) attacks, if the target application accepts XML
as an input. It is caused by insecure design of Cake's Xml class.
For Debian 6 Squeeze, this issue has been fixed in cakephp version
1.3.2-1.1+deb6u11.
Regards,
- - --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org
0.6.4-1+deb6u11.
Regards,
- - --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQIcBAEBCAAGBQJWKTciAAoJEB6VPifUMR5YKhIP/jE5sfJZbATpWsEKYNwGKrBt
v9gAhNYO7SFRAMA+olDk3wFA3v2SuFx/bHBJFDGbm
Squeeze, this issue has been fixed in xscreensaver version
5.11-1+deb6u11.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQIcBAEBCAAGBQJWNRkBAAoJEB6VPifUMR5YNj8P/0s6hCihupSowSjzR
terminator, allowing an attacker to add arbitrary SQL following a
null byte, and thus create a SQL injection.
For Debian 6 Squeeze, this issue has been fixed in zendframework
version 1.10.6-1squeeze6.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris
.
For Debian 6 Squeeze, this issue has been fixed in libphp-phpmailer
version 5.1-1+deb6u11.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQIcBAEBCAAGBQJWZyKJAAoJEB6VPifUMR5YRHQP
to convert
incoming PostScript data into the printer's native format.
For Debian 6 Squeeze, this issue has been fixed in foomatic-filters
version 4.0.5-6+squeeze2+deb6u11
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
.
For Debian 6 Squeeze, this issue has been fixed in pygments
version 1.3.1+dfsg-1+deb6u11.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
+squeeze9+deb6u12.
For Debian 6 Squeeze, this issue has been fixed in cacti version
0.8.7g-1+squeeze9+deb6u13.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
has been fixed in cacti version
0.8.7g-1+squeeze9+deb6u12.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQIcBAEBCAAGBQJWhFlaAAoJEB6VPifUMR5YZf0P/1gCagSHYlvt850a/jIL7pwr
of monitoring systems.
For Debian 6 Squeeze, this issue has been fixed in cacti version
0.8.7g-1+squeeze9+deb6u11.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
heezy", this issue has been fixed in horizon version
2012.1.1-10+deb7u1.
We recommend that you upgrade your horizon packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version
, this issue has been fixed in cacti version
0.8.7g-1+squeeze9+deb6u14.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQIcBAEBCAAGBQJWl4CaAAoJEB6VPifUMR5YSPAP/2rBTk9OnPlgQdc
in pixman version
0.16.4-1+deb6u2.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQIcBAEBCAAGBQJWzhtTAAoJEB6VPifUMR5YxpgP/i/rSAJkBQE+xoVgnaCcR6Sn
web server protocol for Perl.
For Debian 6 Squeeze, this issue has been fixed in libfcgi-perl version
0.71-1+squeeze1+deb6u1.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
.
For Debian 6 Squeeze, this issue has been fixed in libfcgi version
2.4.0-8+deb6u1.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQIcBAEBCAAGBQJWqI/TAAoJEB6VPifUMR5YdrcP/20Tm257pxDmud0zbGC8OaJV
kciLXfhxIJhkzjNEDJW85uh9rIeeOabhoLDLm7uyN59v4W+tD4LVfYKHQ6XQ+RE+
dmxD+/YUzKAZzWuQVo0qNgVXuDaGrj
leak.
For Debian 6 Squeeze, this issue has been fixed in libmatroska
version 0.8.1-1.1+deb6u1.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
attackers to
cause a denial of service via a crafted imagefilltoborder call.
For Debian 7 "Wheezy", this issue has been fixed in libgd2 version
2.0.36~rc1~dfsg-6.1+deb7u3.
We recommend that you upgrade your libgd2 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `
.
For Debian 7 "Wheezy", this issue has been fixed in libarchive version
3.0.4-3+wheezy5+deb7u1.
We recommend that you upgrade your libarchive packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAliYOsMACgkQHpU+J9Qx
HlhV4BAAoiPxzEcuo/886pJcR8ogmVvVCK5CBviEne259wRsSG7N2cZFuY8oYhY/
MhV+24YM0eNkclxk7KlHASRMXgsm1I+ocfpdbqFIiT
packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIcBAEBCAAGBQJXskJOAAoJEB6VPifUMR5Y7FsP/Ap8+dtoh5Cu6V4kzEJytxl5
Uh5/vS5wU/IeP6sl7qSlfcWQTAksMFqi1A/DVWyQe4yQ
t;Wheezy", this issue has been fixed in suckless-tools version
38-2+deb7u1.
