secure-testing-team
Thread
Date
Earlier messages
Later messages
Messages by Date
2016/03/06
[Secure-testing-team] Bug#816897: sbuild --build-dep-resolver=aptitude will install packages from untrusted sources
Ansgar Burchardt
2016/03/04
[Secure-testing-team] Bug#816780: roundup: CVE-2014-6276: information leak
Salvatore Bonaccorso
2016/03/03
[Secure-testing-team] Bug#816626: jasper: CVE-2016-2116: memory leak in the jas_iccprof_createfrombuf function
Salvatore Bonaccorso
2016/03/03
[Secure-testing-team] Bug#816625: jasper: CVE-2016-1577: double free vulnerability in the jas_iccattrval_destroy function
Salvatore Bonaccorso
2016/03/01
[Secure-testing-team] Bug#816434: CVE-2016-2512 and CVE-2016-2513
Luke Faraone
2016/02/29
[Secure-testing-team] Bug#816320: coreutils: CVE-2016-2781: nonpriv session can escape to the parent session by using the TIOCSTI ioctl
Salvatore Bonaccorso
2016/02/28
[Secure-testing-team] Bug#816190: ntopng: CVE-2015-8368
Salvatore Bonaccorso
2016/02/26
[Secure-testing-team] Bug#816063: emacs24: TLS certificate validation is silently broken
Nathaniel Smith
2016/02/26
[Secure-testing-team] Bug#816062: policykit-1: CVE-2016-2568: Program run via pkexec as unprivileged user can escape to parent session via TIOCSTI ioctl
Salvatore Bonaccorso
2016/02/26
[Secure-testing-team] Bug#816011: squid3: CVE-2016-2569 CVE-2016-2570 CVE-2016-2571
Salvatore Bonaccorso
2016/02/26
[Secure-testing-team] Bug#815979: dotclear: New minor releases with security fixes
Vincent Danjean
2016/02/25
[Secure-testing-team] Bug#815965: cpio: reads out-of-bounds with cpio 2.11
Salvatore Bonaccorso
2016/02/25
[Secure-testing-team] Bug#815923: [drupal7] SA-CORE-2016-001 for drupal6 & drupal7
Ingo Juergensmann
2016/02/25
[Secure-testing-team] Bug#815920: pcre2: workspace overflow for (*ACCEPT) with deeply nested parentheses
Salvatore Bonaccorso
2016/02/25
[Secure-testing-team] Bug#815921: pcre3: workspace overflow for (*ACCEPT) with deeply nested parentheses
Salvatore Bonaccorso
2016/02/25
[Secure-testing-team] Bug#815907: xerces-c: CVE-2016-0729
Salvatore Bonaccorso
2016/02/25
[Secure-testing-team] Bug#815879: disables opportunistic TLS
Thomas Goirand
2016/02/25
[Secure-testing-team] Bug#815878: Creates backup folders world readable
Thomas Goirand
2016/02/24
[Secure-testing-team] Bug#815840: libfcgi-perl: bundles libfcgi, vulnerable to CVE-2012-6687
Tianon Gravi
2016/02/23
[Secure-testing-team] Bug#815680: qemu: CVE-2016-2538: usb: integer overflow in remote NDIS control message handling
Salvatore Bonaccorso
2016/02/23
[Secure-testing-team] Bug#815662: libssh2: 2016-0787: Weak Diffie-Hellman secret generation
