Debian LTS: DLA-3347-2: spip regression update
It was discovered that the fix for CVE-2023-27372 broke (de)activation of plugins with dependencies. For Debian 10 buster, this problem has been fixed in version
Find the information you need for your favorite open source distribution .
It was discovered that the fix for CVE-2023-27372 broke (de)activation of plugins with dependencies. For Debian 10 buster, this problem has been fixed in version
Multiple security vulnerabilities have been discovered in Apache HTTP server. CVE-2006-20001
node-css-what was vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expression in the re_attr variable. The exploitation of this vulnerability could be triggered
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
It was discovered that syslog-ng, a system logging daemon, had integer overflow and buffer out-of-bounds issues, which could allow a remote attacker to cause Denial of Service via crafted syslog input.
It was discovered that SPIP, a content management system, was vulnerable to SQL injection, remote code execution, and authorization bypass vulnerabilities.
Two vulnerabilities were discovered in Werkzeug, a collection of utilities for WSGI (web) applications. An attacker may inject cookies in specific situations, and cause a denial of service (DoS).
It was discovered that there was a regression in the previous fix for python-cryptography, a Python library offering a number of encryption and cryptography primitives.
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language, which could result in denial of service or incorrect validation of BCrypt hashes.