Tietoturvasta / Vuoden 2006 tietoturvatiedotteet

Vuoden 2006 tietoturvatiedotteet

[28.12.2006] DSA-1244 xine-lib - buffer overflow
[28.12.2006] DSA-1243 evince - buffer overflow
[27.12.2006] DSA-1242 elog - several vulnerabilities
[25.12.2006] DSA-1241 squirrelmail - cross-site scripting
[21.12.2006] DSA-1240 links2 - insufficient escaping
[17.12.2006] DSA-1239 sql-ledger - several vulnerabilities
[17.12.2006] DSA-1238 clamav - several vulnerabilities
[17.12.2006] DSA-1237 kernel-source-2.4.27 - several vulnerabilities
[13.12.2006] DSA-1236 enemies-of-carlotta - missing sanity checks
[13.12.2006] DSA-1235 ruby1.8 - denial of service
[13.12.2006] DSA-1234 ruby1.6 - denial of service
[10.12.2006] DSA-1233 kernel-source-2.6.8 - several vulnerabilities
[ 9.12.2006] DSA-1232 clamav - missing sanity checks
[ 9.12.2006] DSA-1231 gnupg - several vulnerabilities
[ 8.12.2006] DSA-1230 l2tpns - buffer overflow
[ 6.12.2006] DSA-1229 asterisk - integer overflow
[ 5.12.2006] DSA-1228 elinks - insufficient escaping
[ 4.12.2006] DSA-1227 mozilla-thunderbird - several vulnerabilities
[ 3.12.2006] DSA-1226 links - insufficient escaping
[ 3.12.2006] DSA-1225 mozilla-firefox - several vulnerabilities
[ 3.12.2006] DSA-1224 mozilla - several vulnerabilities
[ 1.12.2006] DSA-1223 tar - input validation error
[30.11.2006] DSA-1222 proftpd - several vulnerabilities
[30.11.2006] DSA-1221 libgsf - buffer overflow
[26.11.2006] DSA-1220 pstotext - insecure file name quoting
[27.11.2006] DSA-1219 texinfo - buffer overflow
[21.11.2006] DSA-1218 proftpd - programming error
[20.11.2006] DSA-1217 linux-ftpd - programming error
[20.11.2006] DSA-1216 flexbackup - insecure temporary file
[20.11.2006] DSA-1215 xine-lib - several vulnerabilities
[20.11.2006] DSA-1214 gv - buffer overflow
[19.11.2006] DSA-1213 imagemagick - several vulnerabilities
[15.11.2006] DSA-1212 openssh - Denial of service
[14.11.2006] DSA-1211 pdns - buffer overflow
[14.11.2006] DSA-1210 mozilla-firefox - several vulnerabilities
[12.11.2006] DSA-1209 trac - cross-site request forgery
[11.11.2006] DSA-1208 bugzilla - several vulnerabilities
[ 9.11.2006] DSA-1207 phpmyadmin - several vulnerabilities
[ 6.11.2006] DSA-1206 php4 - several vulnerabilities
[ 2.11.2006] DSA-1205 thttpd - insecure temporary files
[ 2.11.2006] DSA-1204 ingo1 - missing input sanitising
[ 2.11.2006] DSA-1203 libpam-ldap - programming error
[31.10.2006] DSA-1202 screen - programming error
[31.10.2006] DSA-1201 ethereal - several vulnerabilities
[30.10.2006] DSA-1200 qt-x11-free - integer overflow
[23.10.2006] DSA-1199 webmin - multiple vulnerabilities
[23.10.2006] DSA-1198 python2.3 - buffer overflow
[22.10.2006] DSA-1197 python2.4 - buffer overflow
[19.10.2006] DSA-1196 clamav - several vulnerabilities
[10.10.2006] DSA-1195 openssl096 - denial of service (multiple)
[ 9.10.2006] DSA-1194 libwmf - integer overflow
