Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

<< Mandriva | Distributions | Gentoo >>


Community

Support

Debian Planet

Error: It's not possible to reach RSS file http://planet.debian.net/rss20.xml ...

Debian Security Notices

  • DSA-4943 lemonldap-ng - security update
    Several vulnerabilities were discovered in lemonldap-ng, a Web-SSOsystem. The flaws could result in information disclosure, authenticationbypass, or could allow an attacker to increase its authentication levelor impersonate another user, especially when lemonldap-ng is configuredto increase authentication level for users authenticated via a secondfactor.


  • DSA-4942 systemd - security update
    The Qualys Research Labs discovered that an attacker-controlledallocation using the alloca() function could result in memorycorruption, allowing to crash systemd and hence the entire operatingsystem.


  • DSA-4941 linux - security update
    Several vulnerabilities have been discovered in the Linux kernel thatmay lead to a privilege escalation, denial of service or informationleaks.




  • DSA-4938 linuxptp - security update
    Miroslav Lichvar reported that the ptp4l program in linuxptp, animplementation of the Precision Time Protocol (PTP), does not validatethe messageLength field of incoming messages, allowing a remote attackerto cause a denial of service, information leak, or potentially remotecode execution.


  • DSA-4937 apache2 - security update
    Several vulnerabilities have been found in the Apache HTTP server, whichcould result in denial of service. In addition the implementation ofthe MergeSlashes option could result in unexpected behaviour.


  • DSA-4936 libuv1 - security update
    An out-of-bounds read was discovered in the uv__idna_to_ascii() functionof Libuv, an asynchronous event notification library, which could resultin denial of service or information disclosure.


  • DSA-4935 php7.3 - security update
    Multiple security issues were found in PHP, a widely-used open sourcegeneral purpose scripting language which could result an SSRF bypassof the FILTER_VALIDATE_URL check and denial of service or potentiallythe execution of arbitrary code in the Firebird PDO.


  • DSA-4934 intel-microcode - security update
    This update ships updated CPU microcode for some types of Intel CPUs andprovides mitigations for security vulnerabilities which could result inprivilege escalation in combination with VT-d and various side channelattacks.


Debian Forum at linuxquestions.org

Page last modified on September 14, 2006, at 05:07 AM