Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

<< Mandriva | Distributions | Gentoo >>


Community

Support

Debian Planet

Error: It's not possible to reach RSS file http://planet.debian.net/rss20.xml ...

Debian Security Notices

  • DSA-5244 chromium - security update
    Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.



  • DSA-5242 maven-shared-utils - security update
    It was discovered that the Commandline class in maven-shared-utils, acollection of various utility classes for the Maven build system, canemit double-quoted strings without proper escaping, allowing shellinjection attacks.




  • DSA-5239 gdal - security update
    A heap-based buffer overflow vulnerability was discovered in gdal, aGeospatial Data Abstraction Library, which could result in denial ofservice or potentially the execution of arbitrary code, if a speciallycrafted file is processed with the PCIDSK driver.



  • DSA-5237 firefox-esr - security update
    Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrarycode, CSP bypass or session fixation.


  • DSA-5236 expat - security update
    Rhodri James discovered a heap use-after-free vulnerability in thedoContent function in Expat, an XML parsing C library, which couldresult in denial of service or potentially the execution of arbitrarycode, if a malformed XML file is processed.



  • DSA-5234 fish - security update
    An arbitrary code execution vulnerability was disovered in fish, acommand line shell. When using the default configuraton of fish,changing to a directory automatically ran `git` commands in order todisplay information about the current repository in the prompt. Suchrepositories can contain per-repository configuration that change thebehavior of git, including running arbitrary commands.


  • DSA-5233 e17 - security update
    Maher Azzouzi discovered that missing input sanitising in theEnlightenment window manager may result in local privilege escalation toroot.


  • DSA-5232 tinygltf - security update
    It was discovered that the wordexp() function of tinygltf, a library toload/save glTF (GL Transmission Format) files was susceptible to commandexecution when processing untrusted files.


  • DSA-5231 connman - security update
    Several vulnerabilities were discovered in ConnMan, a network managerfor embedded devices, which could result in denial of service or theexecution of arbitrary code.


  • DSA-5230 chromium - security update
    Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.


  • DSA-5229 freecad - security update
    Two vulnerabilities were discovered in FreeCAD, a CAD/CAM program,which could result in the execution of arbitrary shell commands whenopening a malformed file.



  • DSA-5227 libgoogle-gson-java - security update
    It was discovered that Gson, a Java library that can be used to convert JavaObjects into their JSON representations and vice versa, was vulnerable to a deserialization flaw. An application would de-serialize untrusted data withoutsufficiently verifying that the resulting data will be valid, letting theattacker to control the state or the flow of the execution. This can lead to adenial of service or even the execution of arbitrary code.




  • DSA-5224 poppler - security update
    Two vulnerabilities were discovered in poppler, a PDF rendering library,which could result in denial of service or the execution of arbitrarycode if a malformed PDF file or JBIG2 image is processed.


  • DSA-5223 chromium - security update
    Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.


Debian Forum at linuxquestions.org

Page last modified on September 14, 2006, at 05:07 AM