apticron report [Fri, 04 Dec 2015 20:44:17 +0100] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ] [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ] The following packages are currently pending an upgrade: libssl1.0.0 1.0.1k-3+deb8u2 libssl-dev 1.0.1k-3+deb8u2 libssl-doc 1.0.1k-3+deb8u2 openssl 1.0.1k-3+deb8u2 redis-server 2:2.8.17-1+deb8u3 redis-tools 2:2.8.17-1+deb8u3 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour redis (redis-server redis-tools) --- redis (2:2.8.17-1+deb8u3) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * Add 06-CVE-2015-8080-Integer-wraparound-in-lua_struct.c-cau.patch patch. CVE-2015-8080: Integer wraparound in lua_struct.c causing stack-based buffer overflow. (Closes: #804419) -- Salvatore Bonaccorso <carnil(a)debian.org> Sat, 28 Nov 2015 16:12:05 +0100 redis (2:2.8.17-1+deb8u2) stable; urgency=medium * Backport debian/redis-server.tmpfile from unstable so that a valid runtime directory is created when running under systemd. This ensures that there is a secure and sensible location for the UNIX socket. (Closes: #803233) -- Chris Lamb <lamby(a)debian.org> Fri, 30 Oct 2015 18:53:34 +0000 --- Modifications pour openssl (libssl1.0.0 libssl-dev libssl-doc openssl) --- openssl (1.0.1k-3+deb8u2) jessie-security; urgency=medium * Fix CVE-2015-3194 * Fix CVE-2015-3195 * Fix CVE-2015-3196 -- Kurt Roeckx <kurt(a)roeckx.be> Thu, 03 Dec 2015 18:39:46 +0100 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron