Download
| Alert*
|
oval:org.secpod.oval:def:71643
It was discovered that the Shibboleth Service Provider is prone to a NULL pointer dereference flaw in the cookie-based session recovery feature. A remote, unauthenticated attacker can take advantage of this flaw to cause a denial of service . For additional information please refer to the upstream a ... oval:org.secpod.oval:def:69766 The update for openssl released as DSA 4539-1 introduced a regression where AES-CBC-HMAC-SHA ciphers were not enabled. Updated openssl packages are now available to correct this issue. oval:org.secpod.oval:def:69821 The update for libwebkit2gtk-4.0-dev released as 4797-1 introduced a regression with the WebSockets functionality. Updated libwebkit2gtk-4.0-dev packages are now available to correct this issue. oval:org.secpod.oval:def:69851 The update for flatpak released as DSA 4830-1 introduced regressions with flatpak build and in the extra-data mechanism. Updated flatpak packages are now available to correct this issue. oval:org.secpod.oval:def:71642 Multiple vulnerabilities were discovered in plugins for the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. oval:org.secpod.oval:def:71641 Multiple vulnerabilities were discovered in plugins for the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. oval:org.secpod.oval:def:69824 The update for minidlna released as DSA 4806-1 introduced a regression when purging the package. Updated minidlna packages are now available to correct this issue. oval:org.secpod.oval:def:69828 The update for python-apt released as DSA 4809-1 introduced a regression when passing a file descriptor to apt_inst.ArFile or apt_inst.DebFile causing a segmentation fault. Updated python-apt packages are now available to correct this issue. oval:org.secpod.oval:def:69852 The update for libgstreamer-plugins-bad1.0-dev released as DSA 4833-1 choosed a package version incompatible with binNMUs and prevented upgrades to the fixed packages. Updated libgstreamer-plugins-bad1.0-dev packages are now available to correct this issue. oval:org.secpod.oval:def:69830 The update for python-lxml released as 4810-1 introduced a regression when running under Python 2. Updated python-lxml packages are now available to correct this issue. oval:org.secpod.oval:def:69871 It was discovered that SPIP, a website engine for publishing, would allow a malicious user to perform cross-site scripting attacks, access sensitive information, or execute arbitrary code. oval:org.secpod.oval:def:69765 A change introduced in openssl 1.1.1d requires sandboxing features which are not available in Linux kernels before 3.19, resulting in openssh-server rejecting connection attempts if running on an old kernel. This does not affect Linux kernels shipped in Debian oldstable/stable, but may affect buste ... oval:org.secpod.oval:def:69784 This update for QEMU, a fast processor emulator, backports support to passthrough the pschange-mc-no CPU flag. The virtualised MSR seen by a guest is set to show the bug as fixed, allowing to disable iTLB Multihit mitigations in nested hypervisors . oval:org.secpod.oval:def:69888 Harsh Jaiswal discovered a remote shell execution vulnerability in ruby-mini-magick, a Ruby library providing a wrapper around ImageMagick or GraphicsMagick, exploitable when using MiniMagick::Image.open with specially crafted URLs coming from unsanitized user input. oval:org.secpod.oval:def:74580 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service, HTTP request smuggling or cache poisoning. oval:org.secpod.oval:def:69761 It was discovered that the Lemonldap::NG web SSO system did not restrict OIDC authorization codes to the relying party. oval:org.secpod.oval:def:69944 It was discovered that the LDAP authentication modules for the Prosody Jabber/XMPP server incorrectly validated the XMPP address when checking whether a user has admin access. oval:org.secpod.oval:def:69822 Two vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server: CVE-2020-17508 The ESI plugin was vulnerable to memory disclosure. CVE-2020-17509 The negative cache option was vulnerable to cache poisoning. oval:org.secpod.oval:def:69811 A denial of service vulnerability was found in Tor, a connection-based low-latency anonymous communication system. For the stable distribution , this problem has been fixed in version 0.3.5.10-1. oval:org.secpod.oval:def:69960 Kobus van Schoor discovered that network-manager-ssh, a plugin to provide VPN integration for SSH in NetworkManager, is prone to a privilege escalation vulnerability. A local user with privileges to modify a connection can take advantage of this flaw to execute arbitrary commands as root. This updat ... oval:org.secpod.oval:def:69940 Multiple issues have been found in cacti, a server monitoring system, potentially resulting in SQL code execution or information disclosure by authenticated users. CVE-2019-16723 Authenticated users may bypass authorization checks for viewing a graph by submitting requests with modified local_graph_ ... oval:org.secpod.oval:def:69937 It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation. oval:org.secpod.oval:def:79850 It was discovered that SPIP, a website engine for publishing, would allow a malicious user to execute arbitrary code. For the oldstable distribution , this problem has been fixed in version 3.2.4-1+deb10u7. oval:org.secpod.oval:def:69867 Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, a sandbox program to restrict the running environment of untrusted applications, which could result in root privilege escalation. This update disables OverlayFS support in firejail. oval:org.secpod.oval:def:71229 It was discovered that missing input sanitising in the template function of the Underscore JavaScript library could result in the execution of arbitrary code. oval:org.secpod.oval:def:69913 Max Kellermann reported a NULL pointer dereference flaw in libapreq2-dev, a generic Apache request library, allowing a remote attacker to cause a denial of service against an application using the library if an invalid nested multipart body is processed. oval:org.secpod.oval:def:78142 It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize HTML messages. This would allow an attacker to perform Cross-Side Scripting attacks. oval:org.secpod.oval:def:78143 Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed. oval:org.secpod.oval:def:78150 The update for prosody released as DSA 5047 introduced a memory leak. Updated prosody packages are now available to correct this issue. oval:org.secpod.oval:def:64140 Shuaibing Lu discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could result in denial of service when processing specially crafted deb files. oval:org.secpod.oval:def:64141 Stephan Zeisberg discovered that the libreswan IPsec implementation could be forced into a crash/restart via a malformed IKEv1 Informational Exchange packet, resulting in denial of service. oval:org.secpod.oval:def:64144 Several vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2019-6477 It was discovered that TCP-pipelined queries can bypass tcp-client limits resulting in denial of service. CVE-2020-8616 It was discovered that BIND does not sufficiently limit the number of fetches performed ... oval:org.secpod.oval:def:64145 Multiple vulnerabilities were discovered in the vhost code of DPDK, a set of libraries for fast packet processing, which could result in denial of service or the execution of arbitrary code by malicious guests/containers. oval:org.secpod.oval:def:63058 Linux Mint 4 is installed oval:org.secpod.oval:def:64146 Several vulnerabilities were discovered in the Dovecot email server, which could cause crashes in the submission, submission-login or lmtp services, resulting in denial of service. oval:org.secpod.oval:def:64147 Two vulnerabiliites have been discovered in PDNS Recursor, a resolving name server; a traffic amplification attack against third party authoritative name servers and insufficient validation of NXDOMAIN responses lacking an SOA. The version of pdns-recursor in the oldstable distribution is no longe ... oval:org.secpod.oval:def:64149 Two vulnerabiliites have been discovered in Unbound, a recursive-only caching DNS server; a traffic amplification attack against third party authoritative name servers and insufficient sanitisation of replies from upstream servers could result in denial of service via an infinite loop. The version ... oval:org.secpod.oval:def:71649 The Qualys Research Labs reported several vulnerabilities in Exim, a mail transport agent, which could result in local privilege escalation and remote code execution. Details can be found in the Qualys advisory at https://www.qualys.com/2021/05/04/21nails/21nails.txt oval:org.secpod.oval:def:71225 Damian Lukowski discovered a flaw in spamassassin, a Perl-based spam filter using text analysis. Malicious rule configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. oval:org.secpod.oval:def:71646 Several vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2021-25214 Greg Kuechle discovered that a malformed incoming IXFR transfer could trigger an assertion failure in named, resulting in denial of service. CVE-2021-25215 Siva Kakarla discovered that named could crash when ... oval:org.secpod.oval:def:79857 Emmet Leahy reported that libphp-adodb, a PHP database abstraction layer library, allows to inject values into a PostgreSQL connection string. Depending on how the library is used this flaw can result in authentication bypass, reveal a server IP address or have other unspecified impact. oval:org.secpod.oval:def:71235 Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service. oval:org.secpod.oval:def:64143 