We recommend that you upgrade your suckless-tools packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN
checker
library.
For Debian 7 "Wheezy", this issue has been fixed in cracklib2 version
2.8.19-3+deb7u1.
We recommend that you upgrade your cracklib2 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
issue has been fixed in jsch version
0.1.42-2+deb7u1.
We recommend that you upgrade your jsch packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIcBAEBCAAGBQJXzbQ7AAoJEB6VPi
to obtain
a user's password.
For Debian 7 "Wheezy", this issue has been fixed in mailman version
1:2.1.15-1+deb7u2.
We recommend that you upgrade your mailman packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
o packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIcBAEBCAAGBQJX9sCkAAoJEB6VPifUMR5Y/NkP/3pn6GIrzDur8U8jMGEpsrCL
Rx0iCzsPte80mRW7c5FQhqYtEFq5LKikjIoGeMeshUKck6vdXiI34T
message formatting.
- CVE-2016-7407: Overflows when parsing OpenSSH's ASN.1 key format.
For Debian 7 "Wheezy", this issue has been fixed in dropbear version
2012.55-1.3+deb7u1.
We recommend that you upgrade your dropbear packages.
Regards,
- --
,''`.
: :' :
s required for the basic operation of an
SELinux-based system.
For Debian 7 "Wheezy", this issue has been fixed in policycoreutils version
2.1.10-9+deb7u1.
We recommend that you upgrade your policycoreutils packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'`
generate invalid pointers from a _cairo_image_surface in write_png.
For Debian 7 "Wheezy", this issue has been fixed in cairo version
1.12.2-3+deb7u1.
We recommend that you upgrade your cairo packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@
server, getting out of sync.
For Debian 7 "Wheezy", this issue has been fixed in libxfixes version
1:5.0-4+deb7u2.
We recommend that you upgrade your libxfixes packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
size specified when receiving mixed up two constants that have
different values.
For Debian 7 "Wheezy", this issue has been fixed in quagga version
0.99.22.4-1+wheezy3+deb7u1.
We recommend that you upgrade your quagga packages.
Regards,
- --
,''`.
: :' :
/wiki/SOAP
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlg4uTQACgkQHpU+J9Qx
HliUtxAAt6d/d7Brm33ckLHDvvuefkP49cu94ombualj/pkHrdg7dgRiUcxvhMIO
pqomm/jcnQpg1YbPmCCa/VXAd7D
specially-crafted configuration file
to provide a root shell.
For Debian 7 "Wheezy", this issue has been fixed in sniffit version
0.3.7.beta-16.1+deb7u1.
We recommend that you upgrade your sniffit packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la..
attackers to inject
arbitrary web script or HTML via the "rac" parameter.
For Debian 7 "Wheezy", this issue has been fixed in spip version
2.1.17-1+deb7u7.
We recommend that you upgrade your spip packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'`
heezy", this issue has been fixed in mapserver version
6.0.1-3.2+deb7u3.
We recommend that you upgrade your mapserver packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlhNoJYACgkQHpU+J9Qx
HlijtQ//bolNntRESdaKd1VDlyo1MG4gJ+V/gSatpS7h/kMFeBItKCT9py2JlVIr
K8xH96uHYAMGsUHUph2kjF
memory, OpenAFS
directory objects are likely to contain 'dead' directory entry
information.
For Debian 7 "Wheezy", this issue has been fixed in openafs version
1.6.1-3+deb7u7.
We recommend that you upgrade your openafs packages.
Regards,
- --
,''`.
: :' :
e recommend that you upgrade your libvncserver packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlhryEoACgkQHpU+J9Qx
Hlge/Q
this issue has been fixed in python-crypto version
2.6-4+deb7u6.
