Debian LTS Linux Distribution - Page 72.1
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
`add_password` in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could
The code in src/sftpserver.c did not verify the validity of certain pointers and expected them to be valid. A NULL pointer dereference could have been occurred that typically causes a crash and thus a denial-of-service.
Several vulnerabilities were fixed in libjpeg-turbo, a widely used library for handling JPEG files. CVE-2018-1152
Several vulnerabilities were discovered in mercurial, an easy-to-use, scalable distributed version control system. CVE-2017-17458
Tobias Stoeckmann found an integer overflow issue in JSON-C, a C library to manipulate JSON objects, when reading maliciously crafted large files. The issue could be exploited to cause denial of service or possibly execute arbitrary code.
It was discovered that there was an issue where kdepim-runtime would default to using unencrypted POP3 communication despite the UI indicating that encryption was in use.
A privilege escalation vulnerability vulnerability was discovered in Net-SNMP, a set of tools for collecting and organising information about devices on computer networks.
Several issues have been found in libapache2-mod-auth-openidc, the OpenID Connect authentication module for the Apache HTTP server.
An issue has been found in luajit, a just in time compiler for Lua. An out-of-bounds read could happen because __gc handler frame traversal is
A vulnerbailty was found in curl, a command line tool for transferring data with URL syntax.
Two issues have been found in salt, a remote manager to administer servers.
Several vulnerabilities were fixed in MilkyTracker, a music tracker for composing music in the MOD and XM module file formats. CVE-2019-14464
Several vulnerabilities have been fixed by upgrading FFmpeg, a widely used multimedia framework, from 3.2.14 to 3.2.15. CVE-2019-13390
The following CVE(s) were reported against src:qemu: CVE-2017-9503
An issue has been found in e2fsprogs, a package that contains ext2/ext3/ext4 file system utilities. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code
Several issues have been found in mupdf, a lightweight PDF viewer. The issues could be exploited by crafted PDF files that result in denial
Several issues were found in Poppler, a PDF rendering library, that could lead to denial of service or possibly other unspecified impact when processing maliciously crafted documents.
Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2020-13934
Several vulnerabilities have been found in librsvg, an SVG rendering library. This update corrects some denial of service issues via exponential element processing, stack exhaustion or application crash when processing specially crafted files, as well as some memory safety
A flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.