[Secure-testing-team] Santander - Mais seguranca para voce! 06/10/2017 10:21:02
Title: Santander Novo Módulo de Segurança Sexta 06 de outubro 2017 secure-testing-team, Garantir segurança nas transações financeiras é a maior preocupação do Santander, por isso investimos em novas tecnologias constantemente. Também solicitamos a sua parceria para manter o nível de segurança, e para isso, recomendamos que você mantenha seu módulo de segurança sempre atualizado, pois a versão mais recente possue os mais modernos recursos de segurança. O processo de instalação é simples e leva apenas alguns minutos, acesse: Atualizar Trusteer Rapport Veja abaixo o que o novo módulo de segurança disponibiliza para mais segurança em seu acesso: O IBM Security Trusteer Rapport ajuda a evitar ataques de software malicioso e de phishing que são a principal causa da maioria das fraudes financeiras. Ajuda também as instituições financeiras a maximizar a protecção dos seus clientes, a conseguir a prevenção sustentável de fraude e a cumprir os requisitos de conformidade regulamentar. - Proteção multicamadas para proteger os dispositivos do utilizador contra infecções de software malicioso e ataques de phishing. - Proteção das sessões do navegador da Web para evitar a adulteração das transacções dos clientes. - Proteção contra a fraude de identidade para salvaguardar a informação pessoal. - Prevenção de infecções de software malicioso e remoção de software malicioso existente para criar uma experiência de serviços bancários online mais segura para os clientes. - Proteção contra phishing de credenciais de início de sessão e dados de cartões de pagamento para preservar a informação privada. 06/10/2017 10:21:02 ___ Secure-testing-team mailing list Secure-testing-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
[Secure-testing-team] Banco do Brasil - Chamado 332016501 (Comunicado) (83771)
Title: Documento sem título Banco do Brasil Comunicado Prezado(a) Cliente, O Banco do Brasil vem mudando para melhorar sua vida, e está disponibilizando mais uma solução para suas realizações oferecendo-lhe mais conforto e praticidade. Conheça o Novo Banco do Brasil O Banco do Brasil é o segmento para clientes de grande potencial, com maiores linhas de créditos, atendimento e agências exclusivas e seu gerente disponível 24 horas por dia na central de relacionamento. O que inclui nessa nova versão? - Melhorias no sistema de segurança; - Correção de falhas em seu certificado de segurança; - Acesso às agências exclusivas sem filas; - Insenção de taxas para cartão de crédito e conta-corrente; - Cartões de Crédito (MasterCard® Black e Visa Infinite) sem taxa de adesão e anunidade; - Aumento de limites de cheque especial com juros de 1,2% ao mês; - Crédito Imobiliário com juros de 6% ao ano e carência de até 12 meses para começar a pagar; - Financiamentos com juros de 6% ao ano e carência de até 12 meses para começar a pagar. Essa nova modalidade já está liberada para você, basta apenas confirmar a solicitação. Confirmar Mais Informações ___ Secure-testing-team mailing list Secure-testing-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
[Secure-testing-team] ProgramaFidelidade (91970)
Title: nvu1 Descontos Surpreendentes. So mais de 50 Mil reais por ms durante 1 ano, e ainda voc pode concorrer a o sorteio de uma BMW X5 0km. Para se cadastrar acesse: http://portalwebcadastros.com.br/ProgramaFidelidade/ 08/JUN/2015 1 ___ Secure-testing-team mailing list Secure-testing-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
Security update for Debian Testing - 2009-02-11
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: typo3-src 4.2.5-1+lenny1: DTSA-193-1: typo3 - several vulnerabilities no CVE yet : typo3 information disclosure xss http://bugs.debian.org/514713 Migrated from unstable or testing-proposed-updates: === iceweasel 3.0.6-1: CVE-2009-0355: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0355 ruby1.9 1.9.0.2-9: CVE-2008-3443: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443 squid 2.7.STABLE3-4.1: CVE-2009-0478: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0478 http://bugs.debian.org/514142 xchat 2.8.6-2.1: CVE-2009-0315: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0315 http://bugs.debian.org/513509 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to debian-testing-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Security update for Debian Testing - 2009-02-10
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable or testing-proposed-updates: === ffmpeg-debian 0.svn20080206-16: CVE-2009-0385: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 phpbb3 3.0.2-4: no CVE yet : phpBB3 Account Re-activation Security Bypass http://bugs.debian.org/508872 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to debian-testing-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Security update for Debian Testing - 2009-02-03
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable or testing-proposed-updates: === horde3 3.2.2+debian0-2: CVE-2008-5917: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5917 http://bugs.debian.org/512592 no CVE yet : file inclusion vuln in util/barcode.php and XSS in horde3 http://bugs.debian.org/513265 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to debian-testing-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Security update for Debian Testing - 2009-01-29
