Bollettini della sicurezza del 2006

[28 dic 2006] DSA-1244 xine-lib - buffer overflow
[28 dic 2006] DSA-1243 evince - buffer overflow
[27 dic 2006] DSA-1242 elog - several vulnerabilities
[25 dic 2006] DSA-1241 squirrelmail - cross-site scripting
[21 dic 2006] DSA-1240 links2 - insufficient escaping
[17 dic 2006] DSA-1239 sql-ledger - several vulnerabilities
[17 dic 2006] DSA-1238 clamav - several vulnerabilities
[17 dic 2006] DSA-1237 kernel-source-2.4.27 - several vulnerabilities
[13 dic 2006] DSA-1236 enemies-of-carlotta - missing sanity checks
[13 dic 2006] DSA-1235 ruby1.8 - denial of service
[13 dic 2006] DSA-1234 ruby1.6 - denial of service
[10 dic 2006] DSA-1233 kernel-source-2.6.8 - several vulnerabilities
[09 dic 2006] DSA-1232 clamav - missing sanity checks
[09 dic 2006] DSA-1231 gnupg - several vulnerabilities
[08 dic 2006] DSA-1230 l2tpns - buffer overflow
[06 dic 2006] DSA-1229 asterisk - integer overflow
[05 dic 2006] DSA-1228 elinks - insufficient escaping
[04 dic 2006] DSA-1227 mozilla-thunderbird - several vulnerabilities
[03 dic 2006] DSA-1226 links - insufficient escaping
[03 dic 2006] DSA-1225 mozilla-firefox - several vulnerabilities
[03 dic 2006] DSA-1224 mozilla - several vulnerabilities
[01 dic 2006] DSA-1223 tar - input validation error
[30 nov 2006] DSA-1222 proftpd - several vulnerabilities
[30 nov 2006] DSA-1221 libgsf - buffer overflow
[26 nov 2006] DSA-1220 pstotext - insecure file name quoting
[27 nov 2006] DSA-1219 texinfo - buffer overflow
[21 nov 2006] DSA-1218 proftpd - programming error
[20 nov 2006] DSA-1217 linux-ftpd - programming error
[20 nov 2006] DSA-1216 flexbackup - insecure temporary file
[20 nov 2006] DSA-1215 xine-lib - several vulnerabilities
[20 nov 2006] DSA-1214 gv - buffer overflow
[19 nov 2006] DSA-1213 imagemagick - several vulnerabilities
[15 nov 2006] DSA-1212 openssh - Denial of service
[14 nov 2006] DSA-1211 pdns - buffer overflow
[14 nov 2006] DSA-1210 mozilla-firefox - several vulnerabilities
[12 nov 2006] DSA-1209 trac - cross-site request forgery
[11 nov 2006] DSA-1208 bugzilla - several vulnerabilities
[09 nov 2006] DSA-1207 phpmyadmin - several vulnerabilities
[06 nov 2006] DSA-1206 php4 - several vulnerabilities
[02 nov 2006] DSA-1205 thttpd - insecure temporary files
[02 nov 2006] DSA-1204 ingo1 - missing input sanitising
[02 nov 2006] DSA-1203 libpam-ldap - programming error
[31 ott 2006] DSA-1202 screen - programming error
[31 ott 2006] DSA-1201 ethereal - several vulnerabilities
[30 ott 2006] DSA-1200 qt-x11-free - integer overflow
[23 ott 2006] DSA-1199 webmin - multiple vulnerabilities
[23 ott 2006] DSA-1198 python2.3 - buffer overflow
[22 ott 2006] DSA-1197 python2.4 - buffer overflow
[19 ott 2006] DSA-1196 clamav - several vulnerabilities
[10 ott 2006] DSA-1195 openssl096 - denial of service (multiple)
[09 ott 2006] DSA-1194 libwmf - integer overflow
[09 ott 2006] DSA-1193 xfree86 - several vulnerabilities
[06 ott 2006] DSA-1192 mozilla - several vulnerabilities
[05 ott 2006] DSA-1191 mozilla-thunderbird - several vulnerabilities
[04 ott 2006] DSA-1190 maxdb-7.5.00 - buffer overflow
[04 ott 2006] DSA-1189 openssh-krb5 - several vulnerabilities
[04 ott 2006] DSA-1188 mailman - format string
[30 set 2006] DSA-1187 migrationtools - insecure temporary files
[30 set 2006] DSA-1186 cscope - buffer overflows
[28 set 2006] DSA-1185 openssl - denial of service
[25 set 2006] DSA-1184 kernel-source-2.6.8 - several vulnerabilities
[25 set 2006] DSA-1183 kernel-source-2.4.27 - several vulnerabilities
[22 set 2006] DSA-1182 gnutls11 - cryptographic weakness
[19 set 2006] DSA-1181 gzip - several vulnerabilities
