Советы по безопасности за 2006 год

[28.12.2006] DSA-1244 xine-lib - buffer overflow
[28.12.2006] DSA-1243 evince - buffer overflow
[27.12.2006] DSA-1242 elog - several vulnerabilities
[25.12.2006] DSA-1241 squirrelmail - cross-site scripting
[21.12.2006] DSA-1240 links2 - insufficient escaping
[17.12.2006] DSA-1239 sql-ledger - several vulnerabilities
[17.12.2006] DSA-1238 clamav - several vulnerabilities
[17.12.2006] DSA-1237 kernel-source-2.4.27 - several vulnerabilities
[13.12.2006] DSA-1236 enemies-of-carlotta - отсутствие проверки чистоты
[13.12.2006] DSA-1235 ruby1.8 - отказ в обслуживании
[13.12.2006] DSA-1234 ruby1.6 - отказ в обслуживании
[10.12.2006] DSA-1233 kernel-source-2.6.8 - several vulnerabilities
[09.12.2006] DSA-1232 clamav - missing sanity checks
[09.12.2006] DSA-1231 gnupg - several vulnerabilities
[08.12.2006] DSA-1230 l2tpns - переполнение буфера
[06.12.2006] DSA-1229 asterisk - integer overflow
[05.12.2006] DSA-1228 elinks - insufficient escaping
[04.12.2006] DSA-1227 mozilla-thunderbird - several vulnerabilities
[03.12.2006] DSA-1226 links - insufficient escaping
[03.12.2006] DSA-1225 mozilla-firefox - several vulnerabilities
[03.12.2006] DSA-1224 mozilla - several vulnerabilities
[01.12.2006] DSA-1223 tar - input validation error
[30.11.2006] DSA-1222 proftpd - several vulnerabilities
[30.11.2006] DSA-1221 libgsf - переполнение буфера
[26.11.2006] DSA-1220 pstotext - insecure file name quoting
[27.11.2006] DSA-1219 texinfo - buffer overflow
[21.11.2006] DSA-1218 proftpd - ошибка программирования
[20.11.2006] DSA-1217 linux-ftpd - programming error
[20.11.2006] DSA-1216 flexbackup - insecure temporary file
[20.11.2006] DSA-1215 xine-lib - several vulnerabilities
[20.11.2006] DSA-1214 gv - buffer overflow
[19.11.2006] DSA-1213 imagemagick - several vulnerabilities
[15.11.2006] DSA-1212 openssh - Denial of service
[14.11.2006] DSA-1211 pdns - buffer overflow
[14.11.2006] DSA-1210 mozilla-firefox - several vulnerabilities
[12.11.2006] DSA-1209 trac - cross-site request forgery
[11.11.2006] DSA-1208 bugzilla - several vulnerabilities
[09.11.2006] DSA-1207 phpmyadmin - several vulnerabilities
[06.11.2006] DSA-1206 php4 - several vulnerabilities
[02.11.2006] DSA-1205 thttpd - insecure temporary files
[02.11.2006] DSA-1204 ingo1 - отсутствие очистки ввода
[02.11.2006] DSA-1203 libpam-ldap - programming error
[31.10.2006] DSA-1202 screen - programming error
[31.10.2006] DSA-1201 ethereal - several vulnerabilities
[30.10.2006] DSA-1200 qt-x11-free - integer overflow
[23.10.2006] DSA-1199 webmin - multiple vulnerabilities
[23.10.2006] DSA-1198 python2.3 - buffer overflow
[22.10.2006] DSA-1197 python2.4 - buffer overflow
[19.10.2006] DSA-1196 clamav - several vulnerabilities
[10.10.2006] DSA-1195 openssl096 - denial of service (multiple)
[09.10.2006] DSA-1194 libwmf - переполнение буфера
[09.10.2006] DSA-1193 xfree86 - several vulnerabilities
[06.10.2006] DSA-1192 mozilla - several vulnerabilities
[05.10.2006] DSA-1191 mozilla-thunderbird - several vulnerabilities
[04.10.2006] DSA-1190 maxdb-7.5.00 - переполение буфера
[04.10.2006] DSA-1189 openssh-krb5 - several vulnerabilities
[04.10.2006] DSA-1188 mailman - format string
[30.09.2006] DSA-1187 migrationtools - небезопасные временные файлы
[30.09.2006] DSA-1186 cscope - переполнения буфера
[28.09.2006] DSA-1185 openssl - denial of service
[25.09.2006] DSA-1184 kernel-source-2.6.8 - several vulnerabilities
[25.09.2006] DSA-1183 kernel-source-2.4.27 - several vulnerabilities
