[SECURITY] [DLA 1789-2] intel-microcode security update

Package: intel-microcode Version: 3.20190618~deb8u1 CVE ID : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Debian Bug : 929073 DLA-1789-1 shipped updated CPU microcode for most types of Intel CPUs as mitigations for the MSBDS, MFBDS, MLPDS and MDSUM

[SECURITY] [DLA 1830-1] znc security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: znc Version: 1.4-2+deb8u2 CVE ID : CVE-2019-12816 A vulnerability was discovered in the ZNC IRC bouncer which could result in remote code execution. For Debian 8 "Jessie", this problem has been fixed in

[SECURITY] [DLA 1828-1] python-urllib3 security update

Package: python-urllib3 Version: 1.9.1-3+deb8u1 CVE ID : CVE-2019-11236 Debian Bug : 927172 A vulnerability was discovered in python-urllib3, an HTTP library with thread-safe connection pooling, whereby an attacker can inject CRLF characters in the request parameter.

[SECURITY] [DLA 1829-1] firefox-esr security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: firefox-esr Version: 60.7.1esr-1~deb8u1 CVE ID : CVE-2019-11707 Samuel Gross discovered a type confusion bug in the JavaScript engine of the Mozilla Firefox web browser, which could result in the execution of