Bollettini della sicurezza del 2011

[30 dic 2011] DSA-2376 ipmitool - insecure PID file
[26 dic 2011] DSA-2375 krb5, krb5-appl - buffer overflow
[26 dic 2011] DSA-2374 openswan - implementation error
[25 dic 2011] DSA-2373 inetutils - buffer overflow
[25 dic 2011] DSA-2372 heimdal - buffer overflow
[24 dic 2011] DSA-2371 jasper - buffer overflows
[22 dic 2011] DSA-2370 unbound - several vulnerabilities
[21 dic 2011] DSA-2369 libsoup2.4 - insufficient input sanitization
[20 dic 2011] DSA-2368 lighttpd - multiple vulnerabilities
[19 dic 2011] DSA-2367 asterisk - several vulnerabilities
[18 dic 2011] DSA-2366 mediawiki - multiple vulnerabilities
[18 dic 2011] DSA-2365 dtc - several vulnerabilities
[18 dic 2011] DSA-2364 xorg - incorrect permission check
[16 dic 2011] DSA-2363 tor - buffer overflow
[10 dic 2011] DSA-2362 acpid - several vulnerabilities
[07 dic 2011] DSA-2361 chasen - buffer overflow
[06 dic 2011] DSA-2359 mojarra - EL injection
[05 dic 2011] DSA-2358 openjdk-6 - several vulnerabilities
[03 dic 2011] DSA-2357 evince - several vulnerabilities
[01 dic 2011] DSA-2356 openjdk-6 - several vulnerabilities
[30 nov 2011] DSA-2355 clearsilver - format string vulnerability
[28 nov 2011] DSA-2354 cups - several vulnerabilities
[24 nov 2011] DSA-2353 ldns - buffer overflow
[22 nov 2011] DSA-2352 puppet - programming error
[21 nov 2011] DSA-2351 wireshark - buffer overflow
[20 nov 2011] DSA-2350 freetype - missing input sanitising
[19 nov 2011] DSA-2349 spip - several vulnerabilities
[17 nov 2011] DSA-2348 systemtap - several vulnerabilities
[16 nov 2011] DSA-2347 bind9 - improper assert
[16 nov 2011] DSA-2346 proftpd-dfsg - several vulnerabilities
[11 nov 2011] DSA-2345 icedove - several vulnerabilities
[11 nov 2011] DSA-2344 python-django-piston - deserialization vulnerability
[09 nov 2011] DSA-2343 openssl - CA trust revocation
[09 nov 2011] DSA-2342 iceape - several vulnerabilities
[09 nov 2011] DSA-2341 iceweasel - several vulnerabilities
[07 nov 2011] DSA-2340 postgresql-8.3, postgresql-8.4, postgresql-9.0 - weak password hashing
[07 nov 2011] DSA-2339 nss - several vulnerabilities
[07 nov 2011] DSA-2338 moodle - several vulnerabilities
[06 nov 2011] DSA-2337 xen - several vulnerabilities
[07 nov 2011] DSA-2336 ffmpeg - several vulnerabilities
[05 nov 2011] DSA-2335 man2html - missing input sanitization
[04 nov 2011] DSA-2334 mahara - several vulnerabilities
[31 ott 2011] DSA-2333 phpldapadmin - several vulnerabilities
[29 ott 2011] DSA-2332 python-django - several issues
[28 ott 2011] DSA-2331 tor - several vulnerabilities
[27 ott 2011] DSA-2330 simplesamlphp - XML encryption weakness
[27 ott 2011] DSA-2329 torque - buffer overflow
[24 ott 2011] DSA-2328 freetype - missing input sanitising
[24 ott 2011] DSA-2327 libfcgi-perl - authentication bypass
[24 ott 2011] DSA-2326 pam - several vulnerabilities
[23 ott 2011] DSA-2325 kfreebsd-8 - privilege escalation/denial of service
[20 ott 2011] DSA-2324 wireshark - programming error
[26 ott 2011] DSA-2323 radvd - several vulnerabilities
[10 ott 2011] DSA-2322 bugzilla - several vulnerabilities
[10 ott 2011] DSA-2321 moin - cross-site scripting
[08 ott 2011] DSA-2320 dokuwiki - regression fix
[08 ott 2011] DSA-2319 policykit-1 - race condition
[06 ott 2011] DSA-2318 cyrus-imapd-2.2 - multiple vulnerabilities
[05 ott 2011] DSA-2317 icedove - several vulnerabilities
[05 ott 2011] DSA-2316 quagga - several vulnerabilities
