secure-testing-team  

Messages by Date

• 2016/07/29 [Secure-testing-team] Bug#832944: Avoid a DOS for DDS file Bastien ROUCARIES
• 2016/07/29 [Secure-testing-team] Bug#832888: CVE-2016-4564 Bastien ROUCARIES
• 2016/07/29 [Secure-testing-team] Bug#832887: CVE-2016-4563 The TraceStrokePolygon function in MagickCore/draw.c Bastien ROUCARIES
• 2016/07/28 [Secure-testing-team] Bug#832787: Fix an out of bound in psd file Bastien ROUCARIES
• 2016/07/28 [Secure-testing-team] Bug#832785: Fix an out of bound in generic decoder Bastien ROUCARIES
• 2016/07/28 [Secure-testing-team] Bug#832783: Fix an out of bound in generic decoder Bastien ROUCARIES
• 2016/07/28 [Secure-testing-team] Bug#832780: Fix a wpg file out of bound Bastien ROUCARIES
• 2016/07/28 [Secure-testing-team] Bug#832776: Fix handling of psd file Bastien ROUCARIES
• 2016/07/28 [Secure-testing-team] Bug#832768: flex: CVE-2016-6354: buffer overflow in generated code (yy_get_next_buffer) Salvatore Bonaccorso
• 2016/07/28 [Secure-testing-team] Bug#832767: qemu: CVE-2016-6490: virtio: infinite loop in virtqueue_pop Salvatore Bonaccorso
• 2016/07/27 [Secure-testing-team] Bug#832633: Fix a pbd file out of bound access Bastien ROUCARIES
• 2016/07/26 [Secure-testing-team] Bug#832572: krb5: CVE-2016-3120: Fix S4U2Self KDC crash when anon is restricted Salvatore Bonaccorso
• 2016/07/26 [Secure-testing-team] Bug#832506: Fix out of bound in quantum handling Bastien ROUCARIES
• 2016/07/26 [Secure-testing-team] Bug#832505: xcf out of bound acess Bastien ROUCARIES
• 2016/07/26 [Secure-testing-team] Bug#832504: Fix an out of bound in xcf file handling Bastien ROUCARIES
• 2016/07/25 [Secure-testing-team] Bug#832496: gdk-pixbuf: ico loader crashes when loading crafted file ico loader crashes when loading crafted file Salvatore Bonaccorso
• 2016/07/25 [Secure-testing-team] Bug#832493: flashplugin-nonfree: update-flashplugin-nonfree detect upstream version as 22.0.0.209 sharuzzaman
• 2016/07/25 [Secure-testing-team] Bug#832475: Fix a outofbound access for psd file Bastien ROUCARIES
• 2016/07/25 [Secure-testing-team] Bug#832474: Fix a heap buffer overflow in psd file handling Bastien ROUCARIES
• 2016/07/25 [Secure-testing-team] Bug#832469: HDR file overflow Bastien ROUCARIES
• 2016/07/25 [Secure-testing-team] Bug#832465: SUN file ABRT signal Bastien ROUCARIES
• 2016/07/25 [Secure-testing-team] Bug#832464: SUN file handling Bastien ROUCARIES
• 2016/07/25 [Secure-testing-team] Bug#832461: Fixed check for the number of pixels that will be allocated. Bastien ROUCARIES
• 2016/07/25 [Secure-testing-team] Bug#832457: Out-of-bounds read in coders/psd.c:797 ReadPSDChannelPixels Bastien ROUCARIES
• 2016/07/25 [Secure-testing-team] Bug#832433: CVE-2016-1000108 Moritz Muehlenhoff
• 2016/07/23 [Secure-testing-team] Bug#832170: shadow: CVE-2016-6252: Incorrect integer handling Salvatore Bonaccorso
• 2016/07/20 [Secure-testing-team] centre Valerie 0182834080
• 2016/07/20 [Secure-testing-team] Bug#831902: openssh: CVE-2016-6210: User enumeration via covert timing channel Salvatore Bonaccorso
