[SECURITY] [DSA 140-2] New libpng packages fix potential buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 140-2 [email protected] http://www.debian.org/security/ Martin Schulze August 5th, 2002 - -------------------------------------------------------------------------- Package : libpng, libpng3...

[SECURITY] [DSA 141-1] New mpack packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 141-1 [email protected] http://www.debian.org/security/ Martin Schulze August 1st, 2002 - -------------------------------------------------------------------------- Package : mpack...

[SECURITY] [DSA-134-1] OpenSSH remote vulnerability

Package : ssh Problem type : remote exploit Debian-specific: no Theo de Raadt announced that the OpenBSD team is working with ISS on a remote exploit for OpenSSH a free implementation of the Secure SHell protocol. They are refusing to provide any details on the vulnerability but instead are...

[SECURITY] [DSA-126-1] Horde and IMP cross-site scripting attack

Package : imp Problem type : cross-site scripting CSS Debian-specific: no A cross-site scripting CSS problem was discovered in Horde and IMP a web based IMAP mail package. This was fixed upstream in Horde version 1.2.8 and IMP version 2.2.8. The relevant patches have been back-ported to version...

CVE-1999-1411

The vulnerability CVE-1999-1411 affects the fsp package 2.71-10 on Debian GNU/Linux 2.0. During installation, an anonymous FTP user is added without administrator notification, which could automatically enable anonymous FTP on servers such as wu-ftp. Impact described as enabling anonymous FTP acc...

CVE-1999-1411

The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp...

[SECURITY] [DSA-111-2] Update for SNMP security fix

Package : ucd-snmp Problem type : ABI/API correction to previous security fix Debian-specific: yes Some of the changes made in the DSA-111-1 security fix for SNMP changed the API and ABI for the SNMP library which broke some other applications. This has been fixed in version 4.1.1-2.1. We apologi...

[SECURITY] [DSA 108-1] New wmtv packages fix symlink vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 108-1 [email protected] http://www.debian.org/security/ Martin Schulze February 7th, 2002 - -------------------------------------------------------------------------- Package : wmtv...

[SECURITY] [DSA 108-1] New wmtv packages fix symlink vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 108-1 [email protected] http://www.debian.org/security/ Martin Schulze February 7th, 2002 - -------------------------------------------------------------------------- Package : wmtv...

[SECURITY] [DSA 108-1] New wmtv packages fix symlink vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 108-1 [email protected] http://www.debian.org/security/ Martin Schulze February 7th, 2002 - -------------------------------------------------------------------------- Package : wmtv...

[SECURITY] [DSA-106-1] rsync remote exploit

Package : rsync Problem type : remote exploit Debian-specific: no Sebastian Krahmer found several places in rsync a popular tool to synchronise files between machines where signed and unsigned numbers were mixed which resulted in insecure code. This could be abused by remote users to write 0-byte...

[SECURITY] [DSA-105-1] enscript creates temporary files insecurely

-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-105-1 [email protected] http://www.debian.org/security/ Wichert Akkerman January 21, 2002 -...

[SECURITY] [DSA-089-2] updated i386 icecast-server package

Package : icecast-server Problem type : remote exploit and others Debian-specific: no In Debian Security Advisory DSA-089-1 we reported that icecast-server has several security problems. For details please see that advisory. The i386 package mention in the DSA-089-1 advisory was incorrectly...

[SECURITY] [DSA 102-1] New at packages fix heap corruption vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 102-1 [email protected] http://www.debian.org/security/ Martin Schulze January 16th, 2002 - -------------------------------------------------------------------------- Package : at...

[SECURITY] [DSA 101-1] New sudo packages fix local root exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 101-1 [email protected] http://www.debian.org/security/ Martin Schulze January 14th, 2002 - -------------------------------------------------------------------------- Package : sudo...

[SECURITY] [DSA 101-1] New sudo packages fix local root exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 101-1 [email protected] http://www.debian.org/security/ Martin Schulze January 14th, 2002 - -------------------------------------------------------------------------- Package : sudo...

[SECURITY] [DSA 097-1] New versions of Exim fix uncontrolled program execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 097-1 [email protected] http://www.debian.org/security/ Martin Schulze January 3rd, 2002 - -------------------------------------------------------------------------- Package : exim...

[SECURITY] [DSA-096-2] mutt buffer overflow, sparc update

Package : mutt Problem type : buffer overflow Debian-specific: no The sparc binary for the mutt security fix described in DSA-096-1 is now available. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.2 alias potato -...

[SECURITY] [DSA-095-1] gpm (gpm-root) format string vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-095-1 [email protected] http://www.debian.org/security/ Robert van der Meulen December 27, 2001 - ------------------------------------------------------------------------ Package : gpm Problem...

[SECURITY] [DSA-092-1] local root in wmtv

Package : wmtv Problem type : local root exploit Debian-specific: no Nicolas Boullis found a nasty security problem in the wmtv a dockable video4linux tv player for windowmaker package as distributed in Debian GNU/Linux 2.2. wmtv can optionally run a command if you double-click on the tv window...