[ 9.10.2006] DSA-1193 xfree86 - several vulnerabilities
[ 6.10.2006] DSA-1192 mozilla - several vulnerabilities
[ 5.10.2006] DSA-1191 mozilla-thunderbird - several vulnerabilities
[ 4.10.2006] DSA-1190 maxdb-7.5.00 - buffer overflow
[ 4.10.2006] DSA-1189 openssh-krb5 - several vulnerabilities
[ 4.10.2006] DSA-1188 mailman - format string
[30. 9.2006] DSA-1187 migrationtools - insecure temporary files
[30. 9.2006] DSA-1186 cscope - buffer overflows
[28. 9.2006] DSA-1185 openssl - denial of service
[25. 9.2006] DSA-1184 kernel-source-2.6.8 - several vulnerabilities
[25. 9.2006] DSA-1183 kernel-source-2.4.27 - several vulnerabilities
[22. 9.2006] DSA-1182 gnutls11 - cryptographic weakness
[19. 9.2006] DSA-1181 gzip - several vulnerabilities
[19. 9.2006] DSA-1180 bomberclone - programming error
[19. 9.2006] DSA-1179 alsaplayer - programming error
[16. 9.2006] DSA-1178 freetype - integer overflow
[15. 9.2006] DSA-1177 usermin - programming error
[13. 9.2006] DSA-1176 zope2.7 - programming error
[13. 9.2006] DSA-1175 isakmpd - programming error
[11. 9.2006] DSA-1174 openssl096 - cryptographic weakness
[10. 9.2006] DSA-1173 openssl - cryptographic weakness
[ 9. 9.2006] DSA-1172 bind9 - programming error
[ 7. 9.2006] DSA-1171 ethereal - several vulnerabilities
[ 6. 9.2006] DSA-1170 gcc-3.4 - missing sanity check
[ 5. 9.2006] DSA-1169 mysql-dfsg-4.1 - several vulnerabilities
[ 4. 9.2006] DSA-1168 imagemagick - several vulnerabilities
[ 4. 9.2006] DSA-1167 apache - missing input sanitising
[ 3. 9.2006] DSA-1166 cheesetracker - buffer overflow
[ 1. 9.2006] DSA-1165 capi4hylafax - missing input sanitising
[31. 8.2006] DSA-1164 sendmail - programming error
[30. 8.2006] DSA-1163 gtetrinet - programming error
[30. 8.2006] DSA-1162 libmusicbrainz-2.0 - buffer overflows
[29. 8.2006] DSA-1161 mozilla-firefox - several vulnerabilities
[29. 8.2006] DSA-1160 mozilla - several vulnerabilities
[28. 8.2006] DSA-1159 mozilla-thunderbird - several vulnerabilities
[25. 8.2006] DSA-1158 streamripper - buffer overflow
[27. 8.2006] DSA-1157 ruby1.8 - several vulnerabilities
[27. 8.2006] DSA-1156 kdebase - programming error
[24. 8.2006] DSA-1155 sendmail - programming error
[20. 8.2006] DSA-1154 squirrelmail - variable overwriting
[18. 8.2006] DSA-1153 clamav - buffer overflow
[18. 8.2006] DSA-1152 trac - missing input sanitising
[15. 8.2006] DSA-1151 heartbeat - out-of-bounds read
[12. 8.2006] DSA-1150 shadow - programming error
[10. 8.2006] DSA-1149 ncompress - buffer underflow
[ 9. 8.2006] DSA-1148 gallery - several vulnerabilities
[ 9. 8.2006] DSA-1147 drupal - missing input sanitising
[ 9. 8.2006] DSA-1146 krb5 - programming error
[ 8. 8.2006] DSA-1145 freeradius - several vulnerabilities
[ 7. 8.2006] DSA-1144 chmlib - missing input sanitising
[ 4. 8.2006] DSA-1143 dhcp - programming error
[ 4. 8.2006] DSA-1142 freeciv - missing boundary checks
