25.03.2024 09:30 The zipfile module was vulnerable to ¢''quoted-overlap¢'' zip-bombs in the Python 2 interpreter. For Debian 10 buster, this problem has been fixed in version
25.03.2024 09:30 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service or information disclosure.
24.03.2024 23:30 Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, or command injection.
24.03.2024 23:30 Buffer Overflow vulnerability in FreeImage_AllocateBitmap. Infinite loop exits in Load in PluginTIFF.cpp. References:
24.03.2024 23:30 The updated package fixes security vulnerabilities: pluto in Libreswan before 4.11 allows a denial of service via unauthenticated IKEv1 Aggressive Mode packets. An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA
24.03.2024 13:00 Patch CVE-2023-4256 and CVE-2023-43279
24.03.2024 13:00 Updates google.golang.org/protobuf to v1.33.0 to resolve CVE-2024-24786. Kubernetes is now built with go 1.21.8.
24.03.2024 13:00 Security fix for CVE-2024-22871 Update to upstream release 1.11.2
24.03.2024 13:00 Rebase gnutls to version 3.8.4 - contains fixes for CVE-2024-28834 and CVE-2024-28835
24.03.2024 13:00 Patch CVE-2023-4256 and CVE-2023-43279
24.03.2024 13:00 Security fix for CVE-2024-22871 Update to upstream release 1.11.2
24.03.2024 01:30 Manfred Paul discovered a flaw in the Mozilla Firefox web browser, allowing an attacker to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process.
24.03.2024 01:30 New mozilla-firefox packages are available for Slackware 15.0 and -current to fix a security issue.
24.03.2024 01:30 An issue has been found in libnet-cidr-lite-perl, a module for merging IPv4 or IPv6 CIDR address ranges.
24.03.2024 01:30 Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or leaks of encrypted email subjects.
