3
1
I just installed debsecan
on Debian 8.1 to view the vulnerabilities that I have, and there were quite a few. Searching the web I see that most of them have a fix but I don't manage to figure out how to apply a patch for them. Here is a mere example of a couple of "remotely exploitable, high urgency".
- CVE-2015-5621
libsnmp30
(fixed, remotely exploitable, high urgency) - CVE-2016-2052
libharfbuzz-icu0
(fixed, remotely exploitable, high urgency) - CVE-2015-5364
linux-libc-dev
(fixed, remotely exploitable, high urgency) - CVE-2015-5364
linux-image-3.16.0-4-amd64
(fixed, remotely exploitable, high urgency, obsolete) - CVE-2015-5600
openssh-server
(fixed, remotely exploitable, high urgency)
How can I patch these packages and the ones that I still have on the system that have a "fix"? I know all of them must be fixed differently but a pointer to where and how to start would be awesome!
Just in case it helps, this is my sources.list
file:
###### Debian Main Repos
deb http://ftp.us.debian.org/debian/ jessie main contrib
deb-src http://ftp.us.debian.org/debian/ jessie main contrib
###### Debian Update Repos
deb http://security.debian.org/ jessie/updates main contrib
deb http://ftp.us.debian.org/debian/ jessie-proposed-updates main contrib
deb-src http://security.debian.org/ jessie/updates main contrib
deb-src http://ftp.us.debian.org/debian/ jessie-proposed-updates main contrib
###### Other Debian
deb http://ftp.debian.org/debian jessie-backports main
I'll assume you are on the Stable branch. is it Jessie or Wheezy? Have you confirmed you have the repos for http://security.debian.org/ in your sources.list? have you enabled backport repos? http://backports.debian.org/Instructions/
– Frank Thomas – 2016-05-10T19:04:34.840I am running Jessie stable branch, and I have "deb http://security.debian.org/ jessie/updates main" with the src on my sources list. I added and enabled the backports and it removed a couple but still there are a LOT left.
– El_Feto – 2016-05-10T19:17:49.803