[ 4. 8.2006] DSA-1141 gnupg2 - integer overflow
[ 3. 8.2006] DSA-1140 gnupg - integer overflow
[ 3. 8.2006] DSA-1139 ruby1.6 - missing privilege checks
[ 2. 8.2006] DSA-1138 cfs - integer overflow
[ 2. 8.2006] DSA-1137 tiff - several vulnerabilities
[ 2. 8.2006] DSA-1136 gpdf - wrong input sanitising
[ 2. 8.2006] DSA-1135 libtunepimp - buffer overflow
[ 2. 8.2006] DSA-1134 mozilla-thunderbird - several vulnerabilities
[ 1. 8.2006] DSA-1133 mantis - missing input sanitising
[ 1. 8.2006] DSA-1132 apache2 - buffer overflow
[ 1. 8.2006] DSA-1131 apache - buffer overflow
[30. 7.2006] DSA-1130 sitebar - missing input validation
[28. 7.2006] DSA-1129 osiris - format string
[28. 7.2006] DSA-1128 heartbeat - permission error
[28. 7.2006] DSA-1127 ethereal - several vulnerabilities
[27. 7.2006] DSA-1126 asterisk - buffer overflow
[27. 7.2006] DSA-1125 drupal - several vulnerabilities
[24. 7.2006] DSA-1124 fbi - typo
[24. 7.2006] DSA-1123 libdumb - buffer overflow
[24. 7.2006] DSA-1122 libnet-server-perl - format string
[24. 7.2006] DSA-1121 postgrey - format string
[23. 7.2006] DSA-1120 mozilla-firefox - several vulnerabilities
[22. 7.2006] DSA-1119 hiki - design flaw
[22. 7.2006] DSA-1118 mozilla - several vulnerabilities
[21. 7.2006] DSA-1117 libgd2 - insufficient input sanitising
[21. 7.2006] DSA-1116 gimp - buffer overflow
[21. 7.2006] DSA-1115 gnupg2 - integer overflow
[21. 7.2006] DSA-1114 hashcash - buffer overflow
[18. 7.2006] DSA-1113 zope2.7 - programming error
[18. 7.2006] DSA-1112 mysql-dfsg-4.1 - several vulnerabilities
[26. 7.2006] DSA-1111 kernel-source-2.6.8 - race condition
[16. 7.2006] DSA-1110 samba - missing input sanitising
[16. 7.2006] DSA-1109 rssh - programming error
[11. 7.2006] DSA-1108 mutt - buffer overflow
[10. 7.2006] DSA-1107 gnupg - integer overflow
[10. 7.2006] DSA-1106 ppp - programming error
[ 7. 7.2006] DSA-1105 xine-lib - buffer overflow
[30. 6.2006] DSA-1104 openoffice.org - several vulnerabilities
[27. 6.2006] DSA-1103 kernel-source-2.6.8 - several vulnerabilities
[26. 6.2006] DSA-1102 pinball - design error
[23. 6.2006] DSA-1101 courier - programming error
[15. 6.2006] DSA-1100 wv2 - integer overflow
[14. 6.2006] DSA-1099 horde2 - missing input sanitising
[14. 6.2006] DSA-1098 horde3 - missing input sanitising
[14. 6.2006] DSA-1097 kernel-source-2.4.27 - several vulnerabilities
[13. 6.2006] DSA-1096 webcalendar - uninitialised variable
[10. 6.2006] DSA-1095 freetype - integer overflows
[ 8. 6.2006] DSA-1094 gforge - missing input sanitising
[ 8. 6.2006] DSA-1093 xine - format string
[ 8. 6.2006] DSA-1092 mysql-dfsg-4.1 - programming error
[ 8. 6.2006] DSA-1091 tiff - buffer overflows
[ 6. 6.2006] DSA-1090 spamassassin - programming error
[ 3. 6.2006] DSA-1089 freeradius - several vulnerabilities
[ 3. 6.2006] DSA-1088 centericq - buffer overflow
[ 3. 6.2006] DSA-1087 postgresql - programming error
