Debian LTS: DLA-2659-1: graphviz security update
CVE-2018-10196 NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library allows
Debian LTS: DLA-2658-1: redmine security update
Several issues were found in Redmine, a project management web application, which could lead to cross-site scripting, information disclosure, and reading arbitrary files from the server.
Debian LTS: DLA-2657-1: lz4 security update
It was discovered that there was a potential memory corruption vulnerability in the lz4 compression algorithm library. For Debian 9 "Stretch", this problem has been fixed in version
Debian LTS: DLA-2656-1: hivex security update
Jemery Galindo discovered an out-of-bounds memory access in Hivex, a library to parse Windows Registry hive files. For Debian 9 stretch, this problem has been fixed in version
Debian LTS: DLA-2655-1: rails security update
CVE-2021-22885 There is a possible information disclosure/unintended method execution vulnerability in Action Pack when using the
Debian LTS: DLA-2654-1: composer security update
It was discovered that composer, a dependency manager for PHP, did not properly sanitize Mercurial URLs, which could lead to arbitrary code execution.