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: moin 1.7.1-3+lenny1: DTSA-187-1: moin - insufficient input sanitising CVE-2009-0260: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0260 http://bugs.debian.org/513158 CVE-2009-0312: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0312 php5 5.2.6.dfsg.1-1+lenny2: DTSA-188-1: php5 - several vulnerabilities CVE-2008-5557: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5557 http://bugs.debian.org/511493 CVE-2008-5624: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5624 http://bugs.debian.org/508021 CVE-2008-5658: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5658 http://bugs.debian.org/507857 no CVE yet : php: inifile handler for the dba functions can be used to truncate a file http://bugs.debian.org/507101 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to debian-testing-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Security update for Debian Testing - 2009-01-27
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable or testing-proposed-updates: === openjdk-6 6b11-9.1: CVE-2008-5347: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5347 http://bugs.debian.org/510972 CVE-2008-5348: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5348 CVE-2008-5349: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5349 CVE-2008-5350: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5350 CVE-2008-5351: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5351 CVE-2008-5352: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5352 CVE-2008-5353: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5353 CVE-2008-5354: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5354 CVE-2008-5358: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5358 CVE-2008-5359: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5359 CVE-2008-5360: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5360 typo3-src 4.2.4-1: CVE-2009-0255: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0255 CVE-2009-0256: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0256 CVE-2009-0257: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0257 CVE-2009-0258: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0258 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to debian-testing-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Security update for Debian Testing - 2009-01-17
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable or testing-proposed-updates: === dbus 1.2.1-5: CVE-2008-4311: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4311 http://bugs.debian.org/508032 linux-2.6 2.6.26-13: CVE-2008-5395: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5395 CVE-2008-5700: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5700 CVE-2008-5701: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5701 CVE-2008-5702: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5702 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to debian-testing-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Security update for Debian Testing - 2009-01-15
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable or testing-proposed-updates: === amarok 1.4.10-2: no CVE yet : amarok: integer overflow in aa file processing lasso 2.2.1-2: CVE-2009-0050: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0050 http://bugs.debian.org/511262 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to debian-testing-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Security update for Debian Testing - 2009-01-10
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable or testing-proposed-updates: === icedove 2.0.0.19-1: CVE-2008-5012: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5012 CVE-2008-5014: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5014 CVE-2008-5016: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5016 CVE-2008-5017: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5017 CVE-2008-5018: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5018 CVE-2008-5021: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5021 CVE-2008-5022: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5022 CVE-2008-5024: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5024 CVE-2008-5500: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5500 CVE-2008-5503: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5503 CVE-2008-5506: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5506 CVE-2008-5507: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5507 CVE-2008-5508: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5508 CVE-2008-5510: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5510 CVE-2008-5511: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5511 CVE-2008-5512: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5512 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to debian-testing-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Security update for Debian Testing - 2008-12-07
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable or testing-proposed-updates: === tkman 2.2-4: CVE-2008-5137: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5137 http://bugs.debian.org/506496 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-11-27
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === dovecot 1:1.0.15-2.3: no CVE yet : dovecot directory traversal http://bugs.debian.org/506031 python2.5 2.5.2-14: CVE-2008-4864: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4864 http://bugs.debian.org/504619 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-11-26
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === imlib2 1.4.0-1.2: CVE-2008-5187: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5187 http://bugs.debian.org/505714 rails 2.1.0-6: CVE-2008-5189: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5189 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-11-18
