Debian LTS Linux Distribution - Page 68.25
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. Therefore, there was a need to explicitly specify the number
This package allowed ../ directory traversal to access private resources because resource matching did not ensure that pathnames were in a canonical format.
This update fixes a problem that caused Firefox to fail to build on the arm64 and armhf architectures. For Debian 9 stretch, this problem has been fixed in version
Various vulnerabilities were fixed in nss, the Network Security Service libraries. CVE-2018-12404
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting or spoofing the origin of a download.
Several vulnerabilities were discovered in the Perl5 Database Interface (DBI). An attacker could trigger a denial-of-service (DoS) and possibly execute arbitrary code.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak.
Several vulnerabilities were fixed in qt4-x11, the legacy version of the Qt toolkit. CVE-2018-15518
Several vulnerabilities were fixed in the Qt toolkit. CVE-2018-19872
Two issues have been found in yaws, a high performance HTTP 1.1 webserver written in Erlang.
Two issues have been found in nfdump, a netflow capture daemon. Both issues are related to either a buffer overflow or an integer overflow, which could result in a denial of service or a local code
An issue has been found in curl, a command line tool for transferring data with URL syntax. In rare circumstances, when using the multi API of curl in combination
Two security issues were discovered in the modules of the InspIRCd IRC daemon, which could result in denial of service. CVE-2019-20917
The following security issues have been found in qemu, which could potentially result in DoS and execution of arbitrary code. CVE-2020-1711
Multiple vulnerabilities were discovered in Wordpress, a popular content management framework. CVE-2019-17670
Several security vulnerabilities were corrected in libxml2, the GNOME XML library. CVE-2017-8872
It was discovered that there was a arbitrary code execution vulnerability in grunt, a Javascript task runner. This was possible due to the unsafe loading of YAML documents.
Debian Bug : 870020 870019 876105 869727 886281 873059 870504 870530 870107 872609 875338 875339 875341 873871 873131 875352 878506 875503 875502 876105 876099 878546 878545 877354 877355 878524 878547 878548
lemonldap-ng community fixed a vulnerability in the Nginx default configuration files (CVE-2020-24660). Debian package does not install any default site, but documentation provided insecure examples in Nginx configuration before this version.
The update of squid3 released as DLA-2278-2 introduced a regression due to the updated fix for CVE-2019-12529. The new Kerberos authentication code prevented base64 token negotiation. Updated squid3 packages are now
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.