Updated memcached packages has been released for both Debian GNU/Linux 8 and 9 This update fixes three security issues in memcached: 1) Daniel Shapira reported a heap-based buffer over-read in memcached (CVE-2017-9951). 2) It was reported that memcached listens to UDP by default. A remote attacker can take advantage of it to use the memcached service as a DDoS amplifier (CVE-2018-1000115). 3) An integer overflow was reported in memcached, resulting in resource leaks, data corruption, deadlocks or crashes (CVE-2018-1000127).  Memcached Security Update for Debian 8 and 9