Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -1 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalsoftware update

Fedora 23: 2016-80f4f71eff Critical: Curl Escape Function Issue

- reject negative string lengths in curl_easy_[un]escape() (CVE-2016-7167). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-80f4f71eff 2016-09-29 16:02:46.786455 -------------------------------------------------------------------------------- Name : curl Product : Fedora 23 Version : 7.43.0 Release : 10.fc23 URL : https://curl.se/ Summary : A utility for getting files from remote servers (FTP, HTTP, and others) Description : curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy tunneling and a busload of other useful tricks. -------------------------------------------------------------------------------- Update Information: - reject negative string lengths in curl_easy_[un]escape() (CVE-2016-7167) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1375907 - CVE-2016-7167 curl: escape and unescape integer overflows [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1375907 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update curl' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. Tounsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora 23 wget security patch resolves overflow issues in wget_easy_[un]decode() to improve security.. Curl Update Fedora Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 29, 2016 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 10: 2023-21584 Critical: ocaml-postgresql Escape Function Update

- New upstream version 1.12.3. - This contains a SECURITY fix for: https://bugzilla.redhat.com/show_bug.cgi?id=529325 CVE-2009-2943 ocaml- postgresql: Missing escape function (DSA-1909-1) HOWEVER you are not protected until you change your code to use the new connection#escape_string method.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-10595 2009-10-21 00:08:33 -------------------------------------------------------------------------------- Name : ocaml-postgresql Product : Fedora 10 Version : 1.12.3 Release : 1.fc10.2 URL : Summary : OCaml library for accessing PostreSQL databases Description : This OCaml-library provides an interface to PostgreSQL, an efficient and reliable, open source, relational database. Almost all functionality available through the C-API (libpq) is replicated in a type-safe way. This library uses objects for representing database connections and results of queries. -------------------------------------------------------------------------------- Update Information: - New upstream version 1.12.3. - This contains a SECURITY fix for: https://bugzilla.redhat.com/show_bug.cgi?id=529325 CVE-2009-2943 ocaml- postgresql: Missing escape function (DSA-1909-1) HOWEVER you are not protected until you change your code to use the new connection#escape_string method. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 16 2009 Richard W.M. Jones - 1.12.3-1.fc10.2 - Fix build process for new upstream tarball layout. * Fri Oct 16 2009 Richard W.M. Jones - 1.12.3-1 - New upstream version 1.12.3. - This contains a SECURITY fix for: https://bugzilla.redhat.com/show_bug.cgi?id=529325 CVE-2009-2943 ocaml-postgresql: Missing escape function (DSA-1909-1) HOWEVER you are not protected until you change your code to use the new connection#escape_stringmethod. -------------------------------------------------------------------------------- References: [ 1 ] Bug #529325 - CVE-2009-2943 ocaml-postgresql: Missing escape function (DSA-1909-1) https://bugzilla.redhat.com/show_bug.cgi?id=529325 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ocaml-postgresql' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The latest release of ocaml-postgresql includes an essential security enhancement and an improved way to handle escape sequences. Please be sure to adapt your implementations as needed.. Fedora Update, ocaml-postgresql Security, Database Access Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 10, 2009 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracritical fix

