511 matches found
[SECURITY] [DSA 2953-1] dpkg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2953-1 [email protected] http://www.debian.org/security/ Raphael Geissert June 08, 2014 http://www.debian.org/security/faq -...
DSA-2953-1 dpkg - security update
Bulletin has no description...
Debian Security Advisory DSA 2953-1 (dpkg - security update)
Multiple vulnerabilities were discovered in dpkg that allow file modification through path traversal when unpacking source packages with specially crafted patch files. This update had been scheduled before the end of security support for the oldstable distribution squeeze, hence an exception has...
Debian: Security Advisory (DSA-2953-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-3865
Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with 1 missing --- and +++ header lines or 2 a +++ header line with a...
CVE-2014-3864
Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line...
CVE-2014-3865
Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with 1 missing --- and +++ header lines or 2 a +++ header line with a...
DEBIAN-CVE-2014-3864
Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line...
CVE-2014-3864
Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line...
CVE-2014-3227
dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to...
CVE-2014-3227
dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to...
Directory traversal
dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to...
CVE-2014-3227
dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to...
Directory traversal
Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line...
Directory traversal
Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with 1 missing --- and +++ header lines or 2 a +++ header line with a...
CVE-2014-3864
Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line...
CVE-2014-3227
dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to...
CVE-2014-3865
Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with 1 missing --- and +++ header lines or 2 a +++ header line with a...
CVE-2014-3864
CVE-2014-3864 affects dpkg-source in dpkg-dev 1.3.0, enabling a directory-traversal where a crafted source package without a header line can modify files outside the intended directories. Connected advisories indicate the vulnerability is addressed in updated dpkg packages (e.g., Fedora updates f...
CVE-2014-3227
The CVE-2014-3227 entry concerns dpkg components: dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 may rely on a patch program’s handling of the C-style encoded filenames feature. If the patch program is noncompliant, this leads to an interaction error that enables a directory travers...