Displaying 20 results from an estimated 2000 matches similar to: "Integer underflow in the "file" program before 4.20"
2016 Dec 03
2
CVE-2016-8652 in dovecot
On 03/12/2016 12:08, Jeremiah C. Foster wrote:
> On Fri, 2016-12-02 at 10:48 +0200, Aki Tuomi wrote:
> On 02.12.2016 10:45, Jonas Wielicki wrote: On Freitag, 2. Dezember 2016 09:00:58 CET Aki Tuomi wrote: We are sorry to report that we have a bug in dovecot, which
> merits a
> CVE. See details below. If you haven't configured any
> auth_policy_*
> settings you are ok. This
2016 Dec 03
2
CVE-2016-8652 in dovecot
> On December 3, 2016 at 9:11 PM "Jeremiah C. Foster" <jeremiah at jeremiahfoster.com> wrote:
>
>
> On Sat, 2016-12-03 at 12:23 +1000, Noel Butler wrote:
> > On 03/12/2016 12:08, Jeremiah C. Foster wrote:
> >
> > > On Fri, 2016-12-02 at 10:48 +0200, Aki Tuomi wrote:
> > > On 02.12.2016 10:45, Jonas Wielicki wrote: On Freitag, 2.
2016 Dec 02
2
CVE-2016-8652 in dovecot
On 02.12.2016 10:45, Jonas Wielicki wrote:
> On Freitag, 2. Dezember 2016 09:00:58 CET Aki Tuomi wrote:
>> We are sorry to report that we have a bug in dovecot, which merits a
>> CVE. See details below. If you haven't configured any auth_policy_*
>> settings you are ok. This is fixed with
>> https://git.dovecot.net/dovecot/core/commit/c3d3faa4f72a676e183f34be960cff13
2012 Sep 20
1
AIX 5.8p1?
Good Morning,
We just performed some security scanning on one of our AIX systems and these vulnerabilities was returned:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000
We are currently running: 5.8.0.6101
The latest on IBMs
2004 Feb 05
2
Status Check: CVE CAN-2004-0002
Hi,
Just want to ask about the status of this:-
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0002
>From list archives I gather the fix is still under refinement (but
committed (and removed?) in HEAD and RELENG_5_2).
One paranoid little shop is running a public web server on RELENG_4_9, and
contemplating this patch:-
2007 Oct 03
1
FreeBSD Security Advisory FreeBSD-SA-07:08.openssl
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-07:08.openssl Security Advisory
The FreeBSD Project
Topic: Buffer overflow in OpenSSL SSL_get_shared_ciphers()
Category: contrib
Module: openssl
2007 Oct 03
1
FreeBSD Security Advisory FreeBSD-SA-07:08.openssl
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-07:08.openssl Security Advisory
The FreeBSD Project
Topic: Buffer overflow in OpenSSL SSL_get_shared_ciphers()
Category: contrib
Module: openssl
2007 Jul 26
2
libvorbis 1.2.0 release
A new libvorbis release is now available.
http://downloads.xiph.org/releases/vorbis/libvorbis-1.2.0.tar.bz2
http://downloads.xiph.org/releases/vorbis/libvorbis-1.2.0.tar.gz
http://downloads.xiph.org/releases/vorbis/libvorbis-1.2.0.zip
This release fixes some robustness issues with corrupt streams,
including a security issue. Also new in this release is support
for multiplexed streams in
2007 Sep 27
6
Security + Rails =Joke?
Hi,
http://dev.rubyonrails.org/ticket/8453
http://dev.rubyonrails.org/ticket/8371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3227
I came across the above by accident. While I am subscribed to the so
called rails security list where supposed announcement of security
issues were to be posted, neither of the above problem made the list.