[05 ott 2011] DSA-2315 openoffice.org - multiple vulnerabilities
[03 ott 2011] DSA-2314 puppet - multiple vulnerabilities
[29 set 2011] DSA-2313 iceweasel - several vulnerabilities
[29 set 2011] DSA-2312 iceape - several vulnerabilities
[27 set 2011] DSA-2311 openjdk-6 - several vulnerabilities
[22 set 2011] DSA-2310 linux-2.6 - privilege escalation/denial of service/information leak
[13 set 2011] DSA-2309 openssl - compromised certificate authority
[12 set 2011] DSA-2308 mantis - several vulnerabilities
[11 set 2011] DSA-2307 chromium-browser - several vulnerabilities
[11 set 2011] DSA-2306 ffmpeg - several vulnerabilities
[19 set 2011] DSA-2305 vsftpd - denial of service
[11 set 2011] DSA-2304 squid3 - buffer overflow
[10 set 2011] DSA-2303 linux-2.6 - privilege escalation/denial of service/information leak
[07 set 2011] DSA-2302 bcfg2 - missing input sanitization
[23 gen 2012] DSA-2301 rails - several vulnerabilities
[05 set 2011] DSA-2300 nss - compromised certificate authority
[31 ago 2011] DSA-2299 ca-certificates - compromised certificate authority
[05 set 2011] DSA-2298 apache2 - denial of service
[21 ago 2011] DSA-2297 icedove - several vulnerabilities
[17 ago 2011] DSA-2296 iceweasel - several vulnerabilities
[17 ago 2011] DSA-2295 iceape - several vulnerabilities
[14 ago 2011] DSA-2294 freetype - missing input sanitising
[12 ago 2011] DSA-2293 libxfont - buffer overflow
[11 ago 2011] DSA-2292 isc-dhcp - denial of service
[08 ago 2011] DSA-2291 squirrelmail - various vulnerabilities
[07 ago 2011] DSA-2290 samba - cross-site scripting
[07 ago 2011] DSA-2289 typo3-src - several vulnerabilities
[28 lug 2011] DSA-2288 libsndfile - integer overflow
[28 lug 2011] DSA-2287 libpng - several vulnerabilities
[26 lug 2011] DSA-2286 phpmyadmin - several vulnerabilities
[26 lug 2011] DSA-2285 mapserver - several vulnerabilities
[25 lug 2011] DSA-2284 opensaml2 - implementation error
[25 lug 2011] DSA-2283 krb5-appl - programming error
[25 lug 2011] DSA-2282 qemu-kvm - several vulnerabilities
[21 lug 2011] DSA-2281 opie - several vulnerabilities
[19 lug 2011] DSA-2280 libvirt - several vulnerabilities
[19 lug 2011] DSA-2279 libapache2-mod-authnz-external - SQL injection
[16 lug 2011] DSA-2278 horde3 - several vulnerabilities
[10 lug 2011] DSA-2277 xml-security-c - stack-based buffer overflow
[10 lug 2011] DSA-2276 asterisk - multiple denial of service
[07 lug 2011] DSA-2275 openoffice.org - stack-based buffer overflow
[07 lug 2011] DSA-2274 wireshark - several vulnerabilities
[06 lug 2011] DSA-2273 icedove - several vulnerabilities
[05 lug 2011] DSA-2272 bind9 - denial of service
[02 lug 2011] DSA-2271 curl - improper delegation of client credentials
[01 lug 2011] DSA-2270 qemu-kvm - programming error
[01 lug 2011] DSA-2269 iceape - several vulnerabilities
[01 lug 2011] DSA-2268 iceweasel - several vulnerabilities
[01 lug 2011] DSA-2267 perl - restriction bypass
[29 giu 2011] DSA-2266 php5 - several vulnerabilities
[20 giu 2011] DSA-2265 perl - lack of tainted flag propagation
[18 giu 2011] DSA-2264 linux-2.6 - privilege escalation/denial of service/information leak
[16 giu 2011] DSA-2263 movabletype-opensource - several vulnerabilities
[15 giu 2011] DSA-2262 moodle - several vulnerabilities
[15 giu 2011] DSA-2261 redmine - several vulnerabilities
[14 giu 2011] DSA-2260 rails - several vulnerabilities
[12 giu 2011] DSA-2259 fex - authentication bypass
[11 giu 2011] DSA-2258 kolab-cyrus-imapd - implementation error
