Debian LTS Linux Distribution - Page 76.15
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
When normalizing ar member names by removing trailing whitespace and slashes, an out-out-bound read can be caused if the ar member name consists only of such characters, because the code did not
NOTE: This DLA was intially sent on 2020-04-14 but for reasons unknown failed to reach the mailing list. It is being re-sent now to ensure that it appears in the mailing list archive. No new version of
Multiple CVE(s) were discovered in the src:wordpress package. CVE-2020-11026
It was discovered that libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse
Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure.
It was discovered that there was an arbitrary content injection vulnerability in the Mailman mailing list manager. For Debian 8 "Jessie", this issue has been fixed in mailman version
It was discovered that there was a denial of service attack in the SQLite database, often embedded into other programs and servers. In the event of a semantic error in an aggregate query, SQLite did
Several vulnerabilities were discovered in Ansible, a configuration management, deployment, and task execution system.
A Denial of Service (DoS) vulnerability was discovered in the network time protocol server/client, ntp. ntp allowed an "off-path" attacker to block unauthenticated
A regression has been found in the patch for CVE-2016-10711 of pound, a reverse proxy, load balancer and HTTPS front-end for Web servers. Without the fix pound can be tricked to use 100% CPU.
A vulnerability was discovered in mailman. GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against
A vulnerability was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. LDAP search filters with nested boolean expressions can result in denial of service (slapd daemon
Several vulnerabilities have been discovered in otrs2 (Open source Ticket Request System)
It was discovered that there was a integer signedness error in the miniupnpc UPnP client that could allow remote attackers to cause a denial of service attack.
An issue has been found in pound, A request smuggling vulnerability was discovered in pound, a everse proxy, load balancer and HTTPS front-end for Web servers, that may allow
Two issues have been found in w3m, WWW browsable pager with excellent tables/frames support.
An issue has been found in yodl, a pre-document language. Hanno Bock discovered that there was a buffer over-read vulnerability.
Agostino Sarubbo of Gentoo discovered a heap buffer overflow write in the rzip program (a compression program for large files) when uncompressing maliciously crafted files.
Three issues have been found in php5, a server-side, HTML-embedded scripting language.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.