Secure testing team - May 2008

Friday May 30 2008
TimeRepliesSubject
10:10PM 0 Bug#483770: ikiwiki openid + passwordauth empty password security hole
 
Wednesday May 28 2008
TimeRepliesSubject
6:20PM 0 Bug#483410: CVE-2008-1105: Boundary failure when parsing SMB responses can result in a buffer overrun
 
Tuesday May 27 2008
TimeRepliesSubject
6:41PM 1 Bug#483199: flashplugin-nonfree: Adobe Flash Player is prone to an unspecified remote code-execution vulnerability.
3:11PM 0 Bug#483160: CVE-2008-1804: possibility to bypass detection rules
 
Sunday May 25 2008
TimeRepliesSubject
2:08PM 0 Bug#482853: cbrpager: command execution flaw via malicious file names
 
Saturday May 24 2008
TimeRepliesSubject
10:16AM 0 Bug#482664: CVE-2008-1767: buffver overflow in pattern.c
 
Friday May 23 2008
TimeRepliesSubject
9:28AM 3 Seems fixed in the wrong place
9:10AM 0 Bug#482518: libvorbis0a: possible integer overflows and DoS attacks
 
Thursday May 22 2008
TimeRepliesSubject
10:27AM 0 Bug#482385: xscreensaver disappears (segfaults/aborts?) when xrandr is used.
2:16AM 0 Bug#482352: libpam-runtime: login for nonexistent user fails without password prompt
 
Monday May 19 2008
TimeRepliesSubject
8:04PM 0 Bug#481970: libpam-pgsql: <Ctrl+C> while in authentication phase induces success, may circumvent sudo et al.
2:28AM 0 Bug#481860: openssh-server upgrade didn't remove all compromised keys from /etc/ssh
12:03AM 3 Bug#481853: [openssh-client] "ssh-vulnkey -a" does not see the weak keys of the user
 
Saturday May 17 2008
TimeRepliesSubject
1:58PM 2 Obsolete (testing) packages in security.debian.org
 
Friday May 16 2008
TimeRepliesSubject
2:41PM 0 Bug#481504: CVE-2008-2276: Cross-site request forgery (CSRF) vulnerability
 
Thursday May 15 2008
TimeRepliesSubject
6:20PM 0 Bug#481389: Debian package allows passwordless SYSDBA remote connections
1:43AM 0 Bug#481284: openssl should Depends: libssl0.9.8 (>=0.9.8g-9)
 
Wednesday May 14 2008
TimeRepliesSubject
12:17PM 10 Bug#481186: CVE-2008-2149: buffer overflows
9:03AM 0 Bug#481164: python-django: Security updates for all Django versions
 
Monday May 12 2008
TimeRepliesSubject
11:19PM 0 Bug#480972: vulnerable to symlink attacks
2:46PM 0 Bug #480877: also exists in emacs22 and xemacs21
2:20PM 0 Bug#480877: emacs21: arbitrary code execution in fast-lock-mode
 
Saturday May 10 2008
TimeRepliesSubject
11:24AM 4 bump for phpgedview
 
Friday May 9 2008
TimeRepliesSubject
3:32PM 0 Bug#480370: mozilla-plugin-vlc: CVE-2007-6683 is not fixed at all
11:02AM 0 Bug#480292: CVE-2008-2079: mysql allows local users to bypass certain privilege checks
 
Tuesday May 6 2008
TimeRepliesSubject
10:16AM 4 php 5.2.6 Security Fixes
 
Sunday May 4 2008
TimeRepliesSubject
2:56AM 1 Bug#479276: [lighttpd] New configuration executes scripts outside of /cgi-bin/
 
Friday May 2 2008
TimeRepliesSubject
7:46PM 0 Bug#479034: CVE-2008-2033: Multiple vulnerabilities
 
Thursday May 1 2008
TimeRepliesSubject
6:22PM 0 Kein Spam Bitte vorm loeschen lesen Danke