Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

<< Mandriva | Distributions | Gentoo >>


Community

Support

Debian Planet

Error: It's not possible to reach RSS file http://planet.debian.net/rss20.xml ...

Debian Security Notices

  • DSA-5380 xorg-server - security update
    Jan-Niklas Sohn discovered that a user-after-free flaw in the Compositeextension of the X.org X server may result in privilege escalation ifthe X server is running under the root user.


  • DSA-5379 dino-im - security update
    Kim Alvefur discovered that insufficient message sender validation indino-im, a modern XMPP/Jabber client, may result in manipulation ofentries in the personal bookmark store without user interaction via aspecially crafted message. Additionally an attacker can take advantageof this flaw to change how group chats are displayed or force a user tojoin or leave an attacker-selected groupchat.


  • DSA-5378 xen - security update
    Multiple vulnerabilities have been discovered in the Xen hypervisor,which could result in privilege escalation, denial of service orinformation leaks.


  • DSA-5377 chromium - security update
    Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.


  • DSA-5376 apache2 - security update
    Multiple vulnerabilities have been discovered in the Apache HTTP server,which may result in HTTP response splitting or denial of service.



  • DSA-5374 firefox-esr - security update
    Multiple security issues have been found in the Mozilla Firefoxweb browser, which could potentially result in the executionof arbitrary code or spoofing.


  • DSA-5373 node-sqlite3 - security update
    Dave McDaniel discovered that the SQLite3 bindings for Node.js weresusceptible to the execution of arbitrary JavaScript code if a bindingparameter is a crafted object.


  • DSA-5372 rails - security update
    Multiple vulnerabilities were discovered in rails, the Ruby based server-sideMVC web application framework, which could result in XSS, data disclosureand open redirect.


  • DSA-5371 chromium - security update
    Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.


  • DSA-5370 apr - security update
    Ronald Crane discovered that missing input sanitizing in the apr_encodefunctions of apr, the Apache Portable Runtime library, may result indenial of service or potentially the execution of arbitrary code.


  • DSA-5369 syslog-ng - security update
    It was discovered that an integer overflow in the RFC3164 parser ofsyslog-ng, a system logging daemon, may result in denial of servicevia malformed syslog messages.


  • DSA-5368 libreswan - security update
    It was discovered that the libreswan IPsec implementation could beforced into a crash/restart via malformed IKEv2 packets after peerauthentication, resulting in denial of service.




  • DSA-5365 curl - security update
    Patrick Monnerat discovered that Curl's support for chained HTTPcompression algorithms was susceptible to denial of service.


Debian Forum at linuxquestions.org

Page last modified on September 14, 2006, at 05:07 AM