1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
<< Mandriva | Distributions | Gentoo >>
Debian Security Notices
- DSA-4943 lemonldap-ng - security update
Several vulnerabilities were discovered in lemonldap-ng, a Web-SSOsystem. The flaws could result in information disclosure, authenticationbypass, or could allow an attacker to increase its authentication levelor impersonate another user, especially when lemonldap-ng is configuredto increase authentication level for users authenticated via a secondfactor.
- DSA-4942 systemd - security update
The Qualys Research Labs discovered that an attacker-controlledallocation using the alloca() function could result in memorycorruption, allowing to crash systemd and hence the entire operatingsystem.
- DSA-4941 linux - security update
Several vulnerabilities have been discovered in the Linux kernel thatmay lead to a privilege escalation, denial of service or informationleaks.
- DSA-4938 linuxptp - security update
Miroslav Lichvar reported that the ptp4l program in linuxptp, animplementation of the Precision Time Protocol (PTP), does not validatethe messageLength field of incoming messages, allowing a remote attackerto cause a denial of service, information leak, or potentially remotecode execution.
- DSA-4937 apache2 - security update
Several vulnerabilities have been found in the Apache HTTP server, whichcould result in denial of service. In addition the implementation ofthe MergeSlashes option could result in unexpected behaviour.
- DSA-4936 libuv1 - security update
An out-of-bounds read was discovered in the uv__idna_to_ascii() functionof Libuv, an asynchronous event notification library, which could resultin denial of service or information disclosure.
- DSA-4935 php7.3 - security update
Multiple security issues were found in PHP, a widely-used open sourcegeneral purpose scripting language which could result an SSRF bypassof the FILTER_VALIDATE_URL check and denial of service or potentiallythe execution of arbitrary code in the Firebird PDO.
- DSA-4934 intel-microcode - security update
This update ships updated CPU microcode for some types of Intel CPUs andprovides mitigations for security vulnerabilities which could result inprivilege escalation in combination with VT-d and various side channelattacks.