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === hf 0.8-8.1: CVE-2008-2378: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2378 http://bugs.debian.org/504182 libcdaudio 0.99.12p2-7: CVE-2008-5030: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5030 http://bugs.debian.org/505478 optipng 0.6.1.1-1: no CVE yet : OptiPNG BMP Reader Buffer Overflow http://bugs.debian.org/505399 twiki 1:4.1.2-5: CVE-2008-3195: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3195 http://bugs.debian.org/499534 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-11-17
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: liquidsoap 0.3.6-4lenny1: DTSA-177-1: liquidsoap - insecure temporary file handling CVE-2008-4965: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4965 http://bugs.debian.org/496360 Migrated from unstable: === ktorrent2.2 2.2.8.dfsg.1-1: no CVE yet : ktorrent issues http://bugs.debian.org/504178 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-11-16
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === websvn 2.0-4: no CVE yet : websvn Cross Site Scripting and Directory Traversal http://bugs.debian.org/503330 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-11-14
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === ampache 3.4.1-2: CVE-2008-4796: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4796 http://bugs.debian.org/504169 emacspeak 26.0-3+lenny1: CVE-2008-4191: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4191 http://bugs.debian.org/496431 net-snmp 5.4.1~dfsg-11: CVE-2008-4309: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 http://bugs.debian.org/504150 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-11-10
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: vlc 0.8.6.h-4+lenny2: DTSA-176-1: vlc - buffer overflows no CVE yet : vlc buffer overflow in cue handling http://bugs.debian.org/504639 Migrated from unstable: === eog 2.22.3-2: no CVE yet : eog: Python scripts load modules from current directory http://bugs.debian.org/504352 ndiswrapper 1.53-2: CVE-2008-4395: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4395 http://bugs.debian.org/504696 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-10-31
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === pdnsd 1.2.6-par-11: CVE-2008-1447: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 http://bugs.debian.org/502275 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-10-23
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === emacs22 22.2+2-4: CVE-2008-3949: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3949 http://bugs.debian.org/499568 linux-ftpd 0.17-29: CVE-2008-4247: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4247 http://bugs.debian.org/500278 linux-ftpd-ssl 0.17.27+0.3-3: CVE-2008-4247: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4247 http://bugs.debian.org/500518 proftpd-dfsg 1.3.1-15: CVE-2008-4242: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4242 http://bugs.debian.org/502674 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-10-15
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === netmrg 0.20-2.1: no CVE yet : netmrg: insecure temp file http://bugs.debian.org/496384 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-10-08
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === scilab 4.1.2-6 (non-free): no CVE yet : scilab: insecure temp file http://bugs.debian.org/496414 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-10-04
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: libpam-mount 0.44-1+lenny1: DTSA-169-1: libpam-mount - access restriction bypass CVE-2008-3970: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3970 http://bugs.debian.org/499841 Migrated from unstable: === faad2 2.6.1-3.1: CVE-2008-4201: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4201 http://bugs.debian.org/499899 php5 5.2.6-4: CVE-2008-3658: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3658 CVE-2008-3659: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3659 CVE-2008-3660: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3660 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-10-01
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === phpbb2 2.0.23+repack-3: CVE-2008-4125: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4125 http://bugs.debian.org/500086 Removed from testing: = The following issues have been fixed by removing the (source) packages from testing. This probably means that you have to manually uninstall the corresponding binary packages to fix the issues. It can also mean that the packages have been replaced, or that they have been temporarily removed by the release team to make transitions from unstable easier. cgiwrap: CVE-2008-2852: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2852 http://bugs.debian.org/497761 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-09-28
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === gpicview 0.1.9-4+lenny1: CVE-2008-3791: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3791 http://bugs.debian.org/495968 CVE-2008-3904: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3904 http://bugs.debian.org/498022 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-09-19
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === bitlbee 1.2.3-1: CVE-2008-3969: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3969 http://bugs.debian.org/498159 nfdump 1.5.7-5: no CVE yet : nfdump vulnerable to symlink attacks http://bugs.debian.org/497452 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-09-08
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === aview 1.3.0rc1-8.1: no CVE yet : aview: insecure temp file http://bugs.debian.org/496422 Removed from testing: = The following issues have been fixed by removing the (source) packages from testing. This probably means that you have to manually uninstall the corresponding binary packages to fix the issues. It can also mean that the packages have been replaced, or that they have been temporarily removed by the release team to make transitions from unstable easier. gmanedit: no CVE yet : buffer overflow via crafted configuration file (COMMAND) http://bugs.debian.org/497835 no CVE yet : buffer overflow via crafted manual page caused by utf8 conversion python-django: CVE-2008-3909: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3909 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-09-07