Salvatore Bonaccorso
2016/02/23
[Secure-testing-team] Bug#815663: libssh: CVE-2016-0739: Weak Diffie-Hellman secret generation
Salvatore Bonaccorso
2016/02/19
[Secure-testing-team] Bug#815178: kamailio: CVE-2016-2385: SEAS Module Heap overflow
Salvatore Bonaccorso
2016/02/18
[Secure-testing-team] Taller Sanciones Tributarias
Saitel Srl
2016/02/17
[Secure-testing-team] Bug#815009: qemu: CVE-2016-2391: usb: multiple eof_timers in ohci leads to null pointer dereference
Salvatore Bonaccorso
2016/02/17
[Secure-testing-team] Bug#815008: qemu: CVE-2016-2392: usb: null pointer dereference in remote NDIS control message handling
Salvatore Bonaccorso
2016/02/14
[Secure-testing-team] Bug#814732: graphicsmagick: SVG parsing issues (CVE-2016-2317, CVE-2016-2318)
Salvatore Bonaccorso
2016/02/12
[Secure-testing-team] Darvaza
ali
2016/02/10
[Secure-testing-team] Bug#814355: plasma-workspace: CVE-2016-2312: KDE lockscreen bypass by switching display off and on
Salvatore Bonaccorso
2016/02/10
[Secure-testing-team] Bug#814353: cacti: CVE-2016-2313: Authentication using web authentication as a user not in the cacti database allows complete access
Salvatore Bonaccorso
2016/02/07
[Secure-testing-team] Bug#814030: Security flaw fixed in version 6.2.0
David Prévot
2016/02/06
[Secure-testing-team] Bug#813909: pillow: CVE-2016-0775: Buffer overflow in FliDecode.c
Salvatore Bonaccorso
2016/02/06
[Secure-testing-team] Bug#813905: pillow: CVE-2016-0740: Buffer overflow in TiffDecode.c
Salvatore Bonaccorso
2016/02/05
[Secure-testing-team] Bug#813849: Multiple security issues
David Prévot
2016/02/05
[Secure-testing-team] Bug#813843: wheezy backports cruelly out of date
Antoine Beaupré
2016/02/04
[Secure-testing-team] Bug#813681: apt-listbugs starts browser as root
Nick T.
2016/02/04
[Secure-testing-team] Bug#813679: nettle: CVE-2015-8803 CVE-2015-8804 CVE-2015-8805
Salvatore Bonaccorso
2016/02/03
[Secure-testing-team] Bug#813613: libxml2: Heap-buffer overread in libxml2/dict.c
Salvatore Bonaccorso
2016/02/03
[Secure-testing-team] Bug#813611: Passwords are stored as MD5
Sven Bartscher
2016/02/02
[Secure-testing-team] Bug#813536: socat: Socat security advisory 7: Bad DH p paramenter in OpenSSL
Salvatore Bonaccorso
2016/02/02
[Secure-testing-team] Bug#813535: socat: Socat security advisory 8: stack overflow vulnerability in parser
Salvatore Bonaccorso
2016/02/02
[Secure-testing-team] Bug#813448: python-django: CVE-2016-2048
Salvatore Bonaccorso
2016/02/01
[Secure-testing-team] Taller Tributario con Mgs. Roberto Viscafé y Mgs. Jorge Valdez (SCZ)
JORGE NAVA & CIA.
