Debian Linux Security Advisory 5126-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
e97e80d458d422e89d27e87fdda5ace656cc881c5adde21873866d410842dbfeDebian Linux Security Advisory 5127-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
da82f22fb316a942fd49aed4e0aba53798958e6c991eed7a7194ead0910ece82Debian Linux Security Advisory 5128-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in information disclosure, incorrect validation of ECDSA signatures or denial of service.
0324657fa499726b555d7c129504f4c255a5319e525cb25a6e5123a5977dfd00Debian Linux Security Advisory 5129-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing.
6e82db6dff6f96ecfd161cadff7557dfe1491b1ae4e54374528ba5655397ec6eDebian Linux Security Advisory 5130-1 - Two vulnerabilities were discovered in the vhost code of DPDK, a set of libraries for fast packet processing, which could result in denial of service or the execution of arbitrary code.
91a8f661f1bcc7da780cb063c67b93702fdbf9017be864d342f60714bbc251e1Debian Linux Security Advisory 5131-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in information disclosure or denial of service.
0ce1ac4c9b5f847ee5c48b568e5bd589bd60a5500cc76785b6028180f6763265Debian Linux Security Advisory 5132-1 - It was discovered that ecdsautils, a collection of ECDSA elliptic curve cryptography CLI tools verified some cryptographic signatures incorrectly: A signature consisting only of zeroes was always considered valid, making it trivial to forge signatures.
bab2651056eec34cd38c153621217cc6e58c7743c8c929188f51fbfec5fc2427Debian Linux Security Advisory 5133-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service or the execution of arbitrary code.
57990d647a23586c852204bc219b23e57c397992ca00db3c856fe2e4844ce6d4Debian Linux Security Advisory 5134-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
cd9bfbaa976483120b68c8b03af947fe533ef547e5c7b967065f5a35af94391aDebian Linux Security Advisory 5135-1 - Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the "security-restricted operation" sandbox.
1b401aa5d4faa58548f69e0c306dce3fb91d1605a94358de2d2d830a3feb50ecDebian Linux Security Advisory 5136-1 - Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the "security-restricted operation" sandbox.
4c672e27969980ce314a521bcf42a8214533fcf51ff7393b899bb81a6e6a4124Debian Linux Security Advisory 5137-1 - Jakub Wilk discovered a local privilege escalation in needrestart, a utility to check which daemons need to be restarted after library upgrades. Regular expressions to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.
4052b1ab98ef2e147520dccc60d5f2db6e5257cadadb6200c821a45e46034e08Debian Linux Security Advisory 5138-1 - It was discovered that the Waitress WSGI server was susceptible to HTTP request smuggling in some scenarios when used behind a proxy.
2241679089dfb2966fd3c78912099e814e096ae44b74700360ba421e521a24f4Debian Linux Security Advisory 5139-1 - Elison Niven discovered that the c_rehash script included in OpenSSL did not sanitise shell meta characters which could result in the execution of arbitrary commands.
ef79c3ca5c1efbccff9dc61bd33193432c830b87ff4fe6b1269b865f1331e44aDebian Linux Security Advisory 5140-1 - Jacek Konieczny discovered a SQL injection vulnerability in the back-sql backend to slapd in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, allowing an attacker to alter the database during an LDAP search operations when a specially crafted search filter is processed.
9897ab545bd716606e3e6dc857fdce950165ee9eb718713839521fe2b0e5c7acDebian Linux Security Advisory 5141-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
8c69e58ff6fd8a15b274c5e5925bd966552c280196add1a118f5482dd4db06ddDebian Linux Security Advisory 5142-1 - Felix Wilhelm reported that several buffer handling functions in libxml2, a library providing support to read, modify and write XML and HTML files, don't check for integer overflows, resulting in out-of-bounds memory writes if specially crafted, multi-gigabyte XML files are processed. An attacker can take advantage of this flaw for denial of service or execution of arbitrary code.
d4a5de6c433d8932bfac95c14e7d17313f17485d12ef245980c2d355ccea4c7fDebian Linux Security Advisory 5143-1 - Manfred Paul discovered two security issues in the Mozilla Firefox web browser, which could result in the execution of arbitrary code.
8b87e1bbb584ee22014d3de52a20b9892c1b3cb895f0b4f0b2ddfa3f1c9f1754Debian Linux Security Advisory 5144-1 - Several flaws have been discovered in HTCondor, a distributed workload management system, which allow users with only READ access to any daemon to use a different authentication method than the administrator has specified. If the administrator has configured the READ or WRITE methods to include CLAIMTOBE, then it is possible to impersonate another user and submit or remove jobs.
221966fc0d5bbbb92aa90c216a0a0d749b2d2c360a5f461a9ee3da7a2fcb032bDebian Linux Security Advisory 5145-1 - Multiple vulnerabilities have been discovered in the lrzip compression program which could result in denial of service or potentially the execution of arbitrary code.
66f94d48f94a0dbdd6f674c936616ecb8a04e5c301a5d1dcfcfd395568527befDebian Linux Security Advisory 5146-1 - Multiple security vulnerabilities were discovered in Puma, a HTTP server for Ruby/Rack applications, which could result in HTTP request smuggling or information disclosure.
875d2755cc0a513d860625e8cd44e53f4aa7ee7212205db738d63af27b06de7aDebian Linux Security Advisory 5147-1 - Max Justicz reported a directory traversal vulnerability in Dpkg::Source::Archive in dpkg, the Debian package management system. This affects extracting untrusted source packages in the v2 and v3 source package formats that include a debian.tar.
ccab37e95da7246c12fd05c22d773941aa0f6800abc88e264138bd5800ed2fe6Debian Linux Security Advisory 5148-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
11b4c3b58a4df38465e63100eaa00ffa6fa91183274f0304e9dce28606c84261Debian Linux Security Advisory 5149-1 - Joshua Mason discovered that a logic error in the validation of the secret key used in the "local" authorisation mode of the CUPS printing system may result in privilege escalation.
74aae0a48fa08ffb2fafa3f3655e5642898226415b1ab6ee8b3cc0c988ef5a47Debian Linux Security Advisory 5150-1 - Peter Agten discovered that several modules for TCP syslog reception in rsyslog, a system and kernel logging daemon, have buffer overflow flaws when octet-counted framing is used, which could result in denial of service or potentially the execution of arbitrary code.
e4778e769832dd9146a37a7c1719d90772ee712460dc84d2d00fa1c1d0f9272e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed