Letzte Aktivitäten

  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : chromium

    CVE ID : CVE-2022-3201 CVE-2022-3304 CVE-2022-3305 CVE-2022-3306

    CVE-2022-3307 CVE-2022-3308 CVE-2022-3309 CVE-2022-3310

    CVE-2022-3311 CVE-2022-3312 CVE-2022-3313 CVE-2022-3314

    CVE-2022-3315 CVE-2022-3316 CVE-2022-3317…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : lighttpd

    CVE ID : CVE-2022-37797 CVE-2022-41556


    Several vulnerabilities were discovered in lighttpd, a fast webserver with minimal memory footprint.


    CVE-2022-37797


    An invalid HTTP request (websocket handshake) may cause a NULL

    pointer…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : maven-shared-utils

    CVE ID : CVE-2022-29599

    Debian Bug : 1012314


    It was discovered that the Commandline class in maven-shared-utils, a collection of various utility classes for the Maven build system, can emit double-quoted…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : wpewebkit

    CVE ID : CVE-2022-32886


    The following vulnerabilities have been discovered in the WPE WebKit web engine:


    CVE-2022-32886


    P1umer, afang5472 and xmzyshypnc discovered that processing

    maliciously crafted web content may lead to…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : webkit2gtk

    CVE ID : CVE-2022-32886


    The following vulnerabilities have been discovered in the WebKitGTK web engine:


    CVE-2022-32886


    P1umer, afang5472 and xmzyshypnc discovered that processing

    maliciously crafted web content may lead to…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : gdal

    CVE ID : CVE-2021-45943


    A heap-based buffer overflow vulnerability was discovered in gdal, a Geospatial Data Abstraction Library, which could result in denial of service or potentially the execution of arbitrary code, if a…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : thunderbird

    CVE ID : CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959

    CVE-2022-40960 CVE-2022-40962


    Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : firefox-esr

    CVE ID : CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959

    CVE-2022-40960 CVE-2022-40962


    Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : expat

    CVE ID : CVE-2022-40674

    Debian Bug : 1019761


    Rhodri James discovered a heap use-after-free vulnerability in the doContent function in Expat, an XML parsing C library, which could result in denial of service or potentially…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : bind9

    CVE ID : CVE-2022-2795 CVE-2022-3080 CVE-2022-38177 CVE-2022-38178


    Several vulnerabilities were discovered in BIND, a DNS server implementation.


    CVE-2022-2795


    Yehuda Afek, Anat Bremler-Barr and Shani Stajnrod discovered that a

  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : fish

    CVE ID : CVE-2022-20001


    An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically ran `git` commands in order to…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : e17

    CVE ID : CVE-2022-37706


    Maher Azzouzi discovered that missing input sanitising in the Enlightenment window manager may result in local privilege escalation to root.


    For the stable distribution (bullseye), this problem has been…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : tinygltf

    CVE ID : CVE-2022-3008

    Debian Bug : 1019357


    It was discovered that the wordexp() function of tinygltf, a library to load/save glTF (GL Transmission Format) files was susceptible to command execution when processing…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : connman

    CVE ID : CVE-2022-23096 CVE-2022-23097 CVE-2022-23098 CVE-2022-32292

    CVE-2022-32293

    Debian Bug : 1004935 1016976


    Several vulnerabilities were discovered in ConnMan, a network manager for embedded devices, which could…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : chromium

    CVE ID : CVE-2022-3195 CVE-2022-3196 CVE-2022-3197 CVE-2022-3198

    CVE-2022-3199 CVE-2022-3200 CVE-2022-3201


    Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : freecad

    CVE ID : CVE-2021-45844 CVE-2021-45845


    Two vulnerabilities were discovered in FreeCAD, a CAD/CAM program, which could result in the execution of arbitrary shell commands when opening a malformed file.


    For the stable…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : gdk-pixbuf

    CVE ID : CVE-2021-44648 CVE-2021-46829

    Debian Bug : 1014600


    Several vulnerabilities were discovered in gdk-pixbuf, the GDK Pixbuf library.


    CVE-2021-44648


    Sahil Dhar reported a heap-based buffer overflow vulnerability…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : gdk-pixbuf

    CVE ID : CVE-2021-44648 CVE-2021-46829

    Debian Bug : 1014600


    Several vulnerabilities were discovered in gdk-pixbuf, the GDK Pixbuf library.


    CVE-2021-44648


    Sahil Dhar reported a heap-based buffer overflow vulnerability…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : libgoogle-gson-java

    CVE ID : CVE-2022-25647

    Debian Bug : 1010670


    It was discovered that Gson, a Java library that can be used to convert Java Objects into their JSON representations and vice versa, was vulnerable to a de-…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : pcs

    CVE ID : CVE-2022-1049 CVE-2022-2735

    Debian Bug : 1018930


    Two security issues were discovered in pcs, a corosync and pacemaker configuration tool:


    CVE-2022-1049


    It was discovered that expired accounts were still able to login