2016/01/31
[Secure-testing-team] Bug#813296: krb5: CVE-2015-8629: xdr_nullstring() doesn't check for terminating null character
Salvatore Bonaccorso
2016/01/30
[Secure-testing-team] Ultimos Cupos para Carnaval en Los Cedros Resort
Los Cedros Resort
2016/01/30
[Secure-testing-team] Bug#813194: CVE-2016-2197: ide: ahci null pointer dereference when using FIS CLB engines
Michael Tokarev
2016/01/30
[Secure-testing-team] Bug#813193: CVE-2016-2198: usb: ehci null pointer dereference in ehci_caps_write
Michael Tokarev
2016/01/30
[Secure-testing-team] Bug#813187: glibc: CVE-2014-9761: Unbounded stack allocation in nan* functions
Salvatore Bonaccorso
2016/01/30
[Secure-testing-team] Brosses industrielles sur commande
BELHADJ HANENE
2016/01/29
[Secure-testing-team] Bug#813182: dwarfutils: CVE-2015-8750: NULL pointer dereference in dwarf_utils.c
Salvatore Bonaccorso
2016/01/29
[Secure-testing-team] Bug#813148: dwarfutils: CVE-2016-2091: Out-of-bounds read in dwarf_frame2.c
Salvatore Bonaccorso
2016/01/29
[Secure-testing-team] Bug#813127: krb5: CVE-2015-8630: krb5 doesn't check for null policy when KADM5_POLICY is set in the mask
Salvatore Bonaccorso
2016/01/29
[Secure-testing-team] Bug#813126: krb5: Memory leak caused by supplying a null principal name in request
Salvatore Bonaccorso
2016/01/28
[Secure-testing-team] Bug#812984: CVE-2016-0738: Fix memory/socket leak in proxy on truncated SLO/DLO GET
Ondřej Nový
2016/01/28
[Secure-testing-team] Bug#812978: jasper: CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip() function
Salvatore Bonaccorso
2016/01/27
[Secure-testing-team] Bug#812935: openjdk-7-jdk: Missing openjdk-7_7u95-2.6.4-1 build on amd64 for Debian unstable
Ben Caradoc-Davies
2016/01/27
[Secure-testing-team] Bug#812923: chrony: CVE-2016-1567
Salvatore Bonaccorso
2016/01/26
[Secure-testing-team] Bug#812814: CVE-2015-7578 CVE-2015-7579 CVE-2015-7580
Moritz Muehlenhoff
2016/01/26
[Secure-testing-team] Bug#812807: libxml2: CVE-2016-2073: out-of-bounds read in htmlParseNameComplex()
Salvatore Bonaccorso
2016/01/26
[Secure-testing-team] Bug#812806: nginx: resolver CVEs: CVE-2016-0742 CVE-2016-0746 CVE-2016-0747
Christos Trochalakis
2016/01/24
[Secure-testing-team] Bug#812496: dolibarr: CVE-2016-1912
Salvatore Bonaccorso
2016/01/23
[Secure-testing-team] Bug#812455: glibc: CVE-2015-8779: Unbounded stack allocation in catopen function
Salvatore Bonaccorso
2016/01/23
[Secure-testing-team] Bug#812449: dolibarr: CVE-2015-8685
Salvatore Bonaccorso
2016/01/23
[Secure-testing-team] Bug#812445: glibc: CVE-2015-8776: Segmentation fault caused by passing out-of-range data to strftime()
Salvatore Bonaccorso
2016/01/23
[Secure-testing-team] Bug#812441: glibc: CVE-2015-8778: Integer overflow in hcreate and hcreate_r
Salvatore Bonaccorso
2016/01/23
[Secure-testing-team] Bug#812411: cgit: CVE-2016-1899 CVE-2016-1900 CVE-2016-1901
Salvatore Bonaccorso
2016/01/23
[Secure-testing-team] Bug#812401: cpio: CVE-2016-2037: out-of-bounds write
Salvatore Bonaccorso
2016/01/21
[Secure-testing-team] Bug#812307: CVE-2016-1981: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines
Salvatore Bonaccorso
2016/01/21
[Secure-testing-team] 福袋最後四天 中大獎過好年
【iCheers 電子報】
2016/01/20
