Bug#508419: [nfs-utils] [CVE-2008-4552] TCP wrappers vulnerability

Package: nfs-kernel-server Version: 1:1.0.10-6+etch.1 Severity: grave Tags: security Quoting from CVE-2008-4552: »nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows

Bug#509419: Deprecated VeriSign CA

Package: ca-certificates Version: 20070303 Severity: grave Tags: security It seems that ca-certificates isn't up-to-date anymore; yesterday, when checking an online banking site[1][2], I stumbled upon a Firefox warning about an unknown CA for the site's certificate (WTF...?). Same with Konquero

Bug#510902: Missing security updates - version 2.0.0.20 available from upstream

Package: iceweasel Version: 2.0.0.18-0etch1 Severity: critical Tags: security Security updates from Firefox 2.0.0.19 and 2.0.0.20 are still missing for Debian's Iceweasel in Etch, some of them are considered critical. http://www.mozilla.org/security/known-vulnerabilities/firefox20.html -- To

Bug#510902: Missing security updates - version 2.0.0.20 available from upstream

Hi, any news on this one? I consider Iceweasel to be a major desktop application, but the courrent version now lacks a security update since about a month. Or is Debian dropping support for the 2.0 branch of Iceweasel, like Mozilla recently did with the release of 2.0.0.20[1]? If so, I think th