• 2016/07/19 [Secure-testing-team] Bug#831844: mysql-5.6: Multiple security fixes from the July 2016 CPU Salvatore Bonaccorso
• 2016/07/19 [Secure-testing-team] Bug#831814: lepton: CVE-2016-6234 CVE-2016-6235 CVE-2016-6236 CVE-2016-6237 CVE-2016-6238 Salvatore Bonaccorso
• 2016/07/19 [Secure-testing-team] Bug#831799: python-django: CVE-2016-6186: XSS in admin's add/change related popup Salvatore Bonaccorso
• 2016/07/19 [Secure-testing-team] Bug#831796: bind9: CVE-2016-2775: A query name which is too long can cause a segmentation fault in lwresd Salvatore Bonaccorso
• 2016/07/19 [Secure-testing-team] Bug#831787: icingaweb2-common: please don't unconditionally re-add www-data to icingaweb2 on upgrades Christoph Anton Mitterer
• 2016/07/18 [Secure-testing-team] Bug#831698: nagios3: CVE-2016-6209 Salvatore Bonaccorso
• 2016/07/15 [Secure-testing-team] Bug#831418: EOL: not to be released with Stretch David Prévot
• 2016/07/13 [Secure-testing-team] Bug#831034: imagemagick: CVE-2016-5841 CVE-2016-5842 Salvatore Bonaccorso
• 2016/07/12 [Secure-testing-team] Bug#830941: icingaweb2: don't mangle around in the Apache configs Christoph Anton Mitterer
• 2016/07/12 [Secure-testing-team] exciting Kyle Nelson
• 2016/07/11 [Secure-testing-team] Bug#830810: bind9: CVE-2016-6170: Improper restriction of zone size limit Salvatore Bonaccorso
• 2016/07/11 [Secure-testing-team] Bug#830809: knot: CVE-2016-6171: Improper restriction of zone size limit Salvatore Bonaccorso
• 2016/07/11 [Secure-testing-team] Bug#830808: pdns: CVE-2016-6172: Improper restriction of zone size limit Salvatore Bonaccorso
• 2016/07/11 [Secure-testing-team] Bug#830806: nsd: CVE-2016-6173: Improper restriction of zone size limit Salvatore Bonaccorso
• 2016/07/11 [Secure-testing-team] Bug#830802: util-linux: CVE-2016-5011: Extended partition loop in MBR partition table leads to DOS Salvatore Bonaccorso
• 2016/07/09 [Secure-testing-team] Bug#830660: liblept5: hardcoded predictable paths in /tmp Sven Hartge
• 2016/07/07 [Secure-testing-team] Bug#830294: trn is insecure, and unsuitable for use with untrusted data Matthew Vernon
• 2016/07/07 [Secure-testing-team] Bug#830195: samba: CVE-2016-2119: Client side SMB2/3 required signing can be downgraded Salvatore Bonaccorso
• 2016/07/05 [Secure-testing-team] Renew your mailbox Mail Security
• 2016/07/05 [Secure-testing-team] Bug#829730: xchat-gnome: CVE-2013-7449 Salvatore Bonaccorso
• 2016/07/05 [Secure-testing-team] Bug#829718: libxml2: CVE-2016-4448 Salvatore Bonaccorso
• 2016/07/05 [Secure-testing-team] Bug#829694: libgd2: CVE-2016-6132: read out-of-bands was found in the parsing of TGA files Hugo Lefeuvre
• 2016/07/04 [Secure-testing-team] Bug#829661: ceph: CVE-2016-5009: Ceph monitor crash: mon_command crashes ceph monitors on receiving empty prefix Salvatore Bonaccorso
• 2016/06/30 [Secure-testing-team] Bug#829062: libgd2: CVE-2016-6128: Invalid color index is not properly handled leading to denial of service Salvatore Bonaccorso
