14351 matches found
[SECURITY] [DSA 3630-1] libgd2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3630-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 26, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3630-1] libgd2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3630-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 26, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 562-1] gosa security update
Package : gosa Version : 2.7.4-4.3deb7u3 CVE ID : CVE-2015-8771 GOsa² is a combination of system-administrator and end-user web interface, designed to handle LDAP based setups. A code injection vulnerability in the Samba plugin code of GOsa has been discovered. During Samba password changes it ha...
[SECURITY] [DLA 561-1] uclibc security update
Package : uclibc Version : 0.9.32-1+deb7u1 CVE ID : CVE-2016-2224 CVE-2016-2225 CVE-2016-6264 Several vulnerabilities have been discovered in uClibc, an implementation of the standard C library that is much smaller than glibc, which makes it useful for embedded systems. CVE-2016-2224 Fix possible...
[SECURITY] [DLA 560-1] cacti security update
Package : cacti Version : 0.8.8a+dfsg-5+deb7u9 CVE ID : CVE-2016-2313 CVE-2016-3172 CVE-2016-3659 Three security issues have been found in cacti: CVE-2016-2313 authlogin.php allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user...
[SECURITY] [DLA 559-1] ntp security update
Package : ntp Version : 1:4.2.6.p5+dfsg-2+deb7u7 CVE ID : CVE-2015-7974 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8158 CVE-2016-1547 CVE-2016-1548 CVE-2016-1550 CVE-2016-2516 CVE-2016-2518 Several vulnerabilities were discovered in the Network Time Protocol daemon and utili...
[SECURITY] [DSA 3629-1] ntp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3629-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 25, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 557-1] dietlibc security update
Package : dietlibc Version : 0.33cvs20120325-4+deb7u1 Debian Bug : 832169 It was discovered that there was an insecure default PATH in dietlibc, a libc optimized for small size. Thorsten Glaser discovered that the default PATH in dietlibc if the environment variable is unset contained the current...
[SECURITY] [DLA 558-1] squid security update
Package : squid Version : 2.7.STABLE9-4.1+deb7u2 CVE ID : CVE-2016-4554 A security issue has been discovered in the Squid chaching proxy, on its 2.7.STABLE9 version branch. CVE-2016-4554 Jianjun Chen found that Squid was vulnerable to a header smuggling attack that could lead to cache poisoning a...
[SECURITY] [DSA 3628-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3628-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3628-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3628-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3627-1] phpmyadmin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3627-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst July 24, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3626-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3626-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 24, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3626-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3626-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 24, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 556-1] squid3 security update
Package : squid3 Version : 3.1.20-2.2+deb7u6 CVE ID : CVE-2016-4051 A buffer overflow in the Squid 3s cache manager, identified by the CVE-2016-4051, was addressed by the DLA-478-1 and the Debian package version 3.1.20-2.2+deb7u6. However, the fix was incomplete and thus a new upload has been...
[SECURITY] [DSA 3625-1] squid3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3625-1 [email protected] https://www.debian.org/security/ Sebastien Delafond July 22, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3625-1] squid3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3625-1 [email protected] https://www.debian.org/security/ Sebastien Delafond July 22, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3624-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3624-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 21, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3624-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3624-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 21, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 555-1] python-django security update
Package : python-django Version : 1.4.5-1+deb7u17 CVE ID : CVE-2016-6186 Debian Bug : 831799 It was discovered that Django, a high-level Python web development framework, is prone to a cross-site scripting vulnerability in the admins add/change related popup and debug view. For Debian 7 "Wheezy",...
[SECURITY] [DLA 554-1] libarchive security update
Package : libarchive Version : 3.0.4-3+wheezy2 CVE ID : CVE-2015-8917 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934 CVE-2016-4300 CVE-2016-4302 CVE-2016-4809...
[SECURITY] [DLA 553-1] apache2 security update
Package : apache2 Version : 2.2.22-13+deb7u7 CVE ID : CVE-2016-5387 Scott Geary of VendHQ discovered that the Apache HTTPD server used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain...
[SECURITY] [DSA 3623-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3623-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 20, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3623-1] apache2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3623-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 20, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3622-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3622-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 18, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3622-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3622-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 18, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3621-1] mysql-connector-java security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3621-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 18, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3621-1] mysql-connector-java security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3621-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 18, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 552-1] binutils security update
Package : binutils Version : 2.22-8+deb7u3 CVE ID : CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490 CVE-2016-4492 CVE-2016-4493 CVE-2016-6131 Some minor security issues have been identified and fixed in binutils in Debian LTS. These are: CVE-2016-2226 Exploitable buffer...
