Letzte Aktivitäten

  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : xen

    CVE ID : CVE-2021-28694 CVE-2021-28695 CVE-2021-28696 CVE-2021-28697

    CVE-2021-28698 CVE-2021-28699 CVE-2021-28700 CVE-2021-28701


    Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : wpewebkit

    CVE ID : CVE-2021-30858


    The following vulnerabilities have been discovered in the webkit2gtk web engine:


    CVE-2021-30858

    An anonymous researcher discovered that processing maliciously

    crafted web content may lead to arbitrary…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : webkit2gtk

    CVE ID : CVE-2021-30858


    The following vulnerabilities have been discovered in the webkit2gtk web engine:


    CVE-2021-30858

    An anonymous researcher discovered that processing maliciously

    crafted web content may lead to…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : nextcloud-desktop

    CVE ID : CVE-2021-22895 CVE-2021-32728

    Debian Bug : 989846


    Two vulnerabilities were discovered in the Nextcloud desktop client, which could result in information disclosure.


    For the oldstable distribution…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : thunderbird

    CVE ID : CVE-2021-38493


    Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.


    For the oldstable distribution (buster), this problem has been fixed in version…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : ghostscript

    CVE ID : CVE-2021-3781

    Debian Bug : 994011


    It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly validate access for the "%pipe%", "%handle%" and "%printer%" io devices, which…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : ntfs-3g

    CVE ID : CVE-2021-33285 CVE-2021-33286 CVE-2021-33287 CVE-2021-33289

    CVE-2021-35266 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269

    CVE-2021-39251 CVE-2021-39252 CVE-2021-39253 CVE-2021-39254

    CVE-2021-39255 CVE-2021-39256…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : postorius

    CVE ID : CVE-2021-40347


    Kevin Israel discovered that Postorius, the administrative web frontend for Mailman 3, didn't validate whether a logged-in user owns the email address when unsubscribing.


    For the oldstable…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : firefox-esr

    CVE ID : CVE-2021-38493


    Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.


    For the oldstable distribution (buster), this…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : haproxy

    CVE ID : CVE-2021-40346


    Ori Hollander reported that missing header name length checks in the

    htx_add_header() and htx_add_trailer() functions in HAProxy, a fast and reliable load balancing reverse proxy, could result in…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : squashfs-tools

    CVE ID : CVE-2021-40153


    Etienne Stalmans discovered that unsquashfs in squashfs-tools, the tools to create and extract Squashfs filesystems, does not validate filenames for traversal outside of the destination…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : gpac

    CVE ID : CVE-2021-21834 CVE-2021-21836 CVE-2021-21837 CVE-2021-21838

    CVE-2021-21839 CVE-2021-21840 CVE-2021-21841 CVE-2021-21842

    CVE-2021-21843 CVE-2021-21844 CVE-2021-21845 CVE-2021-21846

    CVE-2021-21847 CVE-2021-21848…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : libssh

    CVE ID : CVE-2021-3634

    Debian Bug : 993046


    It was discovered that a buffer overflow in rekeying in libssh could result in denial of service or potentially the execution of arbitrary code.


    The oldstable distribution…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : ledgersmb


    The update for ledgersmb released as DSA 4862-1 introduced a regression in the display of some search results. Updated ledgersmb packages are now available to correct this issue.


    For the oldstable distribution (buster), this…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : ledgersmb

    CVE ID : CVE-2021-3731 CVE-2021-3693 CVE-2021-3694


    Several vulnerabilities were discovered in LedgerSMB, a financial accounting and ERP program, which could result in cross-site scripting or clickjacking.


    For the oldstable…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : grilo

    CVE ID : CVE-2021-39365

    Debian Bug : 992971


    Michael Catanzaro reported a problem in Grilo, a framework for discovering and browsing media. TLS certificate verification is not enabled on the SoupSessionAsync objects created…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : openssl

    CVE ID : CVE-2021-3711 CVE-2021-3712


    Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.


    CVE-2021-3711


    John Ouyang reported a buffer overflow vulnerability in the SM2

    decryption. An…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : tor

    CVE ID : CVE-2021-38385


    Henry de Valence reported a flaw in the signature verification code in Tor, a connection-based low-latency anonymous communication system. A remote attacker can take advantage of this flaw to cause an…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : haproxy

    CVE ID : not yet assigned


    Several vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which can result in HTTP request smuggling. By carefully crafting HTTP/2 requests, it is…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : thunderbird

    CVE ID : CVE-2021-29980 CVE-2021-29984 CVE-2021-29985

    CVE-2021-29986 CVE-2021-29988 CVE-2021-29989


    Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.


    For the…