1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
<< Mandriva | Distributions | Gentoo >>
Debian Security Notices
- DSA-4889 mediawiki - security update
Multiple security issues were found in MediaWiki, a website engine forcollaborative work, which could result in incomplete page/blockingprotection, denial of service or cross-site scripting.
- DSA-4888 xen - security update
Multiple vulnerabilities have been discovered in the Xen hypervisor,which could result in denial of service, privilege escalation or memorydisclosure.
- DSA-4887 lib3mf - security update
A use-after-free was discovered in Lib3MF, a C++ implementation of the3D Manufacturing Format, which could result in the execution ofarbitrary code if a malformed file is opened.
- DSA-4885 netty - security update
Multiple security issues were discovered in Netty, a Java NIOclient/server framework, which could result in HTTP request smuggling,denial of service or information disclosure.
- DSA-4883 underscore - security update
- DSA-4882 openjpeg2 - security update
Multiple vulnerabilities have been discovered in openjpeg2, theopen-source JPEG 2000 codec, which could result in denial of service orthe execution of arbitrary code when opening a malformed image.
- DSA-4880 lxml - security update
Kevin Chung discovered that lxml, a Python binding for the libxml2 andlibxslt libraries, did not properly sanitize its input. This wouldallow a malicious user to mount a cross-site scripting attack.
- DSA-4879 spamassassin - security update
Damian Lukowski discovered a flaw in spamassassin, a Perl-based spamfilter using text analysis. Malicious rule configuration files, possiblydownloaded from an updates server, could execute arbitrary commandsunder multiple scenarios.
- DSA-4878 pygments - security update
Ben Caller discovered that Pygments, a syntax highlighting packagewritten in Python 3, used regular expressions which could result indenial of service.
- DSA-4875 openssl - security update
A NULL pointer dereference was found in the signature_algorithmsprocessing in OpenSSL, a Secure Sockets Layer toolkit, which couldresult in denial of service.
- DSA-4874 firefox-esr - security update
Multiple security issues have been found in the Mozilla Firefoxweb browser, which could potentially result in the executionof arbitrary code, information disclosure or spoofing attacks.
- DSA-4871 tor - security update
Two vulnerabilities were discovered in Tor, a connection-basedlow-latency anonymous communication system, which could lead toexcessive CPU usage or cause a directory authority to crash.