Hi all,
On 18/03/2020 19:27, Moritz Muehlenhoff wrote:
> On Wed, Mar 18, 2020 at 06:14:36PM +0100, Sylvain Beucler wrote:
>> I excluded 3 out of 8 packages. I only added packages that actually
>> contain the impacted code (VNC client connection, using original RealVNC
>> codebase).
>
> "Contains
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: weechat
Version: 1.0.1-1+deb8u3
CVE ID : CVE-2020-8955 CVE-2020-9759 CVE-2020-9760
Several issues have been found in weechat, a fast, light and extensible
chat client.
All issues are about crafted messages, that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: e2fsprogs
Version: 1.42.12-2+deb8u2
CVE ID : CVE-2019-5188
An issue has been found in e2fsprogs, a package that contains
ext2/ext3/ext4 file system utilities.
A specially crafted ext4 directory can cause an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Mon, 16 Mar 2020 19:03:02 +0100
Source: weechat
Binary: weechat weechat-curses weechat-core weechat-plugins weechat-doc
weechat-dev weechat-dbg
Architecture: source all amd64
Version: 1.0.1-1+deb8u3
Distribution: jessie-security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sun, 22 Mar 2020 16:30:02 +0100
Source: e2fsprogs
Binary: e2fsck-static libcomerr2 comerr-dev libss2 ss-dev e2fsprogs-udeb
e2fslibs e2fslibs-dev e2fsprogs e2fsprogs-dbg e2fslibs-dbg libcomerr2-dbg
libss2-dbg
Architecture: source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 24 Mar 2020 17:09:41 +0100
Source: ruby2.1
Binary: ruby2.1 libruby2.1 ruby2.1-dev ruby2.1-doc ruby2.1-tcltk
Architecture: source amd64 all
Version: 2.1.5-2+deb8u9
Distribution: jessie-security
Urgency: medium
Maintainer:
On Tue, Mar 24, 2020 at 03:23:26PM +, Peter Palfrader wrote:
> On Tue, 24 Mar 2020, Emilio Pozuelo Monfort wrote:
> > >> Upstream is no longer maintaining the 0.2.4.x tree. Maybe it's time to
> > >> terminate support for Tor in wheezy/oldoldstable?
> > > I think so. I have marked it as
On Tue, 24 Mar 2020, Emilio Pozuelo Monfort wrote:
> On 28/12/2017 11:48, Emilio Pozuelo Monfort wrote:
> > On 04/12/17 13:31, Peter Palfrader wrote:
> >> Upstream is no longer maintaining the 0.2.4.x tree. Maybe it's time to
> >> terminate support for Tor in wheezy/oldoldstable?
> >
> > I
On 28/12/2017 11:48, Emilio Pozuelo Monfort wrote:
> On 04/12/17 13:31, Peter Palfrader wrote:
>> Upstream is no longer maintaining the 0.2.4.x tree. Maybe it's time to
>> terminate support for Tor in wheezy/oldoldstable?
>
> I think so. I have marked it as unsupported in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Package: tomcat8
Version: 8.0.14-1+deb8u16
CVE ID : CVE-2019-12418
Tomcat8 is configured with the JMX Remote Lifecycle Listener, a local
attacker without access to the Tomcat process or configuration files
is able to
10 matches
Mail list logo