14355 matches found
[SECURITY] [DSA 3073-1] libgcrypt11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3073-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 16, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3050-3] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3050-3 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 12, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3050-3] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3050-3 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 12, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 86-1] file security update
Package : file Version : 5.04-5+squeeze8 CVE ID : CVE-2014-3710 Debian Bug : 768806 Francisco Alonso of Red Hat Product Security found an issue in the file utility: when checking ELF files, note headers are incorrectly checked, thus potentially allowing attackers to cause a denial of service...
[SECURITY] [DSA 3072-1] file security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3072-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst November 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3071-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3071-1 [email protected] http://www.debian.org/security/ Sebastien Delafond November 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3071-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3071-1 [email protected] http://www.debian.org/security/ Sebastien Delafond November 11, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 85-1] libxml-security-java security update
Package : libxml-security-java Version : 1.4.3-2+deb6u1 CVE ID : CVE-2013-2172 James Forshaw discovered that, in Apache Santuario XML Security for Java, CanonicalizationMethod parameters were incorrectly validated: by specifying an arbitrary weak canonicalization algorithm, an attacker could spoo...
[SECURITY] [DLA 84-1] curl security update
Package : curl Version : 7.21.0-2.1+squeeze10 CVE ID : CVE-2014-3707 Symeon Paraschoudis discovered that the curleasyduphandle function in cURL, an URL transfer library, has a bug that can lead to libcurl eventually sending off sensitive data that was not intended for sending, while performing a...
[SECURITY] [DSA 3070-1] kfreebsd-9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3070-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 07, 2014 http://www.debian.org/security/faq -...
[BSA-099] Security update for libreofice
Rene Engelhard uploaded new packages for libreoffice which fixed the following security problems: CVE-2014-3693: Use-After-Free in socket manager of Impress Remote It was discovered that LibreOffice 4.0.0 and later does not manage the port 1599 for the LibreOffice Impress correctly. An external...
[BSA-099] Security update for libreofice
Rene Engelhard uploaded new packages for libreoffice which fixed the following security problems: CVE-2014-3693: Use-After-Free in socket manager of Impress Remote It was discovered that LibreOffice 4.0.0 and later does not manage the port 1599 for the LibreOffice Impress correctly. An external...
[SECURITY] [DSA 3069-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3069-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 07, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3069-1] curl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3069-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 07, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3068-1] konversation security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3068-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 07, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 83-1] ffmpeg update
Package : ffmpeg Version : 4:0.5.10-1+deb6u1 This update to ffmpeg disables support for over 100 codecs, decoders, and formats that are rarely used nowadays, for which the support available in squeeze is most likely insufficient, etc. This update is only meant to reduce the attack surface. ffmpeg...
[SECURITY] [DSA 3067-1] qemu-kvm security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3067-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 06, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3067-1] qemu-kvm security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3067-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 06, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3066-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3066-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 06, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3066-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3066-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 06, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3065-1] libxml-security-java security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3065-1 [email protected] http://www.debian.org/security/ Sebastien Delafond November 06, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3065-1] libxml-security-java security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3065-1 [email protected] http://www.debian.org/security/ Sebastien Delafond November 06, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3064-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3064-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 04, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3064-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3064-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 04, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 82-1] wget security update
Package : wget Version : 1.12-2.1+deb6u1 CVE ID : CVE-2014-4877 HD Moore of Rapid7 discovered a symlink attack in Wget, a command-line utility to retrieve files via HTTP, HTTPS, and FTP. The vulnerability allows to create arbitrary files on the users system when Wget runs in recursive mode agains...
[SECURITY] [DSA 3063-1] quassel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3063-1 [email protected] http://www.debian.org/security/ Luciano Bello November 02, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3062-1] wget security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3062-1 [email protected] http://www.debian.org/security/ Luciano Bello November 01, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 81-1] openssl security update
Package : openssl Version : 0.9.8o-4squeeze18 CVE ID : CVE-2014-3567 CVE-2014-3568 CVE-2014-3569 Several vulnerabilities have been found in OpenSSL. CVE-2014-3566 "POODLE" A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher...