We recommend that you upgrade your python-crypto packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
kages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlho5McACgkQHpU+J9Qx
HlguvBAAxvwxrC17S+UgmDkK51Ylm5i2W1suwwEvdl0uu7O+A09ok/WxPMuUWb4O
Er5y38Esl88udV9AX7
to version
2.6-4+deb7u5.
We recommend that you upgrade your python-crypto packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlhtLhMACgkQHpU+J
interface ("PC/SC").
For Debian 7 "Wheezy", this issue has been fixed in pcsc-lite version
1.8.4-1+deb7u2.
We recommend that you upgrade your pcsc-lite packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
setuid/setgid.
For Debian 7 "Wheezy", this issue has been fixed in eject version
2.1.5+deb1+cvs20081104-13+deb7u1.
We recommend that you upgrade your eject packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
heezy", this issue has been fixed in apt-cacher version
1.7.6+deb7u1.
We recommend that you upgrade your apt-cacher packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
attackers were able to
execute arbitrary code via crafted image data.
For Debian 7 "Wheezy", this issue has been fixed in jhead version
1:2.95-1+deb7u1.
We recommend that you upgrade your jhead packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@
d that you upgrade your suricata packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljS+o0ACgkQHpU+J
Bittorrent client.
For Debian 7 "Wheezy", this issue has been fixed in deluge version
1.3.3-2+nmu1+deb7u1.
We recommend that you upgrade your deluge packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljru3cACgkQHpU+J9Qx
HliUxA/9GbQaKd86uVcwkq9zvkj2ZawG0bWmxVGsrWHet+P3T4oOcE
eb7u1.
We recommend that you upgrade your libnl packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljrut4ACgkQHpU+J9Qx
Hljv4A//fNd
heezy", this issue has been fixed in tryton-server version
2.2.4-1+deb7u4.
We recommend that you upgrade your tryton-server packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
hat you upgrade your curl packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljjfqkACgkQHpU+J9Qx
Hlj4QQ/+IwOrFvQYHiPXuZTiSWmqFGXYZ/4XLXJPmeTz
5.1.0-3+deb7u3.
We recommend that you upgrade your collectd packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljjuocACgkQHpU+J9Qx
er behind the
bounds of a statically allocated array of structs of type SWF_GRADIENTRECORD.
For Debian 7 "Wheezy", this issue has been fixed in ming version
1:0.4.4-1.1+deb7u2.
We recommend that you upgrade your ming packages.
Regards,
- --
,''`.
: :' : Chris Lamb
attackers to inject
arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.
For Debian 7 "Wheezy", this issue has been fixed in wget version
1.13.4-3+deb7u4.
We recommend that you upgrade your wget packages.
Regards,
- --
,''`.
: :' :
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAli+oVcACgkQHpU+J9Qx
HlgVGw//XFaJWyDAd38TXQytLzkMN1r5zIYJPHT+o8BMgRezmBd1Zx
heezy", this issue has been fixed in cvs version
2:1.12.13+real-9+deb7u1.
We recommend that you upgrade your cvs packages. Thanks to Thorsten Glaser
<t...@mirbsd.de> for preparing and testing this upload.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@de
quot; URLs in "svn:externals" and
"svn:sync-from-url".
For Debian 7 "Wheezy", this issue has been fixed in subversion
version 1.6.17dfsg-4+deb7u12.
We recommend that you upgrade your subversion packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'`
or modify
arbitrary files via a ".." in the server name.
For Debian 7 "Wheezy", this issue has been fixed in xchat version
2.8.8-7.1+deb7u1.
We recommend that you upgrade your xchat packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la..
.
Specially-crafted input could lead to a remote denial of service attack.
For Debian 7 "Wheezy", this issue has been fixed in libgxps version
0.2.2-2+deb7u1.
We recommend that you upgrade your libgxps packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `
7 "Wheezy", this issue has been fixed in apache2 version
2.2.22-13+deb7u10.
We recommend that you upgrade your apache2 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
for administering LDAP servers.
For Debian 7 "Wheezy", this issue has been fixed in phpldapadmin version
1.2.2-5+deb7u1.
We recommend that you upgrade your phpldapadmin packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
by a heap-based buffer
over-read in the "convert_latin1" function.
For Debian 7 "Wheezy", this issue has been fixed in mpg123 version
1.14.4-1+deb7u2.
