A vulnerability was discovered in the SPIP publishing system, which could result in unauthorised writes to the database by authors. The oldstable distribution (stretch) is not affected.
Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. CVE-2019-1348
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Two vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in denial of service and potentially the execution of arbitrary code.
Multiple security issues were found in libvpx multimedia library which could result in denial of service and potentially the execution of arbitrary code if malformed WebM files are processed.
Tim Düsterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections.
An out-of-bounds write vulnerability was discovered in php-imagick, a PHP extension to create and modify images using the ImageMagick API, which could result in denial of service, or potentially the execution of arbitrary code.
Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-13723
DSA 4571-1 updated Thunderbird to the 68.x series, which is incompatible with the Enigmail release shipped in Debian Buster. For the stable distribution (buster), this problem has been fixed in
Hoger Just discovered an SQL injection in Redmine, a project management web application. In addition a cross-site scripting issue was found in Textile formatting.
Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization.
It was discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system did not escape strings when importing an archive file into the accounting_storage/mysql backend, resulting in SQL injection.
It was discovered that the Special:Redirect functionality of MediaWiki, a website engine for collaborative work, could expose suppressed user names, resulting in an information leak.
X41 D-Sec discovered that unbound, a validating, recursive, and caching DNS resolver, did not correctly process some NOTIFY queries. This could lead to remote denial-of-service by application crash.
It was reported that the apache2 update released as DSA 4509-1 incorrectly fixed CVE-2019-10092. Updated apache2 packages are now available to correct this issue. For reference, the relevant part of the original advisory text follows.
Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID
The update for openssl released as DSA 4539-1 introduced a regression where AES-CBC-HMAC-SHA ciphers were not enabled. Updated openssl packages are now available to correct this issue.
A change introduced in openssl 1.1.1d (which got released as DSA 4539-1) requires sandboxing features which are not available in Linux kernels before 3.19, resulting in OpenSSH rejecting connection attempts if running on an old kernel. This does not affect Linux kernels shipped in
It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker providing maliciously crafted input to perform code execution, or read arbitrary
Max Kellermann reported a NULL pointer dereference flaw in libapreq2, a generic Apache request library, allowing a remote attacker to cause a denial of service against an application using the library (application crash) if an invalid nested “multipart” body is processed.
The security fixes for the HTTP/2 code in Apache 2 shipped in DSA 4509 unveiled a bug in Subversion which caused a regression in mod_dav_svn when used with HTTP/2.
Two security issues were discovered in OpenSSL: A timing attack against ECDSA and a padding oracle in PKCS7_dataDecode() and CMS_decrypt_set1_pkey().
Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode() and CMS_decrypt_set1_pkey() and it was discovered that a feature of the random number generator (RNG) intended to protect against shared RNG state between parent and child
Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point). CVE-2019-13377
It was discovered that file-roller, an archive manager for GNOME, does not properly handle the extraction of archives with a single ./../ in a file path. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite files if a user
A buffer overflow flaw was discovered in Exim, a mail transport agent. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially the execution of arbitrary code.
Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code.
It was discovered that the Go programming language did accept and normalize invalid HTTP/1.1 headers with a space before the colon, which could lead to filter bypasses or request smuggling in some setups.
It was discovered that the Lemonldap::NG web SSO system did not restrict OIDC authorization codes to the relying party. For the stable distribution (buster), this problem has been fixed in
It was discovered that SPIP, a website engine for publishing, would allow unauthenticated users to modify published content and write to the database, perform cross-site request forgeries, and enumerate registered users.
60 queries. 8.75 mb Memory usage. 0.607 seconds.