💾 Archived View for data.konfusator.de › feeds › dsa.gmi captured on 2024-08-24 at 23:29:30. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-08-18)
-=-=-=-=-=-=-
Zuletzt aktualisiert: 2024-08-24T23:31:38Z
2024-08-23
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
https://security-tracker.debian.org/tracker/DSA-5757-1
2024-08-21
Martin Kaesberger discovered a vulnerability which affects multiple
OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk
images may result in the disclosure of arbitrary files.
https://security-tracker.debian.org/tracker/DSA-5756-1
2024-08-21
Martin Kaesberger discovered a vulnerability which affects multiple
OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk
images may result in the disclosure of arbitrary files.
https://security-tracker.debian.org/tracker/DSA-5755-1
2024-08-21
Martin Kaesberger discovered a vulnerability which affects multiple
OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk
images may result in the disclosure of arbitrary files.
https://security-tracker.debian.org/tracker/DSA-5754-1
2024-08-21
An integer overflow was discovered in aom, the AV1 Video Codec Library,
which could potentially result in the execution of arbitrary code if a
malformed media file is processed.
https://security-tracker.debian.org/tracker/DSA-5753-1
2024-08-21
Two vulnerabilities have been discovered in the IMAP implementation of
the Dovecot mail server: Excessive numbers of address headers or very
large headers can result in high CPU usage, leading to denial of
service.
https://security-tracker.debian.org/tracker/DSA-5752-1
2024-08-19
Joshua Rogers that incorrect parsing of ESI variables in the Squid proxy
caching server could result in memory corruption.
https://security-tracker.debian.org/tracker/DSA-5751-1
2024-08-18
Support for the "strict kex" SSH extension has been backported to
AsyncSSH (a Python implementation of the SSHv2 protocol) as hardening
against the Terrapin attack.
https://security-tracker.debian.org/tracker/DSA-5750-1
2024-08-14
Chris Williams discovered a flaw in the handling of mounts for
persistent directories in Flatpak, an application deployment framework
for desktop apps. A malicious or compromised Flatpak app using
persistent directories could take advantage of this flaw to access files
outside of the sandbox.
Details can be found in the upstream advisory at
https://github.com/flatpak/flatpak/security/advisories/GHSA-7hgv-f2j8-xw87
https://security-tracker.debian.org/tracker/DSA-5749-1
2024-08-14
Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.
https://security-tracker.debian.org/tracker/DSA-5748-1
2024-08-13
Multiple cross-site scripting vulnerabilities were discovered in
RoundCube webmail.
https://security-tracker.debian.org/tracker/DSA-5743-2
2024-08-12
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
https://security-tracker.debian.org/tracker/DSA-5747-1
2024-08-09
Noah Misch discovered a race condition in the pg_dump tool included in
PostgreSQL, which may result in privilege escalation.
https://security-tracker.debian.org/tracker/DSA-5746-1
2024-08-09
Noah Misch discovered a race condition in the pg_dump tool included in
PostgreSQL, which may result in privilege escalation.
https://security-tracker.debian.org/tracker/DSA-5745-1
2024-08-08
Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.
https://security-tracker.debian.org/tracker/DSA-5744-1
2024-08-08
Multiple cross-site scripting vulnerabilities were discovered in
RoundCube webmail.
https://security-tracker.debian.org/tracker/DSA-5743-1
2024-08-08
A vulnerability was discovered in odoo, a suite of web based open
source business apps. It could result in the execution of arbitrary
code.
https://security-tracker.debian.org/tracker/DSA-5742-1
2024-08-08
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
https://security-tracker.debian.org/tracker/DSA-5741-1
2024-08-07
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, the bypass of sandbox restrictions or an information leak.
https://security-tracker.debian.org/tracker/DSA-5740-1
2024-08-06
Rory McNamara reported a local privilege escalation in wpasupplicant: A
user able to escalate to the netdev group can load arbitrary shared
object files in the context of the wpa_supplicant process running as
root.
https://security-tracker.debian.org/tracker/DSA-5739-1
2024-08-06
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service, information disclosure or bypass
of Java sandbox restrictions.
https://security-tracker.debian.org/tracker/DSA-5738-1
2024-08-05
If LibreOffice failed to validate a signed macro, it displayed a warning
but still allowed execution of the script after printing a warning.
Going forward in high macro security mode such macros are now disabled.
For additional information please refer to
https://www.libreoffice.org/about-us/security/advisories/cve-2024-6472/
https://security-tracker.debian.org/tracker/DSA-5737-1
2024-08-05
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service, information disclosure or bypass
of Java sandbox restrictions.
https://security-tracker.debian.org/tracker/DSA-5736-1
2024-07-31
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
https://security-tracker.debian.org/tracker/DSA-5735-1
2024-07-27
The security update announced as DSA 5734-1 caused a regression on
configurations using the Samba DLZ module. Updated packages are now
available to correct this issue.
https://security-tracker.debian.org/tracker/DSA-5734-2
2024-07-25
Several vulnerabilities were discovered in BIND, a DNS server
implementation, which may result in denial of service.
To mitigate CVE-2024-1737 two new configuration statements have been
added to allow operators of secondary servers and recursive resolvers to
set an upper bound on the growth of data in their zones or caches.
Details can be found at:
https://kb.isc.org/docs/rrset-limits-in-zones
https://security-tracker.debian.org/tracker/DSA-5734-1
2024-07-18
Multiple security issues were discovered in Thunderbird, which could
potentially result in the execution of arbitrary code.
https://security-tracker.debian.org/tracker/DSA-5733-1
2024-07-18
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
https://security-tracker.debian.org/tracker/DSA-5732-1
2024-07-16
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
https://security-tracker.debian.org/tracker/DSA-5731-1
2024-07-15
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
https://security-tracker.debian.org/tracker/DSA-5730-1
════════════════════════
Skriptlauf: 2024-08-25T05:02:02