14355 matches found
[SECURITY] [DLA 151-1] libxml2 security update
Package : libxml2 Version : 2.7.8.dfsg-2+squeeze11 CVE ID : CVE-2014-0191 CVE-2014-3660 Debian Bug : 768089 It was discovered that the update released for libxml2 in DSA 2978 fixing CVE-2014-0191 was incomplete. This caused libxml2 to still fetch external entities regardless of whether entity...
[SECURITY] [DLA 149-1] ntp security update
Package : ntp Version : 1:4.2.6.p2+dfsg-1+deb6u2 CVE ID : CVE-2014-9297 CVE-2014-9298 Several vulnerabilities were discovered in the ntp package, an implementation of the Network Time Protocol. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-9297 Steph...
[SECURITY] [DSA 3156-1] liblivemedia security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3156-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini February 07, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3154-2] ntp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3154-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 07, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3154-2] ntp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3154-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 07, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 150-1] unzip security update
Package : unzip Version : 6.0-4+deb6u2 CVE ID : CVE-2014-8139 CVE-2014-9636 Debian Bug : 775640 776589 A flaw was found in the testcompreb function allowing out-of-bounds read and write access to memory locations. By carefully crafting a corrupt ZIP archive an attacker can trigger a heap overflow...
[SECURITY] [DLA 148-1] sympa security update
Package : sympa Version : 6.0.1+dfsg-4+squeeze3 CVE ID : CVE-2015-1306 A vulnerability has been discovered in the web interface of sympa, a mailing list manager. An attacker could take advantage of this flaw in the newsletter posting area, which allows sending to a list, or to oneself, any file...
[SECURITY] [DLA 146-1] krb5 security update
Package : krb5 Version : 1.8.3+dfsg-4squeeze9 CVE ID : CVE-2014-5352 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 Multiples vulnerabilities have been found in krb5, the MIT implementation of Kerberos: CVE-2014-5352 Incorrect memory management in the libgssapikrb5 library might result in denial of...
[SECURITY] [DLA 147-1] wpasupplicant security update
Package : wpasupplicant Version : 0.6.10-2.1+deb6u1 CVE ID : CVE-2014-3686 It was discovered that wpasupplicant could be tricked into executing arbitrary commands when calling action scripts...
[SECURITY] [DSA 2978-2] libxml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2978-2 [email protected] http://www.debian.org/security/ Alessandro Ghedini February 06, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3155-1] postgresql-9.1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3155-1 [email protected] http://www.debian.org/security/ Luciano Bello February 06, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3154-1] ntp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3154-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 05, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3154-1] ntp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3154-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 05, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3153-1] krb5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3153-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 03, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3152-1] unzip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3152-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 03, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3152-1] unzip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3152-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 03, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3151-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3151-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 03, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3151-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3151-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 03, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3149-1] condor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3149-1 [email protected] http://www.debian.org/security/ Sebastien Delafond February 02, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3149-1] condor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3149-1 [email protected] http://www.debian.org/security/ Sebastien Delafond February 02, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3150-1] vlc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3150-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini February 02, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3148-1] chromium-browser end of life
------------------------------------------------------------------------- Debian Security Advisory DSA-3148-1 [email protected] http://www.debian.org/security/ Michael Gilbert January 31, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3148-1] chromium-browser end of life
------------------------------------------------------------------------- Debian Security Advisory DSA-3148-1 [email protected] http://www.debian.org/security/ Michael Gilbert January 31, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 145-1] php5 security update
Package : php5 Version : 5.3.3-7+squeeze24 CVE ID : CVE-2014-0237 CVE-2014-0238 CVE-2014-2270 CVE-2014-8117 Brief introduction CVE-2014-0237 The cdfunpacksummaryinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial ...
[SECURITY] [DSA 3147-1] openjdk-6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3147-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 30, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3146-1] requests security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3146-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 30, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3146-1] requests security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3146-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 30, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3145-1] privoxy security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3145-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 30, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3145-1] privoxy security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3145-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 30, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3144-1] openjdk-7 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3144-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 29, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 144-1] polarssl security update
Package : polarssl Version : 1.2.9-1deb6u4 CVE ID : CVE-2015-1182 A vulnerability was discovered in PolarSSL, a lightweight crypto and SSL/TLS library. A remote attacker could exploit this flaw using specially crafted certificates to mount a denial of service against an application linked against...