• 2016/06/29 [Secure-testing-team] Bug#829014: libgd2: CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap overflow Salvatore Bonaccorso
• 2016/06/29 [Secure-testing-team] Bug#828990: xerces-c: CVE-2016-4463 Salvatore Bonaccorso
• 2016/06/28 [Secure-testing-team] Independence Day Sale, starts right now. Hosiery Street
• 2016/06/26 [Secure-testing-team] Bug#828225: wordpress: Various security fixes in 4.5.3 CVE-2016-5832 to 5839 Craig Small
• 2016/06/25 [Secure-testing-team] Bug#828179: gimp: CVE-2016-4994: Use-after-free vulnerabilities in the channel and layer properties parsing process Salvatore Bonaccorso
• 2016/06/24 [Secure-testing-team] Bug#828076: ruby-saml: CVE-2016-5697 Salvatore Bonaccorso
• 2016/06/24 [Secure-testing-team] Bug#828062: murano: CVE-2016-4972: RCE vulnerability in Openstack Murano using insecure YAML tags Salvatore Bonaccorso
• 2016/06/22 [Secure-testing-team] some interesting info rkd
• 2016/06/21 [Secure-testing-team] Bug#827886: ironic: CVE-2016-4985: Ironic node information including credentials exposed to unathenticated users Salvatore Bonaccorso
• 2016/06/21 [Secure-testing-team] Great Way to Increase Your Product Base! Find Out! Lobna Ahmed
• 2016/06/20 [Secure-testing-team] Bug#827744: bzip2: CVE-2016-3189: heap use after free in bzip2recover Salvatore Bonaccorso
• 2016/06/19 [Secure-testing-team] Great Way to Increase Your Product Base! Find Out! Lobna Ahmed
• 2016/06/18 [Secure-testing-team] Great Way to Increase Your Product Base! Find Out! Heba Taoffic
• 2016/06/18 [Secure-testing-team] Bug#827620: netty: CVE-2016-4970: Infinite loop vulnerability when handling renegotiation using SslProvider.OpenSsl Salvatore Bonaccorso
• 2016/06/17 [Secure-testing-team] Bug#827564: pcre3: Stack corruption from crafted pattern Salvatore Bonaccorso
• 2016/06/16 [Secure-testing-team] Bug#827476: CVE-2016-3100 Moritz Muehlenhoff
• 2016/06/16 [Secure-testing-team] cgit: update to version 1.0 fixes CVE-2016-2315 and CVE-2016-2324 Peter Colberg
• 2016/06/16 [Secure-testing-team] Bug#827445: python3-proselint: Remove `shell=True` as they are a security hazard Víctor Cuadrado Juan
• 2016/06/15 [Secure-testing-team] Bug#827405: cgit: update to version 1.0 fixes CVE-2016-2315 Peter Colberg
• 2016/06/12 [Secure-testing-team] Bug#827116: iperf3: CVE-2016-4303: JSON parsing vulnerability Salvatore Bonaccorso
• 2016/06/11 [Secure-testing-team] new stuff Kyle Nelson
• 2016/06/11 [Secure-testing-team] Bug#827026: qemu: CVE-2016-5337: scsi: megasas: information leakage in megasas_ctrl_get_info Salvatore Bonaccorso
• 2016/06/11 [Secure-testing-team] Bug#827024: qemu: CVE-2016-5338: scsi: esp: OOB r/w access while processing ESP_FIFO Salvatore Bonaccorso
• 2016/06/10 [Secure-testing-team] Bug#827003: wget: CVE-2016-4971 Salvatore Bonaccorso
• 2016/06/09 [Secure-testing-team] Bug#826869: haproxy: CVE-2016-5360: remote denial of service via reqdeny Salvatore Bonaccorso