It was discovered that exim4, a mail transport agent, suffers from a authentication bypass vulnerability in the spa authentication driver. The spa authentication driver is not enabled by default. oval:org.secpod.oval:def:71226 Kevin Chung discovered that python3-lxml, a Python binding for the libxml2 and libxslt libraries, did not properly sanitize its input. This would allow a malicious user to mount a cross-site scripting attack. oval:org.secpod.oval:def:71645 It was discovered that composer, a dependency manager for PHP, did not properly sanitize Mercurial URLs, which could lead to arbitrary code execution. oval:org.secpod.oval:def:78138 Several vulnerabilities were discovered in djvulibre, a library and set of tools to handle documents in the DjVu format. An attacker could crash document viewers and possibly execute arbitrary code through crafted DjVu files. oval:org.secpod.oval:def:69929 It was discovered that debian-edu-config, a set of configuration files used for the Debian Edu blend, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other user principals. oval:org.secpod.oval:def:69933 It was discovered that debian-lan-config, a FAI config space for the Debian-LAN system, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other user principals. This update provides a fixed configuration for new deployments, for existing setups, the NEW ... oval:org.secpod.oval:def:78158 Tavis Ormandy discovered that incorrect parsing of pkcs7 sequences in nss, the Mozilla Network Security Service library, may result in denial of service. oval:org.secpod.oval:def:78145 An out-of-bounds memory access was discovered in the mod_extforward plugin of the lighttpd web server, which may result in denial of service. oval:org.secpod.oval:def:79854 Jeremy Mousset discovered two XML parsing vulnerabilities in the Tryton application platform, which may result in information disclosure or denial of service. oval:org.secpod.oval:def:79853 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, spoofing or sandbox bypass. oval:org.secpod.oval:def:64150 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys. oval:org.secpod.oval:def:64155 Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:71230 Multiple vulnerabilities have been discovered in libldb1, a LDAP-like embedded database built on top of TDB. CVE-2020-10730 Andrew Bartlett discovered a NULL pointer dereference and use-after-free flaw when handling "ASQ" and "VLV" LDAP controls and combinations with the LDAP paged_results feature. ... oval:org.secpod.oval:def:69924 Multiple cross-site scripting and cross-site request forgery issues were discovered in the DAViCal CalDAV Server. oval:org.secpod.oval:def:69797 It was discovered that the Title blacklist functionality in MediaWiki, a website engine for collaborative work, could by bypassed. oval:org.secpod.oval:def:74569 The Dynamic Code Evolution Virtual Machine , an alternative VM for OpenJDK 11 with enhanced class redefinition, has been updated for compatibility with OpenJDK 11.0.12. oval:org.secpod.oval:def:78159 Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers , which may result in denial of service or potentially in the the execution of arbitrary code. oval:org.secpod.oval:def:78160 It was discovered that IPython, an enhanced interactive Python shell, executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to. oval:org.secpod.oval:def:78154 Zhuowei Zhang discovered a bug in the EAP authentication client code of strongSwan, an IKE/IPsec suite, that may allow to bypass the client and in some scenarios even the server authentication, or could lead to a denial-of-service attack. When using EAP authentication , the successful completion of ... oval:org.secpod.oval:def:79855 Jeremy Mousset discovered two XML parsing vulnerabilities in the Tryton application platform, which may result in information disclosure or denial of service. oval:org.secpod.oval:def:85659 Multiple vulnerabilities were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file is opened. oval:org.secpod.oval:def:85658 Max Justicz reported a directory traversal vulnerability in Dpkg::Source::Archive in dpkg, the Debian package management system. This affects extracting untrusted source packages in the v2 and v3 source package formats that include a debian.tar. oval:org.secpod.oval:def:79851 Two security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. oval:org.secpod.oval:def:79859 Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:79861 Multiple vulnerabilities have been discovered in the freeware Advanced Audio Decoder, which may result in denial of service or potentially the execution of arbitrary code if malformed media files are processed. oval:org.secpod.oval:def:80396 Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. oval:org.secpod.oval:def:78141 It was discovered that sphinxsearch, a fast standalone full-text SQL search engine, could allow arbitrary files to be read by abusing a configuration option. oval:org.secpod.oval:def:69910 It was discovered that SPIP, a website engine for publishing, would allow unauthenticated users to modify published content and write to the database, perform cross-site request forgeries, and enumerate registered users. oval:org.secpod.oval:def:69795 A vulnerability was discovered in the SPIP publishing system, which could result in unauthorised writes to the database by authors. The oldstable distribution is not affected. oval:org.secpod.oval:def:64153 Matei Badanoiu and LoRexxar@knownsec discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not correctly process and sanitize requests. This would allow a remote attacker to perform a Cross-Side Scripting attack leading to the execution of arbitrary code. oval:org.secpod.oval:def:64152 A flaw was reported in the TLS session ticket key construction in GnuTLS, a library implementing the TLS and SSL protocols. The flaw caused the TLS server to not securely construct a session ticket encryption key considering the application supplied secret, allowing a man-in-the-middle attacker to b ... oval:org.secpod.oval:def:64139 Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:69962 This update fixes several vulnerabilities in Graphicsmagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed media files are processed. oval:org.secpod.oval:def:88360 It was discovered that SPIP, a website engine for publishing, would allow a malicious user to perform cross-site scripting attacks. For the oldstable distribution , this problem has been fixed in version 3.2.4-1+deb10u8. oval:org.secpod.oval:def:88379 A directory traversal vulnerability was discovered in the Metadata anonymisation toolkit, which could result in information disclosure via a malformed ZIP archive. oval:org.secpod.oval:def:88381 It was discovered that SPIP, a website engine for publishing, would allow a malicious user to execute arbitrary code or escalate privileges. oval:org.secpod.oval:def:69839 Stephane Chauveau discovered that the graphics protocol implementation in Kitty, a GPU-based terminal emulator, did not sanitise a filename when returning an error message, which could result in the execution of arbitrary shell commands when displaying a file with cat. oval:org.secpod.oval:def:69843 It was discovered that incorrect validation of JWT tokens in InfluxDB, a time series, metrics, and analytics database, could result in authentication bypass. oval:org.secpod.oval:def:69869 Thomas Akesson discovered a remotely triggerable vulnerability in the mod_authz_svn module in Subversion, a version control system. When using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option an unauthenticated remote client can take advantage of this flaw to cause a denial ... oval:org.secpod.oval:def:88354 It was discovered that the Waitress WSGI server was susceptible to HTTP request smuggling in some scenarios when used behind a proxy. oval:org.secpod.oval:def:69798 Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting and Cross-Site Request Forgery attacks, create open redirects, poison cache, and bypass authorization access and input sanitation. oval:org.secpod.oval:def:78149 Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service. oval:org.secpod.oval:def:78144 Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, run unchecked SQL queries, bypass hardening, or perform Cross-Site Scripting attacks. oval:org.secpod.oval:def:78147 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, denial of service or spoofing. oval:org.secpod.oval:def:78148 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:88353 Jakub Wilk discovered a local privilege escalation in needrestart, a utility to check which daemons need to be restarted after library upgrades. Regular expressions to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries ... oval:org.secpod.oval:def:71647 A vulnerability was discovered in libimage-exiftool-perl, a library and program to read and write meta information in multimedia files, which may result in execution of arbitrary code if a malformed DjVu file is processed. oval:org.secpod.oval:def:71224 Ben Caller discovered that python3-pygments, a syntax highlighting package written in Python 3, used regular expressions which could result in denial of service. oval:org.secpod.oval:def:69775 An out-of-bounds memory access was discovered in the Qt library, which could result in denial of service through a text file containing many directional characters. The oldstable distribution is not affected. oval:org.secpod.oval:def:69868 It was discovered that zstd, a compression utility, temporarily exposed a world-readable version of its input even