The following security advisories has been published for Debian GNU/Linux 7 LTS:
DLA 1263-1: curl security update
DLA 1263-1: debian-security-support update
DLA 1263-1: curl security update
DLA 1263-1: debian-security-support update
DLA 1263-1: curl security update
Package : curl
Version : 7.26.0-1+wheezy24
CVE ID : CVE-2018-1000007
Craig de Stigter discovered that authentication data might be leaked to
third parties when following HTTP redirects.
For Debian 7 "Wheezy", these problems have been fixed in version
7.26.0-1+wheezy24.
We recommend that you upgrade your curl packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
DLA 1263-1: debian-security-support update
Package : debian-security-support
Version : 2018.01.29~deb7u1
This update marks several packages as no longer supported by wheezy-lts:
teamspeak-server, teamspeak-client, libstruts1.2-java, nvidia-graphics-drivers,
glassfish, jbossas4, libnet-ping-external-perl, mp3gain, tor,
jasperreports.
For the reasoning please see the links provided in
/usr/share/debian-security-support/security-support-ended.deb8
Furthermore it marks swftools as only safe to use for trusted input.
For Debian 7 "Wheezy", these problems have been fixed in version
2018.01.29~deb7u1.
We recommend that you upgrade your debian-security-support packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