[ 2. 6.2006] DSA-1086 xmcd - design flaw
[ 1. 6.2006] DSA-1085 lynx-cur - several vulnerabilities
[31. 5.2006] DSA-1084 typespeed - buffer overflow
[31. 5.2006] DSA-1083 motor - buffer overflow
[29. 5.2006] DSA-1082 kernel-source-2.4.17 - several vulnerabilities
[29. 5.2006] DSA-1081 libextractor - buffer overflow
[29. 5.2006] DSA-1080 dovecot - programming error
[29. 5.2006] DSA-1079 mysql-dfsg - several vulnerabilities
[27. 5.2006] DSA-1078 tiff - out-of-bounds read
[26. 5.2006] DSA-1077 lynx-ssl - programming error
[26. 5.2006] DSA-1076 lynx - programming error
[26. 5.2006] DSA-1075 awstats - programming error
[24. 5.2006] DSA-1074 mpg123 - buffer overflow
[22. 5.2006] DSA-1073 mysql-dfsg-4.1 - several vulnerabilities
[22. 5.2006] DSA-1072 nagios - buffer overflow
[22. 5.2006] DSA-1071 mysql - several vulnerabilities
[21. 5.2006] DSA-1070 kernel-source-2.4.19 - several vulnerabilities
[20. 5.2006] DSA-1069 kernel-source-2.4.18 - several vulnerabilities
[20. 5.2006] DSA-1068 fbi - insecure temporary file
[20. 5.2006] DSA-1067 kernel-source-2.4.16 - several vulnerabilities
[20. 5.2006] DSA-1066 phpbb2 - missing input sanitising
[19. 5.2006] DSA-1065 hostapd - missing input sanitising
[19. 5.2006] DSA-1064 cscope - buffer overflows
[ 8. 5.2006] DSA-1063 phpgroupware - missing input sanitising
[19. 5.2006] DSA-1062 kphone - insecure file creation
[19. 5.2006] DSA-1061 popfile - missing input sanitising
[19. 5.2006] DSA-1060 kernel-patch-vserver - programming error
[19. 5.2006] DSA-1059 quagga - several vulnerabilities
[18. 5.2006] DSA-1058 awstats - missing input sanitising
[15. 5.2006] DSA-1057 phpldapadmin - missing input sanitising
[15. 5.2006] DSA-1056 webcalendar - verbose error message
[11. 5.2006] DSA-1055 mozilla-firefox - programming error
[ 9. 5.2006] DSA-1054 tiff - several vulnerabilities
[ 9. 5.2006] DSA-1053 mozilla - programming error
[ 8. 5.2006] DSA-1052 cgiirc - buffer overflows
[ 4. 5.2006] DSA-1051 mozilla-thunderbird - several vulnerabilities
[ 2. 5.2006] DSA-1050 clamav - buffer overflow
[ 2. 5.2006] DSA-1049 ethereal - several vulnerabilities
[ 1. 5.2006] DSA-1048 asterisk - several vulnerabilities
[30. 4.2006] DSA-1047 resmgr - programming error
[27. 4.2006] DSA-1046 mozilla - several vulnerabilities
[27. 4.2006] DSA-1045 openvpn - design error
[26. 4.2006] DSA-1044 mozilla-firefox - several vulnerabilities
[26. 4.2006] DSA-1043 abcmidi - buffer overflows
[25. 4.2006] DSA-1042 cyrus-sasl2 - programming error
[25. 4.2006] DSA-1041 abc2ps - buffer overflows
[24. 4.2006] DSA-1040 gdm - programming error
[24. 4.2006] DSA-1039 blender - several vulnerabilities
[22. 4.2006] DSA-1038 xzgv - programming error
[21. 4.2006] DSA-1037 zgv - programming error
[17. 4.2006] DSA-1036 bsdgames - buffer overflow
[15. 4.2006] DSA-1035 fcheck - insecure temporary file
[14. 4.2006] DSA-1034 horde2 - several vulnerabilities
