Debian LTS Linux Distribution - Page 3.7
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks. For Debian 9 stretch, these problems have been fixed in version
Several vulnerabilities were discovered in Icinga 2, a general-purpose monitoring application. An attacker could retrieve sensitive information such as service passwords and ticket salt by querying the web API, or by intercepting unsufficiently checked encrypted
Multiple security vulnerabilities have been discovered in Salt, a powerful remote execution manager, that allow for local privilege escalation on a minion, server side template injection attacks, insufficient checks for eauth credentials, shell and command injections or incorrect validation of
Several vulnerabilities have been discovered in the OpenJDK Java runtime, including issues with cyprographic hashing, TLS client handshaking, and various other issues.
CKEditor, an open source WYSIWYG HTML editor with rich content support, which can be embedded into web pages, had two vulnerabilites as follows:
One security issue has been discovered in botan1.10: a C++ cryptography library.
Two SQL injection vulnerabilities were discovered in SQLAlchemy, a SQL toolkit and Object Relational Mapper for Python, when the order_by or group_by parameters can be controlled by an attacker.
There were a couple of vulnerabilites found in src:python3.5, the Python interpreter v3.5, and are as follows: CVE-2021-3733
Stefan Walter found that udisks2, a service to access and manipulate storage devices, could cause denial of service via system crash if a corrupted or specially crafted ext2/3/4 device or image was mounted, which could happen automatically on certain environments.
CVE-2021-25219 Kishore Kumar Kothapalli discovered that the lame server cache in BIND, a DNS server implementation, can be abused by an attacker to
Multiple security vulnerabilities were discovered in GlusterFS, a clustered file system. Buffer overflows and path traversal issues may lead to information disclosure, denial-of-service or the execution of arbitrary code.
Opening a crafted chm file could result in a buffer overflow in libmspack, a library for Microsoft compression formats. For Debian 9 stretch, this problem has been fixed in version
Several vulnerability have been fixed in libsdl2, the older version of the Simple DirectMedia Layer library that provides low level access to audio, keyboard, mouse, joystick, and graphics hardware.
A vulnerability has been fixed in libsdl2, the newer version of the Simple DirectMedia Layer library that provides low level access to audio, keyboard, mouse, joystick, and graphics hardware.
Several vulnerabilities were fixed in elfutils, a collection of utilities and libraries to handle ELF objects. CVE-2018-16062
Several security vulnerabilities have been discovered in OpenCV, the Open Computer Vision Library. Buffer overflows, NULL pointer dereferences and out-of-bounds write errors may lead to a denial-of-service or other unspecified impact.
An issue has been found in cups, the Common UNIX Printing System. Due to an input validation issue a malicious application might be allowed to read restricted memory.
This update includes the changes in tzdata 2021e for the Perl bindings. For the list of changes, see DLA-2797-1. For Debian 9 stretch, this problem has been fixed in version
This update includes the changes in tzdata 2021e. Notable changes are: - - Fiji suspends DST for the 2021/2022 season.