While I use rails a lot and like it, the above
2007 Aug 30
1
CVE-2007-4091
hi all,
i haven't seen any discussion here of this issue, nor do i see
any obviously related (open) bugs in bugzilla. It's not
clear to me from the CVE how important this issue is or isn't,
but i'm a bit concerned.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4091
thanks as always to wayne & the other contributors
2016 Dec 02
6
CVE-2016-8562 in dovecot
We are sorry to report that we have a bug in dovecot, which merits a
CVE. See details below. If you haven't configured any auth_policy_*
settings you are ok. This is fixed with
https://git.dovecot.net/dovecot/core/commit/c3d3faa4f72a676e183f34be960cff13a5a725ae
and
https://git.dovecot.net/dovecot/core/commit/99abb1302ae693ccdfe0d57351fd42c67a8612fc
Important vulnerability in Dovecot
2008 Jun 27
8
Boot from OCFS2
Dear List,
I''m thinking about using xen productive in our datacenter, i''m still
testing around with it. Now I got some questions, just for basic
understanding, we got for example this environment:
2 Nodes
1 SCSI Pool server (Connected via scsi to both nodes)
Now I want to build a "cluster" so i would like to make this:
Node 1 -> Primary -| | --> domU
2007 May 23
0
FreeBSD Security Advisory FreeBSD-SA-07:04.file
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-07:04.file Security Advisory
The FreeBSD Project
Topic: Heap overflow in file(1)
Category: contrib
Module: file
Announced: 2007-05-23
2018 Jan 05
3
SFTP chroot: Writable root
On Fri, 2018-01-05 at 21:42 +1030, David Newall wrote:
> On 05/01/18 20:06, Jakub Jelen wrote:
> > if the confined user has write access to the chroot directory,
> > there are ways how to get out, gain privileges and or do other
> > nasty things.
>
> I'm not inexperienced with UNIX and unix-like operating systems (30+
> years), and I can't think what these
2007 Sep 01
4
[Bug 1356] New: X11 forwarding broken.
http://bugzilla.mindrot.org/show_bug.cgi?id=1356
Summary: X11 forwarding broken.
Product: Portable OpenSSH
Version: 4.5p1
Platform: Other
OS/Version: FreeBSD
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: marka at isc.org
Created
2013 Feb 04
2
re(4) problems with GA-H77N-WIFI
Hello,
I need some advice how to debug this issue ...
Recently I got a new mainboard for a router, it's a
Gigabyte GA-H77N-WIFI with two onboard re(4) NICs.
The problem is that re0 works fine and re1 doesn't:
It doesn't receive any packets. Tcpdump displays all
outgoing packets, but no incoming ones on re1.
Ifconfig shows the link correctly (100 or 1000 Mbit,
depending on where I
2013 Jun 17
2
[LLVMdev] BlockFrequency spill weights
[Splitting this out from the original thread to reduce noise in it]
On 17.06.2013, at 18:43, Jakob Stoklund Olesen <stoklund at 2pi.dk> wrote:
>
> On Jun 17, 2013, at 7:03 AM, Benjamin Kramer <benny.kra at gmail.com> wrote:
>
>>
>> On 17.06.2013, at 15:56, Diego Novillo <dnovillo at google.com> wrote:
>>
>>> On 2013-06-15 16:39 ,
2008 Oct 17
1
"mount -u -o ro" problems with 7-stable
Hi,
This happened to me repeatedly (but not always), even
after updating to the latest RELENG_7 yesterday ...
1. Boot into single user mode
2. fsck / # finishes successful!
3. mount -u /
4. Do a few edits to files in /etc
5. mount -u -o ro /
softdep_waitidle: Failed to flush worklist for 0xc1f36b30
mount: /dev/ad0s1a : Device busy
I can't remount the root file system read-only, so
2006 Sep 28
1
FreeBSD Security Advisory FreeBSD-SA-06:23.openssl
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-06:23.openssl Security Advisory
The FreeBSD Project
Topic: Multiple problems in crypto(3)
Category: contrib
Module: openssl
Announced:
2011 Apr 20
8
Bug in PCI Passthrough
Hello all
I tried to enable PCI Passthrough in my Debian Squeeze installation.
Unfortunately, it didnt work. The following bug showed up (excerpt from
dmesg):
[ 10.148612] uhci_hcd 0000:00:14.2: PCI INT D -> Link[LNKD] -> GSI 11
(level, low) -> IRQ 11
[ 4.678352] Failed to setup GSI :11, err_code:-22
[ 4.678480] dmfe 0000:00:0e.0: PCI INT A -> Link[LNKB] -> GSI 11 (level,
low)