[22.09.2006] DSA-1182 gnutls11 - слабое шифрование
[19.09.2006] DSA-1181 gzip - several vulnerabilities
[19.09.2006] DSA-1180 bomberclone - programming error
[19.09.2006] DSA-1179 alsaplayer - ошибка программирования
[16.09.2006] DSA-1178 freetype - переполнение целых чисел
[15.09.2006] DSA-1177 usermin - ошибка программирования
[13.09.2006] DSA-1176 zope2.7 - ошибка программирования
[13.09.2006] DSA-1175 isakmpd - programming error
[11.09.2006] DSA-1174 openssl096 - cryptographic weakness
[10.09.2006] DSA-1173 openssl - cryptographic weakness
[09.09.2006] DSA-1172 bind9 - programming error
[07.09.2006] DSA-1171 ethereal - several vulnerabilities
[06.09.2006] DSA-1170 gcc-3.4 - отсутствие проверки правильности
[05.09.2006] DSA-1169 mysql-dfsg-4.1 - several vulnerabilities
[04.09.2006] DSA-1168 imagemagick - several vulnerabilities
[04.09.2006] DSA-1167 apache - missing input sanitising
[03.09.2006] DSA-1166 cheesetracker - переполнение буфера
[01.09.2006] DSA-1165 capi4hylafax - отсутствие очистки ввода
[31.08.2006] DSA-1164 sendmail - programming error
[30.08.2006] DSA-1163 gtetrinet - ошибка программирования
[30.08.2006] DSA-1162 libmusicbrainz-2.0 - переполнения буфера
[29.08.2006] DSA-1161 mozilla-firefox - several vulnerabilities
[29.08.2006] DSA-1160 mozilla - several vulnerabilities
[28.08.2006] DSA-1159 mozilla-thunderbird - several vulnerabilities
[25.08.2006] DSA-1158 streamripper - buffer overflow
[27.08.2006] DSA-1157 ruby1.8 - several vulnerabilities
[27.08.2006] DSA-1156 kdebase - ошибка программирования
[24.08.2006] DSA-1155 sendmail - programming error
[20.08.2006] DSA-1154 squirrelmail - variable overwriting
[18.08.2006] DSA-1153 clamav - buffer overflow
[18.08.2006] DSA-1152 trac - missing input sanitising
[15.08.2006] DSA-1151 heartbeat - чтение за пределами массива
[12.08.2006] DSA-1150 shadow - ошибка программирования
[10.08.2006] DSA-1149 ncompress - buffer underflow
[09.08.2006] DSA-1148 gallery - several vulnerabilities
[09.08.2006] DSA-1147 drupal - отсутствие очистки ввода
[09.08.2006] DSA-1146 krb5 - programming error
[08.08.2006] DSA-1145 freeradius - several vulnerabilities
[07.08.2006] DSA-1144 chmlib - отсутствие очистки ввода
[04.08.2006] DSA-1143 dhcp - ошибка программирования
[04.08.2006] DSA-1142 freeciv - отсутствие проверки границ массива
[04.08.2006] DSA-1141 gnupg2 - переполнение целых чисел
[03.08.2006] DSA-1140 gnupg - переполнение целых чисел
[03.08.2006] DSA-1139 ruby1.6 - отсутствие проверки прав доступа
[02.08.2006] DSA-1138 cfs - переполнение целых чисел
[02.08.2006] DSA-1137 tiff - several vulnerabilities
[02.08.2006] DSA-1136 gpdf - wrong input sanitising
[02.08.2006] DSA-1135 libtunepimp - переполнение буфера
[02.08.2006] DSA-1134 mozilla-thunderbird - several vulnerabilities
[01.08.2006] DSA-1133 mantis - missing input sanitising
[01.08.2006] DSA-1132 apache2 - переполнение буфера
[01.08.2006] DSA-1131 apache - переполнение буфера
[30.07.2006] DSA-1130 sitebar - отсутствие проверки ввода
[28.07.2006] DSA-1129 osiris - format string
[28.07.2006] DSA-1128 heartbeat - ошибка прав доступа
[28.07.2006] DSA-1127 ethereal - several vulnerabilities
[27.07.2006] DSA-1126 asterisk - buffer overflow
[27.07.2006] DSA-1125 drupal - several vulnerabilities
[24.07.2006] DSA-1124 fbi - опечатка
[24.07.2006] DSA-1123 libdumb - переполнение буфера
[24.07.2006] DSA-1122 libnet-server-perl - format string
[24.07.2006] DSA-1121 postgrey - format string