We recommend that you upgrade your mpg123 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la..
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAllnK9YACgkQHpU+J9Qx
HliX5A//dPavm2srbLpx/CUhR2fJoy3fOK7+tbVc/5o/fNMCZD2mrHnvBKvxjoDP
6MDpgHdaqwRYh5hX
. The getNodeSize function in
ext/rtree/rtree.c mishandled undersized RTree blobs in a specially-crafted
database,
For Debian 7 "Wheezy", this issue has been fixed in sqlite3 version
3.7.13-1+deb7u4.
We recommend that you upgrade your sqlite3 packages.
Regards,
- --
,''`.
: :' :
-8705.
For Debian 7 "Wheezy", this issue has been fixed in memcached version
1.4.13-0.2+deb7u3.
We recommend that you upgrade your memcached packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
leak
<https://eprint.iacr.org/2017/627>
For Debian 7 "Wheezy", this issue has been fixed in libgcrypt11 version
1.5.0-5+deb7u6.
We recommend that you upgrade your libgcrypt11 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@de
eb7u2.
We recommend that you upgrade your libclamunrar packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlldWl8ACgkQHpU+J9Qx
HliqUBAAruZEl0SjpIAjr
Regards,
- --
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlmIXQYACgkQHpU+J9Qx
HljHoA/9GbDPSfYQdHt4ely6z6CwEwpM0giq+ixPecIlQxq9qVsPxBkbz2DEmEIT
K4ZqR
wan-vulnerability-(cve-2017-11185).html>
For Debian 7 "Wheezy", this issue has been fixed in strongswan version
4.5.2-1.5+deb7u10.
We recommend that you upgrade your strongswan packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org /
sensitive memory information
via a crafted SANE_NET_CONTROL_OPTION packet.
For Debian 7 "Wheezy", this issue has been fixed in sane-backends version
1.0.22-7.4+deb7u1.
We recommend that you upgrade your sane-backends packages.
Regards,
- --
,''`.
: :' :
heezy", this issue has been fixed in deluge version
1.3.3-2+nmu1+deb7u2.
We recommend that you upgrade your deluge packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
environment.
This was caused by an insecure use of temporary files for a socket file.
For Debian 7 "Wheezy", this issue has been fixed in lxterminal version
0.1.11-4+deb7u1.
We recommend that you upgrade your lxterminal packages.
Regards,
- --
,''`.
: :' :
eb7u5.
We recommend that you upgrade your openvpn packages.
Regards,
- --
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAllMLksACgkQHpU+J
attackers could cause a denial of service and
possibly read heap memory via a specially crafted .ICS file.
For Debian 7 "Wheezy", this issue has been fixed in libical version
0.48-2+deb7u1.
We recommend that you upgrade your libical packages.
Regards,
- --
,''`.
: :' :
a denial of service
attack.
For Debian 7 "Wheezy", this issue has been fixed in miniupnpc version
1.5-2+deb7u2.
We recommend that you upgrade your miniupnpc packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
heezy", this issue has been fixed in picocom version
1.7-1+deb7u1.
We recommend that you upgrade your picocom packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
7 "Wheezy", this issue has been fixed in yodl version
3.00.0-6+deb7u1.
We recommend that you upgrade your yodl packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiE
to search the directory could crash slapd by issuing
a search requesting a "Paged Results" value set to zero.
For Debian 7 "Wheezy", this issue has been fixed in openldap version
2.4.31-2+deb7u3.
We recommend that you upgrade your openldap packages.
Regards,
- --
,''
AIFF ("Audio Interchange File
Format") file could result in an out-of-bounds memory read.
For Debian 7 "Wheezy", this issue has been fixed in libsndfile version
1.0.25-9.1+deb7u3.
We recommend that you upgrade your libsndfile packages.
Regards,
- --
,''`.
:
"Wheezy", this issue has been fixed in expat version
2.1.0-1+deb7u5.
We recommend that you upgrade your expat packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
out of file descriptors.
For Debian 7 "Wheezy", this issue has been fixed in golang version
2:1.0.2-1.1+deb7u1.
We recommend that you upgrade your golang packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
characters
to ASCII) which would have allowed remote attackers to cause a denial of
service.