[Secure-testing-team] Bug#812153: policykit-1: allows ordinary users to mount filesystems
Christoph Anton Mitterer
2016/01/20
[Secure-testing-team] Bug#812077: bind9: CVE-2015-8704: Specific APL data could trigger an INSIST in apl_42.c
Salvatore Bonaccorso
2016/01/19
[Secure-testing-team] Bug#811519: vlc: avio plugin leaks file content
Rémi Denis-Courmont
2016/01/18
[Secure-testing-team] 福袋關鍵報告- 除了超級大獎還有什麼好酒
【iCheers 電子報】
2016/01/17
[Secure-testing-team] Bug#811344: moodle: CVE-2016-0724: Two enrolment-related web services don't check course visibility
Salvatore Bonaccorso
2016/01/17
[Secure-testing-team] Bug#811308: Multiple minor security issues
Vincent Fourmond
2016/01/16
[Secure-testing-team] Bug#811216: chiark-utils-bin: old crypto dependency
Ben Hildred
2016/01/16
[Secure-testing-team] Bug#811201: qemu: CVE-2016-1922: i386: null pointer dereference in vapic_write()
Salvatore Bonaccorso
2016/01/14
[Secure-testing-team] Bug#811048: claws-mail: CVE-2015-8708: Incomplete fix for CVE-2015-8614
Salvatore Bonaccorso
2016/01/14
[Secure-testing-team] Bug#811023: jasper: CVE-2016-1867: out-of-bounds read in the jpc_pi_nextcprl() function
Salvatore Bonaccorso
2016/01/14
[Secure-testing-team] Bug#810984: openssh-client: CVE-2016-0777
Christoph Anton Mitterer
2016/01/12
[Secure-testing-team] Bug#810875: isc-dhcp: CVE-2015-8605: UDP payload length not properly checked
Salvatore Bonaccorso
2016/01/11
[Secure-testing-team] 金猴好運福袋 白馬、拉菲堡讓您試手氣 每十人就一人中大獎
【iCheers 電子報】
2016/01/10
[Secure-testing-team] Bug#810621: dhcpcd5: CVE-2016-1503: heap overflow via malformed dhcp responses in print_option (via dhcp_envoption1) due to incorrect option length values
Salvatore Bonaccorso
2016/01/10
[Secure-testing-team] Bug#810620: dhcpcd5: CVE-2016-1504: invalid read/crash via malformed dhcp responses
Salvatore Bonaccorso
2016/01/10
[Secure-testing-team] Выставка "Кострома Православная"
Православная выставка
2016/01/10
[Secure-testing-team] Bug#810599: firebird2.5: authenticated remote crash
Damyan Ivanov
2016/01/09
[Secure-testing-team] Bug#810527: qemu: CVE-2016-1568: ide: ahci use-after-free vulnerability in aio port commands
Salvatore Bonaccorso
2016/01/09
[Secure-testing-team] Bug#810519: qemu: CVE-2015-8743: net: ne2000: OOB r/w in ioport operations
Salvatore Bonaccorso
2016/01/08
[Secure-testing-team] Bug#810491: netsurf-gtk: CVE-2015-7505 CVE-2015-7506 CVE-2015-7507 CVE-2015-7508
Moritz Muehlenhoff
2016/01/08
[Secure-testing-team] Bug#810325: wordpress: Cross site scripting vulnerability
Craig Small
2016/01/06
[Secure-testing-team] Bug#810074: libpng1.6: CVE-2015-8472
Salvatore Bonaccorso
2016/01/04
[Secure-testing-team] Bug#809900: gajim: CVE-2015-8688: Message interception due to unverified origin of roster push
Salvatore Bonaccorso
2016/01/04
[Secure-testing-team] Bug#809844: sosreport: Please backport CVE-2015-7529 to the stable release
Louis Bouchard
2016/01/03
[Secure-testing-team] Bug#809733: activemq: CVE-2015-5254: unsafe deserialization
Salvatore Bonaccorso
2016/01/02
[Secure-testing-team] Bug#809706: pcre3: CVE-2016-1283
Salvatore Bonaccorso
2016/01/02
[Secure-testing-team] pinentry-qt4: pinentry dialog does not support pasting from clipboard
Kynn Jones
2016/01/02
