Several vulnerabilities have been found in Ansible, a configuration management, deployment and task execution system, which could result in information disclosure or argument injection. In addition a race condition in become_user was fixed.
Andrea Fioraldi discovered a buffer overflow in libsndfile, a library for reading/writing audio files, which could result in denial of service or potentially the execution of arbitrary code when processing a malformed audio file.
It was discovered that the Key Distribution Center (KDC) in krb5, the MIT implementation of Kerberos, is prone to a NULL pointer dereference flaw. An unauthenticated attacker can take advantage of this flaw to cause a denial of service (KDC crash) by sending a request containing a
Several vulnerabilities were discovered in lemonldap-ng, a Web-SSO system. The flaws could result in information disclosure, authentication bypass, or could allow an attacker to increase its authentication level or impersonate another user, especially when lemonldap-ng is configured