Debian LTS Linux Distribution
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
It was found that Apache ActiveMQ exposed a remote shutdown command in the ActiveMQConnection class. An attacker could use this flaw to achieve denial of service on a client.
Multiple security issues have been found in the tiff3 image library that may allow remote attackers to cause a denial of service (application crash), to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted image.
CVE-2017-7467 Out of bounds write in vt100.c For Debian 7 "Wheezy", these problems have been fixed in version
Multiple security issues have been found in the tiff image library that may allow remote attackers to cause a denial of service (application crash), to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted image
CVE-2017-3157 Ben Hayak discovered that objects embedded in Writer and Calc documents may result in information disclosure. Please see
CVE-2017-7960 A heap-based buffer over-read vulnerability could be triggered remotely via a crafted CSS file to cause a denial of service.
It was found that CHICKEN did not sanitize the size argument when allocating SRFI-4 vectors, which could lead to segfaults or buffer overflows with some sizes.
CVE-2017-7228 (XSA-212) An insufficient check on XENMEM_exchange may allow PV guests to access all of system memory.
Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service.
ghostscript is vulnerable to multiple issues that can lead to denial of service when processing untrusted content. CVE-2016-10219
The dictionary provided by this package had an unnecessary unversioned conflict against the thunderbird package which recently got reintroduced into Wheezy.
The dictionary provided by this package had an unnecessary unversioned conflict against the thunderbird package which recently got reintroduced into Wheezy.
Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing.
Two security vulnerabilities were discovered in imagemagick that allow remote attackers to cause a denial of service (application crash and infinite loop) or possibly other unspecified impact via a crafted image.
CVE-2017-6448 The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or
The Freetype 2 font engine was vulnerable to an out-of-bounds write caused by a heap-based buffer overflow in the cff_parser_run function in cff/cffparse.c.
Tobias Stoeckmann discovered it was possible to trigger an out-of-boundary heap write with the image viewer feh while receiving an IPC message.
CVE-2016-10324 In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in
CVE-2017-6503 WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS.
The dictionaries provided by this package had an unversioned conflict against the thunderbird package (which so far was not part of wheezy). Since the next update of Icedove introduces a thunderbird package the