14355 matches found
[SECURITY] [DSA 3110-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3110-1 [email protected] http://www.debian.org/security/ Sebastien Delafond December 23, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3112-1] sox security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3112-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 23, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3112-1] sox security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3112-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 23, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 123-1] firebird2.5 security update
Package : firebird2.5 Version : 2.5.0.26054ReleaseCandidate3.ds2-1+squeeze2 CVE ID : CVE-2014-9323 Debian Bug : 772880 Apply patch from upstream revision 60322 fixing an unauthenticated remote null-pointer dereference crash...
[SECURITY] [DSA 3111-1] cpio security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3111-1 [email protected] http://www.debian.org/security/ Michael Gilbert December 22, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3111-1] cpio security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3111-1 [email protected] http://www.debian.org/security/ Michael Gilbert December 22, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 122-1] eglibc security update
Package : eglibc Version : 2.11.3-4+deb6u3 CVE ID : CVE-2014-9402 Avoid infinite loop in nssdns getnetbyname BZ 17630...
[SECURITY] [DLA 121-1] jasper security update
Package : jasper Version : 1.900.1-7+squeeze3 CVE ID : CVE-2014-8137 CVE-2014-8138 Jose Duart of the Google Security Team discovered a double free flaw CVE-2014-8137 and a heap-based buffer overflow flaw CVE-2014-8138 in JasPer, a library for manipulating JPEG-2000 files. A specially crafted file...
[SECURITY] [DLA 120-1] xorg-server security update
Package : xorg-server Version : 2:1.7.7-18+deb6u1 CVE ID : CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 Ilja van Sprundel of IOActive discovered several security issues in th...
[SECURITY] [DLA 119-1] subversion security update
Package : subversion Version : 1.6.12dfsg-7+deb6u1 CVE ID : CVE-2014-3580 Debian Bug : 773263 Evgeny Kotkov discovered a NULL pointer dereference while processing REPORT requests in moddavsvn, the Subversion component which is used to serve repositories with the Apache web server. A remote attack...
[SECURITY] [DLA 118-1] linux-2.6 security update
Package : linux-2.6 Version : 2.6.32-48squeeze10 CVE ID : CVE-2014-3185 CVE-2014-3687 CVE-2014-3688 CVE-2014-6410 CVE-2014-7841 CVE-2014-8709 CVE-2014-8884 Non-maintainer upload by the Squeeze LTS and Kernel Teams. New upstream stable release 2.6.32.65, see http://lkml.org/lkml/2014/12/13/81 for...
[SECURITY] [DLA 117-1] qt4-x11 security update
Package : qt4-x11 Version : 4:4.6.3-4+squeeze2 CVE ID : CVE-2011-3193 CVE-2011-3194 CVE-2011-3193 Check for buffer overflow in LookupMarkMarkPos that may cause crash in this function with certain fonts. CVE-2011-3194 Fix tiff reader to handle TIFFTAGSAMPLESPERPIXEL for grayscale images. The reade...
[SECURITY] [DSA 3109-1] firebird2.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3109-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 21, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3109-1] firebird2.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3109-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 21, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 116-1] ntp security update
Package : ntp Version : 4.2.6.p2+dfsg-1+deb6u1 CVE ID : CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 Debian Bug : 773576 Several vulnerabilities were discovered in the ntp package, an implementation of the Network Time Protocol. CVE-2014-9293 ntpd generated a weak key for its internal...
[SECURITY] [DSA 3107-2] subversion regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3107-2 [email protected] http://www.debian.org/security/ Florian Weimer December 20, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3108-1] ntp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3108-1 [email protected] http://www.debian.org/security/ Florian Weimer December 20, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3107-1] subversion security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3107-1 [email protected] http://www.debian.org/security/ Florian Weimer December 20, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3106-1] jasper security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3106-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 20, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3106-1] jasper security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3106-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 20, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 114-1] heirloom-mailx security update
Package : heirloom-mailx Version : 12.4-2+deb6u1 CVE ID : CVE-2004-2771 CVE-2014-7844 Two security vulnerabilities were discovered in Heirloom mailx, an implementation of the "mail" command: CVE-2004-2771 mailx interprets interprets shell meta-characters in certain email addresses. CVE-2014-7844 ...
[SECURITY] [DLA 113-1] bsd-mailx security update
Package : bsd-mailx Version : 8.1.2-0.20100314cvs-1+deb6u1 CVE ID : CVE-2014-7844 It was discovered that bsd-mailx, an implementation of the "mail" command, had an undocumented feature which treats syntactically valid email addresses as shell commands to execute. Users who need this feature can...