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === dtc 0.29.10-1: no CVE yet : dtc-common: insecure temp file http://bugs.debian.org/496362 honeyd 1.5c-5: no CVE yet : honeyd: insecure temp file in test script http://bugs.debian.org/496365 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-09-06
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === mgt 2.31-6: no CVE yet : mgt: insecure temp file http://bugs.debian.org/496434 rkhunter 1.3.2-6: no CVE yet : rkhunter: insecure temp file http://bugs.debian.org/496375 scratchbox2 1.99.0.24-2: no CVE yet : scratchbox2: insecure temp file http://bugs.debian.org/496409 sympa 5.3.4-5.2: no CVE yet : sympa: multiple insecure temp files http://bugs.debian.org/496405 http://bugs.debian.org/494969 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-09-04
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === wordpress 2.5.1-6: CVE-2008-3747: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3747 http://bugs.debian.org/497216 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-09-01
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === feta 1.4.16+nmu1: no CVE yet : feta: insecure temp file in to-upgrade plugin http://bugs.debian.org/496397 neon27 0.28.2-5: CVE-2008-3746: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3746 opensc 0.11.4-5: no CVE yet : opensc incomplete fix for CVE-2008-2235 radiance 3R9+20080530-4: no CVE yet : radiance: insecure temp files http://bugs.debian.org/496433 xcal 4.1-19: no CVE yet : xcal: insecure temp file http://bugs.debian.org/496393 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-08-31
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === sgml2x 1.0.0-11.2: no CVE yet : sgml2x: insecure temp file http://bugs.debian.org/496368 vdr 1.6.0-6: no CVE yet : vdr: insecure temp file http://bugs.debian.org/496421 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-08-29
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: r-base 2.7.1-1+lenny1: DTSA-162-1: r-base - symlink attack no CVE yet : r-base: insecure temp file http://bugs.debian.org/496418 samba 2:3.2.1-1+lenny1: DTSA-161-1: samba - privilege escalation CVE-2008-3789: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789 http://bugs.debian.org/496073 Migrated from unstable: === awstats 6.7.dfsg-5: CVE-2008-3714: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3714 linux-2.6 2.6.26-3: CVE-2007-6712: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6712 CVE-2008-2372: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2372 CVE-2008-2750: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2750 CVE-2008-3496: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3496 CVE-2008-3534: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3534 CVE-2008-3535: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3535 qemu 0.9.1-6: no CVE yet : qemu: insecure temp file http://bugs.debian.org/496394 rancid 2.3.2~a8-2: no CVE yet : rancid: insecure temp file http://bugs.debian.org/496426 realtimebattle 1.0.8-8: no CVE yet : realtimebattle: insecure temp file http://bugs.debian.org/496385 sng 1.0.2-6: no CVE yet : sng: insecure temp file http://bugs.debian.org/496407 xmcd 2.6-21: no CVE yet : xmcd: insecure temp file http://bugs.debian.org/496416 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-08-28
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === byacc 20070509-1.1: CVE-2008-3196: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3196 http://bugs.debian.org/491182 twiki 1:4.1.2-4: no CVE yet : twiki: insecure temp file http://bugs.debian.org/494648 Removed from testing: = The following issues have been fixed by removing the (source) packages from testing. This probably means that you have to manually uninstall the corresponding binary packages to fix the issues. It can also mean that the packages have been replaced, or that they have been temporarily removed by the release team to make transitions from unstable easier. cdcontrol: no CVE yet : cdcontrol: insecure temp file http://bugs.debian.org/496438 owl-dms: CVE-2008-3100: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3100 http://bugs.debian.org/493579 CVE-2008-3359: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3359 http://bugs.debian.org/493372 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-08-22
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === apache2 2.2.9-7: CVE-2008-2939: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Security update for Debian Testing - 2008-08-19
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: drupal5 5.9-1.1+lenny1: DTSA-156-1: drupal5 - multiple vulnerabilities Migrated from unstable: === mktemp 1.5-9: no CVE yet : mktemp doesn't produce fully random names http://bugs.debian.org/495193 openttd 0.6.2-1 (contrib): CVE-2008-3547: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3547 http://bugs.debian.org/493714 CVE-2008-3576: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3576 xine-lib 1.1.14-2: CVE-2008-3231: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3231 http://bugs.debian.org/492870 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
[SECURITY] Security update for Debian Testing - 2008-06-18