[12. 4.2006] DSA-1033 horde3 - several vulnerabilities
[12. 4.2006] DSA-1032 zope-cmfplone - programming error
[ 8. 4.2006] DSA-1031 cacti - several vulnerabilities
[ 8. 4.2006] DSA-1030 moodle - several vulnerabilities
[ 8. 4.2006] DSA-1029 libphp-adodb - several vulnerabilities
[ 7. 3.2006] DSA-1028 libimager-perl - programming error
[ 6. 4.2006] DSA-1027 mailman - programming error
[ 6. 4.2006] DSA-1026 sash - buffer overflows
[ 6. 4.2006] DSA-1025 dia - programming error
[ 5. 4.2006] DSA-1024 clamav - several vulnerabilities
[ 5. 4.2006] DSA-1023 kaffeine - buffer overflow
[ 4. 4.2006] DSA-1022 storebackup - several vulnerabilities
[28. 3.2006] DSA-1021 netpbm-free - insecure program execution
[28. 3.2006] DSA-1020 flex - buffer overflow
[24. 3.2006] DSA-1019 koffice - several vulnerabilities
[24. 3.2006] DSA-1018 kernel-source-2.4.27 - several vulnerabilities
[23. 3.2006] DSA-1017 kernel-source-2.6.8 - several vulnerabilities
[23. 3.2006] DSA-1016 evolution - format string vulnerabilities
[23. 3.2006] DSA-1015 sendmail - programming error
[23. 3.2006] DSA-1014 firebird2 - buffer overflow
[22. 3.2006] DSA-1013 snmptrapfmt - insecure temporary file
[21. 3.2006] DSA-1012 unzip - buffer overflow
[21. 3.2005] DSA-1011 kernel-patch-vserver - missing attribute support
[20. 3.2006] DSA-1010 ilohamail - missing input sanitising
[21. 3.2006] DSA-1009 crossfire - buffer overflow
[17. 3.2006] DSA-1008 kdegraphics - buffer overflow
[17. 3.2006] DSA-1007 drupal - several vulnerabilities
[16. 3.2006] DSA-1006 wzdftpd - missing input sanitising
[16. 3.2006] DSA-1005 xine-lib - buffer overflow
[16. 3.2006] DSA-1004 vlc - buffer overflow
[16. 3.2006] DSA-1003 xpvm - insecure temporary file
[15. 3.2006] DSA-1002 webcalendar - several vulnerabilities
[14. 3.2006] DSA-1001 crossfire - buffer overflow
[14. 3.2006] DSA-1000 libapreq2-perl - design error
[14. 3.2006] DSA-999 lurker - several vulnerabilities
[14. 3.2006] DSA-998 libextractor - several vulnerabilities
[13. 3.2006] DSA-997 bomberclone - buffer overflows
[13. 3.2006] DSA-996 libcrypt-cbc-perl - programming error
[13. 3.2006] DSA-995 metamail - buffer overflow
[13. 3.2006] DSA-994 freeciv - denial of service
[10. 3.2006] DSA-993 gnupg - programming error
[10. 3.2006] DSA-992 ffmpeg - buffer overflow
[10. 3.2006] DSA-991 zoo - buffer overflow
[10. 3.2006] DSA-990 bluez-hcidump - programming error
[ 9. 3.2006] DSA-989 zoph - SQL injection
[ 8. 3.2006] DSA-988 squirrelmail - several vulnerabilities
[ 7. 3.2006] DSA-987 tar - buffer overflow
[ 6. 3.2006] DSA-986 gnutls11 - buffer overflows
[ 6. 3.2006] DSA-985 libtasn1-2 - buffer overflows
[ 2. 3.2006] DSA-984 xpdf - several vulnerabilities
[28. 2.2006] DSA-983 pdftohtml - several vulnerabilities
[27. 2.2006] DSA-982 gpdf - several vulnerabilities
[26. 2.2006] DSA-981 bmv - integer overflow
