The following updates has been released for Debian GNU/Linux 7 LTS:
DLA 1317-1: net-snmp security update
DLA 1318-1: irssi security update
DLA 1317-1: net-snmp security update
DLA 1318-1: irssi security update
DLA 1317-1: net-snmp security update
Package : net-snmp
Version : 5.7.2.1+dfsg-1+deb8u1
CVE ID : CVE-2018-1000116
Debian Bug : #894110
It was discovered that there was a heap corruption vulnerability in the
net-snmp framework which exchanges server management information in a
network.
For Debian 7 "Wheezy", this issue has been fixed in net-snmp version
5.7.2.1+dfsg-1+deb8u1.
We recommend that you upgrade your net-snmp packages.
DLA 1318-1: irssi security update
Package : irssi
Version : 0.8.15-5+deb7u6
CVE ID : CVE-2018-7051
Debian Bug : #890677
It was discovered that there was an issue in the irssi IRC client where
certain nick names could result in out-of-bounds access when printing
theme strings.
For Debian 7 "Wheezy", this issue has been fixed in irssi version
0.8.15-5+deb7u6. It was incorrectly missing from the upload of
0.8.15-5+deb7u5 announced as part of DLA-1289-1. Thanks to Ben Hutchings
and Matus Uhlhar.
We recommend that you upgrade your irssi packages.