[Secure-testing-team] Bug#809670: chef: CVE-2015-8559: knife bootstrap leaks validator privkey into system logs
Salvatore Bonaccorso
2015/12/31
[Secure-testing-team] Bug#809538: Subject: CVE-2015-7945: DRBD secret leak
Antoine Beaupré
2015/12/31
[Secure-testing-team] Bug#809537: CVE-2015-7944: DoS
Antoine Beaupré
2015/12/29
[Secure-testing-team] Bug#809313: CVE-2015-8701: net: rocker: incorrect array bounds check
Michael Tokarev
2015/12/28
[Secure-testing-team] Bug#809237: CVE-2015-8619: hmp: stack based OOB write in hmp_sendkey routine
Michael Tokarev
2015/12/28
[Secure-testing-team] Bug#809232: CVE-2015-8613: scsi: stack based buffer overflow in megasas_ctrl_get_info
Michael Tokarev
2015/12/28
[Secure-testing-team] Bug#809230: CVE-2015-8558: usb: infinite loop in ehci_advance_state results in DoS
Michael Tokarev
2015/12/28
[Secure-testing-team] Bug#809229: CVE-2015-8550: xen: unsafe access to shared memory
Michael Tokarev
2015/12/27
[Secure-testing-team] Bug#809168: golang: CVE-2015-8618: Carry propagation in Int.Exp Montgomery code in math/big library
Salvatore Bonaccorso
2015/12/27
[Secure-testing-team] Bug#809167: cron: Cron Daemon Use-After-Free Vulnerability May Cause Local Root Privilege Escalation
Cron Daemon Use-After-Free Vulnerability May Cause Local Root Privilege Escalation
2015/12/26
[Secure-testing-team] Bug#809067: lightdm should no longer run the Xorg server as root
Vincent Lefevre
2015/12/26
[Secure-testing-team] Bug#809066: tiff: CVE-2015-7554
Salvatore Bonaccorso
2015/12/25
[Secure-testing-team] Bug#809021: tiff: out-of-bounds read in CIE Lab image format
Salvatore Bonaccorso
2015/12/25
[Secure-testing-team] Please can i trust you as a genuine friend?.
christina
2015/12/25
[Secure-testing-team] Bug#808968: tiff: CVE-2015-8665: out-of-bound read in tif_getimage.c
Salvatore Bonaccorso
2015/12/22
[Secure-testing-team] Bug#808775: ckeditor: Please update to newer version
Gunnar Wolf
2015/12/21
[Secure-testing-team] Bug#808704: giflib: Heap-based buffer overflow in giffix utility
Salvatore Bonaccorso
2015/12/18
[Secure-testing-team] Bug#808367: apt: defaults to allow insecure repos and documents it wrong
Christoph Anton Mitterer
2015/12/16
[Secure-testing-team] llegue a 50000 personas por Bs 98
Full Anuncios
2015/12/16
[Secure-testing-team] Bug#808131: CVE-2015-7549: msi-x null-pointer dereference issue in qemu-system
Michael Tokarev
2015/12/16
[Secure-testing-team] Bug#808130: CVE-2015-8504: vnc floating point exception
Michael Tokarev
2015/12/16
[Secure-testing-team] Bug#808122: CVE-2015-8370
Klaus Ethgen
2015/12/15
[Secure-testing-team] Bug#808081: bind9: CVE-2015-8000: Responses with a malformed class attribute can trigger an assertion failure in db.c
Salvatore Bonaccorso
2015/12/14
[Secure-testing-team] Bug#807993: foomatic-filters: CVE-2015-8560: code execution via improper escaping of ; in foomatic-rip
Salvatore Bonaccorso
2015/12/14
[Secure-testing-team] Bug#807931: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip
Yann Soubeyrand
2015/12/14
[Secure-testing-team] Bug#807930: TEMP-0000000-166C73 code execution via improper escaping of ; in foomatic-rip
Yann Soubeyrand
2015/12/13
[Secure-testing-team] Llega a más personas con una inversión mínima.