if the original file had restrictive permissions. oval:org.secpod.oval:def:69877 It was discovered that zstd, a compression utility, was vulnerable to a race condition: it temporarily exposed, during a very short timeframe, a world-readable version of its input even if the original file had restrictive permissions. oval:org.secpod.oval:def:69947 Two security issues were found in the Qt library, which could result in plugins and libraries being loaded from the current working directory, resulting in potential code execution. oval:org.secpod.oval:def:69895 Imre Rad discovered several vulnerabilities in GNU patch, leading to shell command injection or escape from the working directory and access and overwrite files, if specially crafted patch files are processed. This update includes a bugfix for a regression introduced by the patch to address CVE-2018 ... oval:org.secpod.oval:def:69859 Multiple security issues were discovered in the Simple Linux Utility for Resource Management , a cluster resource management and job scheduling system, which could result in denial of service, information disclosure or privilege escalation. oval:org.secpod.oval:def:69791 Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-13723 Yuxiang Li discovered a use-after-free issue in the bluetooth service. CVE-2019-13724 Yuxiang Li discovered an out-of-bounds read issue in the bluetooth service. oval:org.secpod.oval:def:69812 Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-20503 Natalie Silvanovich discovered an out-of-bounds read issue in the usrsctp library. CVE-2020-6422 David Manouchehri discovered a use-after-free issue in the WebGL implementation. CVE-2020-6424 Sergei Glazunov dis ... oval:org.secpod.oval:def:69741 Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-5805 A use-after-free issue was discovered in the pdfium library. CVE-2019-5806 Wen Xu discovered an integer overflow issue in the Angle library. CVE-2019-5807 TimGMichaud discovered a memory corruption issue in the v ... oval:org.secpod.oval:def:88351 Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the security-restricted operation sandbox. For additional information please refer to the upstream announcement at https://www.postgresql.org/support/security/CVE-2022-1552/ oval:org.secpod.oval:def:88384 It was discovered that Booth, a cluster ticket manager, didn"t correctly restrict intra-node communication when configuring the authfile configuration directive. oval:org.secpod.oval:def:88366 Elton Nokaj discovered that incorrect error handling in Bottle, a WSGI framework for Python, could result in the disclosure of sensitive information. oval:org.secpod.oval:def:88359 Several security vulnerabilities have been discovered in smarty3, the compiling PHP template engine. Template authors are able to run restricted static php methods or even arbitrary PHP code by crafting a malicious math string or by choosing an invalid {block} or {include} file name. If a math strin ... oval:org.secpod.oval:def:80399 It was discovered that ecdsautils, a collection of ECDSA elliptic curve cryptography CLI tools verified some cryptographic signatures incorrectly: A signature consisting only of zeroes was always considered valid, making it trivial to forge signatures. oval:org.secpod.oval:def:74576 Thorsten Glaser and Axel Beckert reported that lynx, a non-graphical web browser, does not properly handle the userinfo subcomponent of a URI, which can lead to leaking of credential in cleartext in SNI data. oval:org.secpod.oval:def:74570 Andrea Fioraldi discovered a buffer overflow in libsndfile1-dev, a library for reading/writing audio files, which could result in denial of service or potentially the execution of arbitrary code when processing a malformed audio file. oval:org.secpod.oval:def:74575 Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling, bypass of logout restrictions or authentications using variations of a valid user name. oval:org.secpod.oval:def:69885 Several vulnerabilities have been discovered in the GRUB2 bootloader. CVE-2020-14372 It was discovered that the acpi command allows a privileged user to load crafted ACPI tables when Secure Boot is enabled. CVE-2020-25632 A use-after-free vulnerability was found in the rmmod command. CVE-2020-25647 ... oval:org.secpod.oval:def:69876 Several vulnerabilities have been discovered in the chromium web browser. CVE-2021-21148 Mattias Buelens discovered a buffer overflow issue in the v8 javascript library. CVE-2021-21149 Ryoya Tsukasaki discovered a stack overflow issue in the Data Transfer implementation. CVE-2021-21150 Woojin Oh dis ... oval:org.secpod.oval:def:69963 Andrew Wesie discovered a buffer overflow in the H264 support of the GStreamer multimedia framework, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:69964 Johan Smits discovered that ruby-redcarpet, a markdown parser, did not properly validate its input. This would allow an attacker to mount a cross-site scripting attack. oval:org.secpod.oval:def:69965 Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure. oval:org.secpod.oval:def:69845 Several vulnerabilities have been discovered in the dovecot-dev email server. CVE-2020-24386 When imap hibernation is active, an attacker can cause dovecot-dev to discover file system directory structures and access other users" emails via specially crafted commands. CVE-2020-25275 Innokentii Senno ... oval:org.secpod.oval:def:69841 Alex Birnberg discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling HTML or Plain text messages with malicious content. oval:org.secpod.oval:def:69836 Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting or the disclosure of hidden users. oval:org.secpod.oval:def:69848 Liaogui Zhong discovered two security issues in XStream, a Java library to serialise objects to XML and back again, which could result in the deletion of files or server-side request forgery when unmarshalling. oval:org.secpod.oval:def:69832 Multiple vulnerabilities have been discovered in the libxen-dev hypervisor: Several security issues affecting libxen-devstore could result in cross domain access or denial of service against libxen-devstored. Additional vulnerabilities could result in guest-to-host denial of service. oval:org.secpod.oval:def:69838 Several vulnerabilities were discovered in Sympa, a mailing list manager, which could result in local privilege escalation, denial of service or unauthorized access via the SOAP API. Additionally to mitigate CVE-2020-26880 the sympa_newaliases-wrapper is no longer installed setuid root by default. A ... oval:org.secpod.oval:def:69854 Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure. oval:org.secpod.oval:def:69831 It was discovered that the default blacklist of XStream, a Java library to serialise objects to XML and back again, was vulnerable to the execution of arbitrary shell commands by manipulating the processed input stream. For additional defense-in-depth it is recommended to switch to the whitelist app ... oval:org.secpod.oval:def:88380 Two cross-site scripting vulnerabilities were discovered in the Django Rest Framework, a toolkit to build web APIs. oval:org.secpod.oval:def:69948 An out-of-bounds write vulnerability due to an integer overflow was reported in libexif-dev, a library to parse EXIF files, which could result in denial of service, or potentially the execution of arbitrary code if specially crafted image files are processed. oval:org.secpod.oval:def:69807 It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when "noscript" and one or more raw text tags were whitelisted. oval:org.secpod.oval:def:69804 Tom Lane discovered that ALTER ... DEPENDS ON EXTENSION sub commands in the PostgreSQL database did not perform authorisation checks. oval:org.secpod.oval:def:69866 Multiple security issues were discovered in the implementation of the Go programming language, which could result in denial of service and the P-224 curve implementation could generate incorrect outputs. oval:org.secpod.oval:def:69958 Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of SMTP commands, which could result in local privilege escalation or the execution of arbitrary code. oval:org.secpod.oval:def:69959 Antonio Morales discovered an user-after-free flaw in the memory pool allocator in ProFTPD, a powerful modular FTP/SFTP/FTPS server. Interrupting current data transfers can corrupt the ProFTPD memory pool, leading to denial of service, or potentially the execution of arbitrary code. oval:org.secpod.oval:def:69953 Simon Charette discovered that Django, a high-level Python web development framework, did not properly handle input in its PostgreSQL module. A remote attacker could leverage this to perform SQL injection attacks. oval:org.secpod.oval:def:69943 Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of email addresses which could result in the execution of arbitrary commands as root. In addition this update fixes a denial of service by triggering an opportunistic TLS downgrade. oval:org.secpod.oval:def:69930 It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the fileinto was used, bypassing ACL checks. oval:org.secpod.oval:def:69792 Tim Düsterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections. oval:org.secpod.oval:def:69790 Multiple vulnerabilities have been found in the php-symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. oval:org.secpod.oval:def:69785 It was discovered that the vhost PMD in DPDK, a set of libraries for fast packet processing, was affected by memory and file descriptor leaks which could result in denial of service. oval:org.secpod.oval:def:69779 Alex Murray discovered a stack-based buffer overflow