Debian LTS: DLA-2904-1: expat security update
Multiple security vulnerabilities have been discovered in Expat, the XML parsing C library. Integer overflows or invalid shifts may lead to a denial of service or other unspecified impact.
Find the information you need for your favorite open source distribution .
Multiple security vulnerabilities have been discovered in Expat, the XML parsing C library. Integer overflows or invalid shifts may lead to a denial of service or other unspecified impact.
Several vulnerabilities have been discovered in libraw that may lead to the execution of arbitrary code, denial of service, or information leaks.
An issue has been found in graphicsmagick, a collection of image processing tools, that results in a heap buffer overwrite when magnifying MNG images.
n issue has been found in libxfont, an X11 font rasterisation library. By creating symlinks, a local attacker can open (but not read) local files as user root. This might create unwanted actions with special files like
An issues has been found in lrzsz, a set of tools for zmodem/xmodem/ymodem file transfer. Due to an incorrect length check, which might result in a size_t wrap
The Qualys Research Labs discovered a local privilege escalation in PolicyKit's pkexec. Details can be found in the Qualys advisory at
It was found that nss, the Mozilla Network Security Service library, was vulnerable to a NULL pointer dereference when parsing empty PKCS 7 sequences, which could result in denial of service.
David Bouman discovered a heap-based buffer overflow vulnerability in the base64 functions of aide, an advanced intrusion detection system, which can be triggered via large extended file attributes or ACLs. This may result in denial of service or privilege escalation.
Multiple out-of-bounds error were discovered in qt4-x11. The highest threat from CVE-2021-3481 (at least) is to data confidentiality the application availability.