Советы по безопасности за 2010 год

[31.12.2010] DSA-2139 phpmyadmin - several vulnerabilities
[29.12.2010] DSA-2138 wordpress - SQL injection
[26.12.2010] DSA-2137 libxml2 - several vulnerabilities
[21.12.2010] DSA-2136 tor - buffer overflow
[21.12.2010] DSA-2135 xpdf - several vulnerabilities
[18.12.2010] DSA-2134 - готовящиеся изменения в формате рекомендация по безопасности
[13.12.2010] DSA-2133 collectd - denial of service
[11.12.2010] DSA-2132 xulrunner - several vulnerabilities
[10.12.2010] DSA-2131 exim4 - arbitrary code execution
[10.12.2010] DSA-2130 bind9 - several vulnerabilities
[01.12.2010] DSA-2129 krb5 - checksum verification weakness
[01.12.2010] DSA-2128 libxml2 - неправильный доступ к памяти
[28.11.2010] DSA-2127 wireshark - отказ в обслуживании
[26.11.2010] DSA-2126 linux-2.6 - privilege escalation/denial of service/information leak
[22.11.2010] DSA-2125 openssl - buffer overflow
[01.11.2010] DSA-2124 xulrunner - several vulnerabilities
[01.11.2010] DSA-2123 nss - several vulnerabilities
[22.10.2010] DSA-2122 glibc - missing input sanitization
[19.10.2010] DSA-2121 typo3-src - several vulnerabilities
[12.10.2010] DSA-2120 postgresql-8.3 - privilege escalation
[12.10.2010] DSA-2119 poppler - несколько уязвимостей
[08.10.2010] DSA-2118 subversion - logic flaw
[04.10.2010] DSA-2117 apr-util - denial of service
[04.10.2010] DSA-2116 freetype - integer overflow
[29.09.2010] DSA-2115 moodle - several vulnerabilities
[26.09.2010] DSA-2114 git-core - buffer overflow
[20.09.2010] DSA-2113 drupal6 - several vulnerabilities
[20.09.2010] DSA-2112 bzip2 - integer overflow
[19.09.2010] DSA-2111 squid3 - denial of service
[17.09.2010] DSA-2110 linux-2.6 - privilege escalation/denial of service/information leak
[16.09.2010] DSA-2109 samba - buffer overflow
[14.09.2010] DSA-2108 cvsnt - programming error
[09.09.2010] DSA-2107 couchdb - untrusted search path
[08.09.2010] DSA-2106 xulrunner - several vulnerabilities
[07.09.2010] DSA-2105 freetype - several vulnerabilities
[06.09.2010] DSA-2104 quagga - several vulnerabilities
[05.09.2010] DSA-2103 smbind - sql injection
[03.09.2010] DSA-2102 barnowl - unchecked return value
[31.08.2010] DSA-2101 wireshark - несколько уязвимостей
[30.08.2010] DSA-2100 openssl - двойное освобождение
[30.08.2010] DSA-2099 openoffice.org - buffer overflows
[29.08.2010] DSA-2098 typo3-src - several vulnerabilities
[29.08.2010] DSA-2097 phpmyadmin - insufficient input sanitising
[24.08.2010] DSA-2096 zope-ldapuserfolder - missing input validation
[23.08.2010] DSA-2095 lvm2 - insecure communication protocol
[19.08.2010] DSA-2094 linux-2.6 - privilege escalation/denial of service/information leak
[19.08.2010] DSA-2093 ghostscript - several vulnerabilities
[17.08.2010] DSA-2092 lxr-cvs - missing input sanitizing
[12.08.2010] DSA-2091 squirrelmail - No user-specific token implemented
[06.08.2010] DSA-2090 socat - incorrect user-input validation
[06.08.2010] DSA-2089 php5 - several vulnerabilities
[05.08.2010] DSA-2088 wget - missing input sanitization
[04.08.2010] DSA-2087 cabextract - ошибка программирования
[04.08.2010] DSA-2086 avahi - several vulnerabilities
[03.08.2010] DSA-2085 lftp - missing input validation
[03.08.2010] DSA-2084 tiff - переполнение целых чисел
[02.08.2010] DSA-2083 moin - missing input sanitization
[02.08.2010] DSA-2082 gmime2.2 - переполнение буфера