vulnerability in libfribidi-dev, an implementation of the Unicode Bidirectional Algorithm algorithm, which could result in denial of service or potentially the execution of arbitrary code, when processing a large number of unicode isolate directio ... oval:org.secpod.oval:def:69778 It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, it was possible to circumvent XML signature verification on SAML messages. oval:org.secpod.oval:def:69771 Daniel Mandragona discovered that invalid DSA public keys can cause a panic in dsa.Verify, resulting in denial of service. oval:org.secpod.oval:def:69803 A heap-based buffer overflow vulnerability was discovered in the idn2_to_ascii_4i function in libidn2-dev, the GNU library for Internationalized Domain Names , which could result in denial of service, or the execution of arbitrary code when processing a long domain string. oval:org.secpod.oval:def:69777 Stephan Zeisberg discovered that missing input validation in ProFTPD, a FTP/SFTP/FTPS server, could result in denial of service via an infinite loop. oval:org.secpod.oval:def:69767 X41 D-Sec discovered that unbound, a validating, recursive, and caching DNS resolver, did not correctly process some NOTIFY queries. This could lead to remote denial-of-service by application crash. oval:org.secpod.oval:def:69914 It was discovered that libjackson2-databind-java, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker providing maliciously crafted input to perform code execution, or read arbitrary files on the s ... oval:org.secpod.oval:def:69762 It was discovered that the Go programming language did accept and normalize invalid HTTP/1.1 headers with a space before the colon, which could lead to filter bypasses or request smuggling in some setups. oval:org.secpod.oval:def:69763 A buffer overflow flaw was discovered in Exim, a mail transport agent. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially the execution of arbitrary code. oval:org.secpod.oval:def:69917 It was discovered that the Special:Redirect functionality of MediaWiki, a website engine for collaborative work, could expose suppressed user names, resulting in an information leak. oval:org.secpod.oval:def:69786 A vulnerability was discovered in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker, allowing a malicious MQTT client to cause a denial of service , by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy. oval:org.secpod.oval:def:69907 It was discovered that OpenDMARC, a milter implementation of DMARC, is prone to a signature-bypass vulnerability with multiple From: addresses. oval:org.secpod.oval:def:69941 Lukas Kupczyk reported a vulnerability in the handling of chunked HTTP in openconnect, an open client for Cisco AnyConnect, Pulse and GlobalProtect VPN. A malicious HTTP server , can provide bogus chunk lengths for chunked HTTP encoding and cause a heap-based buffer overflow. oval:org.secpod.oval:def:69757 Multiple vulnerabilities have been discovered in the Dino XMPP client, which could allow spoofing message, manipulation of a user"s roster and unauthorised sending of message carbons. oval:org.secpod.oval:def:69760 Daniel McCarney discovered that the BIRD internet routing daemon incorrectly validated RFC 8203 messages in it"s BGP daemon, resulting in a stack buffer overflow. oval:org.secpod.oval:def:69750 Alf-Andre Walla discovered a remotely triggerable assert in the Varnish web accelerator; sending a malformed HTTP request could result in denial of service. The oldstable distribution is not affected. oval:org.secpod.oval:def:69749 Stefan Metzmacher discovered a flaw in Samba, a SMB/CIFS file, print, and login server for Unix. Specific combinations of parameters and permissions can allow user to escape from the share path definition and see the complete "/" filesystem. Unix permission checks in the kernel are still enforced. D ... oval:org.secpod.oval:def:69897 Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands. oval:org.secpod.oval:def:69739 Benno Fuenfstueck discovered that Pango, a library for layout and rendering of text with an emphasis on internationalization, is prone to a heap-based buffer overflow flaw in the pango_log2vis_get_embedding_levels function. An attacker can take advantage of this flaw for denial of service or potenti ... oval:org.secpod.oval:def:69789 It was discovered in the Simple Linux Utility for Resource Management , a cluster resource management and job scheduling system did not escape strings when importing an archive file into the accounting_storage/mysql backend, resulting in SQL injection. oval:org.secpod.oval:def:69890 Two vulnerabilities were discovered in the DOSBox emulator, which could result in the execution of arbitrary code on the host running DOSBox when running a malicious executable in the emulator. oval:org.secpod.oval:def:78152 Matthias Gerstner reported that usbview, a USB device viewer, does not properly handle authorization in the PolicyKit policy configuration, which could result in root privilege escalation. oval:org.secpod.oval:def:74579 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:74582 Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the stable distribution , these problems have been fixed in version 1:78.13.0-1~deb11u1. oval:org.secpod.oval:def:80395 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:88343 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:80397 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:88356 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:88365 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:88372 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:88370 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:88383 Multiple security issues have been found in the Mozilla Firefox web browser, which could result in spoofing. oval:org.secpod.oval:def:71640 Multiple vulnerabilities were discovered in plugins for the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened. oval:org.secpod.oval:def:69808 Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-19880 Richard Lorenz discovered an issue in the sqlite library. CVE-2019-19923 Richard Lorenz discovered an out-of-bounds read issue in the sqlite library. CVE-2019-19925 Richard Lorenz discovered an issue in the sqli ... oval:org.secpod.oval:def:71233 A use-after-free was discovered in lib3mf-dev, a C++ implementation of the 3D Manufacturing Format, which could result in the execution of arbitrary code if a malformed file is opened. oval:org.secpod.oval:def:69881 Two vulnerabilities were discovered in Node.js, which could result in denial of service or DNS rebinding attacks. oval:org.secpod.oval:def:69846 Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code or HTTP request smuggling. oval:org.secpod.oval:def:71234 Stan Hu discovered that kramdown, a pure Ruby Markdown parser and converter, performed insufficient namespace validation of Rouge syntax highlighting formatters. oval:org.secpod.oval:def:88364 Jeffrey Bencteux reported two vulnerabilities in cifs-utils, the Common Internet File System utilities, which can result in escalation of privileges or an information leak . oval:org.secpod.oval:def:78151 David Bouman discovered a heap-based buffer overflow vulnerability in the base64 functions of aide, an advanced intrusion detection system, which can be triggered via large extended file attributes or ACLs. This may result in denial of service or privilege escalation. oval:org.secpod.oval:def:69882 Beast Glatisant and Jelmer Vernooij reported that python3-aiohttp, a async HTTP client/server framework, is prone to an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. oval:org.secpod.oval:def:69902 Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed. oval:org.secpod.oval:def:69853 Multiple vulnerabilities were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed media file is opened. oval:org.secpod.oval:def:80394 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-22624 Kirin discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-22628 Kirin discovered that Processing maliciously crafted web content may lead to arbitrary ... oval:org.secpod.oval:def:79862 Danilo Ramos discovered that incorrect memory handling in zlib"s deflate handling could result in denial of service or potentially the execution of arbitrary code if specially crafted input is processed. oval:org.secpod.oval:def:88357 Felix Wilhelm reported that several buffer handling functions in libxml2, a library providing support to read, modify and write XML and HTML files, don"t check for integer overflows, resulting in out-of-bounds memory writes if specially crafted, multi-gigabyte XML files are processed. An attacker ca ... oval:org.secpod.oval:def:88358 Peter Agten discovered that several modules for TCP syslog reception in rsyslog, a system and kernel logging daemon, have buffer overflow flaws when octet-counted framing is used, which could result in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:69916 It was reported that the apache2 update released as DSA 4509-1 incorrectly fixed CVE-2019-10092. Updated apache2 packages are now available to correct this issue. For reference, the relevant part of the original advisory text follows. CVE-2019-10092 Matei Mal Badanoiu reported a limited cross-site s ... oval:org.secpod.oval:def:69742 Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. oval:org.secpod.oval:def:69768 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in cross-site scripting, denial of service, information disclosure or Kerberos user impersonation. oval:org.secpod.oval:def:69814 It was reported that the BlueZ"s HID and HOGP profile implementations