Debian LTS Linux Distribution - Page 83
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
An issue has been found in wget, a tool to retrieve files from the web. A race condition might occur as files rejected by an access list are kept on the disk for the duration of a HTTP connection.
Several issues have been found in zlib, a compression library. They are basically about improper big-endian CRC calculation, improper left shift of negative integers and improper pointer arithmetic.
Three issues have been found in graphicsmagick, a collection of image processing tools. They are basically a heap-based buffer over-read, heap-based buffer
Several vulnerabilities have been discovered in the otrs2 package that may lead to unauthorized access, remote code execution and spoofing.
It was discovered that there were a large number of NULL pointer dereferences due to unchecked return values from malloc and friends in hiredis, a minimalistic C client library.
An issue has been found in unzip, a de-archiver for .zip files. While processing a password protected archive, a heap-based buffer overflow could happen, that allows an attacker to perform a denial of
OpenJPEG had a heap-based buffer overflow in opj_t1_clbl_decode_processor in libopenjp2.so.
Two security vulnerabilities have been fixed in the Tomcat servlet and JSP engine. CVE-2019-12418
An issue has been found in iperf3, an Internet Protocol bandwidth measuring tool. Bad handling of UTF8/16 strings in an embedded library could cause a
An issue has been found in slirp, a SLIP/PPP emulator using a dial up shell account. Due to bad memory handling in slirp a heap-based buffer overflow or other
An issue has been found in jsoup, a Java HTML parser that makes sense of real-world HTML soup. Due to bad handling of missing '>' at EOF a cross-site scripting (XSS) vulnerability could appear.
Several issues have been found in python-apt, a python interface to libapt-pkg. CVE-2019-15795
Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system.
Several issues have been found in transfig, a XFig figure files converter. CVE-2018-16140
Multiple issues were found in gpac, a multimedia framework featuring the MP4Box muxer. CVE-2018-21015
Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or information disclosure.
In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests
It was discovered that there were a number of cross-site scripting vulnerabilities in cacti, a web interface for monitoring systems. For Debian 8 "Jessie", this issue has been fixed in cacti version
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak.
In debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server allowed password changes for other Kerberos user principals.