[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1619-1 [email protected] http://www.debian.org/security/ Devin Carraway July 27, 2008 http://www.debian.org/security/faq -...

CVE-2008-3234

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ colon slash sequence, followed by the role name, to the username...

Design/Logic Flaw

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ colon slash sequence, followed by the role name, to the username...

CVE-2008-3234

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ colon slash sequence, followed by the role name, to the username...

CVE-2008-3234

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ colon slash sequence, followed by the role name, to the username...

CVE-2008-3234

CVE-2008-3234 affects sshd in OpenSSH 4 on Debian GNU/Linux (and the 20070303 OpenSSH snapshot). The issue lets remote authenticated users gain access to arbitrary SELinux roles by appending a ":/" sequence followed by a role name to the username. The IBM X-Force/IBD IBM doc list the base score a...

[SECURITY] [DSA 1584-1] New libfissound packages fix execution of arbitrary code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1584-1 [email protected] http://www.debian.org/security/ Steve Kemp May 21, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1573-1] New php5 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1573-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 11, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1554-2] New roundup packages fix regression

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1554-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 06, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1565-1] New Linux 2.6.18 packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-1565-1 [email protected] http://www.debian.org/security/ dann frazier May 1, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1557-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 24, 2008 http://www.debian.org/security/faq -...

libarchive does not properly terminate loop

Overview libarchive contains a vulnerability that may allow an attacker to cause a denial of service. Description The libarchive library provides an interface for reading and writing archive files.There is a vulnerability in libarchive that occurs when it parses the pax interchange format. If an...

[SECURITY] [DSA 1513-1] New lighttpd packages fix CGI source disclosure

------------------------------------------------------------------------ Debian Security Advisory DSA-1513-1 [email protected] http://www.debian.org/security/ Steve Kemp March 06, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------...

CVE-2008-0930

wediteur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information...

Information disclosure

wediteur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information...

CVE-2008-0931

wexport.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions 0666 for /etc/wine/config, which might allow local users to execute arbitrary commands or cause a denial of service by modifying the file...

[SECURITY] [DSA 1508-1] New diatheke packages fix arbirary shell command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1508-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 25, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1499-1] New pcre3 packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1499-1 [email protected] http://www.debian.org/security/ Florian Weimer February 19, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1499-1] New pcre3 packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1499-1 [email protected] http://www.debian.org/security/ Florian Weimer February 19, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1465-2] New apt-listchanges packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1465-2 [email protected] http://www.debian.org/security/ Steve Kemp January 17, 2008 http://www.debian.org/security/faq -...