don"t specifically require bonding between the device and the host. Malicious devices can take advantage of this flaw to connect to a target host and impersonate an existing HID device without security or to cause an SDP or GATT s ... oval:org.secpod.oval:def:69956 Multiple security issues were discovered in python-pil, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed PCX, FLI, SGI or TIFF images are processed. oval:org.secpod.oval:def:69880 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:69884 Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:69889 Multiple vulnerabilities were discovered in the HyperLogLog implementation of Redis, a persistent key-value database, which could result in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:69901 It was discovered that the code fixes to address CVE-2018-16858 and CVE-2019-9848 were not complete. oval:org.secpod.oval:def:69900 Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. oval:org.secpod.oval:def:69905 Zerons and Qualys discovered that a buffer overflow triggerable in the TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code with root privileges. oval:org.secpod.oval:def:69801 Multiple integer overflows have been discovered in the liblibtiff5 library and the included tools. oval:org.secpod.oval:def:69911 Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code. oval:org.secpod.oval:def:69915 Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID - -1 or 42949672 ... oval:org.secpod.oval:def:69919 A use-after-free was found in libarchive-dev, a multi-format archive and compression library, which could result in denial of service and potentially the execution of arbitrary code is a malformed archive is processed. oval:org.secpod.oval:def:74571 A buffer overflow was discovered in the Aspell spell checker, which could result in the execution of arbitrary code. oval:org.secpod.oval:def:69746 Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve protocol parsers in the Dovecot email server do not properly validate input . A remote attacker can take advantage of this flaw to trigger out of bounds heap memory writes, leading to information leaks or potentially the execution ... oval:org.secpod.oval:def:69754 It was discovered that the code fixes for LibreOffice to address CVE-2019-9852 were not complete. Additional information can be found at https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/ oval:org.secpod.oval:def:69753 It was discovered that various procedures in Ghostscript, the GPL PostScript/PDF interpreter, do not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. oval:org.secpod.oval:def:69737 Two security issues have been discovered in the PostgreSQL database system, which could result in privilege escalation, denial of service or memory disclosure. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1960/ oval:org.secpod.oval:def:69894 Jeremy Harris discovered that Exim, a mail transport agent, does not properly handle the ${sort } expansion. This flaw can be exploited by a remote attacker to execute programs with root privileges in non-default configurations where ${sort } expansion is used for items that can be controlled by an ... oval:org.secpod.oval:def:69770 A buffer overflow was found in file, a file type classification tool, which may result in denial of service or potentially the execution of arbitrary code if a malformed CDF file is processed. oval:org.secpod.oval:def:69892 Two security issues have been discovered in LibreOffice: CVE-2019-9848 Nils Emmerich discovered that malicious documents could execute arbitrary Python code via LibreLogo. CVE-2019-9849 Matei Badanoiu discovered that the stealth mode did not apply to bullet graphics. oval:org.secpod.oval:def:69898 Dominik Penner discovered that Kconfig, the KDE configuration settings framework, supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file arbitrary commands could get executed. This update removes this feature. oval:org.secpod.oval:def:69896 Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-11782 Ace Olszowka reported that the Subversion"s svnserve server process may exit when a well-formed read-only request produc ... oval:org.secpod.oval:def:69764 Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication and hostapd . CVE-2019-13377 A timing-based side-channel attack against WPA3"s Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password. CVE-2019-16275 Insufficie ... oval:org.secpod.oval:def:69957 Multiple vulnerabilities were discovered in cURL, an URL transfer library. CVE-2019-5436 A heap buffer overflow in the TFTP receiving code was discovered, which could allow DoS or arbitrary code execution. This only affects the oldstable distribution . CVE-2019-5481 Thomas Vegas discovered a double- ... oval:org.secpod.oval:def:69923 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:69921 Manfred Paul and Lukas Schauer reported that the .charkeys procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox. oval:org.secpod.oval:def:69927 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:69928 It was discovered that python-ecdsa, a cryptographic signature library for Python, incorrectly handled certain signatures. A remote attacker could use this issue to cause python-ecdsa to either not warn about incorrect signatures, or generate exceptions resulting in a denial-of-service. oval:org.secpod.oval:def:69926 Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. CVE-2018-11805 Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. CVE-2019-12420 Specially crafted mulitpart m ... oval:org.secpod.oval:def:69810 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:69931 Stephan Zeisberg reported an out-of-bounds write vulnerability in the _sasl_add_string function in libsasl2-dev, a library implementing the Simple Authentication and Security Layer. A remote attacker can take advantage of this issue to cause denial-of-service conditions for applications using the li ... oval:org.secpod.oval:def:69918 Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code. oval:org.secpod.oval:def:69920 Rich Mirch discovered that the pg_ctlcluster script didn"t drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. oval:org.secpod.oval:def:69794 Two vulnerabilities were discovered in libnss3-dev, a set of cryptographic libraries, which may result in denial of service and potentially the execution of arbitrary code. oval:org.secpod.oval:def:69793 Multiple security issues were found in libvpx-dev multimedia library which could result in denial of service and potentially the execution of arbitrary code if malformed WebM files are processed. oval:org.secpod.oval:def:69799 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of Kerberos GSSAPI and TGS requests or incorrect TLS handshakes. oval:org.secpod.oval:def:69748 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs. oval:org.secpod.oval:def:69758 Simon McVittie reported a flaw in ibus, the Intelligent Input Bus. Due to a misconfiguration during the setup of the DBus, any unprivileged user could monitor and send method calls to the ibus bus of another user, if able to discover the UNIX socket used by another user connected on a graphical envi ... oval:org.secpod.oval:def:69945 Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. oval:org.secpod.oval:def:69946 Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:69952 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:69950 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:69813 Andre Bargull discovered an integer overflow in the International Components for Unicode library which could result in denial of service and potentially the execution of arbitrary code. oval:org.secpod.oval:def:69935 Simon Charette reported that the password reset functionality in Django, a high-level Python web development framework, uses a Unicode case-insensitive query to retrieve accounts matching the email address requesting the password reset. An attacker can take advantage of this flaw to potentially retr ... oval:org.secpod.oval:def:69939 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:69936 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, data exfiltration or cross-site scripting. oval:org.secpod.oval:def:69942 Two security issues were found in the Python interface to the apt package manager; package downloads from unsigned repositories were incorrectly rejected and the hash validation relied on MD5. oval:org.secpod.oval:def:69954 It was discovered that pysaml2, a Python implementation of SAML to be used in a WSGI environment, was susceptible to XML signature wrapping attacks, which could result in a bypass of signature verification. oval:org.secpod.oval:def:69955 Ilja Van Sprundel reported a logic flaw in the Extensible Authentication Protocol packet parser in the Point-to-Point Protocol Daemon . An unauthenticated attacker can take advantage of this flaw to trigger a stack-based buffer overflow, leading to denial of service . oval:org.secpod.oval:def:69961 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:69912 Three security issues were discovered in OpenSSL: A timing attack against ECDSA, a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey and it was discovered that a feature of the random number generator intended to protect against shared RNG state between parent and child processes in the ... oval:org.secpod.oval:def:69773 It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, was susceptible to cross-site scripting. oval:org.secpod.oval:def:69858 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:69860 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or an information leak. oval:org.secpod.oval:def:69864 