Debian LTS: DLA-3306-1: python-django security update
It was discovered that there was a potential Denial of Service (DoS) vulnerability in Django, a popular Python-based web development framework.
Debian LTS: DLA-3305-1: libstb security update
Several vulnerabilities have been fixed in the libstb library. CVE-2018-16981
Debian LTS: DLA-3303-1: ruby-git security update
A couple of vulnerabilities were reported against ruby-git, a Ruby interface to the Git revision control system, that could lead to a command injection and execution of an arbitrary ruby code by having a user to load a repository containing a specially crafted filename
Debian LTS: DLA-3302-1: nova security update
An issue was discovered in Nova, an OpenStack project that provides a way to provision compute instances (aka virtual servers). By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy
Debian LTS: DLA-3301-1: cinder security update
An issue was discovered in OpenStack Cinder, a Block Storage service for OpenStack. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the
Debian LTS: DLA-3300-1: glance security update
An issue was discovered in Glance, OpenStack Image Registry and Delivery Service - Daemons. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the
Debian LTS: DLA-3299-1: node-qs security update
Nathanael Braun and Johan Brissaud discovered a prototype poisoning vulnerability in node-qs, a Node.js module to parse and stringify query strings. node-qs 6.5.x before 6.5.3 allows for instance the creation of array-like objects by setting an Array in the `__ proto__` property; the
Debian LTS: DLA-3298-1: ruby-rack security update
Several vulnerabilities, like directory traversal vulnerability, ReDoS vulnerability, et al, were found in ruby-rack, a modular Ruby webserver interface.