[SECURITY] [DLA 143-1] python-django security update
Package : python-django Version : 1.2.3-3+squeeze12 CVE ID : CVE-2015-0219 CVE-2015-0220 CVE-2015-0221 Multiple security issues have been found in Django: https://www.djangoproject.com/weblog/2015/jan/13/security/ For Debian 6 Squeeeze, they have been fixed in version 1.2.3-3+squeeze12 of...
[SECURITY] [DLA 142-1] privoxy security update
Package : privoxy Version : 3.0.16-1+deb6u1 CVE ID : CVE-2015-1031 CVE-2015-1381 CVE-2015-1382 Several vulnerabilities have been fixed in privoxy, a privacy enhancing HTTP proxy: CVE-2015-1031, CID66394: unmap: Prevent use-after-free if the map only consists of one item. CVE-2015-1031, CID66376 a...
[SECURITY] [DLA 141-1] libksba security update
Package : libksba Version : 1.0.7-2+deb6u1 CVE ID : CVE-2014-9087 A vulnerability has been fixed in the libksba X.509 and CMS support library: CVE-2014-9087 Fix buffer overflow in ksbaoidtostr reported by Hanno Böck. We recommend that you upgrade your libksba packages...
[SECURITY] [DLA 138-1] jasper security update
Package : jasper Version : 1.900.1-7+squeeze4 CVE ID : CVE-2014-8157 CVE-2014-8158 Debian Bug : 775970 An off-by-one flaw, leading to a heap-based buffer overflow CVE-2014-8157, and an unrestricted stack memory use flaw CVE-2014-8158 were found in JasPer, a library for manipulating JPEG-2000 file...
[SECURITY] [DSA 3143-1] virtualbox security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3143-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 28, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 140-1] rpm security update
Package : rpm Version : 4.8.1-6+squeeze2 CVE ID : CVE-2012-0060 CVE-2012-0061 CVE-2012-0815 CVE-2013-6435 CVE-2014-8118 Several vulnerabilities have been fixed in rpm: CVE-2014-8118 Fix integer overflow which allowed remote attackers to execute arbitrary code. CVE-2013-6435 Prevent remote attacke...
[SECURITY] [DLA 139-1] eglibc security update
Package : eglibc Version : 2.11.3-4+deb6u4 CVE ID : CVE-2015-0235 A vulnerability has been fixed in eglibc, Debians version of the GNU C library: CVE-2015-0235 Qualys discovered that the gethostbyname and gethostbyname2 functions were subject to a buffer overflow if provided with a crafted IP...
[SECURITY] [DSA 3142-1] eglibc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3142-1 [email protected] http://www.debian.org/security/ Florian Weimer January 27, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3141-1] wireshark security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3141-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 27, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3140-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3140-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 27, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 137-1] libevent security update
Package : libevent Version : 1.4.13-stable-1+deb6u1 CVE ID : CVE-2014-6272 Debian Bug : 774645 The libevent library was vulnerable to a potential heap overflow in the buffer/bufferevent APIs. This update was prepared by Nguyen Cong who used the upstream-provided patch. Thanks to them! Raphaël...
[SECURITY] [DSA 3139-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3139-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 25, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3139-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3139-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 25, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3138-1] jasper security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3138-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 25, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3138-1] jasper security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3138-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 25, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 136-1] websvn security update
Package : websvn Version : 2.3.3-1+deb6u1 CVE ID : CVE-2013-6892 Debian Bug : 775682 James Clawson discovered that websvn, a web viewer for Subversion repositories, would follow symlinks in a repository when presenting a file for download. An attacker with repository write access could thereby...
[SECURITY] [DSA 3137-1] websvn security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3137-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 24, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3137-1] websvn security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3137-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 24, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3136-1] polarssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3136-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 24, 2015 http://www.debian.org/security/faq -...