[19 set 2006] DSA-1180 bomberclone - programming error
[19 set 2006] DSA-1179 alsaplayer - programming error
[16 set 2006] DSA-1178 freetype - integer overflow
[15 set 2006] DSA-1177 usermin - programming error
[13 set 2006] DSA-1176 zope2.7 - programming error
[13 set 2006] DSA-1175 isakmpd - programming error
[11 set 2006] DSA-1174 openssl096 - cryptographic weakness
[10 set 2006] DSA-1173 openssl - cryptographic weakness
[09 set 2006] DSA-1172 bind9 - programming error
[07 set 2006] DSA-1171 ethereal - several vulnerabilities
[06 set 2006] DSA-1170 gcc-3.4 - missing sanity check
[05 set 2006] DSA-1169 mysql-dfsg-4.1 - several vulnerabilities
[04 set 2006] DSA-1168 imagemagick - several vulnerabilities
[04 set 2006] DSA-1167 apache - missing input sanitising
[03 set 2006] DSA-1166 cheesetracker - buffer overflow
[01 set 2006] DSA-1165 capi4hylafax - missing input sanitising
[31 ago 2006] DSA-1164 sendmail - programming error
[30 ago 2006] DSA-1163 gtetrinet - programming error
[30 ago 2006] DSA-1162 libmusicbrainz-2.0 - buffer overflows
[29 ago 2006] DSA-1161 mozilla-firefox - several vulnerabilities
[29 ago 2006] DSA-1160 mozilla - several vulnerabilities
[28 ago 2006] DSA-1159 mozilla-thunderbird - several vulnerabilities
[25 ago 2006] DSA-1158 streamripper - buffer overflow
[27 ago 2006] DSA-1157 ruby1.8 - several vulnerabilities
[27 ago 2006] DSA-1156 kdebase - programming error
[24 ago 2006] DSA-1155 sendmail - programming error
[20 ago 2006] DSA-1154 squirrelmail - variable overwriting
[18 ago 2006] DSA-1153 clamav - buffer overflow
[18 ago 2006] DSA-1152 trac - missing input sanitising
[15 ago 2006] DSA-1151 heartbeat - out-of-bounds read
[12 ago 2006] DSA-1150 shadow - programming error
[10 ago 2006] DSA-1149 ncompress - buffer underflow
[09 ago 2006] DSA-1148 gallery - several vulnerabilities
[09 ago 2006] DSA-1147 drupal - missing input sanitising
[09 ago 2006] DSA-1146 krb5 - programming error
[08 ago 2006] DSA-1145 freeradius - several vulnerabilities
[07 ago 2006] DSA-1144 chmlib - missing input sanitising
[04 ago 2006] DSA-1143 dhcp - programming error
[04 ago 2006] DSA-1142 freeciv - missing boundary checks
[04 ago 2006] DSA-1141 gnupg2 - integer overflow
[03 ago 2006] DSA-1140 gnupg - integer overflow
[03 ago 2006] DSA-1139 ruby1.6 - missing privilege checks
[02 ago 2006] DSA-1138 cfs - integer overflow
[02 ago 2006] DSA-1137 tiff - several vulnerabilities
[02 ago 2006] DSA-1136 gpdf - wrong input sanitising
[02 ago 2006] DSA-1135 libtunepimp - buffer overflow
[02 ago 2006] DSA-1134 mozilla-thunderbird - several vulnerabilities
[01 ago 2006] DSA-1133 mantis - missing input sanitising
[01 ago 2006] DSA-1132 apache2 - buffer overflow
[01 ago 2006] DSA-1131 apache - buffer overflow
[30 lug 2006] DSA-1130 sitebar - missing input validation
[28 lug 2006] DSA-1129 osiris - format string
[28 lug 2006] DSA-1128 heartbeat - permission error
[28 lug 2006] DSA-1127 ethereal - several vulnerabilities
[27 lug 2006] DSA-1126 asterisk - buffer overflow
[27 lug 2006] DSA-1125 drupal - several vulnerabilities
[24 lug 2006] DSA-1124 fbi - typo
[24 lug 2006] DSA-1123 libdumb - buffer overflow
[24 lug 2006] DSA-1122 libnet-server-perl - format string
[24 lug 2006] DSA-1121 postgrey - format string
[23 lug 2006] DSA-1120 mozilla-firefox - several vulnerabilities
[22 lug 2006] DSA-1119 hiki - design flaw
[22 lug 2006] DSA-1118 mozilla - several vulnerabilities
[21 lug 2006] DSA-1117 libgd2 - insufficient input sanitising
[21 lug 2006] DSA-1116 gimp - buffer overflow
[21 lug 2006] DSA-1115 gnupg2 - integer overflow
[21 lug 2006] DSA-1114 hashcash - buffer overflow
