The following security updates has been released for Debian GNU/Linux 8 LTS:
DLA 1470-1: confuse security update
DLA-1469-1: libxcursor security update
DLA 1470-1: confuse security update
DLA-1469-1: libxcursor security update
DLA 1470-1: confuse security update
Package : confuse
Version : 2.7-5+deb8u1
CVE ID : CVE-2018-14447
Debian Bug : 904159
An out of bound read was discoverd in libConfuse, a configuration file parser
library.
CVE-2018-14447
An out of bound read in trim_whitespace, fixed thanks to
Sebastian Roland .
For Debian 8 "Jessie", this problem has been fixed in version
2.7-5+deb8u1.
We recommend that you upgrade your confuse packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
DLA-1469-1: libxcursor security update
Package : libxcursor
Version : 1:1.1.14-1+deb8u2
CVE ID : CVE-2015-9262
Debian Bug : #906012
It was discovered that there was a denial of service or (potentially code
execution) vulnerability in libxcursor, a library designed to help locate
and load cursors for the X Window System.
For Debian 8 "Jessie", this issue has been fixed in libxcursor version
1:1.1.14-1+deb8u2.
We recommend that you upgrade your libxcursor packages.
