[SECURITY] [DLA 386-1] cacti security update

2016-01-14 Thread Chris Lamb
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: cacti Version: 0.8.7g-1+squeeze9+deb6u14 CVE ID : CVE-2015-8604 It was discovered that there was another SQL injection vulnerability in cacti, a web interface for graphing monitoring systems. For Debian 6 Squeeze,

[SECURITY] [DLA 385-1] isc-dhcp security update

2016-01-14 Thread Mike Gabriel
Package: isc-dhcp Version: 4.1.1-P1-15+squeeze9 CVE ID : CVE-2015-8605 Debian Bug : #810875 It was discovered that a maliciously crafted packet can crash any of the isc-dhcp applications. This includes the DHCP client, relay, and server application. Only IPv4 setups

[SECURITY] [DLA 387-1] openssh security update

2016-01-14 Thread Yves-Alexis Perez
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: openssh Version: 5.5p1-6+squeeze8 CVE ID : CVE-2016-0777 CVE-2016-0778 Debian Bug : 810984 The Qualys Security team discovered two vulnerabilities in the roaming code of the OpenSSH client (an implementation of