• 2016/06/08 [Secure-testing-team] Bug#826759: liblemonldap-ng-portal-perl: Sessions never expire with LDAP session backend Xavier Guimard
• 2016/06/07 [Secure-testing-team] Bug#826653: CVE-2016-4437 Moritz Muehlenhoff
• 2016/06/06 [Secure-testing-team] Bug#826618: flashplugin-nonfree does not update to flash version 11.2.202.621 Ara Keary
• 2016/06/06 [Secure-testing-team] Bug#826585: spice: CVE-2016-0749: heap-based memory corruption within smartcard handling Salvatore Bonaccorso
• 2016/06/06 [Secure-testing-team] Bug#826584: spice: CVE-2016-2150: Host memory access from guest with invalid primary surface parameters Salvatore Bonaccorso
• 2016/06/05 [Secure-testing-team] Bug#826402: CVE-2016-4414: remote DoSdue to invalid handshake data Pierre Schweitzer
• 2016/06/04 [Secure-testing-team] Bug#826380: libtorrent-rasterbar: CVE-2016-5301 Salvatore Bonaccorso
• 2016/06/04 [Secure-testing-team] Bug#826301: flashplugin-nonfree: update-flashplugin-nonfree --install fails to download updated version Jakob Wiedner
• 2016/06/03 [Secure-testing-team] Bug#826273: gnupg2: Defaults to using insecure short key IDs (32 bits) Gunnar Wolf
• 2016/06/02 [Secure-testing-team] Bug#826152: qemu: CVE-2016-5238: scsi: esp: OOB write when using non-DMA mode in get_cmd Salvatore Bonaccorso
• 2016/06/02 [Secure-testing-team] Bug#826151: qemu: CVE-2016-5126: block: iscsi: buffer overflow in iscsi_aio_ioctl Salvatore Bonaccorso
• 2016/06/01 [Secure-testing-team] The 7 th International Conference SETIT 2016 Hammamet-Tunisia International Conference SETIT'16
• 2016/05/31 [Secure-testing-team] Bug#825960: nginx: [CVE-2016-4450] NULL pointer dereference while writing client request body Christos Trochalakis
• 2016/05/30 [Secure-testing-team] Bug#825856: openntpd: CVE-2016-5117 Salvatore Bonaccorso
• 2016/05/30 [Secure-testing-team] Bug#825855: mxml: CVE-2016-4570 CVE-2016-4571: Stack exhaustion Salvatore Bonaccorso
• 2016/05/29 [Secure-testing-team] Bug#825800: graphicsmagick: CVE-2016-5118 Salvatore Bonaccorso
• 2016/05/29 [Secure-testing-team] Bug#825799: imagemagick: CVE-2016-5118 Salvatore Bonaccorso
• 2016/05/29 [Secure-testing-team] Dream of Increasing Your Product Base? Read This! Toggar
• 2016/05/29 [Secure-testing-team] Bug#825728: vlc: CVE-2016-5108 Salvatore Bonaccorso
• 2016/05/28 [Secure-testing-team] Bug#825616: qemu: CVE-2016-5107: scsi: megasas: out-of-bounds read in megasas_lookup_frame() function Salvatore Bonaccorso
• 2016/05/28 [Secure-testing-team] Bug#825615: qemu: CVE-2016-5106: scsi: megasas: out-of-bounds write while setting controller properties Salvatore Bonaccorso
• 2016/05/28 [Secure-testing-team] Bug#825614: qemu: CVE-2016-5105: scsi: megasas: stack information leakage while reading configuration Salvatore Bonaccorso
• 2016/05/27 [Secure-testing-team] Bug#825554: libusbmuxd: CVE-2016-5104: Sockets listening on INADDR_ANY Salvatore Bonaccorso
• 2016/05/27 [Secure-testing-team] Bug#825553: libimobiledevice: CVE-2016-5104: Sockets listening on INADDR_ANY Salvatore Bonaccorso
