Letzte Aktivitäten

  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : pillow

    CVE ID : CVE-2022-22815 CVE-2022-22816 CVE-2022-22817


    Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : usbview

    CVE ID : CVE-2022-23220


    Matthias Gerstner reported that usbview, a USB device viewer, does not properly handle authorization in the PolicyKit policy configuration, which could result in root privilege escalation.


    For the…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : aide

    CVE ID : CVE-2021-45417


    David Bouman discovered a heap-based buffer overflow vulnerability in the base64 functions of aide, an advanced intrusion detection system, which can be triggered via large extended file attributes or…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : linux

    CVE ID : CVE-2021-4155 CVE-2021-28711 CVE-2021-28712 CVE-2021-28713

    CVE-2021-28714 CVE-2021-28715 CVE-2021-39685 CVE-2021-45095

    CVE-2021-45469 CVE-2021-45480 CVE-2022-0185 CVE-2022-23222

    Debian Bug : 988044 996974


    Several…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : flatpak

    CVE ID : CVE-2021-43860 CVE-2022-21682


    Several vulnerabilities were discovered in Flatpak, an application deployment framework for desktop apps.


    CVE-2021-43860


    Ryan Gonzalez discovered that Flatpak didn't properly validate

  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : libreswan

    CVE ID : CVE-2022-23094


    It was discovered that the libreswan IPsec implementation could be forced into a crash/restart via a malformed IKEv1 packet, resulting in denial of service.


    For the stable distribution (bullseye),…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : prosody

    CVE ID : CVE-2022-0217


    Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service.


    For the oldstable distribution (buster), this problem has been fixed…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : chromium

    CVE ID : CVE-2021-4052 CVE-2021-4053 CVE-2021-4054 CVE-2021-4055

    CVE-2021-4056 CVE-2021-4057 CVE-2021-4058 CVE-2021-4059

    CVE-2021-4061 CVE-2021-4062 CVE-2021-4063 CVE-2021-4064

    CVE-2021-4065 CVE-2021-4066 CVE-2021-4067…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : thunderbird

    CVE ID : CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739

    CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743

    CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751


    Multiple security issues were…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : firefox-esr

    CVE ID : CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739

    CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743

    CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751


    Multiple security issues have…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : lxml

    CVE ID : CVE-2021-43818

    Debian Bug : 1001885


    It was discovered that lxml, a Python binding for the libxml2 and libxslt libraries, does not properly sanitize its input, which could lead to cross-site scripting.


    For the…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : epiphany-browser

    CVE ID : CVE-2021-45085 CVE-2021-45086 CVE-2021-45087 CVE-2021-45088


    Several vulnerabities have been discovered in Epiphany, the GNOME web browser, allowing XSS attacks under certain circumstances.


    For the stable…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : cfrpki

    CVE ID : CVE-2021-3761 CVE-2021-3907 CVE-2021-3908 CVE-2021-3909

    CVE-2021-3910 CVE-2021-3911 CVE-2021-3912 CVE-2021-43173

    CVE-2021-43174


    Multiple vulnerabilities were discovered in Cloudflare's RPKI validator, which could…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : lighttpd

    CVE ID : CVE-2022-22707


    An out-of-bounds memory access was discovered in the mod_extforward plugin of the lighttpd web server, which may result in denial of service.


    For the oldstable distribution (buster), this problem has…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : wordpress

    CVE ID : CVE-2022-21661 CVE-2022-21662 CVE-2022-21663 CVE-2022-21664

    Debian Bug : 1003243


    Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : ghostscript

    CVE ID : CVE-2021-45944 CVE-2021-45949


    Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : roundcube

    CVE ID : CVE-2021-46144

    Debian Bug : 1003027


    It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize HTML messages. This would allow an attacker to perform…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : sphinxsearch

    CVE ID : CVE-2020-29050


    It was discovered that sphinxsearch, a fast standalone full-text SQL search engine, could allow arbitrary files to be read by abusing a configuration option.


    For the oldstable distribution…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : apache2

    CVE ID : CVE-2021-44224 CVE-2021-44790


    Two vulnerabilities have been discovered in the Apache HTTP server:


    CVE-2021-44224


    When operating as a forward proxy, Apache was depending on the setup

    suspectible to denial of service or…
  • Micha

    Hat eine Antwort im Thema Debian Security Advisory verfasst.
    Beitrag
    Package : thunderbird

    CVE ID : CVE-2021-4126 CVE-2021-38496 CVE-2021-38500 CVE-2021-38502

    CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507

    CVE-2021-38508 CVE-2021-38509 CVE-2021-43528 CVE-2021-43529

    CVE-2021-43534 CVE-2021-43535…