[SECURITY] [DLA 374-3] cacti regression update

2016-01-04 Thread Chris Lamb
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: cacti Version: 0.8.7g-1+squeeze9+deb6u13 CVE ID : CVE-2015-8369 Debian Bug : 807599 It was discovered that there was a regression in the patch intended to fix CVE-2015-8369 in the recent upload of cacti

[SECURITY] [DLA 380-1] libvncserver security update

2016-01-04 Thread Mike Gabriel
Package: libvncserver Version: 0.9.7-2+deb6u2 An issue had been discovered and resolved by the libvncserver upstream developer Karl Runge addressing thread-safety in libvncserver when libvncserver is used for handling multiple VNC connections [1]. Unfortunately, it is not