[SECURITY] [DLA 2002-1] libice security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: libice Version: 2:1.0.9-1+deb8u1 CVE ID : CVE-2017-2626 It has been found, that libice, an X11 Inter-Client Exchange library, uses weak entropy to generate keys. Using arc4random_buf() from libbsd should avoid

[SECURITY] [DLA 2001-1] libofx security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: libofx Version: 1:0.9.10-1+deb8u2 CVE ID : CVE-2019-9656 Debian Bug : #924350 There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by

[SECURITY] [DLA 2000-1] pam-python security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: pam-python Version: 1.0.4-1.1+deb8u1 CVE ID : CVE-2019-16729 Debian Bug : 942514 It was discovered that pam-python, a PAM Module that runs the Python interpreter, has an issue in regard to the default