Fedora 11 advisory: Ocaml-Postgresql 1.12.3 Critical Escape Issue

- New upstream version 1.12.3. - This contains a SECURITY fix for: https://bugzilla.redhat.com/show_bug.cgi?id=529325 CVE-2009-2943 ocaml- postgresql: Missing escape function (DSA-1909-1) HOWEVER you are not protected until you change your code to use the new connection#escape_string method.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-10633 2009-10-21 00:09:44 -------------------------------------------------------------------------------- Name : ocaml-postgresql Product : Fedora 11 Version : 1.12.3 Release : 1.fc11.2 URL : Summary : OCaml library for accessing PostgreSQL databases Description : This OCaml-library provides an interface to PostgreSQL, an efficient and reliable, open source, relational database. Almost all functionality available through the C-API (libpq) is replicated in a type-safe way. This library uses objects for representing database connections and results of queries. -------------------------------------------------------------------------------- Update Information: - New upstream version 1.12.3. - This contains a SECURITY fix for: https://bugzilla.redhat.com/show_bug.cgi?id=529325 CVE-2009-2943 ocaml- postgresql: Missing escape function (DSA-1909-1) HOWEVER you are not protected until you change your code to use the new connection#escape_string method. -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 16 2009 Richard W.M. Jones - 1.12.3-1.fc11.2 - Fix build process for new upstream tarball layout. * Fri Oct 16 2009 Richard W.M. Jones - 1.12.3-1 - New upstream version 1.12.3. - This contains a SECURITY fix for: https://bugzilla.redhat.com/show_bug.cgi?id=529325 CVE-2009-2943 ocaml-postgresql: Missing escape function (DSA-1909-1) HOWEVER you are not protected until you change your code to use the new connection#escape_stringmethod. -------------------------------------------------------------------------------- References: [ 1 ] Bug #529325 - CVE-2009-2943 ocaml-postgresql: Missing escape function (DSA-1909-1) https://bugzilla.redhat.com/show_bug.cgi?id=529325 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ocaml-postgresql' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Notification of updates for Fedora 11: a crucial security patch has been applied to ocaml-postgresql, addressing vulnerabilities in the escape function.. ocaml security, PostgreSQL fix, Fedora update, critical patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 10, 2009 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 11: 2009-10701 Critical: ocaml-mysql Escape Function Issue

Patch for CVE 2009-2942 Missing escape function (RHBZ#529321).. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-10701 2009-10-21 00:13:15 -------------------------------------------------------------------------------- Name : ocaml-mysql Product : Fedora 11 Version : 1.0.4 Release : 8.fc11.1 URL : Summary : OCaml library for accessing MySQL databases Description : ocaml-mysql is a package for ocaml that provides access to mysql databases. It consists of low level functions implemented in C and a module Mysql intended for application development. -------------------------------------------------------------------------------- Update Information: Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 16 2009 Richard W.M. Jones - 1.0.4-8.fc11.1 - Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). -------------------------------------------------------------------------------- References: [ 1 ] Bug #529321 - CVE-2009-2942 ocaml-mysql: Missing escape function (DSA-1910-1) https://bugzilla.redhat.com/show_bug.cgi?id=529321 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ocaml-mysql' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Update notification for Fedora11: A patch for ocaml-mysql has been released to fix a vulnerability concerning the escape function.. Fedora 11, ocaml-mysql Patch, security update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 10, 2009 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 10: 2009-10583 Important: Python-Postgres Security Patch Update

Patch for CVE 2009-2942 Missing escape function (RHBZ#529321).. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-10582 2009-10-21 00:08:05 -------------------------------------------------------------------------------- Name : ocaml-mysql Product : Fedora 10 Version : 1.0.4 Release : 3.fc10.1 URL : Summary : OCaml library for accessing MySQL databases Description : ocaml-mysql is a package for ocaml that provides access to mysql databases. It consists of low level functions implemented in C and a module Mysql intended for application development. -------------------------------------------------------------------------------- Update Information: Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 16 2009 Richard W.M. Jones - 1.0.4-3.fc10.1 - Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). -------------------------------------------------------------------------------- References: [ 1 ] Bug #529321 - CVE-2009-2942 ocaml-mysql: Missing escape function (DSA-1910-1) https://bugzilla.redhat.com/show_bug.cgi?id=529321 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ocaml-mysql' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Enhance ocaml-mysql in Fedora10 to resolve escaping function problem for better security and reliability.. ocaml-mysql, Fedora Update, software patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 10, 2009 Important Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian DSA-1910-1: mysql-ocaml Critical Escape Function Issue

