[SECURITY] [DLA 1780-1] firefox-esr new upstream version

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: firefox-esr Version: 60.6.2esr-1~deb8u1 Debian Bug : 928415 928449 928509 Firefox 60.6.2 ESR repairs a certificate chain issue that caused extensions to be disabled in the past few days. More information, and details

[SECURITY] [DLA 1779-1] 389-ds-base security update

Package: 389-ds-base Version: 1.3.3.5-4+deb8u6 CVE ID : CVE-2019-3883 Debian Bug : 927939 In 389-ds-base up to version 1.4.1.2, requests were handled by worker threads. Each socket had been waited for by the worker for at most 'ioblocktimeout' seconds. However, this

[SECURITY] [DLA 1778-1] symfony security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: symfony Version: 2.3.21+dfsg-4+deb8u5 CVE ID : CVE-2019-10909 CVE-2019-10910 CVE-2019-10911 CVE-2019-10913 Several security vulnerabilities have been discovered in symfony, a PHP web application

[SECURITY] [DLA 1777-1] jquery security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: jquery Version: 1.7.2+dfsg-3.2+deb8u6 CVE ID : CVE-2019-11358 jQuery mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__