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: clamav 0.93~dfsg-1+lenny1: DTSA-138-1: clamav - denial of service CVE-2008-2713: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713 Migrated from unstable: === nagios3 3.0.2-1: CVE-2007-5803: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5803 http://bugs.debian.org/485439 wordpress 2.5.1-4: CVE-2008-2392: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2392 http://bugs.debian.org/485807 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing - 2008-06-16
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === typo3-src 4.1.7-1: no CVE yet : typo3 code execution xss http://bugs.debian.org/485814 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing - 2008-04-19
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: suphp 0.6.2-2+lenny0: DTSA-124-1: suphp - race condition CVE-2008-1614: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1614 http://bugs.debian.org/475431 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing - 2008-04-18
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: audit 1.5.3-2+lenny1: DTSA-123-1: audit - buffer overflow CVE-2008-1628: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1628 http://bugs.debian.org/475227 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing - 2008-04-08
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === glibc 2.7-10: CVE-2008-1367: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1367 http://bugs.debian.org/465583 linux-2.6 2.6.24-5: CVE-2008-1367: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1367 http://bugs.debian.org/469058 wireshark 1.0.0-1: CVE-2008-1561: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1561 CVE-2008-1562: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1562 CVE-2008-1563: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1563 Removed from testing: = The following issues have been fixed by removing the (source) packages from testing. This probably means that you have to manually uninstall the corresponding binary packages to fix the issues. It can also mean that the packages have been replaced, or that they have been temporarily removed by the release team to make transitions from unstable easier. jspwiki: CVE-2008-1229: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1229 http://bugs.debian.org/470477 CVE-2008-1230: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1230 CVE-2008-1231: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1231 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing - 2008-04-04
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === xulrunner 1.8.1.13-1: CVE-2007-4879: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4879 CVE-2008-1233: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1233 CVE-2008-1234: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1234 CVE-2008-1235: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1235 CVE-2008-1236: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1236 CVE-2008-1237: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1237 CVE-2008-1238: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1238 CVE-2008-1240: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1240 CVE-2008-1241: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1241 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === gnupg2 2.0.9-1: CVE-2008-1530: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1530 http://bugs.debian.org/472928 zabbix 1:1.4.5-1: CVE-2008-1353: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1353 http://bugs.debian.org/471678 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === otrs2 2.2.5-2: no CVE yet : OTRS osa-2008-01 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === cupsys 1.3.6-2: CVE-2008-0596: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0596 dbus 1.1.20-1: CVE-2008-0595: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0595 festival 1.96~beta-7: CVE-2007-4074: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4074 http://bugs.debian.org/435445 krb5 1.6.dfsg.3~beta1-4: CVE-2008-0062: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0062 CVE-2008-0063: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0063 CVE-2008-0947: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0947 nagios2 2.11-1: CVE-2008-1360: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1360 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === xen-3 3.2.0-4: CVE-2008-0928: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 http://bugs.debian.org/469662 Removed from testing: = The following issues have been fixed by removing the (source) packages from testing. This probably means that you have to manually uninstall the corresponding binary packages to fix the issues. It can also mean that the packages have been replaced, or that they have been temporarily removed by the release team to make transitions from unstable easier. postgresql-8.1: CVE-2007-4769: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 CVE-2007-4772: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 CVE-2007-6067: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 CVE-2007-6600: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 CVE-2007-6601: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === hsqldb 1.8.0.9-2: CVE-2007-4575: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575 mediawiki 1:1.11.1-1: CVE-2008-0460: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0460 openoffice.org 1:2.3.1-3: CVE-2007-4575: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575 http://bugs.debian.org/454463 Removed from testing: = The following issues have been fixed by removing the (source) packages from testing. This probably means that you have to manually uninstall the corresponding binary packages to fix the issues. It can also mean that the packages have been replaced, or that they have been temporarily removed by the release team