[SECURITY] [DLA 4054-1] tryton-client security update

Debian LTS Advisory DLA-4054-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert February 16, 2025 https://wiki.debian.org/LTS Package : tryton-client Version : 5.0.33-1+deb11u1 CVE ID : not yet available Debian Bug : none Cédric Krier has found that trytond, the...

DLA-4054-1 tryton-client - update

Bulletin has no description...

Debian dla-4054 : tryton-client - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4054 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4054-1 [email protected] https://www.debian.org/lts/security/...

Debian: Security Advisory (DLA-3854-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3854 : tryton-client - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3854 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3854-1 [email protected] https://www.debian.org/lts/security/...

[SECURITY] [DLA 3854-1] tryton-client security update

Debian LTS Advisory DLA-3854-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 30, 2024 https://wiki.debian.org/LTS Package : tryton-client Version : 5.0.5-1+deb10u1 CVE ID : not yet available Cédric Krier has found that trytond, the Tryton application server...

SUSE CVE-2018-19443

The client in Tryton 5.x before 5.0.1 tries to make a connection to the bus in cleartext instead of encrypted under certain circumstances in bus.py and jsonrpc.py. This connection attempt fails, but it contains in the header the current session of the user. This session could then be stolen by a...

CVE-2022-26662

An XML Entity Expansion XEE issue was discovered in Tryton Application Platform Server 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform Command Line Client proteus 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. A...

UBUNTU-CVE-2022-26662

An XML Entity Expansion XEE issue was discovered in Tryton Application Platform Server 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform Command Line Client proteus 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. A...

Debian DSA-2791-1 : tryton-client - missing input sanitization

Cedric Krier discovered that the Tryton client does not sanitize the file extension supplied by the server when processing reports. As a result, a malicious server could send a report with a crafted file extension that causes the client to write any local file to which the user running the client...

[SECURITY] [DSA 2791-1] tryton-client security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2791-1 [email protected] http://www.debian.org/security/ Florian Weimer November 04, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2791-1] tryton-client security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2791-1 [email protected] http://www.debian.org/security/ Florian Weimer November 04, 2013 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2791-1 (tryton-client - missing input sanitization)

Cedric Krier discovered that the Tryton client does not sanitize the file extension supplied by the server when processing reports. As a result, a malicious server could send a report with a crafted file extension that causes the client to write any local file to which the user running the client...

DSA-2791-1 tryton-client - missing input sanitization

Bulletin has no description...

Debian: Security Advisory (DSA-2791-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...