Several vulnerabilities have been discovered in the chromium web browser. CVE-2020-16044 Ned Williamson discovered a use-after-free issue in the WebRTC implementation. CVE-2021-21117 Rory McNamara discovered a policy enforcement issue in Cryptohome. CVE-2021-21118 Tyler Nighswander discovered a data ... oval:org.secpod.oval:def:69774 Malte Kraus discovered that liblibpam-python, a PAM module allowing PAM modules to be written in Python, didn"t sanitise environment variables which could result in local privilege escalation if used with a setuid binary. oval:org.secpod.oval:def:69883 Multiple security issues were discovered in Docker, a Linux container runtime, which could result in denial of service, an information leak or privilege escalation. oval:org.secpod.oval:def:69825 David Benjamin discovered a flaw in the GENERAL_NAME_cmp function which could cause a NULL dereference, resulting in denial of service. Additional details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20201208.txt oval:org.secpod.oval:def:69829 Yaniv Nizry discovered that the clean module of python-lxml, Python bindings for libxml2 and libxslt could be bypassed. oval:org.secpod.oval:def:69826 It was discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could cause out-of-bounds reads or infinite loops, resulting in denial of service when processing malformed deb files. oval:org.secpod.oval:def:69827 Various memory and file descriptor leaks were discovered in the Python interface to the APT package management runtime library, which could result in denial of service. oval:org.secpod.oval:def:69934 It was reported that libnetty-java, a Java NIO client/server framework, is prone to a HTTP request smuggling vulnerability due to mishandling whitespace before the colon in HTTP headers. oval:org.secpod.oval:def:69819 Frediano Ziglio discovered multiple buffer overflow vulnerabilities in the QUIC image decoding process of libspice-server-dev, a libspice-server-dev protocol client and server library, which could result in denial of service, or possibly, execution of arbitrary code. oval:org.secpod.oval:def:69847 A security issue was found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:69849 A flaw was discovered in coturn, a TURN and STUN server for VoIP. By default coturn does not allow peers on the loopback addresses . A remote attacker can bypass the protection via a specially crafted request using a peer address of "0.0.0.0" and trick coturn in relaying to the loopback interface. I ... oval:org.secpod.oval:def:69837 Two vulnerabilities were discovered in the PEAR Archive_Tar package for handling tar files in PHP, potentially allowing a remote attacker to execute arbitrary code or overwrite files. oval:org.secpod.oval:def:69842 David Cook reported several memory safety issues affecting the RPC protocol in p11-kit, a library providing a way to load and enumerate PKCS#11 modules. oval:org.secpod.oval:def:69840 Pritam Singh discovered an open redirect in the workflow forms of OpenStack horizon-doc. oval:org.secpod.oval:def:69870 Joakim Hindersson discovered that Open vSwitch, a software-based Ethernet virtual switch, allowed a malicious user to cause a denial-of-service by sending a specially crafted packet. oval:org.secpod.oval:def:69875 A buffer overflow vulnerability was discovered in the SPNEGO implementation affecting the GSSAPI security policy negotiation in BIND, a DNS server implementation, which could result in denial of service , or potentially the execution of arbitrary code. oval:org.secpod.oval:def:69857 Tavis Ormandy discovered a memory leak flaw in the rfc822 group recipient parsing in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, which could result in denial of service. oval:org.secpod.oval:def:69855 Two vulnerabilities were discovered in the LLPD implementation of Open vSwitch, a software-based Ethernet virtual switch, which could result in denial of service. oval:org.secpod.oval:def:69862 Moshe Kol and Shlomi Oberman of JSOF discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server. They could result in denial of service, cache poisoning or the execution of arbitrary code. oval:org.secpod.oval:def:69863 Several vulnerabilities were discovered in libldap2-dev, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of these flaws to cause a denial of service via specially crafted packets. oval:org.secpod.oval:def:69879 Felix Weinmann reported a flaw in the handling of combining characters in screen, a terminal multiplexer with VT100/ANSI terminal emulation, which can result in denial of service, or potentially the execution of arbitrary code via a specially crafted UTF-8 character sequence. oval:org.secpod.oval:def:69878 A vulnerability in the Certificate List Exact Assertion validation was discovered in libldap2-dev, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of this flaw to cause a denial of service via specially crafted packets. oval:org.secpod.oval:def:79860 Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service if malformed image files are processed. oval:org.secpod.oval:def:69865 A remote information leak vulnerability and a remote buffer overflow vulnerability were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:88347 Several vulnerabilities were discovered in Subversion, a version control system. CVE-2021-28544 Evgeny Kotkov reported that Subversion servers reveal "copyfrom" paths that should be hidden according to configured path-based authorization rules. CVE-2022-24070 Thomas Weissschuh reported that Subvers ... oval:org.secpod.oval:def:69850 Simon McVittie discovered a bug in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system . The Flatpak portal D-Bus service allows apps in a Flatpak sandbox to launch their own subprocesses in a new sandbox instance, either with the same secur ... oval:org.secpod.oval:def:64142 It was discovered that the SocketServer class included in liblog4j1.2-java, a logging library for java, is vulnerable to deserialization of untrusted data. An attacker can take advantage of this flaw to execute arbitrary code in the context of the logger application by sending a specially crafted lo ... oval:org.secpod.oval:def:69856 Several vulnerabilities were discovered in salt-common, a powerful remote execution manager. The flaws could result in authentication bypass and invocation of salt-common SSH, creation of certificates with weak file permissions via the TLS execution module or shell injections with the salt-common AP ... oval:org.secpod.oval:def:69922 Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. CVE-2019-1348 It was reported that the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=..., allowing to overwrite arbitrary paths. CVE-2 ... oval:org.secpod.oval:def:74573 Several vulnerabilities have been found in Ansible, a configuration management, deployment and task execution system, which could result in information disclosure or argument injection. In addition a race condition in become_user was fixed. oval:org.secpod.oval:def:74577 Philipp Jeitner and Haya Shulman discovered a flaw in libc-ares2, a library that performs DNS requests and name resolution asynchronously. Missing input validation of hostnames returned by DNS servers can lead to output of wrong hostnames . oval:org.secpod.oval:def:88376 Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system. CVE-2022-25802 It was discovered that Request Tracker is vulnerable to a cross-site scripting attack when displaying attachment content with fraudulent content types. Additionally it was ... oval:org.secpod.oval:def:78146 It was discovered that lxml, a Python binding for the libxml2 and libxslt libraries, does not properly sanitize its input, which could lead to cross-site scripting. oval:org.secpod.oval:def:79858 Two vulnerabilities were found in the BIND DNS server, which could result in denial of service or cache poisoning. oval:org.secpod.oval:def:71231 Multiple security issues were discovered in libnetty-java, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure. oval:org.secpod.oval:def:78140 Two vulnerabilities have been discovered in the Apache HTTP server: CVE-2021-44224 When operating as a forward proxy, Apache was depending on the setup suspectible to denial of service or Server Side Request forgery. CVE-2021-44790 A buffer overflow in mod_lua may result in denial of service or pote ... oval:org.secpod.oval:def:64151 Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code. oval:org.secpod.oval:def:69800 Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-13725 Gengming Liu and Jianyu Chen discovered a use-after-free issue in the bluetooth implementation. CVE-2019-13726 Sergei Lazunov discovered a buffer overflow issue. CVE-2019-13727 @piochu discovered a policy enforc ... oval:org.secpod.oval:def:69796 Several vulnerabilities have been discovered in the interpreter for the Ruby language, which could result in unauthorized access by bypassing intended path matchings, denial of service, or the execution of arbitrary code. oval:org.secpod.oval:def:69949 Guillaume Teissier reported that the XMLRPC client in libxmlrpc3-java, an XML-RPC implementation in Java, does perform deserialization of the server-side exception serialized in the faultCause attribute of XMLRPC error response messages. A malicious XMLRPC server can take advantage of this flaw to e ... oval:org.secpod.oval:def:79856 Two vulnerabilities were discovered in the server for the Network Block Device , which could result in the execution of arbitrary code. oval:org.secpod.oval:def:88373 Multiple vulnerabilities have been discovered in various image parsers in Blender, a 