Letzte Aktivitäten

  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : gdm3
    CVE ID : CVE-2018-14424

    Chris Coulson discovered a use-after-free flaw in the GNOME Display
    Manager, triggerable by an unprivileged user via a specially crafted
    sequence of D-Bus method calls, leading to denial of service…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : postgresql-9.6
    CVE ID : CVE-2018-10915 CVE-2018-10925

    Two vulnerabilities have been found in the PostgreSQL database system:

    CVE-2018-10915

    Andrew Krasichkov discovered that libpq did not reset all its
    connection state during…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : openjdk-8
    CVE ID : CVE-2018-2952

    It was discovered that the PatternSyntaxException class in the
    Concurrency component of OpenJDK, an implementation of the Oracle Java
    platform could result in denial of service via excessive…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : kamailio
    CVE ID : CVE-2018-14767

    Henning Westerholt discovered a flaw related to the To header processing
    in kamailio, a very fast, dynamic and configurable SIP server. Missing
    input validation in the build_res_buf_from_sip_req…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : linux
    CVE ID : CVE-2018-5390 CVE-2018-13405

    Several vulnerabilities have been discovered in the Linux kernel that
    may lead to a privilege escalation or denial of service.

    CVE-2018-5390

    Juha-Matti Tilli discovered that a…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : xml-security-c
    CVE ID : not yet available

    It was discovered that the Apache XML Security for C++ library performed
    insufficient validation of KeyInfo hints, which could result in denial
    of service via NULL pointer dereferences…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : python-django
    CVE ID : CVE-2018-14574

    Andreas Hug discovered an open redirect in Django, a Python web
    development framework, which is exploitable if
    django.middleware.common.CommonMiddleware is used and the APPEND_SLASH
    setting…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : cgit
    CVE ID : CVE-2018-14912
    Debian Bug : 905382

    Jann Horn discovered a directory traversal vulnerability in cgit, a fast
    web frontend for git repositories written in C. A remote attacker can
    take advantage of this flaw to…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : symfony
    CVE ID : CVE-2016-2403 CVE-2017-1665 CVE-2017-16653
    CVE-2017-16654 CVE-2017-16790 CVE-2018-11385
    CVE-2018-11386 CVE-2018-11406

    Multiple vulnerabilities have been found in the Symfony PHP framework
    which could lead to…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : vim-syntastic
    CVE ID : CVE-2018-11319

    Enrico Zini discovered a vulnerability in Syntastic, an addon
    module for the Vim editor that runs a file through external checkers
    and displays any resulting errors. Config files were…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : libmspack
    CVE ID : CVE-2018-14679 CVE-2018-14680 CVE-2018-14681 CVE-2018-14682
    Debian Bug : 904799 904800 904801 904802

    Several vulnerabilities were discovered in libsmpack, a library used to
    handle Microsoft compression…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : ruby2.3
    CVE ID : CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2018-6914
    CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780
    CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075
    CVE-2018-1000076 CVE-2018-1000077…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : fuse
    CVE ID : CVE-2018-10906
    Debian Bug : 904439

    Jann Horn discovered that FUSE, a Filesystem in USErspace, allows the
    bypass of the 'user_allow_other' restriction when SELinux is active
    (including in permissive mode). A…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : ffmpeg
    CVE ID : CVE-2018-14395

    Several vulnerabilities have been discovered in the FFmpeg multimedia
    framework, which could result in denial of service or potentially the
    execution of arbitrary code if malformed files/streams…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : chromium-browser
    CVE ID : CVE-2018-4117 CVE-2018-6044 CVE-2018-6150 CVE-2018-6151
    CVE-2018-6152 CVE-2018-6153 CVE-2018-6154 CVE-2018-6155
    CVE-2018-6156 CVE-2018-6157 CVE-2018-6158 CVE-2018-6159
    CVE-2018-6161 CVE-2018-6162…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : ant
    CVE ID : CVE-2018-10886

    Danny Grander reported that the unzip and untar tasks in ant, a Java
    based build tool like make, allow the extraction of files outside a
    target directory. An attacker can take advantage of this flaw…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : slurm-llnl
    CVE ID : CVE-2018-7033 CVE-2018-10995
    Debian Bug : 893044 900548

    Several vulnerabilities were discovered in the Simple Linux Utility for
    Resource Management (SLURM), a cluster resource management and job
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : network-manager-vpnc
    CVE ID : CVE-2018-10900
    Debian Bug : 904255

    Denis Andzakovic discovered that network-manager-vpnc, a plugin to
    provide VPNC support for NetworkManager, is prone to a privilege
    escalation vulnerability.…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : znc
    CVE ID : CVE-2018-14055 CVE-2018-14056

    Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which
    could result in privilege escalation or denial of service.

    For the stable distribution (stretch), these problems…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : vlc
    CVE ID : CVE-2018-11529

    A use-after-free was discovered in the MP4 demuxer of the VLC media
    player, which could result in the execution of arbitrary code if a
    malformed media file is played.

    For the stable distribution…