[SECURITY] [DLA 1402-1] exiv2 security update

Package: exiv2 Version: 0.24-4.1+deb8u1 CVE ID : CVE-2018-10958 CVE-2018-10998 CVE-2018-10999 CVE-2018-11531 CVE-2018-12264 CVE-2018-12265 Debian Bug : 901706 901707 Several vulnerabilities have been discovered in exiv2, a C++ library and a command

[SECURITY] [DLA 1401-1] graphicsmagick security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: graphicsmagick Version: 1.3.20-3+deb8u3 CVE ID : CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 CVE-2016-5241 CVE-2016-7446 CVE-2016-7447 CVE-2016-7448 CVE-2016-7449 CVE-2017-11636

[SECURITY] [DLA 1400-1] tomcat7 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: tomcat7 Version: 7.0.56-3+really7.0.88-1 CVE ID : CVE-2017-7674 CVE-2017-12616 CVE-2018-1304 CVE-2018-1305 CVE-2018-8014 Debian Bug : 802312 898935 Several security vulnerabilities have been

[SECURITY] [DLA 1399-1] ruby-passenger security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: ruby-passenger Version: 4.0.53-1+deb8u1 CVE ID : CVE-2015-7519 CVE-2018-12029 Debian Bug : 864651 Two flaws were discovered in ruby-passenger for Ruby Rails and Rack support that allowed attackers to spoof HTTP

[SECURITY] [DLA 1398-1] php-horde-crypt security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: php-horde-crypt Version: 2.5.0-5+deb8u1 CVE ID : CVE-2017-7413 CVE-2017-7414 Debian Bug : 859635 It was discovered that in Horde-Crypt, a cryptographic library and part of the PHP Horde framework, a command