Debian LTS Linux Distribution - Page 86
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Several security vulnerabilities were found in Ruby that also affected Debian's JRuby package, a pure-Java implementation of Ruby. Attackers were able to call arbitrary Ruby methods, cause a denial-of-service or inject input into HTTP response headers when using the WEBrick module.
In HTMLDOC, there was a one-byte underflow in htmldoc/ps-pdf.cxx caused by a floating point math difference between GCC and Clang.
The OpenSLP package had two open security issues: CVE-2017-17833
phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/display_git_revision.lib.php and libraries/Footer.class.php.
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, information disclosure or the execution of arbitrary code.
It was discovered that there was an integer overflow vulnerability in librabbitmq, a library for robust messaging between applications and servers.
Several security issues were fixed in libav, a multimedia library for processing audio and video files.
Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring.
A corrupted or specially crafted CRW images might exceed the overall buffersize to cause a denial of service.
The backport of the CVE-2019-13161 fix caused a regression and has been reverted. For Debian 8 "Jessie", this problem has been fixed in version
In mod_tls a crash with empty CRL was fixed. For Debian 8 "Jessie", this problem has been fixed in version 1.3.5e+r1.3.5-2+deb8u5.
Several vulnerabilites are fixed in Asterisk, an Open Source PBX and telephony toolkit. CVE-2019-13161
This update fixes a regression in introduced in 1:5.22+15-2+deb8u5 causing truncated output of the interpreter name, thanks to Christoph Biedl for reporting the problem and cause.
In tnef, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values.
Several vulnerabilities have been identified in the VNC code of ssvnc, an encryption-capable VNC client..
Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may haved crash with a NULL deref leading to a Denial-of-Service.
Several vulnerabilities have been identified in the VNC code of vino, a desktop sharing utility for the GNOME desktop environment.
Several issues have been found in libvorbis, a decoder library for Vorbis General Audio Compression Codec.