Full Anuncios
2015/12/13
[Secure-testing-team] Bug#807826: redmine: CVE-2015-8537: Data disclosure in atom feed
Salvatore Bonaccorso
2015/12/13
[Secure-testing-team] Bug#807817: dwarfutils: CVE-2015-8538: a out of bound read bug is found in libdwarf
Salvatore Bonaccorso
2015/12/11
[Secure-testing-team] Bug#807698: CVE-2015-6360: Prevent potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length
Guido Günther
2015/12/11
[Secure-testing-team] Bug#807694: libpng: CVE-2015-8540: read underflow in libpng
Salvatore Bonaccorso
2015/12/10
[Secure-testing-team] Bug#807614: grub2: CVE-2015-8370: buffer overflow when checking password entered during bootup
Salvatore Bonaccorso
2015/12/07
[Secure-testing-team] Bug#807356: salt: CVE-2015-8034: Saving state.sls cache data to disk with insecure permissions
Salvatore Bonaccorso
2015/12/07
[Secure-testing-team] Bug#807354: passenger: CVE-2015-7519: Header overwriting issue
Salvatore Bonaccorso
2015/12/07
[Secure-testing-team] Bug#807345: redmine: CVE-2015-8473: Issues API may disclose changeset messages that are not visible
Salvatore Bonaccorso
2015/12/07
[Secure-testing-team] Bug#807341: git-repair: uses non-random tempdir /tmp/tmprepo.0/.git/
Jonas Smedegaard
2015/12/06
[Secure-testing-team] Bug#807272: redmine: CVE-02015-8474: open redirect vulnerability
Salvatore Bonaccorso
2015/12/06
[Secure-testing-team] Bug#807269: ironic: CVE-2015-7514: Ironic does not honor clean steps
Salvatore Bonaccorso
2015/12/06
[Secure-testing-team] Bug#807265: libphp-phpmailer: CVE-2015-8476: Message Injection Vulnerability
Salvatore Bonaccorso
2015/12/05
[Secure-testing-team] Bug#807112: libpng: Incomplete fix for CVE-2015-8126
Salvatore Bonaccorso
2015/12/05
[Secure-testing-team] Bug#807110: Missing TLS validation
Moritz Muehlenhoff
2015/12/02
[Secure-testing-team] Bug#806901: citadel: Runs as root but shouldn't
John Goerzen
2015/12/02
[Secure-testing-team] Bug#806886: CVE-2015-8327 Insufficient script injection prevention
Didier 'OdyX' Raboud
2015/12/01
[Secure-testing-team] Bug#806809: libraw: CVE-2015-8366 CVE-2015-8367
Salvatore Bonaccorso
2015/11/30
[Secure-testing-team] Bug#806742: qemu: CVE-2015-7504: net: pcnet: heap overflow vulnerability in pcnet_receive
Salvatore Bonaccorso
2015/11/30
[Secure-testing-team] Bug#806741: qemu: CVE-2015-7512: net: pcnet: buffer overflow in non-loopback mode
Salvatore Bonaccorso
2015/11/29
[Secure-testing-team] Bug#806649: ifupdown: when dhcp ifaces are started via ifupdown, dhclient.conf seems to be ignored
Christoph Anton Mitterer
2015/11/28
[Secure-testing-team] Bug#806519: ffmpeg: CVE-2015-8363 CVE-2015-8364 CVE-2015-8365
Salvatore Bonaccorso
2015/11/27
[Secure-testing-team] Bug#806500: quassel-client: Client configuration is world readable and contains password in plain text
Diederik de Haas
2015/11/27
[Secure-testing-team] Bug#806467: pcre3: Heap overflow / invalid write in fuction pcre_exec
Salvatore Bonaccorso
2015/11/26
[Secure-testing-team] Bug#806385: nodejs: CVE-2015-8027 CVE-2015-6764
Salvatore Bonaccorso
2015/11/26
[Secure-testing-team] Bug#806384: libxml2: CVE-2015-8241: Buffer overread with XML parser in xmlNextChar
Salvatore Bonaccorso
2015/11/26
[Secure-testing-team] Bug#806376: redmine: CVE-2015-8346: Data disclosure on the time logging form
Salvatore Bonaccorso
2015/11/26
[Secure-testing-team] Bug#806375: CVE-2015-6609 CVE-2015-6602 CVE-2015-3875
Moritz Muehlenhoff
2015/11/26
[Secure-testing-team] Bug#806373: CVE-2015-8345
Moritz Muehlenhoff
2015/11/20
[Secure-testing-team] Bug#805659: lxdm: CVE-2015-8308: X server started without -auth, exposing it to connections form any local user
Salvatore Bonaccorso
2015/11/20
