Letzte Aktivitäten

  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : firefox-esr
    CVE ID : CVE-2018-18356 CVE-2019-5785

    Multiple security issues have been found in the Mozilla Firefox web
    browser, which could potentially result in the execution of arbitrary
    code.

    For the stable distribution…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : flatpak
    CVE ID : not yet available
    Debian Bug : 922059

    It was discovered that Flatpak, an application deployment framework for
    desktop apps, insufficiently restricted the execution of "apply_extra"
    scripts which could…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : rssh
    Debian Bug : 921655

    The update for rssh issued as DSA 4377-1 introduced a regression that
    blocked scp of multiple files from a server using rssh. Updated packages
    are now available to correct this issue.

    For the stable…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : libu2f-host
    CVE ID : CVE-2018-20340
    Debian Bug : 921725

    Christian Reitter discovered that libu2f-host, a library implementing
    the host-side of the U2F protocol, failed to properly check for a
    buffer overflow. This would…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : mosquitto
    CVE ID : CVE-2018-12546 CVE-2018-12550 CVE-2018-12551

    Three vulnerabilities were discovered in the Mosquitto MQTT broker, which
    could result in authentication bypass. Please refer to
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : openssh
    CVE ID : CVE-2018-20685 CVE-2019-6109 CVE-2019-6111
    Debian Bug : 793412 919101

    Harry Sintonen from F-Secure Corporation discovered multiple vulnerabilities in
    OpenSSH, an implementation of the SSH protocol suite.…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : curl
    CVE ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823

    Multiple vulnerabilities were discovered in cURL, an URL transfer library.

    CVE-2018-16890

    Wenxiang Qian of Tencent Blade Team discovered that the function
    handling…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : dovecot
    CVE ID : CVE-2019-3814

    halfdog discovered an authentication bypass vulnerability in the Dovecot
    email server. Under some configurations Dovecot mistakenly trusts the
    username provided via authentication instead of…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : libgd2
    CVE ID : CVE-2019-6977 CVE-2019-6978
    Debian Bug : 920645 920728

    Multiple vulnerabilities have been discovered in libgd2, a library for
    programmatic graphics creation and manipulation, which may result in
    denial of…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : libvncserver
    CVE ID : CVE-2018-6307 CVE-2018-15126 CVE-2018-15127 CVE-2018-20019
    CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023
    CVE-2018-20024
    Debian Bug : 916941

    Pavel Cheremushkin discovered several…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : rssh
    CVE ID : CVE-2019-3463 CVE-2019-3464

    Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell
    that allows users to perform only scp, sftp, cvs, svnserve (Subversion),
    rdist and/or rsync operations. Missing…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : libreoffice
    CVE ID : CVE-2018-16858

    Alex Infuehr discovered a directory traversal vulnerability which could
    result in the execution of Python script code when opening a malformed
    document.

    For the stable distribution…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : golang-1.8
    CVE ID : CVE-2018-6574 CVE-2018-7187 CVE-2019-6486

    A vulnerability was discovered in the implementation of the P-521 and
    P-384 elliptic curves, which could result in denial of service and in
    some cases key recovery.
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : golang-1.7
    CVE ID : CVE-2018-7187 CVE-2019-6486

    A vulnerability was discovered in the implementation of the P-521 and
    P-384 elliptic curves, which could result in denial of service and in
    some cases key recovery.

    In addition…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : php-pear
    CVE ID : CVE-2018-1000888
    Debian Bug : 919147

    Fariskhi Vidyan discovered that the PEAR Archive_Tar package for
    handling tar files in PHP is prone to a PHP object injection
    vulnerability, potentially allowing a…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : rssh
    CVE ID : CVE-2019-1000018
    Debian Bug : 919623

    The ESnet security team discovered a vulnerability in rssh, a restricted
    shell that allows users to perform only scp, sftp, cvs, svnserve
    (Subversion), rdist and/or rsync…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : firefox-esr
    CVE ID : CVE-2018-18500 CVE-2018-18501 CVE-2018-18505

    Multiple security issues have been found in the Mozilla Firefox web
    browser, which could potentially result in the execution of arbitrary
    code or privilege…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : spice
    CVE ID : CVE-2019-3813
    Debian Bug : 920762

    Christophe Fergeau discovered an out-of-bounds read vulnerability in
    spice, a SPICE protocol client and server library, which might result in
    denial of service (spice server…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : qtbase-opensource-src
    CVE ID : CVE-2018-15518 CVE-2018-19870 CVE-2018-19873
    Debian Bug : 907139

    Several issues were discovered in qtbase-opensource-src, a
    cross-platform C++ application framework, which could lead to
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : coturn
    CVE ID : CVE-2018-4056 CVE-2018-4058 CVE-2018-4059

    Multiple vulnerabilities were discovered in coTURN, a TURN and STUN server for
    VoIP.

    CVE-2018-4056

    An SQL injection vulnerability was discovered in the coTURN…