Debian LTS Linux Distribution - Page 65.75
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
In VIPS, an image processing system, an uninitialized variable which may cause the leakage of remote server path or stack address was fixed. For Debian 9 stretch, this problem has been fixed in version
In Mutt, a text-based Mail User Agent, invalid IMAP server responses were not properly handled, potentially resulting in authentication credentials being exposed or man-in-the-middle attacks.
Some issues have been found in qemu, a fast processor emulator. All issues are related to assertion failures, out-of-bounds access
An issue has been found in tcpflow, a TCP flow recorder. Due to an overflow vulnerability in function handle_80211, an
Two vulnerabilities were found in the Archive_Tar PHP module, used by Drupal, which could result in the execution of arbitrary code if a malicious user is allowed to upload tar archives.
CVE-2018-19787 It was discovered that there was a XSS injection vulnerability in
Multiple heap buffer overflows have been fixed in CImg, a C++ toolkit to load, save, process and display images. For Debian 9 stretch, this problem has been fixed in version
Multiple vulnerabilities were discovered in Zabbix, a network monitoring solution. An attacker may remotely execute code on the zabbix server, and redirect to external links through the zabbix web frontend.
Three issues have been found in golang-1.8, a Go programming language compiler version 1.8
Two issues have been found in golang-1.7, a Go programming language compiler version 1.7
Two vulnerabilities were discovered in Drupal, a fully-featured content management framework. CVE-2020-13666
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, phishing, cross-site scripting or a DNS rebinding attack.
Several vulnerabilities have been discovered in jupyter-notebook. CVE-2018-8768
golang-go.crypto was recently updated with a fix for CVE-2020-9283. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix.
golang-go.crypto was recently updated with a fix for CVE-2019-11840. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix.
The update of pacemaker released as DLA-2447-1 caused a regression when the communication between the Corosync cluster engine and pacemaker takes place. A permission problem prevents IPC requests between cluster nodes. The patch for CVE-2020-25654 has been reverted until a better solution can be found.
golang-go.crypto was recently updated with a fix for CVE-2020-9283. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix.
2.09-1+2020d accidentally did omit changes to some files, resulting in warnings. For Debian 9 stretch, this problem has been fixed in version
This update includes the changes in tzdata 2020d for the Perl bindings. For the list of changes, see DLA-2424-1. For Debian 9 stretch, this problem has been fixed in version
An issue has been found in libvncserver, an API to write one's own VNC server. Due to some missing checks, a divide by zero could happen, which could