• 2016/05/24 [Secure-testing-team] Bug#825210: qemu: CVE-2016-4952: scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines Salvatore Bonaccorso
• 2016/05/24 [Secure-testing-team] Bug#825207: qemu: CVE-2016-4964: scsi: mptsas infinite loop in mptsas_fetch_requests Salvatore Bonaccorso
• 2016/05/24 [Secure-testing-team] Bug#825198: firefox: please disable any access from the browser to the clipboard Christoph Anton Mitterer
• 2016/05/23 [Secure-testing-team] Bug#825124: debarchiver: allow to configure which crypto algos are accepted for uploads Christoph Anton Mitterer
• 2016/05/23 [Secure-testing-team] Bug#825123: debarchiver: release files generated by debarchiver use weak digest algos in signatures Christoph Anton Mitterer
• 2016/05/23 [Secure-testing-team] Bug#825059: CVE-2015-8842 Moritz Muehlenhoff
• 2016/05/20 [Secure-testing-team] Bug#824856: qemu: CVE-2016-4439 CVE-2016-4441 Salvatore Bonaccorso
• 2016/05/18 [Secure-testing-team] Bug#824683: keystone: CVE-2016-4911: Incorrect Audit IDs in Keystone Fernet Tokens can result in revocation bypass Salvatore Bonaccorso
• 2016/05/17 [Secure-testing-team] Bug#824627: libgd2: CVE-2015-8874 Salvatore Bonaccorso
• 2016/05/17 [Secure-testing-team] Bug#824610: rkhunter: SSH PermitRootLogin is fragile and incomplete Christoph Anton Mitterer
• 2016/05/17 [Secure-testing-team] Bug#824605: kfreebsd-10: CVE-2016-1887: Incorrect argument handling in sendmsg(2) Steven Chamberlain
• 2016/05/17 [Secure-testing-team] Bug#824604: kfreebsd-10: CVE-2016-1886: Buffer overflow in keyboard driver Steven Chamberlain
• 2016/05/17 [Secure-testing-team] Bug#824545: libndp: CVE-2016-3698: denial of service due to insufficient validation of source of NDP messages Salvatore Bonaccorso
• 2016/05/14 [Secure-testing-team] Undeliverable message Postmaster
• 2016/05/13 [Secure-testing-team] Automatische Antwort: [Virus bzw. unerw?nschtes Programm gefunden und Anhang entfernt] Pfeiffer, Diana
• 2016/05/12 [Secure-testing-team] Bug#824160: p7zip: CVE-2016-2334 CVE-2016-2335 Salvatore Bonaccorso
• 2016/05/12 [Secure-testing-team] Bug#824139: ocaml: CVE-2015-8869 Salvatore Bonaccorso
• 2016/05/10 [Secure-testing-team] Bug#823968: squid3: CVE-2016-4553 CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 Salvatore Bonaccorso
• 2016/05/09 [Secure-testing-team] Bug#823893: libarchive: CVE-2016-1541 Salvatore Bonaccorso
• 2016/05/09 [Secure-testing-team] Bug#823863: xerces-c: CVE-2016-2099: upse-after-free Salvatore Bonaccorso
• 2016/05/09 [Secure-testing-team] Bug#823830: qemu: CVE-2016-3710 CVE-2016-3712 Salvatore Bonaccorso
• 2016/05/08 [Secure-testing-team] Bug#823750: [imagemagick] Multiple security problems Bastien ROUCARIÈS
• 2016/05/07 [Secure-testing-team] Bug#823723: mplayer: CVE-2016-4352: Mplayer/Mencoder integer overflow parsing gif files Salvatore Bonaccorso
• 2016/05/07 [Secure-testing-team] Bug#823721: nagios3: CVE-2014-1878: buffer overflow in cmd.cgi Salvatore Bonaccorso
• 2016/05/07 [Secure-testing-team] Bug#823703: CVE-2016-3720 Moritz Muehlenhoff
