Debian DSA-4818-1 : sympa - security update

Several vulnerabilities were discovered in Sympa, a mailing list manager, which could result in local privilege escalation, denial of service or unauthorized access via the SOAP API. Additionally to mitigate CVE-2020-26880 the sympanewaliases-wrapper is no longer installed setuid root by default....

CVE-2020-16128

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

Debian Security Advisory DSA 2908-1 (openssl - security update)

Multiple vulnerabilities have been discovered in OpenSSL. The following Common Vulnerabilities and Exposures project ids identify them: CVE-2010-5298 A read buffer can be freed even when it still contains data that is used later on, leading to a use-after-free. Given a race condition in a...

Ubuntu USN-828-1 (pam)

The remote host is missing an update to pam announced via advisory USN-828-1. OpenVAS Vulnerability Test $Id: ubuntu8281.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8281.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-828-1 pam Authors: Thomas Reinke...

Debian Security Advisory DSA 150-1 (interchange)

The remote host is missing an update to interchange announced via advisory DSA 150-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2006-1772

CVE-2006-1772 affects Debian GNU/Linux where, during configuration of mnogosearch in the mnogosearch-common 3.2.31-1 package, the debconf process stores the cleartext database administrator password in a world-readable config.dat instead of the restricted passwords.dat in mnogosearch-common/datab...