Find the information you need for your favorite open source distribution .
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, unauthorized access, sandbox bypass or HTTP header injection.
It was discovered that there was a local privilege escalation vulnerability in beep, an "advanced PC speaker beeper". For Debian 7 "Wheezy", this issue has been fixed in beep version
Multiple vulnerabilities were found in the rubygems package management framework, embedded in JRuby, a pure-Java implementation of the Ruby programming language.
Multiple vulnerabilities were found in rubygems, a package management framework for Ruby. CVE-2018-1000075
Two security vulnerabilities were discovered in the Z shell. CVE-2018-1071 Stack-based buffer overflow in the exec.c:hashcmd() function.
CVE-2017-7651 A crafted CONNECT packet from an unauthenticated client could result in extraordinary memory consumption.
Several vulnerabilities have been discovered in the Dovecot email server. The Common Vulnerabilities and Exposures project identifies the following issues:
libvncserver version through 0.9.11. does not sanitize msg.cct.length which may result in access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets.
Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in