[SECURITY] [DLA 551-1] phpmyadmin security update
Package : phpmyadmin Version : 4:3.4.11.1-2+deb7u5 CVE ID : CVE-2016-5731 CVE-2016-5733 CVE-2016-5739 Phpmyadmin, a web administration tool for MySQL, had several Cross Site Scripting XSS vulnerabilities were reported. CVE-2016-5731 With a specially crafted request, it is possible to trigger an X...
[SECURITY] [DSA 3620-1] pidgin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3620-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 15, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3620-1] pidgin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3620-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 15, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 549-1] ruby-eventmachine security update
Package : ruby-eventmachine Version : 0.12.10-3+deb7u1 Debian Bug : 678512 696015 EventMachine, a Ruby network engine could be crashed by opening a high number of parallel connections = 1024 towards a server using the EventMachine engine. The crash happens due to the file descriptors overwriting...
[SECURITY] [DSA 3619-1] libgd2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3619-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 15, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3619-1] libgd2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3619-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 15, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 550-1] drupal7 security update
Package : drupal7 Version : 7.14-2+deb7u14 CVE ID : CVE-2016-6211 It was discovered that there was a vulnerability existed in the user module in drupal7, a content management framework. If some specific contributed or custom code triggers a rebuild of the user profile form, a registered user can ...
[SECURITY] [DLA 546-2] clamav version update
Package : clamav Version : 0.99.2+dfsg-0+deb7u2 DLA 546-1 was incorrectly released before updated clamav packages were available and there were subsequent issues with the acceptance of the package which have since been corrected. Updates are now available for all supported LTS architectures. We...
[SECURITY] [DSA 3618-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3618-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 14, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 548-1] drupal7 security update
Package : drupal7 Version : 7.14-2+deb7u13 CVE ID : CVE-2015-7943 It was discovered that there was an open redirect vulnerability in drupal7, a content management framework. The "Overlay" module in Drupal core displays administrative pages as a layer over the current page using JavaScript rather...
[SECURITY] [DLA 574-1] graphicsmagick security update
Package : graphicsmagick Version : 1.3.16-1.1+deb7u3 CVE IDs : 2016-5240 2016-5241 It was discovered that there were two denial of service vulnerabilities in graphicsmagick, a collection of image processing tools: CVE-2016-5240: Prevent denial-of-service by detecting and rejecting negative...
[SECURITY] [DLA 546-1] clamav version update
Package : clamav Version : 0.99.2+dfsg-0+deb7u1 We recommend that you upgrade your clamav packages. Upstream published version 0.99.2. This update updates wheezy-lts to the latest upstream release in line with the approach used for other Debian releases. The changes are not strictly required for...
[SECURITY] [DLA 545-1] icu security update
Package : icu Version : 4.8.1.1-12+deb7u4 CVE ID : CVE-2015-2632 CVE-2015-4844 CVE-2016-0494 Several security issues have been identified and corrected in ICU, the International Components for Unicode C and C++ library, in Debian Wheezy. CVE-2015-2632 Buffer overflow vulnerability. CVE-2015-4844...
[SECURITY] [DLA 544-1] tcpreplay security update
Package : tcpreplay Version : 3.4.3-2+wheezy2 CVE ID : CVE-2016-6160 Debian Bug : 829350 The tcprewrite program, part of the tcpreplay suite, does not check the size of the frames it processes. Huge frames may trigger a segmentation fault, and such frames occur when caputuring packets on interfac...
[SECURITY] [DSA 3617-1] horizon security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3617-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 06, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 543-1] sqlite3 security update
Package : sqlite3 Version : 3.7.13-1+deb7u3 CVE ID : CVE-2016-6153 It was discovered that sqlite3, a C library that implements a SQL database engine, would reject a temporary directory e.g., as specified by the TMPDIR environment variable to which the executing user did not have read permissions...
[SECURITY] [DLA 542-1] pidgin security update
Package : pidgin Version : 2.10.10-1deb7u2 CVE ID : CVE-2016-2365 CVE-2016-2366 CVE-2016-2367 CVE-2016-2368 CVE-2016-2369 CVE-2016-2370 CVE-2016-2371 CVE-2016-2372 CVE-2016-2373 CVE-2016-2374 CVE-2016-2375 CVE-2016-2376 CVE-2016-2377 CVE-2016-2378 CVE-2016-2380 CVE-2016-4323 Numerous security...
[SECURITY] [DSA 3616-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3616-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 04, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3616-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3616-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 04, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3614-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3614-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 02, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3614-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3614-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 02, 2016 https://www.debian.org/security/faq -...