Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

<< Mandriva | Distributions | Gentoo >>


Community

Support

Debian Planet

Error: It's not possible to reach RSS file http://planet.debian.net/rss20.xml ...

Debian Security Notices

  • DSA-4569 ghostscript - security update
    Manfred Paul and Lukas Schauer reported that the .charkeys procedure inGhostscript, the GPL PostScript/PDF interpreter, does not properlyrestrict privileged calls, which could result in bypass of file systemrestrictions of the dSAFER sandbox.


  • DSA-4568 postgresql-common - security update
    Rich Mirch discovered that the pg_ctlcluster script didn't dropprivileges when creating socket/statistics temporary directories, whichcould result in local privilege escalation.


  • DSA-4565 intel-microcode - security update
    This update ships updated CPU microcode for some types of Intel CPUs. Inparticular it provides mitigations for the TAA (TSX Asynchronous Abort)vulnerability. For affected CPUs, to fully mitigate the vulnerability itis also necessary to update the Linux kernel packages as released in DSA4564-1.


  • DSA-4567 dpdk - security update
    It was discovered that the vhost PMD in DPDK, a set of libraries forfast packet processing, was affected by memory and file descriptor leakswhich could result in denial of service.


  • DSA-4566 qemu - security update
    This update for QEMU, a fast processor emulator, backports support topassthrough the pschange-mc-no CPU flag. The virtualised MSR seen by aguest is set to show the bug as fixed, allowing to disable iTLB Multihitmitigations in nested hypervisors (cf. DSA 4564-1).


  • DSA-4564 linux - security update
    Several vulnerabilities have been discovered in the Linux kernel thatmay lead to a privilege escalation, denial of service, or informationleak.




  • DSA-4561 fribidi - security update
    Alex Murray discovered a stack-based buffer overflow vulnerability infribidi, an implementation of the Unicode Bidirectional Algorithmalgorithm, which could result in denial of service or potentially theexecution of arbitrary code, when processing a large number of unicodeisolate directional characters.





  • DSA-4557 libarchive - security update
    A use-after-free was found in libarchive, a multi-format archive andcompression library, which could result in denial of service andpotentially the execution of arbitrary code is a malformed archiveis processed.



  • DSA-4555 pam-python - security update
    Malte Kraus discovered that libpam-python, a PAM module allowing PAMmodules to be written in Python, didn't sanitise environment variableswhich could result in local privilege escalation if used with asetuid binary.


  • DSA-4554 ruby-loofah - security update
    It was discovered that ruby-loofah, a general library for manipulatingand transforming HTML/XML documents and fragments, was susceptible tocross-site scripting.


  • DSA-4553 php7.3 - security update
    Emil Lerner and Andrew Danau discovered that insufficient validationin the path handling code of PHP FPM could result in the execution ofarbitrary code in some setups.


  • DSA-4552 php7.0 - security update
    Emil Lerner and Andrew Danau discovered that insufficient validationin the path handling code of PHP FPM could result in the execution ofarbitrary code in some setups.



  • DSA-4550 file - security update
    A buffer overflow was found in file, a file type classification tool,which may result in denial of service or potentially the execution ofarbitrary code if a malformed CDF (Composite Document File) file isprocessed.


  • DSA-4549 firefox-esr - security update
    Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrarycode, information disclosure, cross-site scripting or denial of service.


  • DSA-4548 openjdk-8 - security update
    Several vulnerabilities have been discovered in the OpenJDK Javaruntime, resulting in cross-site scripting, denial of service, informationdisclosure or Kerberos user impersonation.


  • DSA-4547 tcpdump - security update
    Several vulnerabilities have been discovered in tcpdump, a command-linenetwork traffic analyzer. These vulnerabilities might result in denial ofservice or, potentially, execution of arbitrary code.


  • DSA-4546 openjdk-11 - security update
    Several vulnerabilities have been discovered in the OpenJDK Javaruntime, resulting in cross-site scripting, denial of service,information disclosure or Kerberos user impersonation.


  • DSA-4545 mediawiki - security update
    It was discovered that the Special:Redirect functionality of MediaWiki,a website engine for collaborative work, could expose suppressed usernames, resulting in an information leak.


  • DSA-4544 unbound - security update
    X41 D-Sec discovered that unbound, a validating, recursive, andcaching DNS resolver, did not correctly process some NOTIFYqueries. This could lead to remote denial-of-service by applicationcrash.


Debian Forum at linuxquestions.org

Page last modified on September 14, 2006, at 05:07 AM