3D modeller/ renderer, which may result in denial of service of the execution of arbitrary code if a malformed file is opened. oval:org.secpod.oval:def:78139 Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code, spoofing, information disclosure, downgrade attacks on SMTP STARTTLS connections or misleading display of OpenPGP/MIME signatures. oval:org.secpod.oval:def:69951 Several vulnerabilities were discovered in evince, a simple multi-page document viewer. CVE-2017-1000159 Tobias Mueller reported that the DVI exporter in evince is susceptible to a command injection vulnerability via specially crafted filenames. CVE-2019-11459 Andy Nguyen reported that the tiff_docu ... oval:org.secpod.oval:def:69815 Georgi Guninski and the Qualys Research Labs discovered multiple vulnerabilities in qmail which could result in the execution of arbitrary code, bypass of mail address verification and a local information leak whether a file exists or not. oval:org.secpod.oval:def:69744 Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and pot ... oval:org.secpod.oval:def:88369 Multiple security issues were discovered in the Squid proxy caching server: CVE-2021-28116 Amos Jeffries discovered an information leak if WCCPv2 is enabled CVE-2021-46784 Joshua Rogers discovered that an error in parsing Gopher server responses may result in denial of service oval:org.secpod.oval:def:74568 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in bypass of sandbox restrictions, incorrect validation of signed Jars or information disclosure. oval:org.secpod.oval:def:78137 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure. oval:org.secpod.oval:def:78155 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, bypass of deserialization restrictions or information disclosure. oval:org.secpod.oval:def:85661 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox. oval:org.secpod.oval:def:74581 Several vulnerabilities have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed. oval:org.secpod.oval:def:71232 Several vulnerabilites have been discovered in the chromium web browser. CVE-2021-21159 Khalil Zhani disocvered a buffer overflow issue in the tab implementation. CVE-2021-21160 Marcin Noga discovered a buffer overflow issue in WebAudio. CVE-2021-21161 Khalil Zhani disocvered a buffer overflow issue ... oval:org.secpod.oval:def:74574 Several vulnerabilities were discovered in Bluez, the Linux Bluetooth protocol stack. CVE-2020-26558 / CVE-2021-0129 It was discovered that Bluez does not properly check permissions during pairing operation, which could allow an attacker to impersonate the initiating device. CVE-2020-27153 Jay LV di ... oval:org.secpod.oval:def:69817 Several vulnerabilities have been discovered in the chromium web browser. CVE-2020-6423 A use-after-free issue was found in the audio implementation. CVE-2020-6430 Avihay Cohen discovered a type confusion issue in the v8 javascript library. CVE-2020-6431 Luan Herrera discovered a policy enforcement ... oval:org.secpod.oval:def:69818 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or an information leak. oval:org.secpod.oval:def:69844 Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure. oval:org.secpod.oval:def:69835 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or information leak. oval:org.secpod.oval:def:69833 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or CSS sanitiser bypass. oval:org.secpod.oval:def:69780 Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-5869 Zhe Jin discovered a use-after-free issue. CVE-2019-5870 Guang Gong discovered a use-after-free issue. CVE-2019-5871 A buffer overflow issue was discovered in the skia library. CVE-2019-5872 Zhe Jin discovered a ... oval:org.secpod.oval:def:69899 Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection, oval:org.secpod.oval:def:69932 It was found that libfreeimage-dev, a graphics library, was affected by the following two security issues: CVE-2019-12211 Heap buffer overflow caused by invalid memcpy in PluginTIFF. This flaw might be leveraged by remote attackers to trigger denial of service or any other unspecified impact via cra ... oval:org.secpod.oval:def:69834 It was discovered that libxerces-c-dev, a validating XML parser library for C++, did not correctly scan DTDs. The use-after-free vulnerability resulting from this issue would allow a remote attacker to leverage a specially crafted XML file in order to crash the application or potentially execute arb ... oval:org.secpod.oval:def:74578 Philipp Jeitner and Haya Shulman discovered a stack-based buffer overflow in libspf2-dev, a library for validating mail senders with SPF, which could result in denial of service, or potentially execution of arbitrary code when processing a specially crafted SPF record. oval:org.secpod.oval:def:80398 Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in information disclosure or denial of service. oval:org.secpod.oval:def:78153 Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed images are processed. oval:org.secpod.oval:def:69823 It was discovered that missing input validation in minidlna, a lightweight DLNA/UPnP-AV server could result in the execution of arbitrary code. In addition minidlna was susceptible to the CallStranger UPnP vulnerability. oval:org.secpod.oval:def:69891 Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE encryption/authentication enabled, can take advantage of th ... oval:org.secpod.oval:def:71644 Several vulnerabilities have been discovered in the chromium web browser. CVE-2021-21201 Gengming Liu and Jianyu Chen discovered a use-after-free issue. CVE-2021-21202 David Erceg discovered a use-after-free issue in extensions. CVE-2021-21203 asnine discovered a use-after-free issue in Blink/Webkit ... oval:org.secpod.oval:def:71648 Several vulnerabilities have been discovered in the chromium web browser. CVE-2021-21227 Gengming Liu discovered a data validation issue in the v8 javascript library. CVE-2021-21228 Rob Wu discovered a policy enforcement error. CVE-2021-21229 Mohit Raj discovered a user interface error in the file d ... oval:org.secpod.oval:def:79849 The update for expat released as DSA 5085-1 introduced regressions for applications using URI characters for a namespace separator . Updated expat packages are now available which relax the fix for CVE-2022-25236 with regard to RFC 3986 URI characters. For the oldstable distribution , this problem ... oval:org.secpod.oval:def:71228 Multiple vulnerabilities have been discovered in libopenjp2-7-dev, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code when opening a malformed image. oval:org.secpod.oval:def:88355 Elison Niven discovered that the c_rehash script included in OpenSSL did not sanitise shell meta characters which could result in the execution of arbitrary commands. oval:org.secpod.oval:def:74572 Multiple vulnerabilities were discovered in Jetty, a Java servlet engine and webserver which could result in cross-site scripting, information disclosure, privilege escalation or denial of service. oval:org.secpod.oval:def:78161 Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result on result in XML roundtrip attacks, the execution of arbitrary code, information disclosure, StartTLS stripping in IMAP or denial of service. oval:org.secpod.oval:def:88371 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escala ... oval:org.secpod.oval:def:78156 The Qualys Research Labs discovered a local privilege escalation in PolicyKit"s pkexec. Details can be found in the Qualys advisory at https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt oval:org.secpod.oval:def:88375 This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities. CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166 Various researchers discovered flaws in Intel processors, collectively referred to as MMIO Stale Data vulnerabili ... oval:org.secpod.oval:def:78157 The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2021-30934 Dani Biro discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-30936 Chijin Zhou discovered that processing maliciously crafted web content may lead to ... oval:org.secpod.oval:def:74567 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2021-21775 Marcin Towalski discovered that a specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tric ... oval:org.secpod.oval:def:69802 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2019-8835 An anonymous researcher discovered that maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8844 William Bowling discovered that maliciously crafted web content may le ... oval:org.secpod.oval:def:69806 The following vulnerabilities have been discovered in the libjavascriptcoregtk-4.0-18 web engine: CVE-2020-3862 Srikanth Gatta discovered that a malicious website may be able to cause a denial of service. CVE-2020-3864 Ryan Pickren discovered that a DOM object context may not have had a unique secur ... oval:org.secpod.oval:def:69809 The following vulnerability has been discovered in the libjavascriptcoregtk-4.0-18 web engine: CVE-2020-10018 Sudhakar Verma, Ashfaq Ansari and Siddhant Badhe discovered that processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:69781 These vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2019-8812 An anonymous researcher discovered that maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8814 Cheolung Lee discovered that maliciously crafted web content may lead to arbit ... oval:org.secpod.oval:def:69751 Several vulnerabilities have been discovered in the libwebkit2gtk-4.0-37 web engine: CVE-2019-8644 G. Geshev discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8649 Sergei Glazunov discovered