Debian LTS Linux Distribution - Page 73.75
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Several vulnerabilities were fixed in qemu, a fast processor emulator. CVE-2020-1983
It has been discovered, that a vulnerability in php5, a server-side, HTML-embedded scripting language, could lead to exhausted disk space on the server. When using overly long filenames or field names, a memory
It was discovered that there was a "roster push attack" in mcabber, a console-based Jabber (XMPP) client. This is identical to CVE-2015-8688 for gajim.
It was discovered that there was a command injection vulnerability in picocom, a minimal dumb-terminal emulation program.
Several issues have been fixed in zziplib, a library providing read access on ZIP-archives. They are basically all related to invalid memory access and resulting crash or memory leak.
It was found that pngquant, a PNG (Portable Network Graphics) image optimising utility, is susceptible to a buffer overflow write issue triggered by a maliciously crafted png image, which could lead into
It was discovered that libtiprc, a transport-independent RPC library, could be used for a denial of service or possibly unspecified other impact by a stack-based buffer overflow due to a flood of crafted ICMP and UDP
A vulnerability has been discovered in Libtasn1, a library to manage ASN.1 structures, allowing a remote attacker to cause a denial of service against an application using the Libtasn1 library.
CVE-2020-14929 Alpine before 2.23 silently proceeds to use an insecure connection
It was discovered that there was an out-of-bounds access vulnerability in the server-server protocol in the ngircd Internet Relay Chat (IRC) server.
Two vulnerabilities were found in Ruby on Rails, a MVC ruby-based framework geared for web application development, which could lead to remote code execution and untrusted user input usage, depending on the
Drupal 7 has an Open Redirect vulnerability. For example, a user could be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL.
Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code.
It was discovered that there was a regression in the latest update to Django, the Python web development framework. The upstream fix for CVE-2020-13254 to address data leakages via malformed memcached keys could, in some situations, cause a traceback.
Several issues were discovered in mysql-connector-java, a Java database (JDBC) driver for MySQL, that allow attackers to update, insert or delete access to some of MySQL Connectors accessible data, unauthorized
It was discovered that there was an escaping issue in libphp-phpmailer, an email generation utility class for the PHP programming language.
This update is now available for all supported architectures. For reference the original advisory text follows. Several vulnerabilities have been discovered in the Linux kernel that
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.