerabilities were found in the interpreter for the Ruby language. The...
[SECURITY] [DLA 1357-1] gunicorn security update
Package : gunicorn Version : 0.14.5-3+deb7u2 CVE ID : CVE-2018-1000164 Debian Bug : 896548 It was discovered that there was an issue in the gunicorn HTTP server for Python applicatons where CRLF sequences could result in an attacker tricking the server into returning arbitrary headers. For more...
[SECURITY] [DSA 4178-1] libreoffice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4178-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 20, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4177-1] libsdl2-image security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4177-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 20, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4176-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4176-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 20, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4176-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4176-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 20, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1356-1] libreoffice security update
Package : libreoffice Version : 1:3.5.4+dfsg2-0+deb7u11 CVE ID : CVE-2018-10119 CVE-2018-10120 Fuzzing by the OSS-Fuzz project found two memory safety issues in LibreOffice, which could result in an application crash or possibly other unspecified impact. For Debian 7 "Wheezy", these problems have...
[SECURITY] [DLA 1355-1] mysql-5.5 security update
Package : mysql-5.5 Version : 5.5.60-0+deb7u1 CVE ID : CVE-2018-2755 CVE-2018-2761 CVE-2018-2771 CVE-2018-2773 CVE-2018-2781 CVE-2018-2813 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MyS...
[SECURITY] [DLA 1354-1] opencv security update
Package : opencv Version : 2.3.1-11+deb7u4 CVE ID : CVE-2018-5268 CVE-2018-5269 Debian Bug : 886674 886675 Two vulnerabilities were found in OpenCV, the "Open Computer Vision Library". CVE-2018-5268 In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in...
[SECURITY] [DLA 1353-1] wireshark security update
Package : wireshark Version : 1.12.1+g01b65bf-4+deb8u6deb7u10 CVE ID : CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7332 CVE-2018-7334 CVE-2018-7335 CVE-2018-7336 CVE-2018-7337 CVE-2018-7417 CVE-2018-7418 CVE-2018-7419 CVE-2018-7420 It was discovered that wireshark, a network protocol...
[SECURITY] [DSA 4175-1] freeplane security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4175-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 18, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4175-1] freeplane security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4175-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 18, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1352-1] jruby security update
Package : jruby Version : 1.5.6-5+deb7u2 CVE ID : CVE-2018-1000074 An unsafe object deserialization vulnerability was found in jruby, a 100% pure-Java implementation of Ruby. An attacker can use this flaw to run arbitrary code when gem owner is run on a specially crafted YAML file. For Debian 7...