28.09.2019 19:09 An update that fixes one vulnerability is now available.
28.09.2019 17:07 It was discovered that file-roller, an archive manager for GNOME, does not properly handle the extraction of archives with a single ./../ in a file path. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite files if a user
28.09.2019 13:39 An issue has been found in cups, the Common UNIX Printing System . While generating a session cookie for the CUPS web interface, a
28.09.2019 13:39 Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of
28.09.2019 13:39 Several issues have been found in cimg, a powerful image processing library.
28.09.2019 11:34 A buffer overflow flaw was discovered in Exim, a mail transport agent. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially the execution of arbitrary code.
28.09.2019 05:01 The updated packages fix security vulnerabilities: Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified
28.09.2019 05:01 - rebase to latest upstream version 9.27 - security fixes added for: - CVE-2019-14811 - CVE-2019-14812 - CVE-2019-14813 - CVE-2019-14817
28.09.2019 05:01 Fix KDC crash when logging PKINIT enctypes This is a purely denial-of-service issue, though it is unauthenticated, and is unlikely to trigger by accident.
28.09.2019 05:01 Security fix for CVE-2019-13132
28.09.2019 05:01 Chromium 77.0.3865.90 update. See the official announcement on https://chromereleases.googleblog.com/2019/09/stable-channel-update-for- desktop.html and https://chromereleases.googleblog.com/2019/09/stable-channel- update-for-desktop_18.html
28.09.2019 01:04 Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code.
27.09.2019 23:01 libheif 1.4.0 has a use-after-free in heif::HeifContext::Image:: set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images . Also, imagemagick has been updated to 7.0.8.62 to fix various bugs.
27.09.2019 23:01 Chromium-browser 77.0.3865.90 fixes security issues: Four use-after-free bugs were found in Chromium 77.0.3865.75: one in the UI component , two in the media component , and one in the offline pages component .
27.09.2019 23:01 It was discovered that the Go programming language did accept and normalize invalid HTTP/1.1 headers with a space before the colon, which could lead to filter bypasses or request smuggling in some setups.