(Jan 14) NSPR update to work with the new NSS.
Ubuntu: 1688-1: Linux kernel (Oneiric backport) vulnerabilities
(Jan 15) Several security issues were fixed in the kernel.
The following bug has been fixed:
[-]If password is empty and this field unfocused, appear message about that password strength is “Weak” (126906)
[-](Linux only) Custom certificate isn’t applied to domain (92428)
[-](Linux only) mailmng generates a lot of “maildirsize quota header is corrupted” messages (115308)
Debian: 2606-1: proftpd-dfsg: symlink race
(Jan 13) It has been discovered that in ProFTPd, an FTP server, an attacker on the same physical host as the server may be able to perform a symlink attack allowing to elevate privileges in some configurations. [More…]
Debian: 2605-1: asterisk: several issues
(Jan 13) Several vulnerabilities were discovered in Asterisk, a PBX and telephony toolkit, that allow remote attackers to perform denial of service attacks. [More…]