(Oct 8) Timo Warns discovered that the internal authentication server of hostapd, a user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator, is vulnerable to a buffer overflow when processing fragmented EAP-TLS messages. As a result, an internal overflow checking routine terminates [More…]
Archive for Uncategorized
(Oct 1) Software Properties could be tricked into installing arbitrary PPA GPG keys.
(Oct 4) Applications using libxslt could be made to crash or run programs as yourlogin if they processed a specially crafted file.
(Oct 5) Nicholas Gregoire and Cris Neckar discovered several memory handling bugs in libxslt, which could lead to denial of service or the execution of arbitrary code if a malformed document is processed. [More…]
(Oct 5) The system could be made to crash under certain conditions.
(Oct 4) Several security issues were fixed in Python 2.6.
(Oct 4) DBus could be made to run programs as an administrator.
(Oct 3) Several security issues were fixed in the kernel.
(Oct 2) Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More…]
(Oct 2) Updated freeradius packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Oct 2) Several security issues were fixed in devscripts.
(Oct 2) Several security issues were fixed in Python 2.7.
(Oct 2) Updated freeradius2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Oct 2) QEMU could be made to crash or run programs.
(Oct 2) Multiple security issues were fixed in the GNU C Library.
(Sep 27) Applications using libxml2 could be made to crash or run programs as yourlogin if they opened a specially crafted file.
(Sep 24) Ghostscript could be made to crash or run programs as your login if itopened a specially crafted file.
(Sep 28) USN-1551-1 introduced regressions in Thunderbird.
(Sep 27) Emacs could be made to run programs as your login if it opened a speciallycrafted file.
(Sep 26) Several vulnerabilities have been discovered in Iceape, an internet suite based on Seamonkey. The reported vulnerabilities could lead to the execution of arbitrary [More…]
(Sep 26) Several vulnerabilities were discovered in Tiff, a library set and tools to support the Tag Image File Format (TIFF), allowing denial of service and potential privilege escalation. [More…]
(Sep 25) Several security issues were fixed in ruby1.9.1
(Sep 25) RubyGems could be made to download and install malicious gem files.
(Sep 26) A regression in the SIP handling code was found in DSA-2550-1. For the stable distribution (squeeze), this problem has been fixed in version 1:1.6.2.9-2+squeeze8. [More…]
(Sep 24) Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. [More…]
(Sep 26) FreeRADIUS could be made to crash or run programs if it receivedspecially crafted network traffic.
(Sep 25) Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Sep 26) Transmission could be made to expose sensitive information over thenetwork.
(Sep 21) Several security issues were fixed in the kernel.
(Sep 21) Several security issues were fixed in the kernel.