14355 matches found
[SECURITY] [DLA 179-1] tzdata new upstream version
Package : tzdata Version : 2015b-0squeeze1 Upstream published version 2015b. Changes since 2014h-0squeeze1 currently in squeeze-lts are the following: - New leap second 2015-06-30 23:59:60 UTC. - New DST for Mongolia. - New DST for Palestine. - New DST for Cancun Mexico. - New DST for Chile. - Ne...
[SECURITY] [DLA 178-1] tor security update
Package : tor Version : 0.2.4.26-1deb6u1 Several issues have been discovered and fixed in Tor, a connection-based low-latency anonymous communication system. o Jowr discovered that very high DNS query load on a relay could trigger an assertion error. o A relay could crash with an assertion error ...
[SECURITY] [DSA 3203-1] tor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3203-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 22, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3203-1] tor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3203-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 22, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3202-1] mono security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3202-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 22, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3202-1] mono security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3202-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 22, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3201-1] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3201-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 22, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3201-1] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3201-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 22, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3200-1] drupal7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3200-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 20, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 177-1] openssl security update
Package : openssl Version : 0.9.8o-4squeeze20 CVE ID : CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project...
[SECURITY] [DSA 3199-1] xerces-c security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3199-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 20, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3199-1] xerces-c security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3199-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 20, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3198-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3198-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 20, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3197-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3197-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 19, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3197-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3197-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 19, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 176-1] mono security update
Package : mono Version : 2.6.7-5.1+deb6u1 CVE ID : CVE-2015-2318 CVE-2015-2319 CVE-2015-2320 Debian Bug : 780751 Three issues with Monos TLS stack are addressed. CVE-2015-2318 Monos implementation of the SSL/TLS stack failed to check the order of the handshake messages. Which would allow various...
[SECURITY] [DSA 3196-1] file security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3196-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 18, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3195-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3195-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 18, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3194-1] libxfont security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3194-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 17, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 175-1] gnupg security update
Package : gnupg Version : 1.4.10-4+squeeze7 CVE ID : CVE-2014-3591 CVE-2015-0837 CVE-2015-1606 Debian Bug : 778652 Multiple vulnerabilities were discovered in GnuPG, the GNU Privacy Guard: CVE-2014-3591 The Elgamal decryption routine was susceptible to a side-channel attack discovered by...
[SECURITY] [DSA 3193-1] tcpdump security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3193-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 17, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3193-1] tcpdump security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3193-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 17, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 174-1] tcpdump security update
Package : tcpdump Version : tcpdump4.1.1-1+deb6u2 CVE ID : CVE-2015-0261 CVE-2015-2154 CVE-2015-2155 Several issues have been discovered with tcpdump in the way it handled some printer protocols. Those issues can lead to denial of service, or, potentially, execution of arbitrary code. CVE-2015-02...
[SECURITY] [DSA 3192-1] checkpw security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3192-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 17, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3192-1] checkpw security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3192-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 17, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3191-1] gnutls26 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3191-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 15, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3191-1] gnutls26 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3191-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 15, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3190-1] putty security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3190-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3189-1] libav security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3189-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3188-1] freetype security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3188-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 173-1] putty security update
Package : putty Version : 0.60+2010-02-20-1+squeeze3 CVE ID : CVE-2015-2157 Debian Bug : 779488 MATTA-2015-002 Florent Daigniere discovered that PuTTY did not enforce an acceptable range for the Diffie-Hellman server value, as required by RFC 4253, potentially allowing an eavesdroppable connectio...
[SECURITY] [DSA 3187-1] icu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3187-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 15, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3187-1] icu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3187-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 15, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 172-1] libextlib-ruby security update
Package : libextlib-ruby Version : 0.9.13-2+deb6u1 CVE ID : CVE-2013-0156 Debian Bug : 697895 Import patches 633974b2759d9b92 and 4540e7102b803624 from uptream to remove symbol and YAML coercion from the XML parser...
[SECURITY] [DLA 171-1] libssh2 security update
Package : libssh2 Version : 1.2.6-1+deb6u1 CVE ID : CVE-2015-1782 Debian Bug : 780249 Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A...
[SECURITY] [DLA 170-1] mod-gnutls security update
Package : mod-gnutls Version : 0.5.6-1+squeeze2 CVE ID : CVE-2015-2091 Debian Bug : 578663 Thomas Klute discovered that in mod-gnutls, an Apache module providing SSL and TLS encryption with GnuTLS, a bug caused the servers client verify mode not to be considered at all, in case the directorys...
[SECURITY] [DSA 3186-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3186-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 13, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3186-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3186-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 13, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3185-1] libgcrypt11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3185-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini March 12, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3184-1] gnupg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3184-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini March 12, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3183-1] movabletype-opensource security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3183-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 12, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3183-1] movabletype-opensource security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3183-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 12, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3182-1] libssh2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3182-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 11, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3182-1] libssh2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3182-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 11, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3177-1] mod-gnutls security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3177-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 10, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3177-1] mod-gnutls security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3177-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 10, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3181-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3181-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 10, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 169-1] axis security update
Package : axis Version : 1.4-12+deb6u1 CVE ID : CVE-2012-5784 CVE-2014-3596 Debian Bug : 762444 A vulnerability was fixed in axis, a SOAP implementation in Java: The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subjec...
[SECURITY] [DLA 168-1] konversation security update
Package : konversation Version : 1.3.1-2+deb6u1 CVE ID : CVE-2014-8483 Debian Bug : 768191 It was discovered that Konversation, an IRC client for KDE, could by crashed when receiving malformed messages using FiSH encryption...
[SECURITY] [DLA 167-1] redcloth security update
Package : redcloth Version : 4.2.2-1.1+deb6u1 CVE ID : CVE-2012-6684 Debian Bug : 774748 Kousuke Ebihara discovered that redcloth, a Ruby module used to convert Textile markup to HTML, did not properly sanitize its input. This allowed a remote attacker to perform a cross-site scripting attack by...