[SECURITY] [DSA 3061-1] icedove security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3061-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 31, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3060-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3060-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 31, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3060-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3060-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 31, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 80-1] libxml2 security update
Package : libxml2 Version : 2.7.8.dfsg-2+squeeze10 CVE ID : CVE-2014-0191 CVE-2014-3660 Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by ...
[SECURITY] [DSA 3059-1] dokuwiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3059-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 29, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 79-1] dokuwiki security update
Package : dokuwiki Version : 0.0.20091225c-10+squeeze3 CVE ID : CVE-2014-8763 CVE-2014-8764 Debian Bug : 766545 This fixes a possibility of bypasswing the wiki authentication when an Active Directory is used for LDAP authentication. These two CVE are almost the same, one apparently being a supers...
[SECURITY] [DSA 3050-2] xulrunner update
------------------------------------------------------------------------- Debian Security Advisory DSA-3050-2 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 28, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 58-3] apt robustness improvements
Package : apt Version : 0.8.10.3+squeeze7 Debian Bug : 710924 The recent security updates to apt make apt bug 710924 1 much easier to trigger. Affected users see "416 Requested Range Not Satisfiable" errors during a apt-get update operation. With the 0.8.10.3+squeeze7 upload the fix for this erro...
[SECURITY] [DLA 78-1] torque security update
Package : torque Version : 2.4.8+dfsg-9squeeze5 CVE ID : CVE-2014-3684 Chad Vizino reported a vulnerability in torque, a PBS-derived batch processing queueing system. A non-root user could exploit the flaw in the tmadopt library call to kill any process, including root-owned ones on any node in a...
[SECURITY] [DSA 3058-1] torque security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3058-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 27, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3058-1] torque security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3058-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 27, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3057-1] libxml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3057-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 26, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 77-1] libtasn1-3 security update
Package : libtasn1-3 Version : 2.7-1+squeeze+2 CVE ID : CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 Abstract Syntax Notation One structures. An attacker could use those to cause a denial-of-service via out-of-bounds...
[SECURITY] [DSA 3056-1] libtasn1-3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3056-1 [email protected] http://www.debian.org/security/ Sebastien Delafond October 26, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 76-1] kde4libs security update
Package : kde4libs Version : 4:4.4.5-2+squeeze4 CVE ID : CVE-2014-5033 It was discovered that KAuth, part of kdelibs, uses polkit in a way that is prone to a race condition that may allow authorization bypass...
[SECURITY] [DSA 3055-1] pidgin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3055-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 23, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 75-1] mysql-5.1 security update
Package : mysql-5.1 Version : 5.1.73-1+deb6u1 CVE ID : CVE-2013-2162 CVE-2014-0001 CVE-2014-4274 This update fixes one important vulnerability CVE-2014-4274 and batches together two other minor fixes CVE-2013-2162, CVE-2014-0001. CVE-2014-4274 Insecure handling of a temporary file that could lead...
[SECURITY] [DLA 74-1] ppp security update
Package : ppp Version : 2.4.5-4+deb6u1 CVE ID : CVE-2014-3158 Debian Bug : http://bugs.debian.org/762789 This updates fixes a potential integer overflow in option parsing. A user in the group "dip" could provide a specially crafted configuration file of more than 2G and generate an integer...
[SECURITY] [DLA 73-1] tzdata update
Package : tzdata Version : 2014h-0squeeze1 Upstream published version 2014h. Changes since 2014e-0squeeze1 currently in squeeze are adjustments to the DST rules of Russia and a timezone change for Turks & Caicos. Aurelien Jarno GPG: 4096R/1DDD8C9B [email protected] http://www.aurel32.net...
[SECURITY] [DSA 3054-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3054-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 20, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3054-1] mysql-5.5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3054-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 20, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DLA 72-2] rsyslog regression update
Package : rsyslog Version : 4.6.4-2+deb6u2 The Wheezy patch left an unresolved symbol in the imklog module of the Squeeze version. rsyslog worked fine except that messages from the kernel couldnt be submitted any longer. This update fixes this issue...