• 2016/05/06 [Secure-testing-team] Bug#823649: libjs-mediaelement: Reflected XSS vulnerability Craig Small
• 2016/05/06 [Secure-testing-team] Bug#823640: wordpress: Reflected XSS in PLupload and mediaelement Craig Small
• 2016/05/06 [Secure-testing-team] Bug#823622: CVE-2015-4901 CVE-2015-4906 CVE-2015-4908 CVE-2015-4916 Moritz Muehlenhoff
• 2016/05/06 [Secure-testing-team] Bug#823620: Multiple security issues Moritz Muehlenhoff
• 2016/05/04 [Secure-testing-team] Bug#823414: libxml2: CVE-2016-3705: stack overflow before detecting invalid XML file Salvatore Bonaccorso
• 2016/05/04 [Secure-testing-team] Bug#823411: wpa: CVE-2016-4476 CVE-2016-4477 / 2016-1 advisory Salvatore Bonaccorso
• 2016/05/04 [Secure-testing-team] Bug#823405: libxml2: CVE-2016-4483 Salvatore Bonaccorso
• 2016/05/03 [Secure-testing-team] Bug#823325: mariadb-10.0: Various security fixes from 10.0.25 release Salvatore Bonaccorso
• 2016/05/02 [Secure-testing-team] Bug#823238: jansson: CVE-2016-4425: stack exhaustion parsing a JSON file Salvatore Bonaccorso
• 2016/05/02 [Secure-testing-team] Email_提示域内用户(重要) Ｓervice
• 2016/04/30 [Secure-testing-team] Bug#823089: Makes USB SDR devices world-read/writable Ben Hutchings
• 2016/04/27 [Secure-testing-team] Bug#822787: quagga: CVE-2016-4049: Missing size check in bgp_dump_routes_func in bgpd/bgp_dump.c allowing DoS Salvatore Bonaccorso
• 2016/04/26 [Secure-testing-team] Bug#822698: botan1.10: CVE-2016-2849 Salvatore Bonaccorso
• 2016/04/26 [Secure-testing-team] Bug#822688: CVE-2015-8466: replay attack - date/date header unvalidated Ondřej Nový
• 2016/04/25 [Secure-testing-team] Bug#822578: poppler: CVE-2015-8868: heap buffer overflow Salvatore Bonaccorso
• 2016/04/24 [Secure-testing-team] Automatische Antwort: diana.pfeiffer[Virus bzw. unerw?nschtes Programm gefunden und Anhang entfernt] Pfeiffer, Diana
• 2016/04/24 [Secure-testing-team] Undeliverable message Postmaster
• 2016/04/24 [Secure-testing-team] Bug#822461: libapache2-mod-nss: CVE-2016-3099: Invalid handling of +CIPHER operator Salvatore Bonaccorso
• 2016/04/24 [Secure-testing-team] Bug#822456: jq: CVE-2016-4074: Stack exhaustion parsing a JSON file Salvatore Bonaccorso
• 2016/04/23 [Secure-testing-team] Bug#822344: qemu: CVE-2016-4037: usb: Infinite loop vulnerability in usb_ehci using siTD process Salvatore Bonaccorso
• 2016/04/23 [Secure-testing-team] Bug#822333: roundcube: New upstream release and security vulnerabilities fixed Salvatore Bonaccorso
• 2016/04/22 [Secure-testing-team] Bug#822242: libgd2: CVE-2016-3074: Signedness vulnerability causing heap overflow Salvatore Bonaccorso
• 2016/04/20 [Secure-testing-team] hello isaacjohnson101
• 2016/04/19 [Secure-testing-team] Клиентские базы тел +79133913837 Skype: prodawez389 Email: [email protected] [email protected]
• 2016/04/19 [Secure-testing-team] Banco do Brasil - Chamado 332016501 (Comunicado) (83771) secure-testing-team
• 2016/04/18 [Secure-testing-team] Bug#821732: CVE-2016-4024: integer overflow resulting in insufficient heap allocation Matthias Geerdsen
