openssh: Leak of host private key material to privilege-separated child process via realloc()

It was found that the host private key material could possibly leak to the privilege-separated child processes via re-allocated memory. An attacker able to compromise the privilege-separated process could therefore obtain the leaked key information...

DEBIAN-CVE-2013-2142

userpref.c in libimobiledevice 1.1.4, when $HOME and $XDGCONFIGHOME are not set, allows local users to overwrite arbitrary files via a symlink attack on 1 HostCertificate.pem, 2 HostPrivateKey.pem, 3 libimobiledevicerc, 4 RootCertificate.pem, or 5 RootPrivateKey.pem in...