It was discovered that mysql-ocaml, OCaml bindings for MySql, was missing a function to call mysql_real_escape_string(). This is needed, because mysql_real_escape_string() honours the charset of the connection . - ------------------------------------------------------------------------ Debian Security Advisory DSA-1910-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Steffen Joeris October 14, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : mysql-ocaml Vulnerability : missing escape function Problem type : remote Debian-specific: no CVE Id : CVE-2009-2942 It was discovered that mysql-ocaml, OCaml bindings for MySql, was missing a function to call mysql_real_escape_string(). This is needed, because mysql_real_escape_string() honours the charset of the connection and prevents insufficient escaping, when certain multibyte character encodings are used. The added function is called real_escape() and takes the established database connection as a first argument. The old escape_string() was kept for backwards compatibility. Developers using these bindings are encouraged to adjust their code to use the new function. For the stable distribution (lenny), this problem has been fixed in version 1.0.4-4+lenny1. For the oldstable distribution (etch), this problem has been fixed in version 1.0.4-2+etch1. For the testing distribution (squeeze) and the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your mysql-ocaml packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update byadding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 4922 747ef04d7a1889198ec4dbf74c67b2f9 Size/MD5 checksum: 1330 7fc48e4dcd193742a45c876fd526a57b amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 11790 fd99b55a5cd4b4a31ab19be4bcb381b1 Size/MD5 checksum: 56456 be0d2ab9fff0963365ebd00ad292a099 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 41052 0e192c84931718413f68bbbeecaae8de Size/MD5 checksum: 11188 cfe215c414389beb6e209e0b1ad53836 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 41082 b5f411607c26b4ba66fdf5ca3fafdc1e Size/MD5 checksum: 11212 55dbbcd2aaf1ce70c5f29ca294ab7c2f sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 56836 945b6f4cdddd98413031a91a14e48da7 Size/MD5 checksum: 10650 8c92747279818c517a0ebf6873fa01a3 Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 1912 30bca56e3d5818eaca5bb7fde48fb7c4 Size/MD5 checksum: 5094 99ca09aea5510a14cd9c89ef3df7db7b Size/MD5 checksum: 119584 76f1282bb7299012669bf40cde78216b alpha architecture (DEC Alpha) Size/MD5 checksum: 42870 8e8dbef7120c2ccfe7f4afc8c651f774 Size/MD5 checksum: 12474 bc239d611ee379d53d58f3d944e26fc9 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 12120 e1f9170e413ad492963b3ac2b6a16f61 Size/MD5 checksum: 56758 6fb0e8f0e769fbaa89ea7fe437b07092 arm architecture (ARM) Size/MD5 checksum: 40652 4295ce0a1490f805d73202c0c3d6b2e3 Size/MD5checksum: 10806 b05ecd665ba9ec10053693a9f1eef6d7 hppa architecture (HP PA RISC) Size/MD5 checksum: 12252 7f093c8f69af100652d011a5319a126e Size/MD5 checksum: 41658 d68829d26c2d5ecd82b097d1afcafd00 i386 architecture (Intel ia32) Size/MD5 checksum: 10878 c881ca9eaed7d094fb06b045a36badcc Size/MD5 checksum: 55498 7a66df77e3c9bfdb4ec9161df99b2f44 ia64 architecture (Intel ia64) Size/MD5 checksum: 43270 a590fda7ec241c5adb63e8012d93a6a7 Size/MD5 checksum: 14436 4adff7114ee2600c6086fb456f349d3b mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 41192 9725b31a8355ecddfe3ac6c724388b8d Size/MD5 checksum: 11328 ab2c5ce069b593de640e8e27eabc016b mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 11322 f7f39aeabc1949645f5bdbb553d595e4 Size/MD5 checksum: 41186 83e2b0503b5cc38a3733c5aa76a45c2a powerpc architecture (PowerPC) Size/MD5 checksum: 13948 4f741865f6ad0d5231d210f64f61f449 Size/MD5 checksum: 58050 e824b11167cdddee268e065dca840956 s390 architecture (IBM S/390) Size/MD5 checksum: 41336 2fc7ab920f715a357875964cf57412a6 Size/MD5 checksum: 12424 a6c5e84d7791f8f5c9566aa4ae63d01f sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 10872 c08d9014b06dee09a59bf8b589e28718 Size/MD5 checksum: 56922 0fa317d9c532db33bb13eea54df1f577 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Ubuntu notice UBN-3120-2 enhances php-xyz for robust safeguarding against online vulnerabilities. Check for installation guidelines!. mysql-ocaml,remote security,escape function,database safety. . Severity:Critical. LinuxSecurity.com Team

