apticron report [Sat, 20 May 2017 00:38:34 +0200] ======================================================================== apticron has detected that some packages need upgrading on: quigon.federez.net [ 160.228.155.65 ] The following packages are currently pending an upgrade: libjbig2dec0 0.13-4~deb8u2 login 1:4.2-3+deb8u4 passwd 1:4.2-3+deb8u4 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour jbig2dec (libjbig2dec0) --- jbig2dec (0.13-4~deb8u2) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * Prevent integer overflow vulnerability (CVE-2017-7885) (Closes: #860460) * Prevent SEGV due to integer overflow (CVE-2017-7975) (Closes: #860788) * Bounds check before reading from image source data (CVE-2017-7976) (Closes: #860787) -- Salvatore Bonaccorso <carnil(a)debian.org> Tue, 16 May 2017 22:35:00 +0200 --- Modifications pour shadow (login passwd) --- shadow (1:4.2-3+deb8u4) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * Reset pid_child only if waitpid was successful. This is a regression fix for CVE-2017-2616. If su receives a signal like SIGTERM, it is not propagated to the child. (Closes: #862806) -- Salvatore Bonaccorso <carnil(a)debian.org> Wed, 17 May 2017 12:58:54 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on quigon.federez.net -- apticron