Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

<< Mandriva | Distributions | Gentoo >>


Community

Support

Debian Planet

Error: It's not possible to reach RSS file http://planet.debian.net/rss20.xml ...

Debian Security Notices

  • DSA-5048 libreswan - security update
    It was discovered that the libreswan IPsec implementation could beforced into a crash/restart via a malformed IKEv1 packet, resulting indenial of service.



  • DSA-5046 chromium - security update
    Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.



  • DSA-5044 firefox-esr - security update
    Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrary code,information disclosure, denial of service or spoofing.


  • DSA-5043 lxml - security update
    It was discovered that lxml, a Python binding for the libxml2 andlibxslt libraries, does not properly sanitize its input, which couldlead to cross-site scripting.



  • DSA-5041 cfrpki - security update
    Multiple vulnerabilities were discovered in Cloudflare's RPKI validator,which could result in denial of service or path traversal.


  • DSA-5040 lighttpd - security update
    An out-of-bounds memory access was discovered in the mod_extforward plugin ofthe lighttpd web server, which may result in denial of service.


  • DSA-5039 wordpress - security update
    Several vulnerabilities were discovered in Wordpress, a web bloggingtool. They allowed remote attackers to perform SQL injection, rununchecked SQL queries, bypass hardening, or perform Cross-SiteScripting (XSS) attacks.


  • DSA-5038 ghostscript - security update
    Multiple security issues were discovered in Ghostscript, the GPLPostScript/PDF interpreter, which could result in denial of service andpotentially the execution of arbitrary code if malformed document filesare processed.


  • DSA-5037 roundcube - security update
    It was discovered that roundcube, a skinnable AJAX based webmailsolution for IMAP servers, did not properly sanitize HTMLmessages. This would allow an attacker to perform Cross-Site Scripting(XSS) attacks.


  • DSA-5036 sphinxsearch - security update
    It was discovered that sphinxsearch, a fast standalone full-text SQLsearch engine, could allow arbitrary files to be read by abusing aconfiguration option.



  • DSA-5034 thunderbird - security update
    Multiple security issues were discovered in Thunderbird, which couldresult in the execution of arbitrary code, spoofing, information disclosure,downgrade attacks on SMTP STARTTLS connections or misleading display ofOpenPGP/MIME signatures.



  • DSA-5032 djvulibre - security update
    Several vulnerabilities were discovered in djvulibre, a library andset of tools to handle documents in the DjVu format. An attacker couldcrash document viewers and possibly execute arbitrary code throughcrafted DjVu files.





  • DSA-5028 spip - security update
    It was discovered that SPIP, a website engine for publishing, wouldallow a malicious user to perform cross-site scripting and SQLinjection attacks, or execute arbitrary code.


  • DSA-5027 xorg-server - security update
    Jan-Niklas Sohn discovered that multiple input validation failures in Xserver extensions of the X.org X server may result in privilegeescalation if the X server is running privileged.


Debian Forum at linuxquestions.org

Page last modified on September 14, 2006, at 05:07 AM