an issue that may lead to universal cross site scripting. CVE-2019-8658 ... oval:org.secpod.oval:def:69873 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. An overflow bug in the x64_64 Montgomery squaring procedure, an integer overflow in CipherUpdate and a NULL pointer dereference flaw X509_issuer_and_serial_hash were found, which could result in denial of servi ... oval:org.secpod.oval:def:88377 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-22677 An anonymous researcher discovered that the video in a webRTC call may be interrupted if the audio capture gets interrupted. CVE-2022-26710 Chijin Zhou discovered that processing maliciously crafted web co ... oval:org.secpod.oval:def:69776 Several vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2019-8625 Sergei Glazunov discovered that maliciously crafted web content may lead to universal cross site scripting. CVE-2019-8720 Wen Xu discovered that maliciously crafted web content may lead to arbitrary c ... oval:org.secpod.oval:def:71227 Multiple vulnerabilities were discovered in cURL, an URL transfer library: CVE-2020-8169 Marek Szlagor reported that libcurl could be tricked into prepending a part of the password to the host name before it resolves it, potentially leaking the partial password over the network and to the DNS server ... oval:org.secpod.oval:def:71223 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-27918 Liu Long discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-29623 Simon Hunt discovered that users may be unable to fully delete their bro ... oval:org.secpod.oval:def:88362 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-26700 ryuzaki discovered that processing maliciously crafted web content may lead to code execution. CVE-2022-26709 Chijin Zhou discovered that processing maliciously crafted web content may lead to arbitrary co ... oval:org.secpod.oval:def:79852 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-29374 Jann Horn of Google reported a flaw in Linux"s virtual memory management. A parent and child process initially share all their memory, but ... oval:org.secpod.oval:def:69872 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-13558 Marcin Noga discovered that processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:69861 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-27815 A flaw was reported in the JFS filesystem code allowing a local attacker with the ability to set extended attributes to cause a denial of s ... oval:org.secpod.oval:def:69820 Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks. CVE-2020-12351 Andy Nguyen discovered a flaw in the Bluetooth implementation in the way L2CAP packets with A2MP CID are han ... oval:org.secpod.oval:def:64154 This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for the Special Register Buffer Data Sampling , Vector Register Sampling and L1D Eviction Sampling hardware vulnerabilities. The microcode update for HEDT and Xeon CPUs with signature 0x50654 which was re ... oval:org.secpod.oval:def:69816 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-3016 It was discovered that the KVM implementation for x86 did not always perform TLB flushes when needed, if the paravirtualised TLB flush featu ... oval:org.secpod.oval:def:69909 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-14821 Matt Delco reported a race condition in KVM"s coalesced MMIO facility, which could lead to out-of-bounds access in the kernel. A local atta ... oval:org.secpod.oval:def:69925 This update ships updated CPU microcode for CFL-S models of Intel CPUs which were not yet included in the Intel microcode update released as DSA 4565-1. For details please refer to https://www.intel.com/content/dam/www/public/us/en/security-advisory/documents/IPU-2019.2-microcode-update-guidance-v1 ... oval:org.secpod.oval:def:69783 This update ships updated CPU microcode for some types of Intel CPUs. In particular it provides mitigations for the TAA vulnerability. For affected CPUs, to fully mitigate the vulnerability it is also necessary to update the Linux kernel packages as released in DSA 4564-1. oval:org.secpod.oval:def:69782 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2018-12207 It was discovered that on Intel CPUs supporting hardware virtualisation with Extended Page Tables , a guest VM may manipulate the memory ma ... oval:org.secpod.oval:def:69893 Jann Horn discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges under certain scenarios. oval:org.secpod.oval:def:69938 Multiple vulnerabilities have been discovered in the libxen-dev hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks. In addition this update provides mitigations for the TSX Asynchronous Abort speculative side channel attack. For additional in ... oval:org.secpod.oval:def:69805 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names. oval:org.secpod.oval:def:69874 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service, information disclosure, cookie forgery or incorrect encryption. oval:org.secpod.oval:def:69772 Emil Lerner and Andrew Danau discovered that insufficient validation in the path handling code of PHP FPM could result in the execution of arbitrary code in some setups. oval:org.secpod.oval:def:69759 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: Missing sanitising in the EXIF extension and the iconv_mime_decode_headers function could result in information disclosure or denial of service. oval:org.secpod.oval:def:69736 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in information disclosure, denial of service or bypass of sandbox restrictions. In addition the implementation of elliptic curve cryptography was modernised. oval:org.secpod.oval:def:69906 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, information disclosure and a covert content attack on S/MIME encryption using a crafted multipart/alternative message. oval:org.secpod.oval:def:69903 Three vulnerabilities were discovered in the HTTP/2 code of Nginx, a high-performance web and reverse proxy server, which could result in denial of service. oval:org.secpod.oval:def:69904 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2019-9517 Jonathan Looney reported that a malicious client could perform a denial of service attack by flooding a connection with requests and basically never reading responses on the TCP connection. CVE-2019-10081 Craig Young ... oval:org.secpod.oval:def:69908 It was discovered that Expat, an XML parsing C library, did not properly handled internal entities closing the doctype, potentially resulting in denial of service or information disclosure if a malformed XML file is processed. oval:org.secpod.oval:def:69787 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or denial of service. Debian follows the Thunderbird upstream releases. Support for the 60.x series has ended, so starting with this update we"re now following the 68.x releases. oval:org.secpod.oval:def:69788 DSA 4571-1 updated Thunderbird to the 68.x series, which is incompatible with the Enigmail release shipped in Debian Buster. oval:org.secpod.oval:def:69747 Two vulnerabilities were discovered in the HTTP/2 code of the libnghttp2-dev HTTP server, which could result in denial of service. oval:org.secpod.oval:def:69745 Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP server, which could result in denial of service. oval:org.secpod.oval:def:69755 Several vulnerabilities were discovered in the HTTP/2 code of Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service. The fixes are too intrusive to backport to the version in the oldstable distribution . An upgrade to Debian stable is recommended instead ... oval:org.secpod.oval:def:69752 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, bypass of the same-origin policy, sandbox escape, information disclosure or denial of service. oval:org.secpod.oval:def:69743 Three vulnerabilities have been discovered in the Go programming language; net/url accepted some invalid hosts in URLs which could result in authorisation bypass in some applications and the HTTP/2 implementation was susceptible to denial of service. oval:org.secpod.oval:def:69769 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, cross-site scripting or denial of service. Debian follows the extended support releases of Firefox. Support for the 60.x series has ... oval:org.secpod.oval:def:69886 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery. CVE-2019-11719 and CVE-2019-11729 are only addressed for stretch, in bus ... oval:org.secpod.oval:def:69887 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery. oval:org.secpod.oval:def:64157 A vulnerability was discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed video file is opened. oval:org.secpod.oval:def:69756 Three security vulnerabilities have been discovered in the Docker container runtime: Insecure loading of NSS libraries in docker cp could result in execution of code with root privileges, sensitive data could be logged in debug mode and there was a command injection vulnerability in the docker build ... oval:org.secpod.oval:def:69738 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-20836 chenxiang reported a race condition in libsas, the kernel subsystem supporting Serial Attached SCSI devices, which could lead to a use-aft ... oval:org.secpod.oval:def:69740 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-8553 Jan Beulich discovered that CVE-2015-2150 was not completely addressed. If a PCI physical function is passed through to a Xen guest, the gue ... oval:org.secpod.oval:def:88361 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in HTTP request smuggling or MITM attacks. |