[18 lug 2006] DSA-1113 zope2.7 - programming error
[18 lug 2006] DSA-1112 mysql-dfsg-4.1 - several vulnerabilities
[26 lug 2006] DSA-1111 kernel-source-2.6.8 - race condition
[16 lug 2006] DSA-1110 samba - missing input sanitising
[16 lug 2006] DSA-1109 rssh - programming error
[11 lug 2006] DSA-1108 mutt - buffer overflow
[10 lug 2006] DSA-1107 gnupg - integer overflow
[10 lug 2006] DSA-1106 ppp - programming error
[07 lug 2006] DSA-1105 xine-lib - buffer overflow
[30 giu 2006] DSA-1104 openoffice.org - several vulnerabilities
[27 giu 2006] DSA-1103 kernel-source-2.6.8 - several vulnerabilities
[26 giu 2006] DSA-1102 pinball - design error
[23 giu 2006] DSA-1101 courier - programming error
[15 giu 2006] DSA-1100 wv2 - integer overflow
[14 giu 2006] DSA-1099 horde2 - missing input sanitising
[14 giu 2006] DSA-1098 horde3 - missing input sanitising
[14 giu 2006] DSA-1097 kernel-source-2.4.27 - several vulnerabilities
[13 giu 2006] DSA-1096 webcalendar - uninitialised variable
[10 giu 2006] DSA-1095 freetype - integer overflows
[08 giu 2006] DSA-1094 gforge - missing input sanitising
[08 giu 2006] DSA-1093 xine - format string
[08 giu 2006] DSA-1092 mysql-dfsg-4.1 - programming error
[08 giu 2006] DSA-1091 tiff - buffer overflows
[06 giu 2006] DSA-1090 spamassassin - programming error
[03 giu 2006] DSA-1089 freeradius - several vulnerabilities
[03 giu 2006] DSA-1088 centericq - buffer overflow
[03 giu 2006] DSA-1087 postgresql - programming error
[02 giu 2006] DSA-1086 xmcd - design flaw
[01 giu 2006] DSA-1085 lynx-cur - several vulnerabilities
[31 mag 2006] DSA-1084 typespeed - buffer overflow
[31 mag 2006] DSA-1083 motor - buffer overflow
[29 mag 2006] DSA-1082 kernel-source-2.4.17 - several vulnerabilities
[29 mag 2006] DSA-1081 libextractor - buffer overflow
[29 mag 2006] DSA-1080 dovecot - programming error
[29 mag 2006] DSA-1079 mysql-dfsg - several vulnerabilities
[27 mag 2006] DSA-1078 tiff - out-of-bounds read
[26 mag 2006] DSA-1077 lynx-ssl - programming error
[26 mag 2006] DSA-1076 lynx - programming error
[26 mag 2006] DSA-1075 awstats - programming error
[24 mag 2006] DSA-1074 mpg123 - buffer overflow
[22 mag 2006] DSA-1073 mysql-dfsg-4.1 - several vulnerabilities
[22 mag 2006] DSA-1072 nagios - buffer overflow
[22 mag 2006] DSA-1071 mysql - several vulnerabilities
[21 mag 2006] DSA-1070 kernel-source-2.4.19 - several vulnerabilities
[20 mag 2006] DSA-1069 kernel-source-2.4.18 - several vulnerabilities
[20 mag 2006] DSA-1068 fbi - insecure temporary file
[20 mag 2006] DSA-1067 kernel-source-2.4.16 - several vulnerabilities
[20 mag 2006] DSA-1066 phpbb2 - missing input sanitising
[19 mag 2006] DSA-1065 hostapd - missing input sanitising
[19 mag 2006] DSA-1064 cscope - buffer overflows
[08 mag 2006] DSA-1063 phpgroupware - missing input sanitising
[19 mag 2006] DSA-1062 kphone - insecure file creation
[19 mag 2006] DSA-1061 popfile - missing input sanitising
[19 mag 2006] DSA-1060 kernel-patch-vserver - programming error
[19 mag 2006] DSA-1059 quagga - several vulnerabilities
[18 mag 2006] DSA-1058 awstats - missing input sanitising
[15 mag 2006] DSA-1057 phpldapadmin - missing input sanitising
[15 mag 2006] DSA-1056 webcalendar - verbose error message
[11 mag 2006] DSA-1055 mozilla-firefox - programming error
[09 mag 2006] DSA-1054 tiff - several vulnerabilities
[09 mag 2006] DSA-1053 mozilla - programming error
[08 mag 2006] DSA-1052 cgiirc - buffer overflows
[04 mag 2006] DSA-1051 mozilla-thunderbird - several vulnerabilities
[02 mag 2006] DSA-1050 clamav - buffer overflow
[02 mag 2006] DSA-1049 ethereal - several vulnerabilities
[01 mag 2006] DSA-1048 asterisk - several vulnerabilities
