page content
RSS feed Debian security
This is the RSS feed imported from the following address : http://www.debian.org/security/dsa-long.en.rdf
DSA-2672 kfreebsd-9 - interpretation conflict
Adam Nowacki discovered that the new FreeBSD NFS implementation processes a crafted READDIR request which instructs to operate a file system on a file node as if it were a directory node, leading to a kernel crash or potentially arbitrary code execution.
22nd of May 2013
read more about DSA-2672 kfreebsd-9 - interpretation conflictDSA-2671 request-tracker4 - several vulnerabilities
Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system. The Common Vulnerabilities and Exposures project identifies the following problems:
22nd of May 2013
read more about DSA-2671 request-tracker4 - several vulnerabilitiesDSA-2670 request-tracker3.8 - several vulnerabilities
Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system. The Common Vulnerabilities and Exposures project identifies the following problems:
22nd of May 2013
read more about DSA-2670 request-tracker3.8 - several vulnerabilitiesDSA-2669 linux - privilege escalation/denial of service/information leak
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:
15th of May 2013
read more about DSA-2669 linux - privilege escalation/denial of service/information leakDSA-2668 linux-2.6 - privilege escalation/denial of service/information leak
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:
14th of May 2013
read more about DSA-2668 linux-2.6 - privilege escalation/denial of service/information leakDSA-2667 mysql-5.5 - several vulnerabilities
Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.5.31, which includes additional changes, such as performance improvements and corrections for data loss defects.
12th of May 2013
read more about DSA-2667 mysql-5.5 - several vulnerabilitiesDSA-2666 xen - several vulnerabilities
Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems:
12th of May 2013
read more about DSA-2666 xen - several vulnerabilitiesDSA-2664 stunnel4 - buffer overflow
Stunnel, a program designed to work as an universal SSL tunnel for network daemons, is prone to a buffer overflow vulnerability when using the Microsoft NT LAN Manager (NTLM) authentication (
protocolAuthentication = NTLM
) together with theconnect
protocol method (protocol = connect
). With these prerequisites and using stunnel4 in SSL client mode (client = yes
) on a 64 bit host, an attacker could possibly execute arbitrary code with the privileges of the stunnel process, if the attacker can either control the specified proxy server or perform man-in-the-middle attacks on the tcp session between stunnel and the proxy sever.2nd of May 2013
read more about DSA-2664 stunnel4 - buffer overflowDSA-2665 strongswan - authentication bypass
Kevin Wojtysiak discovered a vulnerability in strongSwan, an IPsec based VPN solution.
30th of April 2013
read more about DSA-2665 strongswan - authentication bypass