to make transitions from unstable easier. apache: CVE-2006-5752: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 CVE-2007-1349: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 CVE-2007-3304: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 CVE-2007-4465: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465 CVE-2007-5000: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 CVE-2007-6388: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 CVE-2007-6514: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6514 CVE-2008-0005: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 CVE-2008-0455: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0455 CVE-2008-0456: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === openssh 1:4.7p1-2: CVE-2007-4752: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752 http://bugs.debian.org/444738 Removed from testing: = The following issues have been fixed by removing the (source) packages from testing. This probably means that you have to manually uninstall the corresponding binary packages to fix the issues. It can also mean that the packages have been replaced, or that they have been temporarily removed by the release team to make transitions from unstable easier. roundcube: CVE-2007-6321: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6321 http://bugs.debian.org/455840 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === dspam 3.6.8-5.1: CVE-2007-6418: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6418 http://bugs.debian.org/448519 libxfont 1:1.3.1-2: CVE-2008-0006: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006 mt-daapd 0.9~r1696-1.1: CVE-2007-5824: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5824 http://bugs.debian.org/459961 CVE-2007-5825: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5825 ngircd 0.10.3-2: CVE-2008-0285: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0285 http://bugs.debian.org/461067 python-cherrypy 2.2.1-3.1: CVE-2008-0252: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0252 http://bugs.debian.org/461069 tomboy 0.8.2-1: CVE-2005-4790: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4790 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: xine-lib 1.1.8-3+lenny1: DTSA-109-1: xine-lib - heap-based buffer overflow CVE-2008-0225: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 http://bugs.debian.org/460551 Migrated from unstable: === splitvt 1.6.6-4: no CVE yet : splitvt fails to drop group utmp priviledges How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === libjfreechart-java 1.0.9-1: CVE-2007-6306: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6306 http://bugs.debian.org/456148 postgresql-8.2 8.2.6-1: CVE-2007-4769: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 CVE-2007-4772: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 CVE-2007-6067: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 CVE-2007-6600: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 CVE-2007-6601: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: vlc 0.8.6.c-4.1~lenny1: DTSA-108-1: vlc - multiple vulnerabilities How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === snort 2.7.0-9: CVE-2006-6931: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6931 http://bugs.debian.org/407421 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === cupsys 1.3.5-1: CVE-2007-5849: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5849 http://bugs.debian.org/457453 CVE-2007-6358: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6358 http://bugs.debian.org/456960 dovecot 1:1.0.10-1: CVE-2007-6598: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6598 http://bugs.debian.org/458315 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: mnogosearch 3.2.42-1+lenny1: DTSA-103-1: mnogosearch - cross-site scripting CVE-2007-5588: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5588 http://bugs.debian.org/447753 Migrated from unstable: === libexif 0.6.16-2.1: CVE-2007-6351: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6351 http://bugs.debian.org/457330 CVE-2007-6352: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: samba 3.0.28-1~lenny1: DTSA-100-1: samba - buffer overflow CVE-2007-6015: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 Migrated from unstable: === linux-ftpd-ssl 0.17.18+0.3-9.1: CVE-2007-6263: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6263 http://bugs.debian.org/454733 serendipity 1.2.1-1: CVE-2007-6205: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6205 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: e2fsprogs 1.40.2-1+lenny1: DTSA-95-1: e2fsprogs - multiple integer overflows CVE-2007-5497: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5497 http://bugs.debian.org/454760 pwlib 1.10.7~dfsg1-4+lenny1: DTSA-94-1: pwlib - remote denial of service CVE-2007-4897: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4897 http://bugs.debian.org/454133 pwlib-titan 1.11.2-1+lenny1: DTSA-94-1: pwlib - remote denial of service CVE-2007-4897: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4897 http://bugs.debian.org/454139 Migrated from unstable: === xen-3 3.1.2-1: CVE-2007-3919: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3919 CVE-2007-5906: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5906 http://bugs.debian.org/451626 CVE-2007-5907: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5907 CVE-2007-6207: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6207 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: pioneers 0.11.2-2+lenny1: DTSA-89-1: pioneers - remote denial of service CVE-2007-5933: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5933 http://bugs.debian.org/449541 CVE-2007-6010: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6010 