[Secure-testing-team] Bug#805657: libmaxminddb: Missing bounds checking and verification of data type causes segfault
Salvatore Bonaccorso
2015/11/20
[Secure-testing-team] Bug#805638: dbconfig-common: Insecure permissions for backup directory
Simon Ruderich
2015/11/19
[Secure-testing-team] Bug#805563: sudo: CVE-2015-8239: Race condition when checking digests in sudoers
Salvatore Bonaccorso
2015/11/18
[Secure-testing-team] Bug#805454: libtoolize behavior depends on parent directories
Vincent Lefevre
2015/11/17
[Secure-testing-team] Bug#805398: latex2rtf: CVE-2015-8106: format string vulnerability
Salvatore Bonaccorso
2015/11/15
[Secure-testing-team] Bug#805146: libxml2: Buffer overead with HTML parser in push mode in xmlSAX2TextNode, causes segfault when compiled with ASAN
Salvatore Bonaccorso
2015/11/14
[Secure-testing-team] Bug#805113: CVE-2015-8126: buffer overflow
Josh Triplett
2015/11/13
[Secure-testing-team] Bug#805065: ircd-ratbox: CVE-2015-5290: Remote denial of service using MONITOR command
Salvatore Bonaccorso
2015/11/10
[Secure-testing-team] Bug#804707: wpa: CVE-2015-5310: wpa_supplicant unauthorized WNM Sleep Mode GTK control
Salvatore Bonaccorso
2015/11/10
[Secure-testing-team] Bug#804708: wpa: CVE-2015-5314 CVE-2015-5315: EAP-pwd missing last fragment length validation
Salvatore Bonaccorso
2015/11/10
[Secure-testing-team] Bug#804710: wpa: CVE-2015-5316: EAP-pwd peer error path failure on unexpected Confirm message
Salvatore Bonaccorso
2015/11/09
[Secure-testing-team] Bug#804522: jenkins: Unauthenticated remote code execution 0-day in Jenkins CLI
Moritz Muehlenhoff
2015/11/08
[Secure-testing-team] Bug#804447: libsndfile: CVE-2014-9756: division by zero leading to denial of service in psf_fwrite()
Salvatore Bonaccorso
2015/11/08
[Secure-testing-team] Bug#804445: libsndfile: CVE-2015-7805: Heap overflow vulnerability when parsing specially crafted AIFF header
Salvatore Bonaccorso
2015/11/08
[Secure-testing-team] Bug#804419: redis: CVE-2015-8080: Integer wraparound in lua_struct.c causing stack-based buffer overflow
Salvatore Bonaccorso
2015/11/06
[Secure-testing-team] Bug#804299: smartmontools: update-smart-drivedb downloads unauthenticated data from the web
Christoph Anton Mitterer
2015/11/06
[Secure-testing-team] Bug#804276: kamailio-tls-modules: Incompatible with the new openssl (wants an sslv3 object, which is no longer there).
cloos
2015/11/05
[Secure-testing-team] Bug#804182: cyrus-imapd-2.4: CVE-2015-8077 CVE-2015-8078
Salvatore Bonaccorso
2015/11/05
[Secure-testing-team] Bug#804149: CVE-2015-5602: Unauthorized privilege escalation in sudoedit
Laurent Bigonville
2015/10/29
[Secure-testing-team] Bug#803432: icinga: CVE-2015-8010: XSS in the Icinga Classic-UI
Salvatore Bonaccorso
2015/10/28
[Secure-testing-team] Bug#803338: CVE-2015-0856
Moritz Muehlenhoff
2015/10/28
[Secure-testing-team] Bug#803235: openjdk-7-jre-headless: stable-security update introduced new libsctp1 dependency
Bjørn Mork
2015/10/27
[Secure-testing-team] Bug#803223: 2.2.19 changelog mentions pop3_deleted_flag security bug since 2.2.10
Anthony DeRobertis
2015/10/27
[Secure-testing-team] Bug#803182: salt: CVE-2015-6918: git module leaks authentication details into log
Salvatore Bonaccorso
2015/10/27
[Secure-testing-team] Bug#803161: mailman: /var/log/mailman/* world-readable by default, leaking sensitive list information
Dominik George
2015/10/26
[Secure-testing-team] Bug#803078: libpng: CVE-2015-7981: out-of-bound read
Salvatore Bonaccorso
2015/10/25
[Secure-testing-team] Bug#802971: libxslt: Type confusion may cause DoS
Salvatore Bonaccorso
2015/10/24
[Secure-testing-team] Bug#802917: do not migrate denyhosts to testing: who will do security support?