[01.08.2010] DSA-2081 libmikmod - переполнение буфера
[01.08.2010] DSA-2080 ghostscript - несколько уязвимостей
[31.07.2010] DSA-2079 mapserver - several vulnerabilities
[31.07.2010] DSA-2078 kvirc - ошибка программирования
[29.07.2010] DSA-2077 openldap - several vulnerabilities
[27.07.2010] DSA-2076 gnupg2 - use-after-free
[27.07.2010] DSA-2075 xulrunner - several vulnerabilities
[21.07.2010] DSA-2074 ncompress - integer underflow
[20.07.2010] DSA-2073 mlmmj - insufficient input sanitising
[19.07.2010] DSA-2072 libpng - several vulnerabilities
[14.07.2010] DSA-2071 libmikmod - переполнение буфера
[14.07.2010] DSA-2070 freetype - several vulnerabilities
[11.07.2010] DSA-2069 znc - отказ в обслуживании
[11.07.2010] DSA-2068 python-cjson - buffer overflow
[02.07.2010] DSA-2067 mahara - several vulnerabilities
[01.07.2010] DSA-2066 wireshark - several vulnerabilities
[27.06.2010] DSA-2065 kvirc - several vulnerabilities
[27.06.2010] DSA-2064 xulrunner - several vulnerabilities
[17.06.2010] DSA-2063 pmount - insecure temporary file
[17.06.2010] DSA-2062 sudo - missing input sanitization
[16.06.2010] DSA-2061 samba - memory corruption
[13.06.2010] DSA-2060 cacti - insufficient input sanitization
[10.06.2010] DSA-2059 pcsc-lite - переполнение буфера
[10.06.2010] DSA-2058 glibc, eglibc - multiple vulnerabilities
[07.06.2010] DSA-2057 mysql-dfsg-5.0 - several vulnerabilities
[06.06.2010] DSA-2056 zonecheck - missing input sanitizing
[05.06.2010] DSA-2055 openoffice.org - macro execution
[04.06.2010] DSA-2054 bind9 - DNS cache poisoning
[25.05.2010] DSA-2053 linux-2.6 - privilege escalation/denial of service/information leak
[24.05.2010] DSA-2052 krb5 - null pointer dereference
[24.05.2010] DSA-2051 postgresql-8.3 - several vulnerabilities
[24.05.2010] DSA-2050 kdegraphics - several vulnerabilities
[23.05.2010] DSA-2049 barnowl - переполнение буфера
[22.05.2010] DSA-2048 dvipng - buffer overflow
[17.05.2010] DSA-2047 aria2 - insufficient input sanitising
[13.05.2010] DSA-2046 phpgroupware - several vulnerabilities
[11.05.2010] DSA-2045 libtheora - integer overflow
[11.05.2010] DSA-2044 mplayer - integer overflow
[11.05.2010] DSA-2043 vlc - integer overflow
[05.05.2010] DSA-2042 iscsitarget - format string
[03.05.2010] DSA-2041 mediawiki - Cross-Site Request Forgery
[02.05.2010] DSA-2040 squidguard - buffer overflow
[23.04.2010] DSA-2039 cacti - отсутствие очистки ввода
[18.04.2010] DSA-2038 pidgin - several vulnerabilities
[17.04.2010] DSA-2037 kdm (kdebase) - состояние гонки
[17.04.2010] DSA-2036 jasper - programming error
[17.04.2010] DSA-2035 apache2 - multiple issues
[17.04.2010] DSA-2034 phpmyadmin - several vulnerabilities
[15.04.2010] DSA-2033 ejabberd - heap overflow
[11.04.2010] DSA-2032 libpng - several vulnerabilities
[11.04.2010] DSA-2031 krb5 - use-after-free
[06.04.2010] DSA-2030 mahara - sql injection
[05.04.2010] DSA-2029 imlib2 - several vulnerabilities
[05.04.2010] DSA-2028 xpdf - multiple vulnerabilities
[03.04.2010] DSA-2027 xulrunner - several vulnerabilities
[02.04.2010] DSA-2026 netpbm-free - stack-based buffer overflow
[31.03.2010] DSA-2025 icedove - several vulnerabilities
[31.03.2010] DSA-2024 moin - insufficient input sanitising
[28.03.2010] DSA-2023 curl - buffer overflow
[23.03.2010] DSA-2022 mediawiki - several vulnerabilities
[22.03.2010] DSA-2021 spamass-milter - отсутствие очистки ввода
