14348 matches found
[SECURITY] [DLA 1081-1] imagemagick security update
Package : imagemagick Version : 6.7.7.10-5+deb7u16 CVE ID : CVE-2017-8352 CVE-2017-9144 CVE-2017-9501 CVE-2017-10928 CVE-2017-10995 CVE-2017-11141 CVE-2017-11170 CVE-2017-11188 CVE-2017-11352 CVE-2017-11360 CVE-2017-11446 CVE-2017-11448 CVE-2017-11449 CVE-2017-11450 CVE-2017-11478 CVE-2017-11505...
[SECURITY] [DLA 1080-1] gnupg security update
Package : gnupg Version : 1.4.12-7+deb7u9 CVE ID : CVE-2017-7526 Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal and Yuval Yarom discovered that gnupg is prone to a local side-channel attack allowing full key...
[SECURITY] [DLA 1077-1] faad2 security update
Package : faad2 Version : 2.7-8+deb7u1 CVE ID : CVE-2017-9218 CVE-2017-9219 CVE-2017-9220 CVE-2017-9221 CVE-2017-9222 CVE-2017-9223 CVE-2017-9253 CVE-2017-9254 CVE-2017-9255 CVE-2017-9256 CVE-2017-9257 Debian Bug : 867724 Various security issues were discovered in faad2, a fast audio decoder, tha...
[SECURITY] [DLA 1078-1] connman security update
Package : connman Version : 1.0-1.1+wheezy2 CVE ID : CVE-2017-12865 Debian Bug : 872844 In connman, stack-based buffer overflow in "dnsproxy.c" allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted response query string passed to the "name" variable. F...
[SECURITY] [DLA 1076-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u11 CVE ID : CVE-2017-12933 The finishnesteddata function in ext/standard/varunserializer.re in PHP is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. For Debia...
[SECURITY] [DSA 3959-1] libgcrypt20 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3959-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 29, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3959-1] libgcrypt20 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3959-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 29, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1075-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb7u16 CVE ID : CVE-2017-9066 Debian Bug : 862816 In WordPress, there is insufficient redirect validation in the HTTP class, leading to SSRF. For Debian 7 "Wheezy", these problems have been fixed in version 3.6.1+dfsg-1deb7u16. We recommend that you...
[SECURITY] [DLA 1074-1] poppler security update
Package : poppler Version : 0.18.4-6+deb7u2 CVE ID : CVE-2013-4473 CVE-2013-4474 CVE-2017-9775 CVE-2017-9776 CVE-2017-9865 Several buffer and integer overflow issues were discovered in Poppler, a PDF library, that could lead to application crash or possibly other unspecified impact via maliciousl...
[SECURITY] [DSA 3958-1] fontforge security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3958-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 29, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3958-1] fontforge security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3958-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 29, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1073-1] openjdk-7 security update
Package : openjdk-7 Version : 7u151-2.6.11-1+deb7u1 CVE ID : CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10081 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10115...
[SECURITY] [DSA 3957-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3957-1 [email protected] https://www.debian.org/security/ Luciano Bello August 28, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3957-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3957-1 [email protected] https://www.debian.org/security/ Luciano Bello August 28, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1070-1] qemu security update
Package : qemu Version : 1.1.2+dfsg-6+deb7u23 CVE ID : CVE-2017-6505 CVE-2017-8309 CVE-2017-10664 CVE-2017-11434 Multiple vulnerabilities were discovered in qemu, a fast processor emulator. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-6505 Denial of...
[SECURITY] [DLA 1071-1] qemu-kvm security update
Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u23 CVE ID : CVE-2017-6505 CVE-2017-8309 CVE-2017-10664 CVE-2017-11434 Multiple vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu. CVE-2017-6505...
[SECURITY] [DSA 3956-1] connman security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3956-1 [email protected] https://www.debian.org/security/ Luciano Bello August 27, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3956-1] connman security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3956-1 [email protected] https://www.debian.org/security/ Luciano Bello August 27, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1069-1] tenshi security update
Package : tenshi Version : 0.13-2+deb7u1 CVE ID : CVE-2017-11746 Debian Bug : 871321 Tenshi creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modificatio...
[SECURITY] [DLA 1068-1] git security update
Package : git Version : 1:1.7.10.4-1+wheezy5 CVE ID : CVE-2017-1000117 Joern Schneeweisz discovered that git, a distributed revision control system, did not correctly handle maliciously constructed ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via git...
