[SECURITY] [DSA 3426-2] ctdb regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3426-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 03, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3426-2] ctdb regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3426-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 03, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3502-1] roundup security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3502-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez March 03, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3501-1] perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3501-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 01, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3501-1] perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3501-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 01, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3500-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3500-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini March 01, 2016 https://www.debian.org/security/faq -...

[SECURITY] Debian 6 Squeeze has reached end-of-life

The Debian Long Term Support LTS Team hereby announces that Debian 6 "Squeeze" support has reached its end-of-life on February 29, 2016, five years after its initial release on February 6, 2011. There will be no further security support for Debian 6.0. The LTS Team will prepare the transition to...

[SECURITY] Debian 6 Squeeze has reached end-of-life

The Debian Long Term Support LTS Team hereby announces that Debian 6 "Squeeze" support has reached its end-of-life on February 29, 2016, five years after its initial release on February 6, 2011. There will be no further security support for Debian 6.0. The LTS Team will prepare the transition to...

[SECURITY] [DLA 445-1] squid3 security update

Package : squid3 Version : 3.1.6-1.2+squeeze6 CVE ID : CVE-2016-2569 CVE-2016-2571 Debian Bug : 816011 Several security issues have been discovered in the Squid caching proxy. CVE-2016-2569 Squid wrongly checked boundaries of String data, making it possible for remote attackers to cause a...

[SECURITY] [DLA 439-1] linux-2.6 security update

Package : linux-2.6 Version : 2.6.32-48squeeze20 CVE ID : CVE-2015-8812 CVE-2016-0774 CVE-2016-2384 This update fixes the CVEs described below. CVE-2015-8812 A flaw was found in the iwcxgb3 Infiniband driver. Whenever it could not send a packet because the network was...

[SECURITY] [DLA 444-1] php5 security update

Package : php5 Version : 5.3.3.1-7+squeeze29 CVE ID : CVE-2015-2305 CVE-2015-2348 CVE-2015-2305 Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library aka rxspencer alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow...

[SECURITY] [DLA 443-1] bsh security update

Package : bsh Version : 2.0b4-12+deb6u1 CVE ID : CVE-2016-2510 A remote code execution vulnerability was found in BeanShell, an embeddable Java source interpreter with object scripting language features. CVE-2016-2510: An application that includes BeanShell on the classpath may be vulnerable if...

[SECURITY] [DLA 442-1] lxc security update

Package : lxc Version : 0.7.2-1+deb6u1 CVE ID : CVE-2013-6441 CVE-2015-1335 Debian Bug : 800471 Brief introduction CVE-2013-6441 The template script lxc-sshd used to mount itself as /sbin/init in the container using a writable bind-mount. This update resolved the above issue by using a read-only...

[SECURITY] [DLA 441-1] pcre3 security update

Package : pcre3 Version : 8.02-1.1+deb6u1 Debian Bug : 815921 HPs Zero Day Initiative has identified a vulnerability affecting the pcre3 package. It was assigned ZDI id ZDI-CAN-3542. A CVE identifier has not been assigned yet. PCRE Regular Expression Compilation Stack Buffer Overflow Remote Code...

[SECURITY] [DSA 3495-1] xymon security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3495-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 29, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3495-1] xymon security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3495-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 29, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3499-1] pillow security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3499-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 28, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3498-1] drupal7 security advisory

------------------------------------------------------------------------- Debian Security Advisory DSA-3498-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 28, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA 440-1] dansguardian package update

Package : dansguardian Version : 2.10.1.1-3+deb6u1 Debian Bug : 813894 As described in DLA-437-1, clamav has been updated to the most recent upstream version, 0.99. Due to a soname change in libclamav, packages depending on libclamav needed to be recompiled to work with the new libclamav7. At the...

[SECURITY] [DSA 3497-1] php-horde security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3497-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3497-1] php-horde security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3497-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3496-1] php-horde-core security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3496-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3496-1] php-horde-core security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3496-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA 438-1] libebml security update

Package : libebml Version : 0.7.7-3.1 CVE ID : CVE-2015-8790 CVE-2015-8791 Two security-related issues were fixed in libebml, a library for accessing the EBML format: CVE-2015-8790 The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain...

[SECURITY] [DLA 436-1] ia32-libs security update

Package : ia32-libs, ia32-libs-gtk Version : 20160228 The ia32-libs and ia32-libs-gtk packages contain 32 bit versions of various libraries for use on 64 bit systems. This update rolls in all security fixes made to these libraries since the start of Squeeze LTS...

