Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

<< Mandriva | Distributions | Gentoo >>


Community

Support

Debian Planet

Error: It's not possible to reach RSS file http://planet.debian.net/rss20.xml ...

Debian Security Notices

  • DSA-4647 bluez - security update
    It was reported that the BlueZ's HID and HOGP profile implementationsdon't specifically require bonding between the device and the host.Malicious devices can take advantage of this flaw to connect to a targethost and impersonate an existing HID device without security or to causean SDP or GATT service discovery to take place which would allow HIDreports to be injected to the input subsystem from a non-bonded source.


  • DSA-4646 icu - security update
    Andre Bargull discovered an integer overflow in the InternationalComponents for Unicode (ICU) library which could result in denial ofservice and potentially the execution of arbitrary code.



  • DSA-4644 tor - security update
    A denial of service vulnerability (by triggering high CPU consumption)was found in Tor, a connection-based low-latency anonymous communicationsystem.


  • DSA-4643 python-bleach - security update
    It was reported that python-bleach, a whitelist-based HTML-sanitizinglibrary, is prone to a mutation XSS vulnerability in bleach.clean whenstrip=False and math or svg tags and one or more of the RCDATA tagswere whitelisted.




  • DSA-4640 graphicsmagick - security update
    This update fixes several vulnerabilities in Graphicsmagick: Various memoryhandling problems and cases of missing or incomplete input sanitisingmay result in denial of service, memory disclosure or the executionof arbitrary code if malformed media files are processed.




  • DSA-4637 network-manager-ssh - security update
    Kobus van Schoor discovered that network-manager-ssh, a plugin toprovide VPN integration for SSH in NetworkManager, is prone to aprivilege escalation vulnerability. A local user with privileges tomodify a connection can take advantage of this flaw to execute arbitrarycommands as root.


  • DSA-4636 python-bleach - security update
    It was reported that python-bleach, a whitelist-based HTML-sanitizinglibrary, is prone to a mutation XSS vulnerability in bleach.clean whennoscript and one or more raw text tags were whitelisted.


Debian Forum at linuxquestions.org

Page last modified on September 14, 2006, at 05:07 AM