Calendar 2 Oct 15, 2009 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian: DSA-1911-1 Critical Pygresql Remote Escape Threat

It was discovered that pygresql, a PostgreSQL module for Python, was missing a function to call PQescapeStringConn(). This is needed, because PQescapeStringConn() honours the charset of the connection and prevents . - ------------------------------------------------------------------------ Debian Security Advisory DSA-1911-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Steffen Joeris October 14, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : pygresql Vulnerability : missing escape function Problem type : remote Debian-specific: no CVE Id : CVE-2009-2940 It was discovered that pygresql, a PostgreSQL module for Python, was missing a function to call PQescapeStringConn(). This is needed, because PQescapeStringConn() honours the charset of the connection and prevents insufficient escaping, when certain multibyte character encodings are used. The new function is called pg_escape_string(), which takes the database connection as a first argument. The old function escape_string() has been preserved as well for backwards compatibility. Developers using these bindings are encouraged to adjust their code to use the new function. For the stable distribution (lenny), this problem has been fixed in version 1:3.8.1-3+lenny1. For the oldstable distribution (etch), this problem has been fixed in version 1:3.8.1-1etch2. For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 1:4.0-1. We recommend that you upgrade your pygresql packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may usean automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 694 086a34b31967d51ff8ca7a8804d39a91 Size/MD5 checksum: 4253 f32240024a278f6650b4342a0ebcbb71 alpha architecture (DEC Alpha) Size/MD5 checksum: 93958 dbf107badf6bf7c7b0b2820141e42ef2 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 92400 ea6b668eab27ad64d2e7b02e4affc727 arm architecture (ARM) Size/MD5 checksum: 90130 7b15f232b3dc6facd956eb7fca1bd4e5 i386 architecture (Intel ia32) Size/MD5 checksum: 90362 eaec4a360b3af5e4c334126cf870f4fc ia64 architecture (Intel ia64) Size/MD5 checksum: 98092 488b3090825b958784a5ee748899f337 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 88844 92b80b8485000c7170959b1b10aa93a4 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 88586 8b64c4326529429d0bd1fbff149eb471 powerpc architecture (PowerPC) Size/MD5 checksum: 91086 653410357846b7870f33d93fc87e7348 s390 architecture (IBM S/390) Size/MD5 checksum: 91506 e3ad96489ac5acaf13d850a01027b8c8 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 89030 a82665887545c1ef1d30f3aa55be7804 Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 4466 a1c2ce06c800d605bfe14bcfe2dd0827 Size/MD5 checksum: 81186 5575979dac93c9c5795d7693a8f91c86 Size/MD5 checksum: 1124 269418b4532c90f057bd22e5858a2997 alpha architecture (DEC Alpha) Size/MD5 checksum: 114256 5704221569e20111cf6672ece0d11682 Size/MD5 checksum: 156386 fa17c555e61b71463de456db3c51ae84 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 159238 128f1c3033bde64f9a11f5e913d9d973 Size/MD5 checksum: 115328 fe068a81f497f69a6ad19d495e652e2b arm architecture (ARM) Size/MD5 checksum: 109312 25c5b281ea33146beb5a59666aba47ac Size/MD5 checksum: 144480 ca940db2975633c04b5c2fe87274e8ea armel architecture (ARM EABI) Size/MD5 checksum: 149678 957232bd77ffab3671bf785476ea87da Size/MD5 checksum: 111126 705dea69876757df26bc42e74dd17226 hppa architecture (HP PA RISC) Size/MD5 checksum: 117048 c47c89646f2bc572d5fee685876e639f Size/MD5 checksum: 155300 c864943c790f0a79b2da3034d51a94fa i386 architecture (Intel ia32) Size/MD5 checksum: 108626 d27c445d00283fe59fb6a54cfaaa4156 Size/MD5 checksum: 142506 b1d7283270efa735daf705a7825981e7 ia64 architecture (Intel ia64) Size/MD5 checksum: 160656 45f6874fdc6f520dbe1932a9acbbdc1e Size/MD5 checksum: 125206 261caf7cc1e302d67b1d4c8f44fdca5e mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 149858 3ab427dbe8851bdc5710d5be170e87b4 Size/MD5 checksum: 106876 519d15036e48482c9bf6ba13a45df864 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 107182 e89c124b98cf43149ef29bf0c7376e37 Size/MD5 checksum: 147822 36818301f82c6b208a12dfffcb12abaa powerpc architecture (PowerPC) Size/MD5 checksum: 158920 24d9e6552bc85adbeec92f88cfb7c5cf Size/MD5 checksum: 114592 67797adf90fa321b296f7c6755622802 s390 architecture (IBM S/390) Size/MD5 checksum: 156980 636e256ccfc7f06b6b41cd74492a9593 Size/MD5 checksum: 113766 0cca0ff55e531f246f10009322b62bb2 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 137180 050359d747dd8afce46c3309967af260 Size/MD5 checksum: 108528 40ca765a94813cefaf2a4c77597f8155 These files will probably be moved into the stable distribution on its next update. ---------------------------------------------------------------------------------- For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Debian Security Announcement DSA-1912-2 brings an update for python-requests that addresses a potential denial of service vulnerability. Find out more!. Pygresql, PostgreSQL, Security Advisory, Remote Exploit, Function Upgrade. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 15, 2009 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian DSA-1909-1: Critical Escape Function Issue in PostgreSQL OCaml

