Debian LTS Linux Distribution - Page 46
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed images are processed.
Several vulnerabilities were discovered in the Go programming language. An attacker could trigger a denial-of-service (DoS) and information leak.
Several vulnerabilities were discovered in the Go programming language. An attacker could trigger a denial-of-service (DoS) and information leak.
Two issues have been found in libspf2, a library for validating mail senders with SPF. Both issues are related to heap-based buffer overflows.
The Drupal project includes a very old version of jQuery. Security vulnerabilities leading to cross-site scripting attacks in different components of the jQuery UI libraries were found and fixed for Drupal version 7.86.
Multiple security vulnerabilities have been discovered in the NVIDIA binary driver and libraries that provide optimized hardware acceleration which may lead to denial of service, information disclosure or data corruption.
One issue has been discovered in lighttpd: fast webserver with minimal memory footprint. CVE-2018-19052: an issue was discovered in mod_alias_physical_handler in
Multiple security issues were discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system, which could result in denial of service, information disclosure or privilege escalation.
It was discovered that sphinxsearch, a fast standalone full-text SQL search engine, could allow arbitrary files to be read by abusing a configuration option.
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For Debian 9 stretch, these problems have been fixed in version
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, denial of service or spoofing.
Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.
It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize HTML messages. This would allow an attacker to perform Cross-Site Scripting (XSS) attacks.
Two issues were found in GDAL, a geospatial library, that could lead to denial of service via application crash or possibly the execution of arbitrary code if maliciously crafted data was parsed.
Multiple issues have been discovered in vim: an enhanced vi text editor: CVE-2017-17087 fileio.c in Vim sets the group ownership of a .swp file to the editor's primary
Version 0.102 of ClamAV, an anti-virus toolkit, is end-of-life. ClamAV has been updated to version 0.103 to be able to receive virus signature updates.
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code, spoofing, information disclosure, downgrade attacks on SMTP STARTTLS connections or misleading display of OpenPGP/MIME signatures.
Past security updates of Salt, a remote execution manager, introduced regressions for which follow-up fixes were published: CVE 2020-16846 regression
In the download utility aria2, --log was leaking HTTP user credentials in local log file. For Debian 9 stretch, this problem has been fixed in version
Stack overflow due to infinite recursion was fixed in agg, the Anti-Grain Geometry graphical toolkit. For Debian 9 stretch, this problem has been fixed in version