Several NULL pointer dereference flaws were discovered in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, which may result in denial of service (application crash) when viewing a specially crafted email or when composing from a specially crafted draft message.
Archive for September 10th, 2023
Two security issues have been discovered in the Open VMware Tools, which may result in a man-in-the-middle attack or authentication bypass. For the oldstable distribution (bullseye), these problems have been fixed
Release notes for xrdp v0.9.23 (2023/08/31) General announcements – Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible. Security fixes – CVE-2023-40184:
Security fix for CVE-2023-37464
– patchlevel 1872 —- The newest upstream commit Security fixes for CVE-2023-4733, CVE-2023-4752, CVE-2023-4750
Release notes for xrdp v0.9.23 (2023/08/31) General announcements – Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible. Security fixes – CVE-2023-40184:
Security fix for CVE-2023-37464