On Fri, 23 Dec 2016 at 23:39:09 +, Simon McVittie wrote:
> On Thu, 22 Dec 2016 at 23:09:38 +0100, Ola Lundqvist wrote:
> > the Debian LTS team would like to fix the security issues which are
> > currently open in the Wheezy version of ikiwiki:
> >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: tomcat7
Version: 7.0.28-4+deb7u9
CVE ID : CVE-2016-8745
Debian Bug : 849949
A bug in the error handling of the send file code for the NIO HTTP
connector resulted in the current Processor object being added to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 10 Jan 2017 22:09:47 +0100
Source: tomcat7
Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java
libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs
Architecture: source all
Version:
On Fri, Jan 06, 2017 at 11:32:49AM +0100, Hugo Lefeuvre wrote:
>
> I've had a look at the new CVEs reported for libav. I managed to
> reproduce CVE-2016-98{21,22} (avconv crashes with segfault), but
> cherry picking the fix[0,1,2] for these issues doesn't seem to fix
> the problem.
You were
Andreas Beckmann wrote:
> I've prepared a new upstream release of the proprietary nvidia graphics
> driver for wheezy-lts. This will fix several security bugs:
Do you have a debdiff handy...? (Or, better still, diffoscope output.)
Regards,
--
,''`.
: :' : Chris Lamb
`.
Hi,
I've prepared a new upstream release of the proprietary nvidia graphics
driver for wheezy-lts. This will fix several security bugs:
* New upstream legacy 304xx branch release 304.134 (2016-12-14).
* Fixed CVE-2016-8826. (Closes: #848195)
* New upstream legacy 304xx branch release
Hi Thomas,
> Thanks to both of you Chris and Guido!
No problem. Packages available now and I've just announced DLA 773-4.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-