A pillow security update has been released for Debian GNU/Linux 8 LTS
A netty security update has been released for both Debian GNU/Linux 9 and 10
A waitress security update has been released for Debian GNU/Linux 8 LTS. It was discovered that there was a HTTP request smuggling vulnerability in waitress, pure-Python WSGI server.
A libgcrypt20 regression update has been released for Debian GNU/Linux 8 LTS. It was discovered that the fix to address an ECDSA timing attack in the libgcrypt20 cryptographic library was incomplete.
An otrs2 security update has been released for Debian GNU/Linux 8 LTS. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, which are in the queue where attacker doesn’t have permissions.
An igraph security update has been released for Debian GNU/Linux 8 LTS. An issue has been found in igraph, a library for creating and manipulating graphs.
A jhead security update has been released for Debian GNU/Linux 8 LTS. Multiple buffer overflows have been fixed in jhead, a program to manipulate the non-image part of Exif compliant JPEG files.
An intel-microcode security update has been released for Debian GNU/Linux 8 LTS. This update ships updated CPU microcode for some types of Intel CPUs.
A php5 security update has been released for Debian GNU/Linux 7 Extended LTS. Several security bugs have been identified and fixed in php5, a server-side, HTML-embedded scripting language. The affected components include the exif module and handling of filenames with \0 embedded.
A libbsd security update has been released for Debian GNU/Linux 8 LTS. An issues has been found in libbsd, a package containing utility functions from BSD systems.
An intel-microcode regression update has been released for Debian GNU/Linux 7 Extended LTS. This update ships updated CPU microcode for CFL-S (Coffee Lake Desktop) models of Intel CPUs which were not yet included in the Intel microcode update released as ELA-200-1.
An imagemagick security update has been released for Debian GNU/Linux 8 LTS. Multiple vulnerabilities have been found in imagemagick, an image processing toolkit.
A php5 security update has been released for Debian GNU/Linux 8 LTS. Several security bugs have been identified and fixed in php5, a server-side, HTML-embedded scripting language.
The affected components include the exif module and handling of filenames with \0 embedded.
The affected components include the exif module and handling of filenames with \0 embedded.
A libxml2 security update has been released for Debian GNU/Linux 8 LTS
A tomcat8 security update has been released for Debian GNU/Linux 9. Several issues were discovered in the Tomcat servlet and JSP engine, which could result in session fixation attacks, information disclosure, cross- site scripting, denial of service via resource exhaustion and insecure redirects.
An openssl1.0 security update has been released for Debian GNU/Linux 9. Guido Vranken discovered an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli.
A mediawiki security update has been released for Debian GNU/Linux 9 and 10. It was discovered that the Title blacklist functionality in MediaWiki, a website engine for collaborative work, could by bypassed.
A debian-lan-config security update has been released for both Debian GNU/Linux 9 and 10. It was discovered that debian-lan-config, a FAI config space for the Debian-LAN system, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other user principals.
A freeimage security update has been released for both Debian GNU/Linux 9 and 10. It was found that freeimage, a graphics library, was affected by two security issues.
An opensc security update has been released for Debian GNU/Linux 8 LTS
