Debian LTS Essential and Critical Security Patch Updates - Page 107

Debian LTS: DLA-1809-1: libav security update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Two more security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

LinuxSecurity.com Team
May 29, 2019

Debian LTS: DLA-1799-2: linux security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

LinuxSecurity.com Team
May 28, 2019

Debian LTS: DLA-1799-1: linux security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

LinuxSecurity.com Team
May 28, 2019

Debian LTS: DLA-1807-1: vcftools security update

Webin security lab - dbapp security Ltd found three issues in vcftools, a collection of tools to work with VCF files. Different functions in header.cpp are vulnerable to denial of services due to use-after-free

LinuxSecurity.com Team
May 27, 2019

Debian LTS: DLA-1805-1: minissdpd security update

It was discovered that there was a use after free vulnerability in minissdpd, a network device discovery daemon. A remote attacker could abuse this to crash the process.

LinuxSecurity.com Team
May 26, 2019

Debian LTS: DLA-1804-1: curl security update

cURL, an URL transfer library, contains a heap buffer overflow in the function tftp_receive_packet() that receives data from a TFTP server. It calls recvfrom() with the default size for the buffer rather than with the size that was used to allocate it. Thus, the content that

LinuxSecurity.com Team
May 25, 2019

Debian LTS: DLA-1803-1: php5 security update

A read past allocated buffer vulnerability and two heap-buffer overflow vulnerabilites were discovered in the PHP5 programming language within the Exif image module.

LinuxSecurity.com Team
May 25, 2019

Debian LTS: DLA-1802-1: wireshark security update

Several vulnerabilities have been found in wireshark, a network traffic analyzer. CVE-2019-10894

LinuxSecurity.com Team
May 25, 2019

Debian LTS: DLA-1801-1: zookeeper security update

It was discovered that there was an information disclosure vulnerability in zookeeper, a distributed co-ordination server. Users who were not authorised to read data were able to view the access control list.

LinuxSecurity.com Team
May 24, 2019

Debian LTS: DLA-1796-1: jruby security update

Multiple vulnerabilities have been discovered in jruby, Java implementation of the Ruby programming language.

LinuxSecurity.com Team
May 20, 2019

Debian LTS: DLA-1797-1: drupal7 security update

Several security vulnerabilities have been discovered in drupal7, a PHP web site platform. The vulnerabilities affect the embedded versions of the jQuery JavaScript library and the Typo3 Phar Stream Wrapper library.

LinuxSecurity.com Team
May 20, 2019

Debian LTS: DLA-1795-1: graphicsmagick security update

Multiple vulnerabilities have been discovered in graphicsmagick, the image processing toolkit: CVE-2019-11473

LinuxSecurity.com Team
May 20, 2019

Debian LTS: DLA-1794-1: libspring-security-2.0-java security update

A vulnerability was discovered in libspring-security-2.0-java, a modular Java/J2EE application security framework, when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance,

LinuxSecurity.com Team
May 19, 2019

Debian LTS: DLA-1792-2: cups-filters regression update

The update for ghostscript released as DLA-1792-1 uncovered an issue in cups-filters which was using the undocumented Ghostscript internal "pdfdict" now hidden in the ghostscript update. Updated cups-filters

LinuxSecurity.com Team
May 19, 2019

Debian LTS: DLA-1793-1: dhcpcd5 security update

It was discovered that there was a read overflow vulnerability in the dhcpcd5 network management protocol client. For Debian 8 "Jessie", this issue has been fixed in dhcpcd5 version

LinuxSecurity.com Team
May 19, 2019

Debian LTS: DLA-1792-1: ghostscript security update

A vulnerability was discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the

LinuxSecurity.com Team
May 19, 2019

Debian LTS: DLA-1791-1: faad2 security update

Multiple vulnerabilities have been found in faad2, the Freeware Advanced Audio Coder: CVE-2018-20194

LinuxSecurity.com Team
May 19, 2019

Debian LTS: DLA-1790-1: lemonldap-ng security update

Erratum: bad versions An attack vector was discovered by lemonldap-ng developers. When the SAML or CAS service provider is enable and the administrator has chosen to store

LinuxSecurity.com Team
May 18, 2019

Debian LTS: DLA-1791-1: lemonldap-ng security update

An attack vector was discovered by the lemonldap-ng developers. When the SAML or CAS service provider is enabled and the administrator has chosen to store the SAML/CAS tokens in the session database, an attacker can open an anonymous session to connect to any protected application that

LinuxSecurity.com Team
May 18, 2019

Debian LTS: DLA-1777-2: jquery regression update

The minified jquery library was broken in version 1.7.2+dfsg-3.2+deb8u6 due to an error during the build. This problem has now been fixed in version 1.7.2+dfsg-3.2+deb8u7

LinuxSecurity.com Team
May 17, 2019