Sorry, somehow stuffed up the subject line. Meant to reference
CVE-2018-19968.
--
Brian May
Ok, so as far as I can tell, looking at the version in wheezy, the
problem is that we load source files like so (there are two occurances
in the code that I can see, both very similar):
include_once $include_file;
Where include_file comes from:
$file = $mime_map[$meta->name]['transformation'];
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: sleuthkit
Version: 4.1.3-4+deb8u1
CVE ID : CVE-2018-19497
Debian Bug : 914796
It was discovered that the Sleuth Kit (TSK) through version 4.6.4 is
affected by a buffer over-read vulnerability. The tsk_getu16
Package: libapache-mod-jk
Version: 1.2.46-0+deb8u1
CVE ID : CVE-2018-11759
A vulnerability has been discovered in libapache-mod-jk, the Apache 2
connector for the Tomcat Java servlet engine.
The libapache-mod-jk connector is susceptible to information disclosure
and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 20 Nov 2018 01:39:48 -0500
Source: libapache-mod-jk
Binary: libapache2-mod-jk libapache-mod-jk-doc
Architecture: source amd64 all
Version: 1:1.2.46-0+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Debian Java
On Mon, 17 Dec 2018 10:49:57 +0100
Emilio Pozuelo Monfort wrote:
> MySQL 5.5 should be EOL this month if nothing has changed, although I
> don't see an announcement on [1] yet. Maybe it will be published next
> month when the next CPU (critical patch update) is released. Norvald,
> do you know
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Mon, 17 Dec 2018 15:50:45 +0100
Source: sleuthkit
Binary: sleuthkit libtsk10 libtsk-dev
Architecture: source amd64
Version: 4.1.3-4+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Debian Forensics
Changed-By: Hugo
On 12/12/2018 04:56, Abhijith PA wrote:
> Hi.
>
> On Tuesday 11 December 2018 12:59 PM, Chris Lamb wrote:
>> Hi Salvatore.
>>
>>> While preparing an update for libphp-phpmailer I noticed in the
>>> patch/diff for DLA-1591-1 for libphp-phpmailer the following:
>>
>> Thanks for flagging. I will try
Hi,
On 22/05/2018 07:10, Lars Tangvald wrote:
>
>
> On 05/21/2018 03:22 PM, Matus UHLAR - fantomas wrote:
Am 22.01.2018 um 13:42 schrieb Lars Tangvald:
> First off, thanks for handling the 5.5.59 update for Wheezy. I had the
> security announcement date mixed up so picked it up too