[23.07.2006] DSA-1120 mozilla-firefox - several vulnerabilities
[22.07.2006] DSA-1119 hiki - проблема проектирования
[22.07.2006] DSA-1118 mozilla - several vulnerabilities
[21.07.2006] DSA-1117 libgd2 - недостаточная очистка ввода
[21.07.2006] DSA-1116 gimp - переполнение буфера
[21.07.2006] DSA-1115 gnupg2 - integer overflow
[21.07.2006] DSA-1114 hashcash - переполнение буфера
[18.07.2006] DSA-1113 zope2.7 - ошибка программирования
[18.07.2006] DSA-1112 mysql-dfsg-4.1 - several vulnerabilities
[26.07.2006] DSA-1111 kernel-source-2.6.8 - race condition
[16.07.2006] DSA-1110 samba - missing input sanitising
[16.07.2006] DSA-1109 rssh - ошибка программирования
[11.07.2006] DSA-1108 mutt - переполнение буфера
[10.07.2006] DSA-1107 gnupg - integer overflow
[10.07.2006] DSA-1106 ppp - programming error
[07.07.2006] DSA-1105 xine-lib - buffer overflow
[30.06.2006] DSA-1104 openoffice.org - several vulnerabilities
[27.06.2006] DSA-1103 kernel-source-2.6.8 - several vulnerabilities
[26.06.2006] DSA-1102 pinball - design error
[23.06.2006] DSA-1101 courier - ошибка программирования
[15.06.2006] DSA-1100 wv2 - переполнение целых чисел
[14.06.2006] DSA-1099 horde2 - missing input sanitising
[14.06.2006] DSA-1098 horde3 - missing input sanitising
[14.06.2006] DSA-1097 kernel-source-2.4.27 - several vulnerabilities
[13.06.2006] DSA-1096 webcalendar - uninitialised variable
[10.06.2006] DSA-1095 freetype - integer overflows
[08.06.2006] DSA-1094 gforge - missing input sanitising
[08.06.2006] DSA-1093 xine - форматная строка
[08.06.2006] DSA-1092 mysql-dfsg-4.1 - programming error
[08.06.2006] DSA-1091 tiff - buffer overflows
[06.06.2006] DSA-1090 spamassassin - programming error
[03.06.2006] DSA-1089 freeradius - several vulnerabilities
[03.06.2006] DSA-1088 centericq - buffer overflow
[03.06.2006] DSA-1087 postgresql - programming error
[02.06.2006] DSA-1086 xmcd - design flaw
[01.06.2006] DSA-1085 lynx-cur - several vulnerabilities
[31.05.2006] DSA-1084 typespeed - buffer overflow
[31.05.2006] DSA-1083 motor - buffer overflow
[29.05.2006] DSA-1082 kernel-source-2.4.17 - several vulnerabilities
[29.05.2006] DSA-1081 libextractor - buffer overflow
[29.05.2006] DSA-1080 dovecot - programming error
[29.05.2006] DSA-1079 mysql-dfsg - several vulnerabilities
[27.05.2006] DSA-1078 tiff - out-of-bounds read
[26.05.2006] DSA-1077 lynx-ssl - programming error
[26.05.2006] DSA-1076 lynx - programming error
[26.05.2006] DSA-1075 awstats - programming error
[24.05.2006] DSA-1074 mpg123 - переполнение буфера
[22.05.2006] DSA-1073 mysql-dfsg-4.1 - several vulnerabilities
[22.05.2006] DSA-1072 nagios - buffer overflow
[22.05.2006] DSA-1071 mysql - several vulnerabilities
[21.05.2006] DSA-1070 kernel-source-2.4.19 - several vulnerabilities
[20.05.2006] DSA-1069 kernel-source-2.4.18 - several vulnerabilities
[20.05.2006] DSA-1068 fbi - insecure temporary file
[20.05.2006] DSA-1067 kernel-source-2.4.16 - several vulnerabilities
[20.05.2006] DSA-1066 phpbb2 - missing input sanitising
[19.05.2006] DSA-1065 hostapd - missing input sanitising
[19.05.2006] DSA-1064 cscope - buffer overflows
[08.05.2006] DSA-1063 phpgroupware - missing input sanitising
[19.05.2006] DSA-1062 kphone - insecure file creation
[19.05.2006] DSA-1061 popfile - missing input sanitising
[19.05.2006] DSA-1060 kernel-patch-vserver - programming error
[19.05.2006] DSA-1059 quagga - several vulnerabilities
[18.05.2006] DSA-1058 awstats - missing input sanitising
[15.05.2006] DSA-1057 phpldapadmin - missing input sanitising