[SECURITY] [DLA 1067-1] augeas security update
Package : augeas Version : 0.10.0-1+deb7u1 CVE ID : CVE-2017-7555 Debian Bug : 872400 Augeas is vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer,...
[SECURITY] [DLA 1066-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u10 CVE ID : CVE-2017-11628 A stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input...
[SECURITY] [DLA 1065-1] fontforge security update
Package : fontforge Version : 0.0.20120101+git-2+deb7u1 CVE ID : CVE-2017-11568 CVE-2017-11569 CVE-2017-11571 CVE-2017-11572 CVE-2017-11574 CVE-2017-11575 CVE-2017-11576 CVE-2017-11577 FontForge is vulnerable to heap-based buffer over-read in several functions, resulting in DoS or code execution...
[SECURITY] [DSA 3955-1] mariadb-10.1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3955-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3955-1] mariadb-10.1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3955-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3954-1] openjdk-7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3954-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 25, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1064-1] freeradius security update
Package : freeradius Version : 2.1.12+dfsg-1.2+deb7u2 CVE ID : CVE-2017-10978 CVE-2017-10979 CVE-2017-10980 CVE-2017-10981 CVE-2017-10982 CVE-2017-10983 Debian Bug : 868765 Guido Vranken discovered that FreeRADIUS, an open source implementation of RADIUS, the IETF protocol for AAA Authorisation,...
[SECURITY] [DSA 3953-1] aodh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3953-1 [email protected] https://www.debian.org/security/ Luciano Bello August 23, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3953-1] aodh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3953-1 [email protected] https://www.debian.org/security/ Luciano Bello August 23, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3952-1] libxml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3952-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 23, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3952-1] libxml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3952-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 23, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3951-1] smb4k security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3951-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 22, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3950-1] libraw security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3950-1 [email protected] https://www.debian.org/security/ Luciano Bello August 21, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3950-1] libraw security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3950-1 [email protected] https://www.debian.org/security/ Luciano Bello August 21, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1063-1] extplorer security update
Package : extplorer Version : 2.1.0b6+dfsg.3-4+deb7u5 CVE ID : CVE-2017-12756 CVE-2017-12756 Fix command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter. For Debian 7 "Wheezy", these problems have been fixed in...
[SECURITY] [DSA 3949-1] augeas security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3949-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 21, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3949-1] augeas security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3949-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 21, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1062-1] curl security update
Package : curl Version : 7.26.0-1+wheezy20 CVE ID : CVE-2017-1000100 CVE-2017-1000100 Wrong handling of very long filenames during TFTP might result in curl sending more than buffer size. For Debian 7 "Wheezy", this problem has been fixed in version 7.26.0-1+wheezy20. We recommend that you upgrad...
[SECURITY] [DLA 1061-1] newsbeuter security update
Package : newsbeuter Version : 2.5-2+deb7u2 CVE ID : CVE-2017-12904 Jeriko One discovered that newsbeuter, a text-mode RSS feed reader, did not properly escape the title and description of a news article when bookmarking it. This allowed a remote attacker to run an arbitrary shell command on the...
[SECURITY] [DLA 1060-1] libxml2 security update
Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy9 CVE ID : CVE-2017-0663 CVE-2017-7376 CVE-2017-0663 Invalid casting of different structs could enable an attacker to remotely execute some code within the context of an unprivileged process. CVE-2017-7376 Incorrect limit used for port values. For...
[SECURITY] [DSA 3948-1] ioquake3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3948-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 19, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1059-1] strongswan security update
Package : strongswan Version : 4.5.2-1.5+deb7u10 CVE ID : CVE-2017-11185 Debian Bug : 872155 It was discovered that there was a denial-of-service vulnerability in the Strongswan Virtual Private Network VPN software. Specific RSA signatures passed to the gmp plugin for verification could cause a...
[SECURITY] [DSA 3947-1] newsbeuter security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3947-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 18, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3947-1] newsbeuter security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3947-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 18, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3946-1] libmspack security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3946-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 18, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3946-1] libmspack security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3946-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 18, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3945-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3945-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3945-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3945-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3944-1] mariadb-10.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3944-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3944-1] mariadb-10.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3944-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2017 https://www.debian.org/security/faq -...