It was discovered that postgresql-ocaml, OCaml bindings to PostgreSQL's libpq, was missing a function to call PQescapeStringConn(). This is needed, because PQescapeStringConn() honours the charset of the . - ------------------------------------------------------------------------ Debian Security Advisory DSA-1909-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Steffen Joeris October 14, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : postgresql-ocaml Vulnerability : missing escape function Problem type : remote Debian-specific: no CVE Id : CVE-2009-2943 It was discovered that postgresql-ocaml, OCaml bindings to PostgreSQL's libpq, was missing a function to call PQescapeStringConn(). This is needed, because PQescapeStringConn() honours the charset of the connection and prevents insufficient escaping, when certain multibyte character encodings are used. The added function is called escape_string_conn() and takes the established database connection as a first argument. The old escape_string() was kept for backwards compatibility. Developers using these bindings are encouraged to adjust their code to use the new function. For the stable distribution (lenny), this problem has been fixed in version 1.7.0-3+lenny1. For the oldstable distribution (etch), this problem has been fixed in version 1.5.4-2+etch1. For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 1.12.1-1. We recommend that you upgrade your postgresql-ocaml packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You mayuse an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (oldstable) - ------------------ Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 37091 0f2440dee5ba424e5f2e80b9e1985aac Size/MD5 checksum: 796 fcde6e827e7965128479af66b5f36640 Size/MD5 checksum: 5422 9955c633c0ba5c6082adab763b02dd81 alpha architecture (DEC Alpha) Size/MD5 checksum: 65992 15af26342b66bfc2da16758ceec7d973 Size/MD5 checksum: 12184 c94c1fbb5c2b30baf76b54335899fdb2 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 11652 a7e8bebb72e6f8192a5cad99fd133bcc Size/MD5 checksum: 56826 ef65e7f49d2367fc488a22e3b3b06850 arm architecture (ARM) Size/MD5 checksum: 57254 3c612cb5e6a9fce235884a3ecaf2cda6 Size/MD5 checksum: 9632 361b04c9010ab69b99ca03aa9eb8ee19 hppa architecture (HP PA RISC) Size/MD5 checksum: 11536 e347d8c6e10c2f58727ef0f99fbec29e Size/MD5 checksum: 37706 c515f78761b5bc8e1a193b6282c8c685 i386 architecture (Intel ia32) Size/MD5 checksum: 55088 5236535c706517466fd0c5005f27f5df Size/MD5 checksum: 10708 5cc8f746984d0a5dc6fe6515f798352f ia64 architecture (Intel ia64) Size/MD5 checksum: 70342 1963272ac4eb736025c74bec49d21252 Size/MD5 checksum: 13408 ceceb8785ca67033b906a5bbdcfb3816 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 10550 ed2eba369cd295521a8b706c3402ed53 Size/MD5 checksum: 36922 cd5d3fd3ef7ed3f5b7f28fcbdcb38f54 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 10502 