[Monitoring] 7 Debian package update(s) for hexagon.federez.net

apticron report [Mon, 23 Feb 2015 09:48:17 +0100] ======================================================================== apticron has detected that some packages need upgrading on: hexagon.federez.net [ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ] The following packages are currently pending an upgrade: libc6 2.13-38+deb7u8 libc6-dev 2.13-38+deb7u8 libc-bin 2.13-38+deb7u8 libc-dev-bin 2.13-38+deb7u8 locales 2.13-38+deb7u8 multiarch-support 2.13-38+deb7u8 nscd 2.13-38+deb7u8 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour eglibc (libc6 libc6-dev libc-bin libc-dev-bin locales multiarch-support nscd) --- eglibc (2.13-38+deb7u8) wheezy-security; urgency=medium * debian/patches/any/cvs-wscanf.diff: new patch from upstream to fix a heap buffer overflow in wscanf (CVE-2015-1472, CVE-2015-1473). Closes: #777197. * debian/patches/any/cvs-vfprintf.diff: new patch from ustream to fix a stack overflow in vfprintf (CVE-2012-3406). Closes: #681888. * debian/patches/any/cvs-posix_spawn_file_actions_addopen.diff: new patch from upstream to fix a vulnerability in posix_spawn_file_actions_addopen (CVE-2014-4043). Closes: #751774. * debian/patches/any/cvs-getnetbyname.diff: new patch from upstream to fix an infinite loop in getnetbyname (CVE-2014-9402). Closes: #775572. * debian/patches/any/cvs-getaddrinfo-idn.diff: new patch from upstream to fix a invalid-free when using getaddrinfo with IDN (CVE-2013-7424). -- Aurelien Jarno <aurel32(a)debian.org> Sun, 22 Feb 2015 09:49:50 +0100 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on hexagon.federez.net -- apticron