• 2016/04/14 [Secure-testing-team] Bug#821062: qemu: CVE-2016-4020: i386: leakage of stack memory to guest in kvmvapic.c Salvatore Bonaccorso
• 2016/04/14 [Secure-testing-team] Bug#821061: qemu: CVE-2016-4002: net: buffer overflow in MIPSnet emulator Salvatore Bonaccorso
• 2016/04/14 [Secure-testing-team] Bug#821038: qemu: CVE-2016-4001: net: buffer overflow in stellaris_enet emulator Salvatore Bonaccorso
• 2016/04/13 [Secure-testing-team] Bug#820941: shorewall: /etc/init.d/shorewall disappeared Oleg Shalaev
• 2016/04/10 [Secure-testing-team] Bug#820594: giflib: out of bound read and write issues Salvatore Bonaccorso
• 2016/04/09 [Secure-testing-team] Bug#820526: giflib: CVE-2016-3977: gif2rgb: heap buffer overflow Salvatore Bonaccorso
• 2016/04/09 [Secure-testing-team] Bug#820521: cacti: CVE-2016-3659: SQL injection vulnerability in graph_view.php Salvatore Bonaccorso
• 2016/04/07 [Secure-testing-team] Bug#820369: golang: CVE-2016-3959: infinite loop in several big integer routines Salvatore Bonaccorso
• 2016/04/07 [Secure-testing-team] Bug#820366: tiff: CVE-2016-3631: Illegal read in the cpStrips and cpTiles function Salvatore Bonaccorso
• 2016/04/07 [Secure-testing-team] Bug#820362: tiff: CVE-2016-3619: Memory corruption in DumpModeEncode triggered by crafted bmp file Salvatore Bonaccorso
• 2016/04/07 [Secure-testing-team] Bug#820363: tiff: CVE-2016-3620: Out-of-bound read in ZIPEncode Salvatore Bonaccorso
• 2016/04/07 [Secure-testing-team] Bug#820365: tiff: CVE-2016-3622: Division by zero in fpAcc function Salvatore Bonaccorso
• 2016/04/07 [Secure-testing-team] Bug#820364: tiff: CVE-2016-3621: Out-of-bounds Read in the bmp2tiff tool Salvatore Bonaccorso
• 2016/04/07 [Secure-testing-team] Bug#820353: Possible insecure cyphers in qt4 Lisandro Damián Nicanor Pérez Meyer
• 2016/04/07 [Secure-testing-team] Bug#820342: gpa send public key to server despite the refusal of the user rpnpif
• 2016/04/07 [Secure-testing-team] Bug#820331: cronic: uses very predictable temporary files Dmitry Nezhevenko
• 2016/04/06 [Secure-testing-team] Bug#820222: asterisk-config: Please set context on default Corcodel Marian
• 2016/04/05 [Secure-testing-team] Bug#820068: optipng: CVE-2016-2191: Invalid write while processing delta escapes without any boundary checking Salvatore Bonaccorso
• 2016/04/04 [Secure-testing-team] Bug#820008: Support for securelevel and Secure Boot Ben Hutchings
• 2016/04/04 [Secure-testing-team] Bug#819972: tiff: CVE-2016-3186: buffer overflow in gif2tiff Salvatore Bonaccorso
• 2016/04/04 [Secure-testing-team] Bug#819969: libjpeg9: CVE-2016-3616: null pointer dereference in cjpeg Salvatore Bonaccorso
• 2016/04/02 [Secure-testing-team] Bug#819784: squid3: CVE-2016-3948 Salvatore Bonaccorso
• 2016/04/02 [Secure-testing-team] Bug#819783: squid3: CVE-2016-3947 Salvatore Bonaccorso
• 2016/03/31 [Secure-testing-team] Bug#819676: ansible: CVE-2016-3096: Code execution vulnerability in ansible lxc_container Salvatore Bonaccorso
