9 matches found
CVE-2020-27350
APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0...
CVE-2020-27350
APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0...
Integer overflow
APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0...
CVE-2020-27350 apt integer wraparound
APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0...
CVE-2020-27350
APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0...
CVE-2020-27350
Public technical details (affected package internals, exploit vectors, and fixes) for CVE-2020-27350 are not provided in the connected documents. The materials reference advisories but do not disclose root cause or remediation specifics; monitor for updates.
Debian DLA-2399-1 : packagekit security update
Two vulnerabilities have been discovered in packagekit, a package management service. CVE-2020-16121 Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. CVE-2020-16122 Sami Niemimki...
[SECURITY] [DLA 2399-1] packagekit security update
Debian LTS Advisory DLA-2399-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez October 07, 2020 https://wiki.debian.org/LTS Package : packagekit Version : 1.1.5-2+deb9u2 CVE ID : CVE-2020-16121 CVE-2020-16122 Two vulnerabilities have been discovered in...
USN-4538-1: PackageKit vulnerabilities
Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. CVE-2020-16121 Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use...