[SECURITY] [DLA 437-1] clamav version update

Package : clamav Version : 0.99+dfsg-0+deb6u1 Debian Bug : 813894 Upstream published version 0.99. This update updates sqeeze-lts to the latest upstream release in line with the approach used for other Debian releases. The changes are not strictly required for operation, but users of the previous...

[SECURITY] [DSA 3492-2] gajim regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3492-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3492-2] gajim regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3492-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3494-1] cacti security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3494-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 27, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3494-1] cacti security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3494-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 27, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA 435-1] tomcat6 security update

Package : tomcat6 Version : 6.0.45-1deb6u1 CVE ID : CVE-2015-5174 CVE-2015-5345 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 Tomcat 6, an implementation of the Java Servlet and the JavaServer Pages JSP specifications and a pure Java web server environment, was affected by multiple...

[SECURITY] [DLA 434-1] gtk+2.0 security update

Package : gtk+2.0 Version : 2.20.1-2+deb6u2 CVE ID : CVE-2015-4491 CVE-2015-7673 CVE-2015-7674 Gustavo Grieco discovered different security issues in Gtk+2.0s gdk-pixbuf. CVE-2015-4491 Heap overflow when processing BMP images which may allow to execute of arbitrary code via malformed images...

[SECURITY] [DLA 433-1] xerces-c security update

Package : xerces-c Version : 3.1.1-1+deb6u2 CVE ID : CVE-2016-0729 Gustavo Grieco discovered that xerces-c, a validating XML parser library for C++, mishandles certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. These flaws could lead t...

[SECURITY] [DSA 3492-1] gajim security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3492-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez February 25, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3493-1] xerces-c security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3493-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 25, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3493-1] xerces-c security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3493-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 25, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA-432-1] postgresql-8.4 update

Package : postgresql-8.4 Version : 8.4.22lts6-0+deb6u1 Several bugs were discovered in PostgreSQL, a relational database server system. The 8.4 branch is EOLed upstream, but still present in Debian squeeze. This new LTS minor version contains fixes that were applied upstream to the 9.1.20 version...

[SECURITY] [DLA 431-1] libfcgi-perl security update

Package : libfcgi-perl Version : 0.71-1+squeeze1+deb6u1 CVE ID : CVE-2012-6687 Debian Bug : 815840 It was discovered that there was a remote denial of service in libfcgi-perl, a helper library for implementing the FastCGI web server protocol for Perl. For Debian 6 Squeeze, this issue has been fix...

[SECURITY] [DLA 430-1] libfcgi security update

Package : libfcgi Version : 2.4.0-8+deb6u1 CVE ID : CVE-2012-6687 Debian Bug : 681591 It was discovered that there was a remote denial of service in libfcgi, a library for implementing the FastCGI web server protocol. For Debian 6 Squeeze, this issue has been fixed in libfcgi version...

[SECURITY] [DSA 3491-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3491-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 24, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA 429-1] pixman security update

Package : pixman Version : 0.16.4-1+deb6u2 CVE ID : CVE-2014-9766 It was discovered that there was a buffer overflow in pixman, a pixel-manipulation library for X and cairo. For Debian 6 Squeeze, this issue has been fixed in pixman version 0.16.4-1+deb6u2. Regards, - -- ,. : : : Chris Lamb...

[SECURITY] [DSA 3490-1] websvn security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3490-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 23, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3490-1] websvn security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3490-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 23, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DLA 428-1] websvn security update

Package : websvn Version : 2.3.1-1+deb6u2 CVE ID : CVE-2016-2511 It was discovered that there was a cross-site scripting vulnerability in websvn, a web-based Subversion repository browser For Debian 6 Squeeze, this issue has been fixed in websvn version 2.3.1-1+deb6u2. Regards, - -- ,. : : : Chri...

[SECURITY] [DLA 427-1] nss security update

Package : nss Version : 3.12.8-1+squeeze14 CVE ID : CVE-2016-1938 The smpdiv function in Mozilla Network Security Services NSS before 3.21, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the 1 mpdiv or...

[SECURITY] [DSA 3489-1] lighttpd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3489-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 23, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3489-1] lighttpd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3489-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 23, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3488-1] libssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3488-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 23, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3488-1] libssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3488-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 23, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3487-1] libssh2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3487-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 23, 2016 https://www.debian.org/security/faq -...