Helmut Grohne
2015/10/24
[Secure-testing-team] Bug#802874: mariadb-10.0: Various security fixes from 10.0.22 release
Salvatore Bonaccorso
2015/10/23
[Secure-testing-team] Bug#802827: libxml2: CVE-2015-7942: heap-buffer-overflow in xmlParseConditionalSections
Salvatore Bonaccorso
2015/10/22
[Secure-testing-team] Bug#802671: bouncycastle: ECC private keys can be recovered via invalid curve attack
Raphaël Hertzog
2015/10/21
[Secure-testing-team] Bug#802650: miniupnpc: CVE-2015-6031: Buffer overflow vulnerability in XML parser functionality
Salvatore Bonaccorso
2015/10/20
[Secure-testing-team] Bug#802564: mysql-5.5: Multiple security fixes from the October 2015 CPU
Salvatore Bonaccorso
2015/10/20
[Secure-testing-team] Bug#802563: mysql-5.6: Multiple security fixes from the October 2015 CPU
Salvatore Bonaccorso
2015/10/15
[Secure-testing-team] Azafata Fest 2015 - Invitación
Marca y Mercado
2015/10/15
[Secure-testing-team] Bug#801866: flashplugin-nonfree: update-flashplugin-nonfree fails to install last falsh version (again)
Eric Valette
2015/10/13
[Secure-testing-team] Bug#801700: optipng: CVE-2015-7802: Buffer overflow in global memory
Salvatore Bonaccorso
2015/10/13
[Secure-testing-team] Bug#801691: glibc: pointer guarding weakness
Moritz Muehlenhoff
2015/10/09
[Secure-testing-team] Bug#801413: polarssl: CVE-2015-5291: Remote attack on clients using session tickets or SNI
Salvatore Bonaccorso
2015/10/07
[Secure-testing-team] Bug#801263: [lsyncd] direct mode allows injecting unauthorized filesystem operations
Marcin Szewczyk
2015/10/07
[Secure-testing-team] Bug#801178: Doc recommends use of ssl3
Erwan David
2015/10/06
[Secure-testing-team] Bug#801091: spice: CVE-2015-5261: host memory access from guest using crafted images
Salvatore Bonaccorso
2015/10/06
[Secure-testing-team] Bug#801089: spice: CVE-2015-5260: Insufficient validation of surface_id parameter can cause crash
Salvatore Bonaccorso
2015/10/03
[Secure-testing-team] Bug#800787: opensmtpd: CVE-2015-7687 (and other issues without CVE yet)
Salvatore Bonaccorso
2015/10/02
[Secure-testing-team] Bug#800741: glance: CVE-2015-5286: Glance storage quota bypass when token is expired
Salvatore Bonaccorso
2015/10/01
[Secure-testing-team] Bug#800580: nodejs: CVE-2015-7384: HTTP Denial of Service Vulnerability
Salvatore Bonaccorso
2015/09/30
[Secure-testing-team] Bug#800564: php5: trivial hash complexity DoS attack
brian m. carlson
2015/09/29
[Secure-testing-team] Bug#800471: lxc: CVE-2015-1335
Salvatore Bonaccorso
Earlier messages
Later messages