Debian LTS: DLA-2698-1: node-bl security update
An issue has been found in node-bl, a Node.js module to access multiple buffers with Buffer interface. Due to a buffer over-read, uninitialized memory might be exposed by
Debian LTS: DLA-2697-1: fluidsynth security update
A vulnerbility has been found in fluidsynth, a real-time MIDI software synthesizer. Using a special crafted soundfont2 file, a use after free vulnerability
Debian LTS: DLA-2695-1: klibc security update
Several vulnerabilities have been discovered in klibc. Depending on how klibc is used, these could lead to the execution of arbitrary code, privilege escalation, or denial of service.
Debian LTS: DLA-2693-1: xmlbeans security update
The XML parsers used by XMLBeans did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include the possibility for XML Entity Expansion attacks which could lead to a denial-of-service. This update implements sensible defaults for the XML parsers to prevent these kind
Debian LTS: DLA-2694-1: tiff security update
Two vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code if malformed image files are processed.
Debian LTS: DLA-2692-1: bluez security update
Two issues have been found in bluez, a package with Bluetooth tools and daemons. One issue is about a man-in-the-middle attack during secure pairing, the other is about information disclosure due to improper access
Debian LTS: DLA-2691-1: libgcrypt20 security update
An issue has been found in libgcrypt20, a crypto library. Mishandling of ElGamal encryption results in a possible side-channel attack and an interoperability problem with keys not generated by
Debian LTS: DLA-2689-1: linux security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service, or information leaks.
Debian LTS: DLA-2690-1: linux-4.19 security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service, or information leaks.