[SECURITY] [DSA 3105-1] heirloom-mailx security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3105-1 [email protected] http://www.debian.org/security/ Florian Weimer December 16, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3104-1] bsd-mailx security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3104-1 [email protected] http://www.debian.org/security/ Florian Weimer December 16, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 112-1] bind9 security update
Package : bind9 Version : 9.7.3.dfsg-1squeeze13 CVE ID : CVE-2014-8500 Debian Bug : 772610 This update fixes a denial of service vulnerability in BIND, a DNS server. By making use of maliciously-constructed zones or a rogue server, an attacker could exploit an oversight in the code BIND 9 used to...
[SECURITY] [DLA 111-1] cpio security update
Package : cpio Version : 2.11-4+deb6u1 CVE ID : CVE-2014-9112 Debian Bug : 772793 Multiple issues have been identified in cpio, including a buffer overflow and multiple NULL pointer dereference, resulting at least in a denial of service and possibly also in an unwanted code execution. This has be...
[SECURITY] [DLA 110-1] libyaml security update
Package : libyaml Version : 0.1.3-1+deb6u5 CVE ID : CVE-2014-9130 Debian Bug : 771366 Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in LibYAML, a fast YAML 1.1 parser and emitter library. An attacker able to load specially crafted YAML input...
[SECURITY] [DLA 109-1] libyaml-libyaml-perl security update
Package : libyaml-libyaml-perl Version : 0.33-1+squeeze4 CVE ID : CVE-2014-9130 Debian Bug : 771365 Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in LibYAML, a fast YAML 1.1 parser and emitter library. An attacker able to load specially craft...
[SECURITY] [DSA 3103-1] libyaml-libyaml-perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3103-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 13, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3103-1] libyaml-libyaml-perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3103-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 13, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3102-1] libyaml security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3102-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 13, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3102-1] libyaml security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3102-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 13, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3101-1] c-icap security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3101-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 13, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3101-1] c-icap security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3101-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 13, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 108-1] nfs-utils security update
Package : nfs-utils Version : 1:1.2.2-4squeeze3 CVE ID : CVE-2012-3541 In the past, rpc.statd posted SMNOTIFY requests using the same socket it used for sending downcalls to the kernel. To receive replies from remote hosts, the socket was bound to INADDRANY. To prevent unwanted data injection, bi...
[SECURITY] [DSA 3100-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3100-1 [email protected] http://www.debian.org/security/ Sebastien Delafond December 12, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3100-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3100-1 [email protected] http://www.debian.org/security/ Sebastien Delafond December 12, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 107-1] unbound security update
Package : unbound Version : 1.4.6-1+squeeze4 CVE ID : CVE-2014-8602 Debian Bug : 772622 Florian Maury from ANSSI discovered that unbound, a validating, recursive, and caching DNS resolver, was prone to a denial of service vulnerability. An attacker crafting a malicious zone and able to emit or ma...
[SECURITY] [DLA 106-1] getmail4 security update
Package : getmail4 Version : 4.46.0-1deb6u1 CVE ID : CVE-2014-7273 CVE-2014-7274 CVE-2014-7275 Debian Bug : 766670 Several vulnerabilities have been discovered in getmail4, a mail retriever with support for POP3, IMAP4 and SDPS, that could allow man-in-the-middle attacks. CVE-2014-7273 The...
[SECURITY] [DLA 105-1] graphviz security update
Package : graphviz Version : 2.26.3-5+squeeze3 CVE ID : CVE-2014-9157 Debian Bug : 772648 Joshua Rogers discovered a format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz, a rich set of graph drawing tools. An attacker could use this flaw to cause graphviz to crash ...
[SECURITY] [DLA 104-1] pdns-recursor security update
Package : pdns-recursor Version : 3.2-4+deb6u1 CVE ID : CVE-2014-8601 Florian Maury from ANSSI discovered a flaw in pdns-recursor, a recursive DNS server : a remote attacker controlling maliciously-constructed zones or a rogue server could affect the performance of pdns-recursor, thus leading to...
[SECURITY] [DSA 3099-1] dbus security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3099-1 [email protected] http://www.debian.org/security/ Florian Weimer December 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3098-1] graphviz security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3098-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3098-1] graphviz security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3098-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3096-1] pdns-recursor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3096-1 [email protected] http://www.debian.org/security/ Sebastien Delafond December 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3096-1] pdns-recursor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3096-1 [email protected] http://www.debian.org/security/ Sebastien Delafond December 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3097-1] unbound security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3097-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez December 10, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3095-1] xorg-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3095-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 10, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 103-1] linux-2.6 security update
Package : linux-2.6 Version : CVE-2014-90902.6.32-48squeeze9 CVE ID : CVE-2012-6657 CVE-2013-0228 CVE-2013-7266 CVE-2014-4157 CVE-2014-4508 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4943 CVE-2014-5077 CVE-2014-5471 CVE-2014-5472 This security upload has been prepared in cooperation of th...
[SECURITY] [DSA 3094-1] bind9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3094-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano December 08, 2014 http://www.debian.org/security/faq -...