[15.05.2006] DSA-1056 webcalendar - verbose error message
[11.05.2006] DSA-1055 mozilla-firefox - programming error
[09.05.2006] DSA-1054 tiff - several vulnerabilities
[09.05.2006] DSA-1053 mozilla - ошибка программирования
[08.05.2006] DSA-1052 cgiirc - переполнения буфера
[04.05.2006] DSA-1051 mozilla-thunderbird - several vulnerabilities
[02.05.2006] DSA-1050 clamav - buffer overflow
[02.05.2006] DSA-1049 ethereal - several vulnerabilities
[01.05.2006] DSA-1048 asterisk - several vulnerabilities
[30.04.2006] DSA-1047 resmgr - programming error
[27.04.2006] DSA-1046 mozilla - several vulnerabilities
[27.04.2006] DSA-1045 openvpn - design error
[26.04.2006] DSA-1044 mozilla-firefox - several vulnerabilities
[26.04.2006] DSA-1043 abcmidi - buffer overflows
[25.04.2006] DSA-1042 cyrus-sasl2 - programming error
[25.04.2006] DSA-1041 abc2ps - buffer overflows
[24.04.2006] DSA-1040 gdm - programming error
[24.04.2006] DSA-1039 blender - several vulnerabilities
[22.04.2006] DSA-1038 xzgv - programming error
[21.04.2006] DSA-1037 zgv - programming error
[17.04.2006] DSA-1036 bsdgames - buffer overflow
[15.04.2006] DSA-1035 fcheck - insecure temporary file
[14.04.2006] DSA-1034 horde2 - several vulnerabilities
[12.04.2006] DSA-1033 horde3 - several vulnerabilities
[12.04.2006] DSA-1032 zope-cmfplone - programming error
[08.04.2006] DSA-1031 cacti - several vulnerabilities
[08.04.2006] DSA-1030 moodle - several vulnerabilities
[08.04.2006] DSA-1029 libphp-adodb - several vulnerabilities
[07.03.2006] DSA-1028 libimager-perl - programming error
[06.04.2006] DSA-1027 mailman - programming error
[06.04.2006] DSA-1026 sash - buffer overflows
[06.04.2006] DSA-1025 dia - programming error
[05.04.2006] DSA-1024 clamav - several vulnerabilities
[05.04.2006] DSA-1023 kaffeine - buffer overflow
[04.04.2006] DSA-1022 storebackup - several vulnerabilities
[28.03.2006] DSA-1021 netpbm-free - insecure program execution
[28.03.2006] DSA-1020 flex - buffer overflow
[24.03.2006] DSA-1019 koffice - several vulnerabilities
[24.03.2006] DSA-1018 kernel-source-2.4.27 - several vulnerabilities
[23.03.2006] DSA-1017 kernel-source-2.6.8 - several vulnerabilities
[23.03.2006] DSA-1016 evolution - format string vulnerabilities
[23.03.2006] DSA-1015 sendmail - programming error
[23.03.2006] DSA-1014 firebird2 - переполнение буфера
[22.03.2006] DSA-1013 snmptrapfmt - insecure temporary file
[21.03.2006] DSA-1012 unzip - buffer overflow
[21.03.2005] DSA-1011 kernel-patch-vserver - missing attribute support
[20.03.2006] DSA-1010 ilohamail - missing input sanitising
[21.03.2006] DSA-1009 crossfire - переполнение буфера
[17.03.2006] DSA-1008 kdegraphics - buffer overflow
[17.03.2006] DSA-1007 drupal - several vulnerabilities
[16.03.2006] DSA-1006 wzdftpd - отсутствие очистки ввода
[16.03.2006] DSA-1005 xine-lib - buffer overflow
[16.03.2006] DSA-1004 vlc - buffer overflow
[16.03.2006] DSA-1003 xpvm - insecure temporary file
[15.03.2006] DSA-1002 webcalendar - several vulnerabilities
[14.03.2006] DSA-1001 crossfire - buffer overflow
[14.03.2006] DSA-1000 libapreq2-perl - design error
[14.03.2006] DSA-999 lurker - several vulnerabilities
[14.03.2006] DSA-998 libextractor - several vulnerabilities
[13.03.2006] DSA-997 bomberclone - buffer overflows
[13.03.2006] DSA-996 libcrypt-cbc-perl - programming error
[13.03.2006] DSA-995 metamail - buffer overflow
[13.03.2006] DSA-994 freeciv - отказ в обслуживании
[10.03.2006] DSA-993 gnupg - programming error
