Updated OpenJDK 7 packages has been released for Debian GNU/Linux 8 to address several vulnerabilities including denial of service, sandbox bypass, execution of arbitrary code and bypass of JAR signature validation
Devuan GNU+Linux 2.0 ASCII Stable, a systemd-free Debian GNU/Linux 9 fork has been released
The following updates has been released for Debian GNU/Linux:
Debian GNU/Linux 8:
DSA 4224-1: gnupg security update
Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.
Debian GNU/Linux 8 and 9:
DSA 4220-1: firefox-esr security update
Ivan Fratric discovered a buffer overflow in the Skia graphics library used by Firefox, which could result in the execution of arbitrary code.
DSA 4221-1: libvncserver security update
Alexander Peslyak discovered that insufficient input sanitising of RFB packets in LibVNCServer could result in the disclosure of memory contents.
DSA 4222-1: gnupg2 security update
Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.
Debian GNU/Linux 9:
DSA 4223-1: gnupg1 security update
Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.
Debian GNU/Linux 8:
DSA 4224-1: gnupg security update
Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.
Debian GNU/Linux 8 and 9:
DSA 4220-1: firefox-esr security update
Ivan Fratric discovered a buffer overflow in the Skia graphics library used by Firefox, which could result in the execution of arbitrary code.
DSA 4221-1: libvncserver security update
Alexander Peslyak discovered that insufficient input sanitising of RFB packets in LibVNCServer could result in the disclosure of memory contents.
DSA 4222-1: gnupg2 security update
Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.
Debian GNU/Linux 9:
DSA 4223-1: gnupg1 security update
Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.
Updated jruby packages has been released for Debian GNU/Linux 9 to address several vulnerabilities. They would allow an attacker to use specially crafted gem files to mount cross-site scripting attacks, cause denial of service through an infinite loop, write arbitrary files, or run malicious code.
Updated memcached packages has been released for both Debian GNU/Linux 8 and 9
This update fixes three security issues in memcached: 1) Daniel Shapira reported a heap-based buffer over-read in memcached (CVE-2017-9951). 2) It was reported that memcached listens to UDP by default. A remote attacker can take advantage of it to use the memcached service as a DDoS amplifier (CVE-2018-1000115). 3) An integer overflow was reported in memcached, resulting in resource leaks, data corruption, deadlocks or crashes (CVE-2018-1000127).
This update fixes three security issues in memcached: 1) Daniel Shapira reported a heap-based buffer over-read in memcached (CVE-2017-9951). 2) It was reported that memcached listens to UDP by default. A remote attacker can take advantage of it to use the memcached service as a DDoS amplifier (CVE-2018-1000115). 3) An integer overflow was reported in memcached, resulting in resource leaks, data corruption, deadlocks or crashes (CVE-2018-1000127).
The following updates has been released for Debian GNU/Linux:
Debian GNU/Linux 8 and 9:
DSA 4217-1: wireshark security update
It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial of service or the execution of arbitrary code.
Debian GNU/Linux 9:
DSA 4191-2: redmine regression update
The previous security update for redmine caused regressions with multi-value fields while doing queries on project issues due to an bug in the patch to address CVE-2017-15569. Updated packages are now available to correct this issue.
Debian GNU/Linux 8 and 9:
DSA 4217-1: wireshark security update
It was discovered that Wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for PCP, ADB, NBAP, UMTS MAC, IEEE 802.11, SIGCOMP, LDSS, GSM A DTAP and Q.931, which result in denial of service or the execution of arbitrary code.
Debian GNU/Linux 9:
DSA 4191-2: redmine regression update
The previous security update for redmine caused regressions with multi-value fields while doing queries on project issues due to an bug in the patch to address CVE-2017-15569. Updated packages are now available to correct this issue.
Updated prosody packages has been released for Debian GNU/Linux 8 and 9
Updated batik packages has been released for Debian GNU/Linux 8 and 9
Updated Zookeeper packages has been released for both Debian GNU/Linux 8 and 9
An updated Linux kernel has been released for Debian 7 LTS:
DLA 1392-1: linux security update
Debian 7 LTS has reached it's end of life. However, a subset of packages will be still supported as part of Extended LTS support:
DLA 1393-1: Debian 7 Long Term Support reaching end-of-life
DLA 1392-1: linux security update
Debian 7 LTS has reached it's end of life. However, a subset of packages will be still supported as part of Extended LTS support:
DLA 1393-1: Debian 7 Long Term Support reaching end-of-life
The following updates has been released for Debian GNU/Linux 7 LTS:
DLA 1390-1: procps security update
DLA 1391-1: tiff security update
DLA 1390-1: procps security update
DLA 1391-1: tiff security update
Updated Apache2 packages has been released for Debian GNU/Linux 7 LTS
The following updates has been released for Debian GNU/Linux
Debian GNU/Linux 8 and 9:
DSA 4212-1: git security update
Debian GNU/Linux 9:
DSA 4213-1: qemu security update
Debian GNU/Linux 8 and 9:
DSA 4212-1: git security update
Debian GNU/Linux 9:
DSA 4213-1: qemu security update
Updated wireshark packages has been released for Debian GNU/Linux 7 LTS
The following security updates has been released for Debian GNU/Linux
Debian GNU/Linux 7 LTS:
DLA 1387-1: cups security update
Debian GNU/Linux 9:
DSA 4206-2: gitlab regression update
Debian GNU/Linux 7 LTS:
DLA 1387-1: cups security update
Debian GNU/Linux 9:
DSA 4206-2: gitlab regression update
The following updates has been released for Debian GNU/Linux:
Debian GNU/Linux 7 LTS:
DLA 1385-1: batik security update
DLA 1386-1: ming security update
Debian GNU/Linux 8 and 9:
DSA 4211-1: xdg-utils security update
Debian GNU/Linux 7 LTS:
DLA 1385-1: batik security update
DLA 1386-1: ming security update
Debian GNU/Linux 8 and 9:
DSA 4211-1: xdg-utils security update
The folowing updates has been released for Debian GNU/Linux 7 LTS:
DLA 1382-1: thunderbird security update
DLA 1383-1: xen security update
DLA 1384-1: xdg-utils security update
DLA 1382-1: thunderbird security update
DLA 1383-1: xen security update
DLA 1384-1: xdg-utils security update
The following updates has been released for Debian GNU/Linux:
Debian GNU/Linux 8 and 9:
DSA 4209-1: thunderbird security update
Debian GNU/Linux 9:
DSA 4210-1: xen security update
Debian GNU/Linux 8 and 9:
DSA 4209-1: thunderbird security update
Debian GNU/Linux 9:
DSA 4210-1: xen security update
Updated imagemagick packages has been released for Debian GNU/Linux 7 LTS
Updated procps packages has been released for Debian GNU/Linux 8 and 9
