-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: libgd2
Version: 2.1.0-5+deb8u12
CVE ID : CVE-2018-5711 CVE-2018-1000222 CVE-2019-6977
CVE-2019-6978
Several issues in libgd2, a graphics library that allows to quickly draw
images, have been
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: rssh
Version: 2.3.4-4+deb8u1
CVE ID : CVE-2019-118
Debian Bug : 919623
The ESnet security team discovered a vulnerability in rssh, a restricted
shell that allows users to perform only scp, sftp, cvs,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 30 Jan 2019 18:34:46 +0100
Source: rssh
Binary: rssh
Architecture: source amd64
Version: 2.3.4-4+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Russ Allbery
Changed-By: Markus Koschany
Description:
rssh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: spice
Version: 0.12.5-1+deb8u7
CVE ID : CVE-2019-3813
Debian Bug : 920762
Christophe Fergeau discovered an out-of-bounds read vulnerability in
spice, a SPICE protocol client and server library, which might
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: firefox-esr
Version: 60.5.0esr-1~deb8u1
CVE ID : CVE-2018-18500 CVE-2018-18501 CVE-2018-18505
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the
Hello,
Am 30.01.19 um 15:56 schrieb Jean-Baptiste Martin-Ariès:
> Hello,
>
> PHP 5.6.40 had been made available on 10 Jan 2019 and contains several
> bugs and security fixes.
>
> Is it planned to package it for Jessie ? When the package should be
> available ?
Yes, we will package 5.6.40.
Hello,
PHP 5.6.40 had been made available on 10 Jan 2019 and contains several bugs
and security fixes.
Is it planned to package it for Jessie ? When the package should be
available ?
JB
[No need to CC me, I am subscribed]
Am 30.01.19 um 14:29 schrieb Moritz Mühlenhoff:
> On Wed, Jan 30, 2019 at 01:24:40PM +0100, Markus Koschany wrote:
>> Hi,
>>
>> Am 30.01.19 um 13:07 schrieb Emilio Pozuelo Monfort:
>> [...]
>>> I would appreciate some testing and/or feedback.
>>
>> I have done
On Wed, Jan 30, 2019 at 01:24:40PM +0100, Markus Koschany wrote:
> Hi,
>
> Am 30.01.19 um 13:07 schrieb Emilio Pozuelo Monfort:
> [...]
> > I would appreciate some testing and/or feedback.
>
> I have done most of the backporting work for the previous
> vulnerabilities of Ghostscript. I don't
Hi,
Am 30.01.19 um 13:07 schrieb Emilio Pozuelo Monfort:
[...]
> I would appreciate some testing and/or feedback.
I have done most of the backporting work for the previous
vulnerabilities of Ghostscript. I don't recommend to backport the stable
version to Jessie at the moment but rather to
Hi,
There is a vulnerability in ghostscript that allows maliciously crafted files to
bypass the sandbox and execute arbitrary code:
https://bugs.chromium.org/p/project-zero/issues/detail?id=1729
I would be wary of backporting the fix to our old version of ghostscript as the
code has changed
11 matches
Mail list logo