-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: wireshark
Version: 1.12.1+g01b65bf-4+deb8u6~deb7u7
CVE ID : CVE-2017-5596 CVE-2017-5597 CVE-2017-6467
CVE-2017-6468 CVE-2017-6469 CVE-2017-6470
CVE-2017-6471 CVE-2017-6472
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: libquicktime
Version: 2:1.2.4-3+deb7u1
CVE ID : CVE-2016-2399
Debian Bug : 855099
Marco 'nemux' Romano discovered that an integer overflow in the
quicktime_read_pascal function in libquicktime 1.2.4 and earlier
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: shadow
Version: 4.1.5.1-1+deb7u1
CVE ID : CVE-2017-2616
Debian Bug : 855943
Tobias Stoeckmann discovered that su does not properly handle clearing a
child PID. A local attacker can take advantage of this flaw
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: mysql-5.5
Version: 5.5.54-0+deb7u2
CVE ID :
Debian Bug : #854713
This is a correction of DLA 819-1 that mentioned that
mysql-5.5 5.5.47-0+deb7u2 was corrected. The corrected package
version was 5.5.54-0+deb7u2.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: mysql-5.5
Version: 5.5.47-0+deb7u2
CVE ID :
Debian Bug : #854713
It has been found that the C client library for MySQL
(libmysqlclient.so) has use-after-free vulnerability which
can cause crash of applications
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: libgd2
Version: 2.0.36~rc1~dfsg-6.1+deb7u8
CVE ID : CVE-2016-9317 CVE-2016-10167 CVE-2016-10168
Multiple security issues have been found in the GD Graphics Library.
They may lead to the execution of arbitrary code
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: dcmtk
Version: 3.6.0-12+deb7u1
CVE ID : CVE-2015-8979
Debian Bug : 848830
At several places in the code a wrong length of ACSE data structures
received over the network can cause overflows or underflows when
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: sudo
Version: 1.8.5p2-1+nmu3+deb7u2
CVE ID : CVE-2016-7032 CVE-2016-7076
Debian Bug : 842507
It was discovered that the sudo noexec restriction could have been
bypassed if application run via sudo executed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: libwmf
Version: 0.2.8.4-10.3+deb7u2
CVE ID : CVE-2016-9011
Debian Bug : 842090
Agostino Sarubbo from Gentoo discovered a flaw in libwmf's Windows
Metafile Format (WMF) parser which caused allocation of excessive
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: firefox-esr
Version: 45.4.0esr-1~deb7u2
The update of firefox-esr to 45.4.0esr-1~deb7u1 caused build failure
on armel and armhf architectures.
For Debian 7 "Wheezy", these problems have been fixed in version
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: chicken
Version: 4.7.0-1+deb7u1
CVE ID : CVE-2016-6830 CVE-2016-6831
Multiple vulnerabilities have been found in the CHICKEN Scheme compiler:
CVE-2016-6830
Buffer overrun in CHICKEN Scheme's "process-execute"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: firefox-esr
Version: 45.4.0esr-1~deb7u1
CVE ID : CVE-2016-5250 CVE-2016-5257 CVE-2016-5261
CVE-2016-5270 CVE-2016-5272 CVE-2016-5274
CVE-2016-5276 CVE-2016-5277 CVE-2016-5278
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: eog
Version: 3.4.2-1+build1+deb7u1
CVE ID : CVE-2016-6855
It was discovered that Eye of GNOME incorrectly handled certain invalid
UTF-8 strings. If a user were tricked into opening a specially-crafted
image, a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: wireshark
Version: 1.12.1+g01b65bf-4+deb8u6~deb7u3
CVE ID : CVE-2016-6504 CVE-2016-6505 CVE-2016-6506
CVE-2016-6507 CVE-2016-6508 CVE-2016-6509
CVE-2016-6510 CVE-2016-6511
Multiple
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: libreoffice
Version: 3.5.4+dfsg2-0+deb7u8
CVE ID : CVE-2016-1513
An OpenDocument Presentation .ODP or Presentation Template .OTP file
can contain invalid presentation elements that lead to memory
corruption when
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: graphite2
Version: 1.3.6-1~deb7u2
The previous upload of graphite2 (on 2016-04-26) included a .shlib
file which did not match the shipped shared libraries preventing
packages build-depending on graphite2 libraries to build.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: kde4libs
Version: 4:4.8.4-4+deb7u2
CVE ID : CVE-2016-6232
Debian Bug : 832620
It was possible to trick kde4libs's KArchiveDirectory::copyTo()
function to extract files to arbitrary system locations from
a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: cakephp
Version: 1.3.15-1+deb7u1
Debian Bug : 832283
CakePHP, an open-source web application framework for PHP, was
vulnerable to SSRF (Server Side
Request Forgery) attacks. Remote attacker can utilize it for at least
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Package: wireshark
Version: 1.12.1+g01b65bf-4+deb8u6~deb7u1
CVE ID : CVE-2012-6052 CVE-2012-6053 CVE-2012-6054 CVE-2012-6055
CVE-2012-6056 CVE-2012-6057 CVE-2012-6058 CVE-2012-6059
19 matches
Mail list logo