14352 matches found
[SECURITY] [DSA 3448-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3448-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 19, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3448-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3448-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 19, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 385-2] isc-dhcp regression update
Package : isc-dhcp Version : 4.1.1-P1-15+squeeze10 CVE ID : CVE-2015-8605 Debian Bug : 810875 With the previous upload of the isc-dhcp package to Debian Squeeze LTS two issues got introduced into LTS that are resolved by this upload. 1 CVE-2015-8605 had only been resolved for the LDAP variant of...
[SECURITY] [DLA 394-1] passenger security update
Package : passenger Version : 2.2.11debian-2+deb6u1 CVE ID : CVE-2015-7519 agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof heade...
[SECURITY] [DLA 393-1] srtp security update
Package : srtp Version : 1.4.4dfsg-6+deb6u2 CVE ID : CVE-2015-6360 Prevent potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length. Credit goes to Randell Jesup and the Firefox team for reporting this issue. As there is no aead mode available in th...
[SECURITY] [DLA 392-1] roundcube security update
Package : roundcube Version : 0.3.1-6+deb6u1 CVE ID : CVE-2015-8770 High-Tech Bridge Security Research Lab discovered a path traversal vulnerability in a popular webmail client Roundcube. Vulnerability can be exploited to gain access to sensitive information and under certain circumstances to...
[SECURITY] [DSA 3447-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3447-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 17, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3447-1] tomcat7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3447-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 17, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 391-1] prosody security update
Package : prosody Version : 0.7.0-1squeeze1+deb6u1 CVE ID : CVE-2016-1232 It was discovered that in prosody, a Lightweight Jabber/XMPP server, used a weak PRNG in the moddialback module. For Debian 6 Squeeze, this issue has been fixed in prosody version 0.7.0-1squeeze1+deb6u1. Regards, - -- ,. : ...
[SECURITY] [DLA 390-1] dbconfig-common security update
Package : dbconfig-common Version : 1.8.46+squeeze.1 CVE ID : NA Debian Bug : 805638 It was discovered that dbconfig-common could, depending on the local umask, make PostgreSQL database backups that were readable by other users than the database owner. The issue is fixed in version...
[SECURITY] [DLA 389-1] giflib security update
Package : giflib Version : 4.1.6-9+deb6u1 CVE ID : CVE-2015-7555 Debian Bug : 808704 It was discovered that a maliciously crafted GIF can crash the giffix utility which is part of giflib-tools. We recommend that you upgrade your giflib-tools package to version 4.1.6-9+deb6u1 Debian squeeze LTS...
[SECURITY] [DLA 388-1] dwarfutils security update
Package : dwarfutils Version : 20100214-1+deb6u1 CVE ID : CVE-2015-8750 It was discovered that there was a NULL deference in dwarfutils, a tool to dump DWARF debug information from ELF objects. For Debian 6 Squeeze, this issue has been fixed in dwarfutils version 20100214-1+deb6u1. Regards, - -- ...
[SECURITY] [DLA 385-1] isc-dhcp security update
Package : isc-dhcp Version : 4.1.1-P1-15+squeeze9 CVE ID : CVE-2015-8605 Debian Bug : 810875 It was discovered that a maliciously crafted packet can crash any of the isc-dhcp applications. This includes the DHCP client, relay, and server application. Only IPv4 setups are affected. We recommend th...
[SECURITY] [DSA 3431-2] ganeti regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3431-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 14, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3431-2] ganeti regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3431-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 14, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 387-1] openssh security update
Package : openssh Version : 5.5p1-6+squeeze8 CVE ID : CVE-2016-0777 CVE-2016-0778 Debian Bug : 810984 The Qualys Security team discovered two vulnerabilities in the roaming code of the OpenSSH client an implementation of the SSH protocol suite. SSH roaming enables a client, in case an SSH...
[SECURITY] [DSA 3446-1] openssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3446-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez January 14, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 386-1] cacti security update
Package : cacti Version : 0.8.7g-1+squeeze9+deb6u14 CVE ID : CVE-2015-8604 It was discovered that there was another SQL injection vulnerability in cacti, a web interface for graphing monitoring systems. For Debian 6 Squeeze, this issue has been fixed in cacti version 0.8.7g-1+squeeze9+deb6u14...
