[SECURITY] [DSA 1897-1] New horde3 packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-1897-1 [email protected] http://www.debian.org/security/ Nico Golde September 28th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1895-1] New xmltooling packages fix potential code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1895-1 [email protected] http://www.debian.org/security/ Florian Weimer September 24, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1891-1] New changetrack packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1891-1 [email protected] http://www.debian.org/security/ Steffen Joeris September 22, 2009 http://www.debian.org/security/faq -...

[ MDVSA-2009:244 ] xfig

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:244 http://www.mandriva.com/security/ Package : xfig Date : September 23, 2009 Affected: Corporate 4.0 Problem Description: A vulnerability was discovered and corrected in xfig: Xfig in Debian GNU/Linux,...

[SECURITY] [DSA 1891-1] New changetrack packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1891-1 [email protected] http://www.debian.org/security/ Steffen Joeris September 22, 2009 http://www.debian.org/security/faq -...

CVE-2009-2939

The postfix.postinst script in the Debian GNU/Linux and Ubuntu postfix 2.5.5 package grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files...

CVE-2009-2939

CVE-2009-2939 affects Postfix on Debian/Ubuntu where the postinst script grants the postfix user write access to /var/spool/postfix/pid, enabling local users to perform symlink attacks that can overwrite arbitrary files. Connected advisories confirm the issue across multiple distributions and rep...

PT-2009-5548 · Canonical +2 · Pam-Auth-Update +3

Name of the Vulnerable Software and Affected Versions: pam-auth-update for PAM versions in Ubuntu 8.10 and 9.4, and Debian GNU/Linux affected versions not specified Description: The issue is related to the handling of an "empty selection" for system authentication modules in certain rare...

[SECURITY] [DSA 1882-1] New xapian-omega packages fix cross-site scripting

-------------------------------------------------------------------------- Debian Security Advisory DSA-1882-1 [email protected] http://www.debian.org/security/ Nico Golde September 9th, 2009 http://www.debian.org/security/faq -...

Design/Logic Flaw

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...

CVE-2009-2946

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...

CVE-2009-2946

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...

CVE-2009-2946

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...

CVE-2009-2946

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...

[SECURITY] [DSA 1878-1] New devscripts packages fix remote code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1878-1 [email protected] http://www.debian.org/security/ Florian Weimer September 02, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1876-1] New dnsmasq packages fix remote code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1876-1 [email protected] http://www.debian.org/security/ Florian Weimer September 01, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1867-1] New kdelibs packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1867-1 [email protected] http://www.debian.org/security/ Steffen Joeris August 19, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1865-1] New Linux 2.6.18 packages fix several vulnerabilities

---------------------------------------------------------------------- Debian Security Advisory DSA-1865-1 [email protected] http://www.debian.org/security/ dann frazier Aug 16, 2009 http://www.debian.org/security/faq - ----------------------------------------------------------------------...

[SECURITY] [DSA 1863-1] New zope2.10/zope2.9 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA-1863-1 [email protected] http://www.debian.org/security/ Nico Golde August 15th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1854-1] New APR packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1854-1 [email protected] http://www.debian.org/security/ Florian Weimer August 08, 2009 http://www.debian.org/security/faq -...