73 matches found
[SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite
------------------------------------------------------------------------ Debian Security Advisory DSA-1223-1 [email protected] http://www.debian.org/security/ Noah Meyerhans December 01, 2006 - ------------------------------------------------------------------------ Package : tar Vulnerability...
[SECURITY] [DSA 1212-1] New openssh packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1212-1 [email protected] http://www.debian.org/security/ Noah Meyerhans November 15, 2006 - ------------------------------------------------------------------------ Package : openssh...
[SECURITY] [DSA 1204-1] New ingo1 packages fix arbitrary shell command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1204-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 2nd, 2006 http://www.debian.org/security/faq -...
Clam Anti-Virus CHM解包器拒绝服务漏洞
Clam AntiVirus是Unix的GPL杀毒工具包,很多邮件网关产品都在使用。 ClamAV在处理CHM文件的解包时存在安全漏洞,远程攻击者可能利用此漏洞导致ClamAV崩溃。 在处理畸形文件时,ClamAV chmunpack.c中的代码可能试图读取无效的内存位置,导致扫描服务异常终止。 ClamAV ClamAV 0.88.4 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1196-1)以及相应补丁: DSA-1196-1:New clamav packages fix arbitrary code execution...
[SECURITY] [DSA 1133-1] New mantis packages fix execution of arbitrary web script code
-------------------------------------------------------------------------- Debian Security Advisory DSA 1133-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 1st, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1110-1] New samba packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1110-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 16th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1084-1] New typespeed packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1084-1 [email protected] http://www.debian.org/security/ Steve Kemp May 31st, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1080-1] New dovecot packages fix directory traversal
-------------------------------------------------------------------------- Debian Security Advisory DSA 1080-1 [email protected] http://www.debian.org/security/ Steve Kemp May 29th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1071-1] New MySQL 3.23 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1071-1 [email protected] http://www.debian.org/security/ Martin Schulze May 22nd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1020-1] New flex packages fix insecure code generation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1020-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 933-1] New hylafax packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 933-1 [email protected] http://www.debian.org/security/ Michael Stone January 9, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 888-1] New OpenSSL packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 888-1 [email protected] http://www.debian.org/security/ Martin Schulze November 7th, 2005 http://www.debian.org/security/faq -...
[Full-disclosure] [USN-211-1] Enigmail vulnerability
=========================================================== Ubuntu Security Notice USN-211-1 October 20, 2005 enigmail vulnerability CVE-2005-3256 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 Warty Warthog Ubuntu...
[SECURITY] [DSA 860-1] New Ruby packages fix safety bypass
-------------------------------------------------------------------------- Debian Security Advisory DSA 860-1 [email protected] http://www.debian.org/security/ Martin Schulze October 11th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 859-1] New xli packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 859-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 791-1] New maildrop packages fix arbitrary group mail command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 791-1 [email protected] http://www.debian.org/security/ Martin Schulze August 30th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 751-1] New squid packages fix IP spoofing vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 751-1 [email protected] http://www.debian.org/security/ Martin Schulze July 11th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 710-1] New gtkhtml packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 710-1 [email protected] http://www.debian.org/security/ Martin Schulze April 18th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA-011-1] New version of mgetty released
Package: mgetty Vulnerability: insecure tempfile Debian-specific: no Immunix reports that mgetty does not create temporary files in a secure manner, which could lead to a symlink attack. This has been corrected in mgetty 1.1.21-3potato1 We recommend you upgrade your mgetty package immediately. wg...
[SECURITY] New versions of trn fixes /tmp race
All former versions of trn used a hardcoded filename in /tmp as temporary storage. If the file already exists as symbolic link to users files they will be overwritten. We recommend you upgrade your man2html package as soon as possible. wget url will fetch the file for you dpkg -i file.deb will...