Package: nspr
Version: 4.8.6-1+squeeze3
CVE ID : CVE-2015-7183
Google security engineer Ryan Sleevi found a vulnerability in the NetScape
Portable Runtime Library (NSPR). NSPR allocated memory without specific checks,
making it possible for remote attackers to cause a
On Wed, Aug 19, 2015 at 01:02:59PM +0200, Moritz Muehlenhoff wrote:
> Hi,
> as a followup to yesterday's BoF I compared the list of unsupported
> packages in Squeeze LTS against the current status quo:
>
> (We try to split the LTS work from the normal security work, but I'm
> adding
Am 19.11.2015 um 21:45 schrieb Moritz Mühlenhoff:
[...]
> Another package which needs to be sorted out is the support for
> Java. wheezy has both openjdk-6 and openjdk-7 (jessie has only
> -7 and stretch will also only have one version).
>
> Currently the maintenance heavily relies on the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 19 Nov 2015 13:33:19 +0100
Source: strongswan
Binary: strongswan libstrongswan strongswan-dbg strongswan-starter
strongswan-ikev1 strongswan-ikev2 strongswan-nm
Architecture: source all amd64
Version: 4.4.1-5.8
Distribution:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: strongswan
Version: 4.4.1-5.8
CVE ID : CVE-2015-8023
Tobias Brunner found an authentication bypass vulnerability in
strongSwan, an IKE/IPsec suite.
Due to insufficient validation of its local state the server