2692a552a66911e5e49805a9a37d7760 Size/MD5 checksum: 36858 6e9ca0073b222a0a0b3049e6c85d919c powerpc architecture (PowerPC) Size/MD5 checksum: 11746 b19f3ce9de91c58d784d758a8b7aba4d Size/MD5 checksum: 60820e04f4fa7c6ffa370c76c5f6a5df3f618 s390 architecture (IBM S/390) Size/MD5 checksum: 12156 8a98242d666d976a5cfabd7a7044d136 Size/MD5 checksum: 37152 2497bdd2fb753146491197b588f21269 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 9840 dafe39256eb4570aa367089762dbdf36 Size/MD5 checksum: 60104 9adc5f0645a24a4b92325595ba8c0552 Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 1464 af736cb504a122eb488b42324033073f Size/MD5 checksum: 5748 8a086c9db7ca5be802b03caedd1d9914 Size/MD5 checksum: 38398 679322c7c7890805a37f7765c4b8f695 alpha architecture (DEC Alpha) Size/MD5 checksum: 57672 2f787af347ad3cfb4d38dd11991a79c2 Size/MD5 checksum: 14448 75907d30cb91a964713e816f8f0dc7ed amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 13840 18b8f028d932263f2ea664d9073d2e93 Size/MD5 checksum: 74842 862fc3a2c78a37f5d5319fa26ff395c3 arm architecture (ARM) Size/MD5 checksum: 53154 e0fd01bb50373e6516a700e4a93207c9 Size/MD5 checksum: 11256 8ae4ba77e2ca6ff37428eafcfd2127f3 armel architecture (ARM EABI) Size/MD5 checksum: 11306 aded1f1a2ecb1b570b5466824ecf506d Size/MD5 checksum: 53826 ee8e2e91e7f07c68932c877be7d5882e hppa architecture (HP PA RISC) Size/MD5 checksum: 55740 602e9d0d203bda43537df8ea7a8cce8f Size/MD5 checksum: 13336 c4e0cf3675baf4a472606ab2149c8c3d i386 architecture (Intel ia32) Size/MD5 checksum: 71974 e22ca1163b616029eb3203ab9a83f57f Size/MD5 checksum: 12358 879cfbff241a2b658f2cafc70fbc26e9 ia64 architecture (Intel ia64) Size/MD5 checksum: 15826 5d918a9811f7a5494a6fb42b7471032f Size/MD5 checksum: 56718 aac510279b15caba5d3a2898b6e5ad22 mips architecture (MIPS (Big Endian)) Size/MD5checksum: 11956 58b8c5c0fe6f5d8308ef455d9c3629b1 Size/MD5 checksum: 54194 cf205c120e7d340caea0c6ab40e6fdad mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 54668 9774393d80fda8f3afa41e5350767a5a Size/MD5 checksum: 11918 75bc39f75ae92d90c12be56e33af1dcf powerpc architecture (PowerPC) Size/MD5 checksum: 14972 2addc8ca023ebd60ab39c4454daa1730 Size/MD5 checksum: 79472 bb0ea2d94f065409f66f3436897477c0 s390 architecture (IBM S/390) Size/MD5 checksum: 14298 fb4aec5493a4b06bf17befbdab8a9a3d Size/MD5 checksum: 55212 c11d2dceae4c5d09c92c793b6d810e91 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 11480 3b8f3c866dc73cddd0905768a7f137a5 Size/MD5 checksum: 77672 a9b0fa3cd51538dfeaaa2e5da8ac92b7 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . The Debian Security Advisory DSA-1909-1 addresses the absence of a secure function in the postgresql-ocaml bindings, and emphasizes the importance of ensuring updates are applied.. Debian Security, PostgreSQL OCaml, Critical Flaw. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 15, 2009 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here