Debian GNU/Linux

General
Development
Edit

News

[1389 total ]
DSA-1930 drupal6 - several vulnerabilities

Posted 1 day ago

Several vulnerabilities have been found in drupal6, a fully-featured
content management framework. The Common Vulnerabilities and Exposures
project identifies the following problems:

DSA-1927 linux-2.6 - privilege escalation/denial of service/sensitive memory leak

Posted 4 days ago

Notice: Debian 5.0.4, the next point release of Debian 'lenny', will
include a new default value for the mmap_min_addr tunable. This
change will add an additional safeguard against a class of security
vulnerabilities known as "NULL ... [More] pointer dereference" vulnerabilities,
but it will need to be overridden when using certain applications.
Additional information about this change, including instructions for
making this change locally in advance of 5.0.4 (recommended), can be
found at:
http://wiki.debian.org/mmap_min_addr. [Less]

DSA-1928 linux-2.6.24 - privilege escalation/denial of service/sensitive memory leak

Posted 4 days ago

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems:

DSA-1929 linux-2.6 - privilege escalation/denial of service/sensitive memory leak

Posted 4 days ago

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems:

DSA-1926 typo3-src - several vulnerabilities

Posted 5 days ago

Several remote vulnerabilities have been discovered in the TYPO3 web
content management framework. The Common Vulnerabilities and Exposures
project identifies the following problems:

DSA-1925 proftpd-dfsg - insufficient input validation

Posted 9 days ago

It has been discovered that proftpd-dfsg, a virtual-hosting FTP daemon,
does not properly handle a '\0' character in a domain name in the
Subject Alternative Name field of an X.509 client certificate, when the
dNSNameRequired TLS option is enabled.

DSA-1924 mahara - several vulnerabilities

Posted 9 days ago

Two vulnerabilities have been discovered in mahara, an electronic portfolio,
weblog, and resume builder. The Common Vulnerabilities and Exposures
project identifies the following problems:

DSA-1924 mahara - several vulnerabilities

Posted 9 days ago

Two vulnerabilities have been discovered in, an electronic portfolio,
weblog, and resume builder. The Common Vulnerabilities and Exposures
project identifies the following problems:

DebConf10 dates and venue announced

Posted 9 days ago

The DebConf10 team just sent out a press release announcing the dates and venue
for DebConf10 in New York City. Most of the readers of this blog
already saw it through some other list, so I’ll just put the dates here and
provide the ... [More] full text plus other relevant info via links.

Dates: July 25-31, 2010 will be DebCamp and August 1-7, 2010 will be DebConf.
Press release text
First press coverage in response to our announcement
Main conference website
Visa info
Email address for visa help(read the visa info page before emailing)
Yes, thanks to Valessio Brito we already have “I’m going to DebConf10” buttons.

We hope to see many of you there! [Less]

DSA-1922 xulrunner - several vulnerabilities

Posted 12 days ago

Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications, such as the Iceweasel web
browser. The Common Vulnerabilities and Exposures project identifies
the following problems: