Debian LTS Linux Distribution - Page 67.6
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1.
A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash)
tzdata, the time zone and daylight-saving time data, has been updated to the latest version. - Revised predictions for Morocco's changes starting in 2023.
Several vulnerabilities were fixed in the Wireshark network protocol analyzer. CVE-2019-10894
Malformed SVG images were able to cause a segmentation fault in qtsvg-opensource-src, the QtSvg module for displaying the contents of SVG files in Qt.
This update corrects a regression in some Xen virtual machine environments. For reference the original advisory text follows. Several vulnerabilities have been discovered in the Linux kernel that
Several issues have been found in cimg, a powerful image processing library.
Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.
Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, bypass of sandbox restrictions or information disclosure.
Two issues have been found in dompurify.js, an XSS sanitizer for HTML, MathML and SVG. Both issues are related to mXSS issues in SVG- or MATH-elements.
Several issues have been found in libsndfile, a library for reading/writing audio files. All issues are basically divide by zero errors, heap read overflows or
Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.
Sergei Glazunov discovered a heap-based buffer overflow vulnerability in the handling of embedded PNG bitmaps in FreeType. Opening malformed fonts may result in denial of service or the execution of arbitrary code.
In fastd, a fast and secure tunnelling daemon, a receive buffer handling problem was discovered which allows a denial of service (memory exhaustion) when receiving packets with an invalid type code.
Several vulnerabilities were found in package phpmyadmin. CVE-2019-19617
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
A security issue was discovered in the MariaDB database server. For Debian 9 stretch, this problem has been fixed in version 10.1.47-0+deb9u1.
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. Debian follows the Thunderbird upstream releases. Support for the 68.x
It was discovered that there was an issue in Apache Tomcat 8, the Java application server. An excessive number of concurrent streams could have resulted in users seeing responses for unexpected resources.
Oleg Kalnichevski discovered that httpcomponents-client, a Java library for building HTTP-aware applications, can misinterpret a malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request