For Debian 7 "Wheezy", this issue has been fixed in libidn version
1.25-2+deb7u3.
We recommend that you upgrade your libidn packages.
Regards,
- --
,''`.
: :' :
Unicode
characters to ASCII) which would have allowed attackers to cause a
remote denial of service.
For Debian 7 "Wheezy", this issue has been fixed in libidn2-0 version
0.8-2+deb7u1.
We recommend that you upgrade your libidn2-0 packages.
Regards,
- --
,''`.
: :' :
,
leading to an application crash or a information leak.
For Debian 7 "Wheezy", this issue has been fixed in libxfont version
1:1.4.5-5+deb7u1.
We recommend that you upgrade your libxfont packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@
7 "Wheezy", this issue has been fixed in kildclient version
2.11.1-1+deb7u1. Thanks to Eduardo M Kalinowski for help in preparing this
update.
We recommend that you upgrade your kildclient packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.or
u upgrade your redis packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAln/OqEACgkQHpU+J9Qx
Hlir3A/7Bl3qthLmd/DSpLY1Xfm6C646oDlXeDwdyrFnpc79W3J8n2oCZ0REpKLe
tztDLWXBefEHsO3ETMZsZM5q
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAloA1nQACgkQHpU+J9Qx
Hlgn0A/+NAg5jHgkNf5CFfXWNyy0NqQjXAP9/hhwv5AqMHqOcu3dHLy0pzxZ/cFf
6i0tZyFTeqURL2D/H77PiAQ
in program termination.
For Debian 7 "Wheezy", this issue has been fixed in apr version
1.4.6-3+deb7u2.
We recommend that you upgrade your apr packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
to run
commands as the current user when "printing" to PDF.
For Debian 7 "Wheezy", this issue has been fixed in evince version
3.4.0-3.1+deb7u2.
We recommend that you upgrade your evince packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la..
1+wheezy25+deb7u1.
We recommend that you upgrade your curl packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlr8crsACgkQHpU+J9Qx
ileges via a crafted command line. (#902410)
For Debian 8 "Jessie", these issues have been fixed in redis version
2:2.8.17-1+deb8u6.
We recommend that you upgrade your redis packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.or
led to memory corruption and potential code execution.
For Debian 7 "Wheezy", this issue has been fixed in gdk-pixbuf version
2.26.1-1+deb7u7.
We recommend that you upgrade your gdk-pixbuf packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.o
s resulted in a reflected file
download vulnerability.
For Debian 7 "Wheezy", this issue has been fixed in dokuwiki version
0.0.20120125b-2+deb7u2.
We recommend that you upgrade your dokuwiki packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.or
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlpy2f4ACgkQHpU+J9Qx
HlgC7w/7BC5agzUTF1sYIgcaXtzsYIjZFKrhrg2xfT2ptPzy5FwNc
attackers via a specially-crafted file.
For Debian 7 "Wheezy", this issue has been fixed in librsvg version
2.36.1-2+deb7u3.
We recommend that you upgrade your librsvg packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-
this
vulnerability to cause a denial of service via a specially-crafted file.
For Debian 7 "Wheezy", this issue has been fixed in zziplib version
0.13.56-1.1+deb7u2.
We recommend that you upgrade your zziplib packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@
occur due to another NULL pointer dereference.
For Debian 7 "Wheezy", these issues have been fixed in irssi version
0.8.15-5+deb7u5.
We recommend that you upgrade your irssi packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.or
to the CUPS daemon in conjunction with DNS
rebinding.
This was caused by a whitelisted "localhost.localdomain" entry.
For Debian 7 "Wheezy", this issue has been fixed in cups version
1.5.3-5+deb7u7.
We recommend that you upgrade your cups packages.
Regards,
- --
,''`.
-
crafted TIFF file.
For Debian 7 "Wheezy", this issue has been fixed in imagemagick
version 8:6.7.7.10-5+deb7u21.
We recommend that you upgrade your imagemagick packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-
e backend.
For Debian 8 "Jessie", these issues have been fixed in php-horde-image
version 2.1.0-4+deb8u1.
We recommend that you upgrade your php-horde-image packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb
1 - 100 of 357 matches
Mail list logo