[10.03.2006] DSA-992 ffmpeg - buffer overflow
[10.03.2006] DSA-991 zoo - buffer overflow
[10.03.2006] DSA-990 bluez-hcidump - ошибка программирования
[09.03.2006] DSA-989 zoph - SQL injection
[08.03.2006] DSA-988 squirrelmail - several vulnerabilities
[07.03.2006] DSA-987 tar - переполнение буфера
[06.03.2006] DSA-986 gnutls11 - buffer overflows
[06.03.2006] DSA-985 libtasn1-2 - buffer overflows
[02.03.2006] DSA-984 xpdf - несколько уязвимостей
[28.02.2006] DSA-983 pdftohtml - several vulnerabilities
[27.02.2006] DSA-982 gpdf - несколько уязвимостей
[26.02.2006] DSA-981 bmv - integer overflow
[22.02.2006] DSA-980 tutos - several vulnerabilities
[17.02.2006] DSA-979 pdfkit.framework - several vulnerabilities
[17.02.2006] DSA-978 gnupg - programming error
[16.02.2006] DSA-977 heimdal - several vulnerabilities
[15.02.2006] DSA-976 libast - buffer overflow
[15.02.2006] DSA-975 nfs-user-server - buffer overflow
[15.02.2006] DSA-974 gpdf - buffer overflows
[15.02.2006] DSA-973 otrs - several vulnerabilities
[15.02.2006] DSA-972 pdfkit.framework - buffer overflows
[14.02.2006] DSA-971 xpdf - buffer overflow
[14.02.2006] DSA-970 kronolith - missing input sanitising
[13.02.2006] DSA-969 scponly - design error
[13.02.2006] DSA-968 noweb - insecure temporary file
[10.02.2006] DSA-967 elog - several vulnerabilities
[09.02.2006] DSA-966 adzapper - denial of service
[06.02.2006] DSA-965 ipsec-tools - null dereference
[03.02.2006] DSA-964 gnocatan - buffer overflow
[02.02.2006] DSA-963 mydns - missing input sanitising
[01.02.2006] DSA-962 pdftohtml - buffer overflows
[01.02.2006] DSA-961 pdfkit.framework - buffer overflows
[31.01.2006] DSA-960 libmail-audit-perl - insecure temporary file creation
[30.01.2006] DSA-959 unalz - buffer overflow
[27.01.2006] DSA-958 drupal - several vulnerabilities
[26.01.2006] DSA-957 imagemagick - missing shell meta sanitising
[26.01.2006] DSA-956 lsh-server - filedescriptor leak
[25.01.2006] DSA-955 mailman - DoS
[25.01.2006] DSA-954 wine - design flaw
[24.01.2006] DSA-953 flyspray - missing input sanitising
[23.01.2006] DSA-952 libapache-auth-ldap - format string
[23.01.2006] DSA-951 trac - missing input sanitising
[23.01.2006] DSA-950 cupsys - buffer overflows
[20.01.2006] DSA-949 crawl - insecure program execution
[20.01.2006] DSA-948 kdelibs - buffer overflow
[21.01.2006] DSA-947 clamav - heap overflow
[20.01.2006] DSA-946 sudo - missing input sanitising
[17.01.2006] DSA-945 antiword - insecure temporary file
[17.01.2006] DSA-944 mantis - несколько уязвимостей
[16.01.2006] DSA-943 perl - integer overflow
[16.01.2006] DSA-942 albatross - design error
[16.01.2006] DSA-941 tuxpaint - insecure temporary file
[13.01.2006] DSA-940 gpdf - buffer overflows
[13.01.2006] DSA-939 fetchmail - programming error
[12.01.2006] DSA-938 koffice - buffer overflows
[12.01.2006] DSA-937 tetex-bin - buffer overflows
[11.01.2006] DSA-936 libextractor - buffer overflows
[10.01.2006] DSA-935 libapache2-mod-auth-pgsql - format string vulnerability
[09.01.2006] DSA-934 pound - several vulnerabilities
[09.01.2006] DSA-933 hylafax - arbitrary command execution
[09.01.2006] DSA-932 kdegraphics - buffer overflows
[09.01.2006] DSA-931 xpdf - buffer overflows
[09.01.2006] DSA-930 smstools - format string attack
[09.01.2006] DSA-929 petris - buffer overflow

Вы можете получать последние анонсы о безопасности в Debian, подписавшись на список рассылки debian-security-announce. Архив списка рассылки доступен здесь.