Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

<< Mandriva | Distributions | Gentoo >>


Community

Support

Debian Planet

Error: It's not possible to reach RSS file http://planet.debian.net/rss20.xml ...

Debian Security Notices

  • DSA-4890 ruby-kramdown - security update
    Stan Hu discovered that kramdown, a pure Ruby Markdown parser andconverter, performed insufficient namespace validation of Rouge syntaxhighlighting formatters.


  • DSA-4889 mediawiki - security update
    Multiple security issues were found in MediaWiki, a website engine forcollaborative work, which could result in incomplete page/blockingprotection, denial of service or cross-site scripting.


  • DSA-4888 xen - security update
    Multiple vulnerabilities have been discovered in the Xen hypervisor,which could result in denial of service, privilege escalation or memorydisclosure.


  • DSA-4887 lib3mf - security update
    A use-after-free was discovered in Lib3MF, a C++ implementation of the3D Manufacturing Format, which could result in the execution ofarbitrary code if a malformed file is opened.



  • DSA-4885 netty - security update
    Multiple security issues were discovered in Netty, a Java NIOclient/server framework, which could result in HTTP request smuggling,denial of service or information disclosure.



  • DSA-4883 underscore - security update
    It was discovered that missing input sanitising in the template()function of the Underscore JavaScript library could result in theexecution of arbitrary code.


  • DSA-4882 openjpeg2 - security update
    Multiple vulnerabilities have been discovered in openjpeg2, theopen-source JPEG 2000 codec, which could result in denial of service orthe execution of arbitrary code when opening a malformed image.



  • DSA-4880 lxml - security update
    Kevin Chung discovered that lxml, a Python binding for the libxml2 andlibxslt libraries, did not properly sanitize its input. This wouldallow a malicious user to mount a cross-site scripting attack.


  • DSA-4879 spamassassin - security update
    Damian Lukowski discovered a flaw in spamassassin, a Perl-based spamfilter using text analysis. Malicious rule configuration files, possiblydownloaded from an updates server, could execute arbitrary commandsunder multiple scenarios.


  • DSA-4878 pygments - security update
    Ben Caller discovered that Pygments, a syntax highlighting packagewritten in Python 3, used regular expressions which could result indenial of service.




  • DSA-4875 openssl - security update
    A NULL pointer dereference was found in the signature_algorithmsprocessing in OpenSSL, a Secure Sockets Layer toolkit, which couldresult in denial of service.


  • DSA-4874 firefox-esr - security update
    Multiple security issues have been found in the Mozilla Firefoxweb browser, which could potentially result in the executionof arbitrary code, information disclosure or spoofing attacks.




  • DSA-4871 tor - security update
    Two vulnerabilities were discovered in Tor, a connection-basedlow-latency anonymous communication system, which could lead toexcessive CPU usage or cause a directory authority to crash.


Debian Forum at linuxquestions.org

Page last modified on September 14, 2006, at 05:07 AM