[10 giu 2011] DSA-2257 vlc - heap-based buffer overflow
[09 giu 2011] DSA-2256 tiff - buffer overflow
[06 giu 2011] DSA-2255 libxml2 - buffer overflow
[03 giu 2011] DSA-2254 oprofile - command injection
[03 giu 2011] DSA-2253 fontforge - buffer overflow
[02 giu 2011] DSA-2252 dovecot - programming error
[02 giu 2011] DSA-2251 subversion - several vulnerabilities
[31 mar 2011] DSA-2250 citadel - denial of service
[31 mar 2011] DSA-2249 jabberd14 - denial of service
[31 mar 2011] DSA-2248 ejabberd - denial of service
[31 mag 2011] DSA-2247 rails - several vulnerabilities
[29 mag 2011] DSA-2246 mahara - several vulnerabilities
[29 mag 2011] DSA-2245 chromium-browser - several vulnerabilities
[27 mag 2011] DSA-2244 bind9 - incorrect boundary condition
[27 mag 2011] DSA-2243 unbound - design flaw
[25 mag 2011] DSA-2242 cyrus-imapd-2.2 - implementation error
[24 mag 2011] DSA-2241 qemu-kvm - implementation error
[24 mag 2011] DSA-2240 linux-2.6 - privilege escalation/denial of service/information leak
[24 mag 2011] DSA-2239 libmojolicious-perl - several vulnerabilities
[19 mag 2011] DSA-2238 vino - several vulnerabilities
[15 mag 2011] DSA-2237 apr - denial of service
[12 mag 2011] DSA-2236 exim4 - command injection
[10 mag 2011] DSA-2235 icedove - several vulnerabilities
[10 mag 2011] DSA-2234 zodb - several vulnerabilities
[10 mag 2011] DSA-2233 postfix - several vulnerabilities
[06 mag 2011] DSA-2232 exim4 - format string vulnerability
[06 mag 2011] DSA-2231 otrs2 - cross-site scripting
[01 mag 2011] DSA-2230 qemu-kvm - several vulnerabilities
[01 mag 2011] DSA-2229 spip - programming error
[01 mag 2011] DSA-2228 iceweasel - several vulnerabilities
[30 apr 2011] DSA-2227 iceape - several vulnerabilities
[26 apr 2011] DSA-2226 libmodplug - buffer overflow
[25 apr 2011] DSA-2225 asterisk - several vulnerabilities
[20 apr 2011] DSA-2224 openjdk-6 - several vulnerabilities
[20 apr 2011] DSA-2223 doctrine - SQL injection
[20 apr 2011] DSA-2222 tinyproxy - incorrect ACL processing
[19 apr 2011] DSA-2221 libmojolicious-perl - directory traversal
[19 apr 2011] DSA-2220 request-tracker3.6, request-tracker3.8 - several vulnerabilities
[18 apr 2011] DSA-2219 xmlsec1 - arbitrary file overwrite
[12 apr 2011] DSA-2218 vlc - heap-based buffer overflow
[10 apr 2011] DSA-2217 dhcp3 - missing input sanitization
[10 apr 2011] DSA-2216 isc-dhcp - missing input sanitization
[09 apr 2011] DSA-2215 gitolite - directory traversal
[08 apr 2011] DSA-2214 ikiwiki - missing input validation
[08 apr 2011] DSA-2213 x11-xserver-utils - missing input sanitization
[07 apr 2011] DSA-2212 tmux - privilege escalation
[06 apr 2011] DSA-2211 vlc - missing input sanitising
[03 apr 2011] DSA-2210 tiff - several vulnerabilities
[02 apr 2011] DSA-2209 tgt - double free
[30 mar 2011] DSA-2208 bind9 - denial of service
[30 mar 2011] DSA-2207 tomcat5.5 - several vulnerabilities
[29 mar 2011] DSA-2206 mahara - several vulnerabilities
[28 mar 2011] DSA-2205 gdm3 - privilege escalation
[27 mar 2011] DSA-2204 imp4 - insufficient input sanitising
[26 mar 2011] DSA-2203 nss - ssl certificate blacklist update
[23 mar 2011] DSA-2202 apache2 - failure to drop root privileges
[23 mar 2011] DSA-2201 wireshark - several vulnerabilities
[23 mar 2011] DSA-2200 iceweasel - ssl certificate blacklist update
[23 mar 2011] DSA-2199 iceape - ssl certificate blacklist update
[22 mar 2011] DSA-2198 tex-common - insufficient input sanitization
[21 mar 2011] DSA-2197 quagga - denial of service