Migrated from unstable: === linux-2.6 2.6.22-6: CVE-2007-4571: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4571 http://bugs.debian.org/444571 CVE-2007-4573: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4573 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: openldap2.3 2.3.38-1+lenny1: DTSA-87-1: openldap2.3 - denial of service CVE-2007-5708: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5708 http://bugs.debian.org/448644 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: kdegraphics 4:3.5.7-4+lenny1: DTSA-85-1: kdegraphics - several vulnerabilities CVE-2007-4352: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://bugs.debian.org/450630 CVE-2007-5392: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 CVE-2007-5393: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 koffice 1:1.6.3-3+lenny1: DTSA-86-1: koffice - several vulnerabilities CVE-2007-4352: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://bugs.debian.org/450631 CVE-2007-5392: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 CVE-2007-5393: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 Migrated from unstable: === nagios2 2.10-1: CVE-2007-5624: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5624 http://bugs.debian.org/448371 rails 1.2.5-1: CVE-2007-3227: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3227 http://bugs.debian.org/429177 CVE-2007-5379: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5379 CVE-2007-5380: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5380 rss-glx 0.8.1-8: CVE-2007-5585: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5585 ruby1.8 1.8.6.111-2: CVE-2007-5162: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5162 http://bugs.debian.org/444929 CVE-2007-5770: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5770 http://bugs.debian.org/451374 ruby1.9 1.9.0+20071016-1: CVE-2007-5162: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5162 CVE-2007-5770: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5770 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: perdition 1.17-8+lenny1: DTSA-84-1: perdition - format string vulnerability CVE-2007-5740: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5740 http://bugs.debian.org/448853 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === iceweasel 2.0.0.8-1: CVE-2007-1095: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1095 http://bugs.debian.org/445514 CVE-2007-2292: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2292 CVE-2007-3511: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3511 http://bugs.debian.org/438873 CVE-2007-5334: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5334 CVE-2007-5335: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5335 CVE-2007-5337: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5337 CVE-2007-5338: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5338 CVE-2007-5339: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339 CVE-2007-5340: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5340 CVE-2007-5691: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5691 openoffice.org 2.2.1-10: CVE-2007-2834: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2834 wordpress 2.3.1-1: CVE-2007-5710: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5710 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: loop-aes-utils 2.12r-16+lenny1: DTSA-70-1: loop-aes-utils - privilege escalation CVE-2007-5191: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5191 xulrunner 1.8.0.14~pre071019b-0lenny1: DTSA-69-1: xulrunner - several vulnerabilities CVE-2006-2894: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 CVE-2007-1095: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1095 CVE-2007-2292: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2292 CVE-2007-3511: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3511 CVE-2007-4841: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841 CVE-2007-5334: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5334 CVE-2007-5337: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5337 CVE-2007-5338: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5338 CVE-2007-5339: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339 CVE-2007-5340: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5340 Migrated from unstable: === drupal5 5.3-1: CVE-2007-5593: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5593 CVE-2007-5594: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5594 CVE-2007-5595: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5595 CVE-2007-5596: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5596 CVE-2007-5597: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5597 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === openssl 0.9.8g-1: CVE-2007-4995: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 Removed from testing: = The following issues have been fixed by removing the (source) packages from testing. This probably means that you have to manually uninstall the corresponding binary packages to fix the issues. It can also mean that the packages have been replaced, or that they have been temporarily removed by the release team to make transitions from unstable easier. php4: DTSA-40-1: php4 - several vulnerabilities CVE-2007-1286: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1286 CVE-2007-1380: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1380 CVE-2007-1521: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1521 CVE-2007-1583: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1583 CVE-2007-1718: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1718 CVE-2007-1777: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1777 CVE-2007-1864: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1864 