[SECURITY] [DSA 3445-1] pygments security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3445-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3445-1] pygments security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3445-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3444-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3444-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3444-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3444-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 384-1] inspircd security and regression update
Package : inspircd Version : 1.1.22+dfsg-4+squeeze3 CVE ID : CVE-2015-8702 Debian Bug : 668253 It was discovered that InspIRCd did not validate the names in DNS responses before using them in inter-server communication. A remote attacker controlling the reverse DNS server...
[SECURITY] [DSA 3443-1] libpng security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3443-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3443-1] libpng security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3443-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3442-1] isc-dhcp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3442-1 [email protected] https://www.debian.org/security/ Michael Gilbert January 13, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3442-1] isc-dhcp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3442-1 [email protected] https://www.debian.org/security/ Michael Gilbert January 13, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 383-1] claws-mail security update
Package : claws-mail Version : 3.7.6-4+squeeze2 CVE ID : CVE-2015-8614 CVE-2015-8708 "DrWhax" of the Tails project reported that Claws Mail is missing range checks in some text conversion functions. A remote attacker could exploit this to run arbitrary code under the account...
[SECURITY] [DSA 3441-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3441-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3441-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3441-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3440-1] sudo security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3440-1 [email protected] https://www.debian.org/security/ Ben Hutchings January 11, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 381-1] icu security update
Package : icu Version : 4.4.1-8+squeeze5 CVE ID : CVE-2015-2632 A vulnerability was found in ICU, a set of libraries that provides Unicode and internationalization support. Integer overflows in the ICU layout engine made it possible to disclose information. For Debian 6 "Squeeze", this problem ha...
[SECURITY] [DLA 382-1] sudo security update
Package : sudo Version : 1.7.4p4-2.squeeze.6 CVE ID : CVE-2015-5602 Debian Bug : 804149 When sudo is configured to allow a user to edit files under a directory that they can already write to without using sudo, they can actually edit read and write arbitrary files. Daniel...
[SECURITY] [DSA 3438-1] xscreensaver security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3438-1 [email protected] https://www.debian.org/security/ Michael Gilbert January 09, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3438-1] xscreensaver security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3438-1 [email protected] https://www.debian.org/security/ Michael Gilbert January 09, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3439-1] prosody security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3439-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 10, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3439-1] prosody security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3439-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 10, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3437-1] gnutls26 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3437-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 09, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3437-1] gnutls26 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3437-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 09, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3436-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3436-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 08, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3436-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3436-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 08, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3435-1] git security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3435-1 [email protected] https://www.debian.org/security/ Laszlo Boszormenyi GCS January 05, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3435-1] git security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3435-1 [email protected] https://www.debian.org/security/ Laszlo Boszormenyi GCS January 05, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3434-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3434-1 [email protected] https://www.debian.org/security/ Ben Hutchings January 05, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3434-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3434-1 [email protected] https://www.debian.org/security/ Ben Hutchings January 05, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 378-1] linux-2.6 security update
Package : linux-2.6 Version : 2.6.32-48squeeze18 CVE ID : CVE-2015-7550 CVE-2015-8543 CVE-2015-8575 Debian Bug : 808293 This update fixes the CVEs described below. CVE-2015-7550 Dmitry Vyukov discovered a race condition in the keyring subsystem that allows a local...
[SECURITY] [DLA 380-1] libvncserver security update
Package : libvncserver Version : 0.9.7-2+deb6u2 An issue had been discovered and resolved by the libvncserver upstream developer Karl Runge addressing thread-safety in libvncserver when libvncserver is used for handling multiple VNC connections 1. Unfortunately, it is not trivially feasible becau...
[SECURITY] [DLA 374-3] cacti regression update
Package : cacti Version : 0.8.7g-1+squeeze9+deb6u13 CVE ID : CVE-2015-8369 Debian Bug : 807599 It was discovered that there was a regression in the patch intended to fix CVE-2015-8369 in the recent upload of cacti 0.8.7g-1+squeeze9+deb6u12. For Debian 6 Squeeze, this issue has been fixed in cacti...
[SECURITY] [DLA 379-1] samba security update
Package : samba Version : 2:3.5.6dfsg-3squeeze13 CVE ID : CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 Several vulnerabilities were found in Samba, a SMB/CIFS implementation that provides a file, print, and login server. CVE-2015-5252 Jan "Yenya" Kasprzak and the Computer Systems Unit team at Facult...
[SECURITY] [DSA 3433-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3433-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 02, 2016 https://www.debian.org/security/faq -...