[22. 2.2006] DSA-980 tutos - several vulnerabilities
[17. 2.2006] DSA-979 pdfkit.framework - several vulnerabilities
[17. 2.2006] DSA-978 gnupg - programming error
[16. 2.2006] DSA-977 heimdal - several vulnerabilities
[15. 2.2006] DSA-976 libast - buffer overflow
[15. 2.2006] DSA-975 nfs-user-server - buffer overflow
[15. 2.2006] DSA-974 gpdf - buffer overflows
[15. 2.2006] DSA-973 otrs - several vulnerabilities
[15. 2.2006] DSA-972 pdfkit.framework - buffer overflows
[14. 2.2006] DSA-971 xpdf - buffer overflow
[14. 2.2006] DSA-970 kronolith - missing input sanitising
[13. 2.2006] DSA-969 scponly - design error
[13. 2.2006] DSA-968 noweb - insecure temporary file
[10. 2.2006] DSA-967 elog - several vulnerabilities
[ 9. 2.2006] DSA-966 adzapper - denial of service
[ 6. 2.2006] DSA-965 ipsec-tools - null dereference
[ 3. 2.2006] DSA-964 gnocatan - buffer overflow
[ 2. 2.2006] DSA-963 mydns - missing input sanitising
[ 1. 2.2006] DSA-962 pdftohtml - buffer overflows
[ 1. 2.2006] DSA-961 pdfkit.framework - buffer overflows
[31. 1.2006] DSA-960 libmail-audit-perl - insecure temporary file creation
[30. 1.2006] DSA-959 unalz - buffer overflow
[27. 1.2006] DSA-958 drupal - several vulnerabilities
[26. 1.2006] DSA-957 imagemagick - missing shell meta sanitising
[26. 1.2006] DSA-956 lsh-server - filedescriptor leak
[25. 1.2006] DSA-955 mailman - DoS
[25. 1.2006] DSA-954 wine - design flaw
[24. 1.2006] DSA-953 flyspray - missing input sanitising
[23. 1.2006] DSA-952 libapache-auth-ldap - format string
[23. 1.2006] DSA-951 trac - missing input sanitising
[23. 1.2006] DSA-950 cupsys - buffer overflows
[20. 1.2006] DSA-949 crawl - insecure program execution
[20. 1.2006] DSA-948 kdelibs - buffer overflow
[21. 1.2006] DSA-947 clamav - heap overflow
[20. 1.2006] DSA-946 sudo - missing input sanitising
[17. 1.2006] DSA-945 antiword - insecure temporary file
[17. 1.2006] DSA-944 mantis - several vulnerabilities
[16. 1.2006] DSA-943 perl - integer overflow
[16. 1.2006] DSA-942 albatross - design error
[16. 1.2006] DSA-941 tuxpaint - insecure temporary file
[13. 1.2006] DSA-940 gpdf - buffer overflows
[13. 1.2006] DSA-939 fetchmail - programming error
[12. 1.2006] DSA-938 koffice - buffer overflows
[12. 1.2006] DSA-937 tetex-bin - buffer overflows
[11. 1.2006] DSA-936 libextractor - buffer overflows
[10. 1.2006] DSA-935 libapache2-mod-auth-pgsql - format string vulnerability
[ 9. 1.2006] DSA-934 pound - several vulnerabilities
[ 9. 1.2006] DSA-933 hylafax - arbitrary command execution
[ 9. 1.2006] DSA-932 kdegraphics - buffer overflows
[ 9. 1.2006] DSA-931 xpdf - buffer overflows
[ 9. 1.2006] DSA-930 smstools - format string attack
[ 9. 1.2006] DSA-929 petris - buffer overflow

Saat tuoreimmat Debianin tietoturvatiedotteet liittymällä debian-security-announce-postilistalle. Voit myös selata listan arkistoa.

---

Takaisin Debian-projektin kotisivulle.

---

---