Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

<< Mandriva | Distributions | Gentoo >>


Community

Support

Debian Planet

Error: It's not possible to reach RSS file http://planet.debian.net/rss20.xml ...

Debian Security Notices

  • DSA-4341 mariadb-10.1 - security update
    Several issues have been discovered in the MariaDB database server. Thevulnerabilities are addressed by upgrading MariaDB to the new upstreamversion 10.1.37. Please see the MariaDB 10.1 Release Notes for furtherdetails:



  • DSA-4339 ceph - security update
    Multiple vulnerabilities were discovered in Ceph, a distributed storageand file system: The cephx authentication protocol was suspectible toreplay attacks and calculated signatures incorrectly, ceph mon did notvalidate capabilities for pool operations (resulting in potentialcorruption or deletion of snapshot images) and a format stringvulnerability in libradosstriper could result in denial of service.


  • DSA-4338 qemu - security update
    Integer overflows in the processing of packets in network cards emulatedby QEMU, a fast processor emulator, could result in denial of service.


  • DSA-4337 thunderbird - security update
    Multiple security issues have been found in Thunderbird: Multiple memorysafety errors may lead to the execution of arbitrary code or denial ofservice.


  • DSA-4336 ghostscript - security update
    Several vulnerabilities were discovered in Ghostscript, the GPLPostScript/PDF interpreter, which may result in denial of service,disclosure of existence and size of arbitrary files, or the execution ofarbitrary code if a malformed Postscript file is processed (despite thedSAFER sandbox being enabled).


  • DSA-4335 nginx - security update
    Three vulnerabilities were discovered in Nginx, a high-performance weband reverse proxy server, which could result in denial of service in processingHTTP/2 (via excessive memory/CPU usage) or server memory disclosure inthe ngx_http_mp4_module module (used for server-side MP4 streaming).


  • DSA-4334 mupdf - security update
    Multiple vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-bookviewer which could result in denial of service or the execution ofarbitrary code if malformed documents are opened.


  • DSA-4333 icecast2 - security update
    Nick Rolfe discovered multiple buffer overflows in the Icecast multimediastreaming server which could result in the execution of arbitrary code.


  • DSA-4332 ruby2.3 - security update
    Several vulnerabilities have been discovered in the interpreter for theRuby language. The Common Vulnerabilities and Exposures projectidentifies the following problems:




  • DSA-4329 teeworlds - security update
    It was discovered that incorrect connection setup in the server forTeeworlds, an online multi-player platform 2D shooter, could result indenial of service via forged connection packets (rendering all gameserver slots occupied).


  • DSA-4328 xorg-server - security update
    Narendra Shinde discovered that incorrect command-line parametervalidation in the Xorg X server may result in arbitary file overwrite,which can result in privilege escalation.


  • DSA-4327 thunderbird - security update
    Multiple security issues have been found in Thunderbird: Multiple memorysafety errors and use-after-frees may lead to the execution of arbitrarycode or denial of service.


  • DSA-4326 openjdk-8 - security update
    Several vulnerabilities have been discovered in OpenJDK, animplementation of the Oracle Java platform, resulting in denial ofservice, sandbox bypass, incomplete TLS identity verification,information disclosure or the execution of arbitrary code.


  • DSA-4325 mosquitto - security update
    It was discovered that mosquitto, an MQTT broker, was vulnerable toremote denial-of-service attacks that could be mounted using variousvectors.


  • DSA-4324 firefox-esr - security update
    Multiple security issues have been found in the Mozilla Firefox webbrowser, which could result in the execution of arbitrary code,privilege escalation or information disclosure.


Debian Forum at linuxquestions.org

Page last modified on September 14, 2006, at 05:07 AM