[19 mar 2011] DSA-2196 maradns - buffer overflow
[19 mar 2011] DSA-2195 php5 - several vulnerabilities
[18 mar 2011] DSA-2194 libvirt - insufficient checks
[16 mar 2011] DSA-2193 libcgroup - several vulnerabilities
[15 mar 2011] DSA-2192 chromium-browser - several vulnerabilities
[14 mar 2011] DSA-2191 proftpd-dfsg - several vulnerabilities
[11 mar 2011] DSA-2190 wordpress - several vulnerabilities
[10 mar 2011] DSA-2189 chromium-browser - several vulnerabilities
[10 mar 2011] DSA-2188 webkit - several vulnerabilities
[09 mar 2011] DSA-2187 icedove - several vulnerabilities
[09 mar 2011] DSA-2186 iceweasel - several vulnerabilities
[07 mar 2011] DSA-2185 proftpd-dfsg - integer overflow
[05 mar 2011] DSA-2184 isc-dhcp - denial of service
[04 mar 2011] DSA-2183 nbd - buffer overflow
[04 mar 2011] DSA-2182 logwatch - shell command injection
[04 mar 2011] DSA-2181 subversion - denial of service
[03 mar 2011] DSA-2180 iceape - several vulnerabilities
[02 mar 2011] DSA-2179 dtc - SQL injection
[02 mar 2011] DSA-2178 pango1.0 - NULL pointer dereference
[02 mar 2011] DSA-2177 pywebdav - SQL injection
[02 mar 2011] DSA-2176 cups - several vulnerabilities
[28 feb 2011] DSA-2175 samba - missing input sanitising
[26 feb 2011] DSA-2174 avahi - denial of service
[26 feb 2011] DSA-2173 pam-pgsql - buffer overflow
[22 feb 2011] DSA-2172 moodle - several vulnerabilities
[21 feb 2011] DSA-2171 asterisk - buffer overflow
[18 feb 2011] DSA-2170 mailman - several vulnerabilities
[16 feb 2011] DSA-2169 telepathy-gabble - insufficient input validation
[16 feb 2011] DSA-2168 openafs - several vulnerabilities
[16 feb 2011] DSA-2167 phpmyadmin - SQL injection
[16 feb 2011] DSA-2166 chromium-browser - several vulnerabilities
[16 feb 2011] DSA-2165 ffmpeg-debian - buffer overflow
[16 feb 2011] DSA-2164 shadow - insufficient input sanitization
[14 feb 2011] DSA-2163 python-django - multiple vulnerabilities
[14 feb 2011] DSA-2162 openssl - invalid memory access
[13 feb 2011] DSA-2161 openjdk-6 - denial of service
[13 feb 2011] DSA-2160 tomcat6 - several vulnerabilities
[10 feb 2011] DSA-2159 vlc - missing input sanitising
[09 feb 2011] DSA-2158 cgiirc - cross-site scripting
[03 feb 2011] DSA-2157 postgresql-8.3, postgresql-8.4, postgresql-9.0 - buffer overflow
[31 gen 2011] DSA-2156 pcscd - buffer overflow
[30 gen 2011] DSA-2155 freetype - several vulnerabilities
[30 gen 2011] DSA-2154 exim4 - privilege escalation
[30 gen 2011] DSA-2153 linux-2.6 - privilege escalation/denial of service/information leak
[27 gen 2011] DSA-2152 hplip - buffer overflow
[26 gen 2011] DSA-2151 openoffice.org - several vulnerabilities
[22 gen 2011] DSA-2150 request-tracker3.6 - unsalted password hashing
[20 gen 2011] DSA-2149 dbus - denial of service
[17 gen 2011] DSA-2148 tor - several vulnerabilities
[16 gen 2011] DSA-2147 pimd - insecure temporary files
[16 gen 2011] DSA-2146 mydms - directory traversal
[16 gen 2011] DSA-2145 libsmi - buffer overflow
[15 gen 2011] DSA-2144 wireshark - buffer overflow
[14 gen 2011] DSA-2143 mysql-dfsg-5.0 - several vulnerabilities
[06 gen 2011] DSA-2142 dpkg - directory traversal
[06 gen 2011] DSA-2141 openssl - SSL/TLS insecure renegotiation protocol design flaw
[05 gen 2011] DSA-2140 libapache2-mod-fcgid - stack overflow

Si possono ricevere gli ultimi bollettini della sicurezza Debian iscrivendosi alla lista di messaggi debian-security-announce. È anche possibile consultare l'archivio della lista.