Debian 10228 Published by

The following security updates has been released for Debian:

[DSA 2962-1] nspr security update
[DSA 2963-1] lucene-solr security update



[DSA 2962-1] nspr security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2962-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
June 17, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : nspr
CVE ID : CVE-2014-1545

Abhiskek Arya discovered an out of bounds write in the cvt_t() function
of the NetScape Portable Runtime Library which could result in the
execution of arbitrary code.

For the stable distribution (wheezy), this problem has been fixed in
version 2:4.9.2-1+deb7u2.

For the unstable distribution (sid), this problem has been fixed in
version 2:4.10.6-1.

We recommend that you upgrade your nspr packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

[DSA 2963-1] lucene-solr security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2963-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
June 17, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : lucene-solr
CVE ID : CVE-2013-6397 CVE-2013-6407 CVE-2013-6408

Multiple vulnerabilities were found in Solr, an open source enterprise
search server based on Lucene, resulting in information disclosure or
code execution.

For the stable distribution (wheezy), these problems have been fixed in
version 3.6.0+dfsg-1+deb7u1.

For the testing distribution (jessie), these problems have been fixed in
version 3.6.2+dfsg-2.

For the unstable distribution (sid), these problems have been fixed in
version 3.6.2+dfsg-2.

We recommend that you upgrade your lucene-solr packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/