CVE-2007-2509: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2509 CVE-2007-2519: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2519 CVE-2007-3799: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3799 CVE-2007-3806: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3806 CVE-2007-3998: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3998 CVE-2007-4657: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4657 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: ldapscripts 1.4-2+lenny1: DTSA-68-1: ldapscripts - unauthorized disclosure of information CVE-2007-5373: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5373 http://bugs.debian.org/445582 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === dircproxy 1.0.5-5.1: CVE-2007-5226: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5226 http://bugs.debian.org/445883 libpng 1.2.15~beta5-3: CVE-2007-5269: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 http://bugs.debian.org/446308 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === phpgedview 4.1.e+4.1.1-2: CVE-2007-5051: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5051 http://bugs.debian.org/443901 tk8.3 8.3.5-10: CVE-2007-5378: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5378 http://bugs.debian.org/446465 wzdftpd 0.8.2-2.1: CVE-2007-5300: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5300 http://bugs.debian.org/446192 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Removed from testing: = The following issues have been fixed by removing the (source) packages from testing. This probably means that you have to manually uninstall the corresponding binary packages to fix the issues. It can also mean that the packages have been replaced, or that they have been temporarily removed by the release team to make transitions from unstable easier. asterisk: CVE-2007-1306: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1306 CVE-2007-1561: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1561 http://bugs.debian.org/415466 CVE-2007-1595: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1595 CVE-2007-2294: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2294 CVE-2007-2297: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2297 http://bugs.debian.org/419820 CVE-2007-2488: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2488 CVE-2007-3762: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 CVE-2007-3763: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3763 CVE-2007-3764: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3764 CVE-2007-3765: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3765 http://bugs.debian.org/433681 CVE-2007-4103: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 CVE-2007-4280: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4280 CVE-2007-4455: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4455 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: alsaplayer 0.99.79-3+lenny1: DTSA-66-1: alsaplayer - stack based buffer overflow in vorbis plugin CVE-2007-5301: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5301 http://bugs.debian.org/446034 Migrated from unstable: === wesnoth 1.2.7-1: CVE-2007-3917: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === egroupware 1.2.107-2.dfsg-2: CVE-2007-5091: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5091 http://bugs.debian.org/444351 gnatsweb 4.00-1.1: CVE-2007-2808: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2808 http://bugs.debian.org/427156 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. Migrated from unstable: === tomcat5.5 5.5.25-1: CVE-2007-1355: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355 CVE-2007-2449: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449 CVE-2007-2450: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450 xfs 1:1.0.5-1: CVE-2007-4568: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4568 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
[SECURITY] Security update for Debian Testing
This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing. DTSA: = The following issues have been fixed by uploads to testing-security: php5 5.2.3-1+lenny1: DTSA-61-1: php5 - several vulnerabilities CVE-2007-3799: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3799 http://bugs.debian.org/441433 CVE-2007-3806: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3806 CVE-2007-3998: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3998 CVE-2007-4657: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4657 CVE-2007-4658: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4658 CVE-2007-4659: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4659 CVE-2007-4660: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4660 CVE-2007-4662: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4662 Migrated from unstable: === gforge 4.6.99+svn6094-3: CVE-2007-3918: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3918 linux-2.6 2.6.22-4: CVE-2007-2525: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2525 CVE-2007-3105: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3105 CVE-2007-3513: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3513 CVE-2007-3642: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3642 CVE-2007-3848: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3848 CVE-2007-3851: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3851 openssl 0.9.8e-9: CVE-2007-5135: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135 http://bugs.debian.org/35 How to update: -- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update aptitude dist-upgrade to install the updates. More information: - More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing ___ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce