[SECURITY] [DLA 2424-1] tzdata new upstream version

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2424-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk October 31, 2020

[SECURITY] [DLA 2423-1] wireshark security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2423-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk October 31, 2020

[SECURITY] [DLA 2422-1] qtsvg-opensource-src security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2422-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk October 31, 2020

[SECURITY] [DLA 2388-1] nss security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2388-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk September 29, 2020

[SECURITY] [DLA 2376-1] qtbase-opensource-src security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2376-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk September 21, 2020

[SECURITY] [DLA 2377-1] qt4-x11 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2377-1debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk September 21, 2020

[SECURITY] [DLA 2342-1] libjackson-json-java security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2342-1debian-...@lists.debian.org https://www.debian.org/lts/security/ August 24, 2020

[SECURITY] [DLA 2341-1] inetutils security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2341-1debian-...@lists.debian.org https://www.debian.org/lts/security/ August 24, 2020

[SECURITY] [DLA 2330-1] jruby security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2330-1debian-...@lists.debian.org https://www.debian.org/lts/security/ August 16, 2020

[SECURITY] [DLA 2329-1] libetpan security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2329-1debian-...@lists.debian.org https://www.debian.org/lts/security/ August 16, 2020

[SECURITY] [DLA 2320-1] golang-github-seccomp-libseccomp-golang security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2320-1debian-...@lists.debian.org https://www.debian.org/lts/security/ August 10, 2020

[SECURITY] [DLA 2309-1] evolution-data-server security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2309-1debian-...@lists.debian.org https://www.debian.org/lts/security/ August 02, 2020

[SECURITY] [DLA 2302-1] libjpeg-turbo security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2302-1debian-...@lists.debian.org https://www.debian.org/lts/security/ July 31, 2020

[SECURITY] [DLA 2292-1] milkytracker security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian LTS Advisory DLA-2292-1debian-...@lists.debian.org https://www.debian.org/lts/security/ July 27, 2020

[SECURITY] [DLA 2291-1] ffmpeg security update

- Debian LTS Advisory DLA-2291-1debian-...@lists.debian.org https://www.debian.org/lts/security/ July 27, 2020 https://wiki.debian.org/LTS

[SECURITY] [DLA 2266-1] nss security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: nss Version: 2:3.26-1+debu8u11 CVE ID : CVE-2020-12399 CVE-2020-12402 Several vulnerabilities were fixed in nss, the Network Security Service libraries. CVE-2020-12399 Force a fixed length for DSA

[SECURITY] [DLA 2267-1] libmatio security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: libmatio Version: 1.5.2-3+deb8u1 CVE ID : CVE-2019-17533 In libmatio, a library to read and write Matlab MAT files, a vulnerability was fixed in Mat_VarReadNextInfo4 in mat4.c that could lead to a heap-based buffer

[SECURITY] [DLA 2262-1] qemu security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: qemu Version: 1:2.1+dfsg-12+deb8u15 CVE ID : CVE-2020-1983 CVE-2020-13361 CVE-2020-13362 CVE-2020-13765 Debian Bug : Several vulnerabilities were fixed in qemu, a fast processor emulator. CVE-2020-1983

[SECURITY] [DLA 2231-1] sane-backends security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: sane-backends Version: 1.0.24-8+deb8u3 CVE ID : CVE-2020-12867 Debian Bug : 961302 Remote denial of service and several memory management issues were fixed in the epson2 driver. For Debian 8 "Jessie", this

[SECURITY] [DLA 2091-1] libjackson-json-java security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: libjackson-json-java Version: 1.9.2-3+deb8u1 CVE ID : CVE-2017-7525 CVE-2017-15095 CVE-2019-10172 Several vulnerabilities were fixed in libjackson-json-java. CVE-2017-7525 Jackson Deserializer security

[SECURITY] [DLA 2054-1] jhead security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: jhead Version: 1:2.97-1+deb8u2 CVE ID : CVE-2018-16554 CVE-2018-17088 CVE-2019-1010301 CVE-2019-1010302 Debian Bug : 907925 908176 932145 932146 Multiple buffer overflows have been fixed in jhead, a program to

[SECURITY] [DLA 2017-2] asterisk regression update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: asterisk Version: 1:11.13.1~dfsg-2+deb8u8 The backport of the CVE-2019-13161 fix caused a regression and has been reverted. For Debian 8 "Jessie", this problem has been fixed in version 1:11.13.1~dfsg-2+deb8u8. We

[SECURITY] [DLA 2018-1] proftpd-dfsg security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: proftpd-dfsg Version: 1.3.5e+r1.3.5-2+deb8u5 CVE ID : CVE-2019-19269 In mod_tls a crash with empty CRL was fixed. For Debian 8 "Jessie", this problem has been fixed in version 1.3.5e+r1.3.5-2+deb8u5. We recommend

[SECURITY] [DLA 2017-1] asterisk security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: asterisk Version: 1:11.13.1~dfsg-2+deb8u7 CVE ID : CVE-2019-13161 CVE-2019-18610 CVE-2019-18790 Several vulnerabilites are fixed in Asterisk, an Open Source PBX and telephony toolkit. CVE-2019-13161 An attacker was

[SECURITY] [DLA 1698-2] file regression update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: file Version: 1:5.22+15-2+deb8u7 This update fixes a regression in introduced in 1:5.22+15-2+deb8u5 causing truncated output of the interpreter name, thanks to Christoph Biedl for reporting the problem and cause. For

[SECURITY] [DLA 1840-1] golang-go.crypto security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: golang-go.crypto Version: 0.0~hg190-1+deb8u1 CVE ID : CVE-2019-11840 A flaw was found in the amd64 implementation of salsa20. If more than 256 GiB of keystream is generated, or if the counter otherwise grows

[SECURITY] [DLA 1768-1] checkstyle security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: checkstyle Version: 5.9-1+deb8u1 CVE ID : CVE-2019-9658 checkstyle was loading external DTDs by default, which is now disabled by default. If needed it can be re-enabled by setting the system property

[SECURITY] [DLA 1699-1] ldb security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: ldb Version: 2:1.1.20-0+deb8u2 CVE ID : CVE-2019-3824 Garming Sam reported an out-of-bounds read in the ldb_wildcard_compare() function of ldb, a LDAP-like embedded database, resulting in denial of service. For

[SECURITY] [DLA 1698-1] file security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: file Version: 1:5.22+15-2+deb8u5 CVE ID : CVE-2019-8905 CVE-2019-8907 Potential buffer over-reads in readelf.c have been found in file, a popular file type guesser. For Debian 8 "Jessie", these problems have been

[SECURITY] [DLA 1687-1] sox security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: sox Version: 14.4.1-5+deb8u1 CVE ID : CVE-2014-8145 Debian Bug : 773720 Mike Salvatore discovered that the fixes for these heap-based buffer overflows had not been properly applied in the Debian package. For

[SECURITY] [DLA 1627-1] qtbase-opensource-src security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: qtbase-opensource-src Version: 5.3.2+dfsg-4+deb8u3 CVE ID : CVE-2018-15518 CVE-2018-19870 CVE-2018-19873 Multiple issues were fixed in Qt. CVE-2018-15518 A double-free or corruption during parsing of a specially

<    1   2