• 2016/03/29 [Secure-testing-team] Bug#819504: mercurial: CVE-2016-3068 CVE-2016-3069 CVE-2016-3630 Salvatore Bonaccorso
• 2016/03/28 [Secure-testing-team] Bug#819455: libxstream-java: CVE-2016-3674: XXE vulnerability Salvatore Bonaccorso
• 2016/03/24 [Secure-testing-team] Bug#819184: salt: CVE-2016-3176: insecure configuration of PAM external authentication service Salvatore Bonaccorso
• 2016/03/21 [Secure-testing-team] Bug#818882: CVE-2015-8366 Moritz Muehlenhoff
• 2016/03/21 [Secure-testing-team] Bug#818875: konqueror: green SSL checkbox despite expired server certificate Thorsten Glaser
• 2016/03/19 [Secure-testing-team] Bug#818489: vtun client uses lot of CPU after a SIGHUP Jérôme Arzel
• 2016/03/19 [Secure-testing-team] Bug#818492: proftpd-dfsg: CVE-2016-3125: usage of 1024 bit DH key even with manual parameters set Salvatore Bonaccorso
• 2016/03/19 [Secure-testing-team] Bug#818399: Multiple security issues Moritz Muehlenhoff
• 2016/03/19 [Secure-testing-team] Bug#818499: busybox: CVE-2016-2147: OOB heap write due to integer underflow Salvatore Bonaccorso
• 2016/03/18 [Secure-testing-team] Bug#818647: cacti: CVE-2016-3172 Salvatore Bonaccorso
• 2016/03/15 [Secure-testing-team] Bug#818318: git: CVE-2016-2324 and CVE-2016-2315 (currently unpublished) server and client RCE, fixed in 2.7.1 Ximin Luo
• 2016/03/14 [Secure-testing-team] Bug#818235: chrony: please package new upstream version 2.3 Harald Jenny
• 2016/03/13 [Secure-testing-team] Bug#818081: opam: Please apply upstream patch: remove insecure / no-check-certificate flags Ximin Luo
• 2016/03/11 [Secure-testing-team] Bug#817932: botan1.10: CVE-2015-7827: PKCS #1 v1.5 decoding was not constant time Salvatore Bonaccorso
• 2016/03/11 [Secure-testing-team] Undelivered Mail Returned to Sender Mail Delivery System
• 2016/03/10 [Secure-testing-team] Promoción día del padre Full Anuncios
• 2016/03/10 [Secure-testing-team] Bug#817799: libotr5: Exploitable integer overflow vulnerability (CVE-2016-2851) Michail Bachmann
• 2016/03/08 [Secure-testing-team] Bug#817233: CVE-2016-1968 Moritz Muehlenhoff
• 2016/03/08 [Secure-testing-team] Bug#817183: qemu: CVE-2016-2858: rng-random: arbitrary stack based allocation leading to corruption Salvatore Bonaccorso
• 2016/03/08 [Secure-testing-team] Bug#817182: qemu: CVE-2016-2857: net: out of bounds read in net_checksum_calculate Salvatore Bonaccorso
• 2016/03/08 [Secure-testing-team] Bug#817181: qemu: CVE-2016-2841: net: ne2000: infinite loop in ne2000_receive Salvatore Bonaccorso
• 2016/03/08 [Secure-testing-team] Bug#817162: simplesamlphp: Information leakage issue in the sanitycheck module Salvatore Bonaccorso
• 2016/03/08 [Secure-testing-team] Bug#817158: isc-dhcp: CVE-2016-2774: An attacker who is allowed to connect to DHCP inter-server communications and control channels can exhaust server resources Salvatore Bonaccorso
• 2016/03/06 [Secure-testing-team] Bug#816921: putty: CVE-2016-2563: buffer overrun in the old-style SCP protocol Salvatore Bonaccorso

• Earlier messages
• Later messages