[20.03.2010] DSA-2020 ikiwiki - insufficient input sanitization
[20.03.2010] DSA-2019 pango1.0 - missing input sanitization
[18.03.2010] DSA-2018 php5 - DoS (crash)
[15.03.2010] DSA-2017 pulseaudio - insecure temporary directory
[13.03.2010] DSA-2016 drupal6 - several vulnerabilities
[15.03.2010] DSA-2015 drbd8 - privilege escalation
[12.03.2010] DSA-2014 moin - several vulnerabilities
[11.03.2010] DSA-2013 egroupware - several vulnerabilities
[11.03.2010] DSA-2012 linux-2.6 - privilege escalation/denial of service
[10.03.2010] DSA-2011 dpkg - path traversal
[10.03.2010] DSA-2010 kvm - privilege escalation/denial of service
[09.03.2010] DSA-2009 tdiary - insufficient input sanitising
[08.03.2010] DSA-2008 typo3-src - several vulnerabilities
[03.03.2010] DSA-2007 cups - format string vulnerability
[02.03.2010] DSA-2006 sudo - several vulnerabilities
[27.02.2010] DSA-2005 linux-2.6.24 - privilege escalation/denial of service/sensitive memory leak
[28.02.2010] DSA-2004 samba - several vulnerabilities
[22.02.2010] DSA-2003 linux-2.6 - privilege escalation/denial of service
[19.02.2010] DSA-2002 polipo - denial of service
[19.02.2010] DSA-2001 php5 - multiple vulnerabilities
[18.02.2010] DSA-2000 ffmpeg-debian - several vulnerabilities
[18.02.2010] DSA-1999 xulrunner - several vulnerabilities
[17.02.2010] DSA-1998 kdelibs - переполнение буфера
[14.02.2010] DSA-1997 mysql-dfsg-5.0 - several vulnerabilities
[12.02.2010] DSA-1996 linux-2.6 - privilege escalation/denial of service/sensitive memory leak
[12.02.2010] DSA-1995 openoffice.org - several vulnerabilities
[11.02.2010] DSA-1994 ajaxterm - weak session IDs
[10.02.2010] DSA-1993 otrs2 - sql injection
[04.02.2010] DSA-1992 chrony - several vulnerabilities
[04.02.2010] DSA-1991 squid/squid3 - denial of service
[03.02.2010] DSA-1990 trac-git - shell command injection
[02.02.2010] DSA-1989 fuse - denial of service
[02.02.2010] DSA-1988 qt4-x11 - several vulnerabilities
[02.02.2010] DSA-1987 lighttpd - denial of service
[02.02.2010] DSA-1986 moodle - several vulnerabilities
[31.01.2010] DSA-1985 sendmail - insufficient input validation
[30.01.2010] DSA-1984 libxerces2-java - denial of service
[30.01.2010] DSA-1983 wireshark - several vulnerabilities
[29.01.2010] DSA-1982 hybserv - denial of service
[28.01.2010] DSA-1981 maildrop - privilege escalation
[27.01.2010] DSA-1980 ircd-hybrid/ircd-ratbox - integer underflow/denial of service
[27.01.2010] DSA-1979 lintian - multiple vulnerabilities
[26.01.2010] DSA-1978 phpgroupware - several vulnerabilities
[25.01.2010] DSA-1977 python2.4 python2.5 - several vulnerabilities
[22.01.2010] DSA-1976 dokuwiki - several vulnerabilities
[20.01.2010] DSA-1974 gzip - several vulnerabilities
[19.01.2010] DSA-1973 glibc, eglibc - information disclosure
[17.01.2010] DSA-1972 audiofile - buffer overflow
[15.01.2010] DSA-1971 libthai - integer overflow
[13.01.2010] DSA-1970 openssl - denial of service
[12.01.2010] DSA-1969 krb5 - integer underflow
[08.01.2010] DSA-1968 pdns-recursor - several vulnerabilities
[07.01.2010] DSA-1967 transmission - directory traversal
[07.01.2010] DSA-1966 horde3 - insufficient input sanitising
[06.01.2010] DSA-1965 phpldapadmin - missing input sanitising

Вы можете получать последние анонсы о безопасности в Debian, подписавшись на список рассылки debian-security-announce. Архив списка рассылки доступен здесь.