3 matches found
CLSA-2024-1724271309 shim: Fix of 4 CVEs
Make this package installable only on a system having Cloudlinux signed components: grub2 and kernel - Update to shim-15.8 and fix the following CVEs: Resolves: CVE-2023-40546 Resolves: CVE-2023-40547 Resolves: СVE-2023-40548 Resolves: СVE-2023-40549 Resolves: CVE-2023-40550 Resolves:...
DEBIAN-CVE-2007-1268
Mutt 1.5.13 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without...
microsoft-install.txt
Juan asked me to forward this message from him to the list. He has discovered that an ActiveX control shipped with IE can be used to install software components signed by Microsoft without prompting the user. This of curse raises trust issues. Someone, not necessarily Microsoft, could use this...