4 Nov
2016
4 Nov
'16
09:48
apticron report [Fri, 04 Nov 2016 09:48:23 +0100]
========================================================================
apticron has detected that some packages need upgrading on:
hexagon.federez.net
[ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ]
The following packages are currently pending an upgrade:
curl 7.38.0-4+deb8u5
libcurl3 7.38.0-4+deb8u5
libcurl3-gnutls 7.38.0-4+deb8u5
libcurl4-openssl-dev 7.38.0-4+deb8u5
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour curl (curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev) ---
curl (7.38.0-4+deb8u5) jessie-security; urgency=high
* Fix cookie injection for other servers as per CVE-2016-8615
https://curl.haxx.se/docs/adv_20161102A.html
* Fix case insensitive password comparison as per CVE-2016-8616
https://curl.haxx.se/docs/adv_20161102B.html
* Fix OOB write via unchecked multiplication as per CVE-2016-8617
https://curl.haxx.se/docs/adv_20161102C.html
* Fix double-free in curl_maprintf as per CVE-2016-8618
https://curl.haxx.se/docs/adv_20161102D.html
* Fix double-free in krb5 code as per CVE-2016-8619
https://curl.haxx.se/docs/adv_20161102E.html
* Fix glob parser write/read out of bounds as per CVE-2016-8620
https://curl.haxx.se/docs/adv_20161102F.html
* Fix curl_getdate read out of bounds as per CVE-2016-8621
https://curl.haxx.se/docs/adv_20161102G.html
* Fix URL unescape heap overflow via integer truncation as per CVE-2016-8622
https://curl.haxx.se/docs/adv_20161102H.html
* Fix use-after-free via shared cookies as per CVE-2016-8623
https://curl.haxx.se/docs/adv_20161102I.html
* Fix invalid URL parsing with '#' as per CVE-2016-8624
https://curl.haxx.se/docs/adv_20161102J.html
-- Alessandro Ghedini <ghedo(a)debian.org> Tue, 01 Nov 2016 21:38:10 +0000
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on hexagon.federez.net
--
apticron
Afficher les réponses par date
3093
jours sans activité
3093
depuis la dernière activité
0 commentaires
1 participants
participants (1)
-
root@hexagon.federez.net