[SECURITY] [DLA 713-1] sniffit security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: sniffit Version: 0.3.7.beta-16.1+deb7u1 CVE ID : CVE-2014-5439 Debian Bug : 845122 It was discovered that there was a buffer overflow in the packet sniffer and monitoring tool "sniffit" which allowed a specially-crafted configuration file to provide a root shell. For Debian 7 "Wheezy", this issue has been fixed in sniffit version 0.3.7.beta-16.1+deb7u1. We recommend that you upgrade your sniffit packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlgytIQACgkQHpU+J9Qx Hli+Xg/8DqE8r2nM1R9XCDJgUsjrwjn+AqTaRuNlJU+H5Di/lL/8nILDV8ho/oiL X7U1oRALlMarvt3uQ1gScbyXbgGuyy9QHUcOxCv6mnW08nSnjOFn/MbNEL6Ta/XC 75irodmHezSuZRWW8CxupJ4iHiTeYk/QAYpA48XzU0atIpztbb3QWMcSjOWcCfIC MUp6u0w7HPuVLX7QRxSavTBeHyG4DvdeLep6pXUkKvqz++i0DvIicNNDUHCIHcun B9TxCmUXwvnoUV9fuplIFbFFy/XZ4pBMAfAwuA9dLnVdGNFEIcUKY5Y7mvix0lLd lZXFzo9PgViDcVIeiUQ8wKHVPwO+fCUHosmD95vZpDjnPS89NkP+tYCXyZ4vEU8u K9MIkomItNgHHfVSJ9SUE8Bmwa9uo18N5D8a6qbxipgCmnri7S3aNO051T7pVXOk 21JIBahGJX5zovLXv5knbp2JNhYF5SLhT281zAvUpu7jrETRHGUZOO7Mp6fb9FXg var4uM9RPWUN5iFfbIapxAsX1naFSxRc2Wr8YOy4FAjsvT10QiET6tEV9Cvx8DrK 1pJWSizJmSKNKrQtUhS82GlFHc8UhJRnmn2SfUk6W/EatrSg1ftqvqlMMnO/Z0S8 1C54Wp2i3JXrWHnkXv+EShgD5OiXPS4lqZZz65/Uk0csu+rjlhs= =aIhU -END PGP SIGNATURE-
[SECURITY] [DLA 714-1] wireshark security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: wireshark Version: 1.12.1+g01b65bf-4+deb8u6~deb7u5 CVE ID : CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376 The following vulnerabilities have been discovered in the Debian Wheezy's Wireshark version: CVE-2016-9373 The DCERPC dissector could crash CVE-2016-9374 The AllJoyn dissector could crash CVE-2016-9375 The DTN dissector could ender an infinite loop CVE-2016-9376 The OpenFlow dissector could crash For Debian 7 "Wheezy", these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u6~deb7u5. We recommend that you upgrade your wireshark packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJYMtyDAAoJEPZk0la0aRp9yloP/RUumUiUGqsDx9gx3oWuaCIT ze62yXo88km/JrOk1MOALV4fbqgl9fvTrQshl3xOmC29isTKTvNrCsfjt2g9GvoY xKOfrjL5J1dH5WwgeiZbmkT7JkGT9GR/ZMH3ebCt/G+a05xv11bWA9D7ch6dte0G 0ni7OfMS9oKvOrEwOb4o7JhVosApxMYNec9d0fidAKnbID3RMKn8Imnbyz7/WX0m 9acrIh5r9/zM8uE0N+Smrehvniq37ZgQ99tGjXOoET8SO+a8M/UwLJbRUaTkm4MH 1dPHGA6t4WBFfA6rCM6A/SyofQVOris70tvCXCfKHhMCuvfNe/MEfsk+vGojEfc9 bnwLGDcEnYsuqcc7GgxSQ/jNS9aMtUnFUhVbQL5sSlBSSglwQ/jCgallwHNurbOe 71GLQdLBoqItoGiaxtyo/g9nCx2GFmIRtKdWtK7CpWNTfJqz7NkNP9jQp+Nk9p+W 2O4xgPX9nyYR7+x9T/EanJ6ZiyLzi7E806LhEtBTY1nmGB5ZSGr1jTyKzfUZqfED Yi2/nFVQEuleyzfj43ie0f3nsQNBIEiMdPUyQLTd/WGMmN/KheRYrMVKRUdjNT2l ofxeuzZeoLOfEvtgrfUvEHcdFAW2XlZ9/NGl1vdd82wNohmXfIeP907xaiMb1q5d IA3kq9HfXx0UHjYNufcq =ZV9T -END PGP SIGNATURE-
[SECURITY] [DLA 715-1] drupal7 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: drupal7 Version: 7.14-2+deb7u15 CVE ID : CVE-2016-9449 CVE-2016-9451 Multiple vulnerabilities have been found in the Drupal content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/SA-CORE-2016-005. For Debian 7 "Wheezy", these problems have been fixed in version 7.14-2+deb7u15. We recommend that you upgrade your drupal7 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlgy9M5fFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeSfhxAAz5cnRS2HOt2Va5xCaCVKKq1bYpy0eHiigNG89jK5aauH22nBwX1zfVb9 AzV3Lvqulrts7Cmo//n1fYHOQ7Ck4D14DLiHOsSLPXggL3/5zDRhZzJtgYpHWmfK w26TwfyguqIJUK1PpszJKAfuOoBhxhs44uBVbyvgg5mCgWyJsVMfyUcTHIra+JR2 mm4Pjh+uc4Bxf9+ugTPiG5USvwvprJReF7PKU65HhCcPLcyPxFMLMaU4LQ8ufGQB IGG5i9ZTjrlCyDxvkPZvDfcQUiN7aswBxkq/n1olD5r0kwn9wcQL4wLNKH7igT5Z TsXcydMawCp/528U5YXPnhyZudtDjhI4y0LNW5DQTzaoqEmDzzPQ5lGX+nkMr9Bp chHbotDMPhsK3lsTV8/9VFOBZ1DdnuGh9C9O+qIFbKrV6ZCCqk7qJKSjwjHZVGVk gVY/V2+VyWrB7CKt2e1LhQPeg79iu7DAO6dDm6NzGM/E9CCPzt+UGJA/onxUh2IV XeYCcSl1GCXNCuWZtjIP7BekdJgA1j5yp/umsfpQDuVijYrRWl+/NcB4zXozi/Mw lwLwYksa1a0sY5y0fAeyBF4mEetbnPRK9ktWvta31ulCSy0NXaNlv3byhwRB0+ub 8271ThLvXI5bbw2pNkuyOIyVSHrW3AlMN9uA6l+SSo0CRc/s2rE= =moW5 -END PGP SIGNATURE-