Debian LTS: DLA-2707-1: sogo security update
One security issue has been discovered in sogo. SOGo does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when
Debian LTS: DLA-2706-1: apache2 security update
Several vulnerabilities have been found in the Apache HTTP server, which could result in denial of service. In addition the implementation of the MergeSlashes option could result in unexpected behaviour.
Debian LTS: DLA-2705-1: scilab security update
Multiple issues have been discovered in scilab, particularly in ezXML embedded library: CVE-2021-30485
Debian LTS: DLA-2704-1: libxstream-java security update
A vulnerability in XStream, a Java library to serialize objects to and from XML, may allow a remote attacker to execute commands of the host only by manipulating the processed input stream.
[SECURITY] [BUGFIX] [DLA 2703-1] ieee-data crash fix
The ieee-data package, which provides the OUI and IAB listings of identifiers assigned by IEEE Standards Association, ships a script (update-ieee-data) which queries ieee.org to download the most recent dataset and save it to /var/lib/ieee-data/.
Debian LTS: DLA-2702-1: djvulibre security update
An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault.
Debian LTS: DLA-2701-1: openexr security update
Several vulnerabilities were discovered in OpenEXR, a library and tools for the OpenEXR high dynamic-range (HDR) image format. An attacker could cause a denial of service (DoS) through application crash and excessive memory consumption.
Debian LTS: DLA-2700-1: htmldoc security update
A buffer overflow was discovered in HTMLDOC, a HTML processor that generates indexed HTML, PS, and PDF, which could potentially result in the execution of arbitrary code. In addition a number of crashes were addressed.
Debian LTS: DLA-2699-1: ipmitool security update
An issue has been found in ipmitool, an utility for IPMI control with kernel driver or LAN interface. Neglecting proper checking of input data might result in buffer overflows
