Bug#743889: libssl1.0.0: libssl update does not cause applications that use it to restart

Package: libssl1.0.0 Version: 1.0.1e-2+deb7u5 Severity: grave Tags: security Justification: user security hole Dear Maintainer, when I did apt-get updateapt-get upgrade today to get a fix for CVE-2014-0160, I got this from apt: Setting up libssl1.0.0:amd64 (1.0.1e-2+deb7u5) ... Setting up

Bug#697464: mount/umount leak information about existence of folders

Package: mount Version: 2.20.1-5.3 Severity: critical Tags: security Justification: root security hole mount discloses information about folders not accessible for a user: $ ls -ld /root/.ssh ls: cannot access /root/.ssh: Permission denied $ ls -ld /root/.foo ls: cannot access /root/.foo:

Bug#693076: gatling: Gatling 0.12 has two direcory traversal vulns that were fixed in 0.13

Package: gatling Version: 0.12cvs20120114-2 Severity: grave Tags: upstream security Justification: user security hole gatling 0.12 has two directory traversal vulns (one in the handling of Host headers, one in the ftp code) that have been fixed in Gatling 0.13. -- System Information: Debian