Find the information you need for your favorite open source distribution .
It was discovered that the previous upload of the package prosody versioned 0.9.12-2+deb9u3 introduced a regression in the mod_auth_internal_hashed module. Big thanks to Andre Bianchi for the reporting an issue and for testing the update.
Steven Seeley discovered that in jetty, a Java servlet engine and webserver, requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory. An attacker may access sensitive information regarding the implementation of a web
Two security issues have been discovered in prosody: CVE-2021-32917
Several vulnerabilities were discovered in python-urllib3, a HTTP client for Python. CVE-2018-20060
Several vulnerabilities were discovered in Squid, a proxy caching server. CVE-2021-28651
A vulnerability was discovered in lasso, a library for Liberty Alliance and SAML protocols, which results to a improper verification of a cryptographic signature.
rxvt, VT102 terminal emulator for the X Window System, allowed (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q).
mrxvt, lightweight multi-tabbed X terminal emulator, allowed (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q).
eterm, an enlightened terminal emulator, allowed (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q).