[30 apr 2006] DSA-1047 resmgr - programming error
[27 apr 2006] DSA-1046 mozilla - several vulnerabilities
[27 apr 2006] DSA-1045 openvpn - design error
[26 apr 2006] DSA-1044 mozilla-firefox - several vulnerabilities
[26 apr 2006] DSA-1043 abcmidi - buffer overflows
[25 apr 2006] DSA-1042 cyrus-sasl2 - programming error
[25 apr 2006] DSA-1041 abc2ps - buffer overflows
[24 apr 2006] DSA-1040 gdm - programming error
[24 apr 2006] DSA-1039 blender - several vulnerabilities
[22 apr 2006] DSA-1038 xzgv - programming error
[21 apr 2006] DSA-1037 zgv - programming error
[17 apr 2006] DSA-1036 bsdgames - buffer overflow
[15 apr 2006] DSA-1035 fcheck - insecure temporary file
[14 apr 2006] DSA-1034 horde2 - several vulnerabilities
[12 apr 2006] DSA-1033 horde3 - several vulnerabilities
[12 apr 2006] DSA-1032 zope-cmfplone - programming error
[08 apr 2006] DSA-1031 cacti - several vulnerabilities
[08 apr 2006] DSA-1030 moodle - several vulnerabilities
[08 apr 2006] DSA-1029 libphp-adodb - several vulnerabilities
[07 mar 2006] DSA-1028 libimager-perl - programming error
[06 apr 2006] DSA-1027 mailman - programming error
[06 apr 2006] DSA-1026 sash - buffer overflows
[06 apr 2006] DSA-1025 dia - programming error
[05 apr 2006] DSA-1024 clamav - several vulnerabilities
[05 apr 2006] DSA-1023 kaffeine - buffer overflow
[04 apr 2006] DSA-1022 storebackup - several vulnerabilities
[28 mar 2006] DSA-1021 netpbm-free - insecure program execution
[28 mar 2006] DSA-1020 flex - buffer overflow
[24 mar 2006] DSA-1019 koffice - several vulnerabilities
[24 mar 2006] DSA-1018 kernel-source-2.4.27 - several vulnerabilities
[23 mar 2006] DSA-1017 kernel-source-2.6.8 - several vulnerabilities
[23 mar 2006] DSA-1016 evolution - format string vulnerabilities
[23 mar 2006] DSA-1015 sendmail - programming error
[23 mar 2006] DSA-1014 firebird2 - buffer overflow
[22 mar 2006] DSA-1013 snmptrapfmt - insecure temporary file
[21 mar 2006] DSA-1012 unzip - buffer overflow
[21 mar 2005] DSA-1011 kernel-patch-vserver - missing attribute support
[20 mar 2006] DSA-1010 ilohamail - missing input sanitising
[21 mar 2006] DSA-1009 crossfire - buffer overflow
[17 mar 2006] DSA-1008 kdegraphics - buffer overflow
[17 mar 2006] DSA-1007 drupal - several vulnerabilities
[16 mar 2006] DSA-1006 wzdftpd - missing input sanitising
[16 mar 2006] DSA-1005 xine-lib - buffer overflow
[16 mar 2006] DSA-1004 vlc - buffer overflow
[16 mar 2006] DSA-1003 xpvm - insecure temporary file
[15 mar 2006] DSA-1002 webcalendar - several vulnerabilities
[14 mar 2006] DSA-1001 crossfire - buffer overflow
[14 mar 2006] DSA-1000 libapreq2-perl - design error
[14 mar 2006] DSA-999 lurker - several vulnerabilities
[14 mar 2006] DSA-998 libextractor - several vulnerabilities
[13 mar 2006] DSA-997 bomberclone - buffer overflows
[13 mar 2006] DSA-996 libcrypt-cbc-perl - programming error
[13 mar 2006] DSA-995 metamail - buffer overflow
[13 mar 2006] DSA-994 freeciv - denial of service
[10 mar 2006] DSA-993 gnupg - programming error
[10 mar 2006] DSA-992 ffmpeg - buffer overflow
[10 mar 2006] DSA-991 zoo - buffer overflow
[10 mar 2006] DSA-990 bluez-hcidump - programming error
[09 mar 2006] DSA-989 zoph - SQL injection
[08 mar 2006] DSA-988 squirrelmail - several vulnerabilities
[07 mar 2006] DSA-987 tar - buffer overflow
[06 mar 2006] DSA-986 gnutls11 - buffer overflows
[06 mar 2006] DSA-985 libtasn1-2 - buffer overflows
[02 mar 2006] DSA-984 xpdf - several vulnerabilities
[28 feb 2006] DSA-983 pdftohtml - several vulnerabilities
[27 feb 2006] DSA-982 gpdf - several vulnerabilities
[26 feb 2006] DSA-981 bmv - integer overflow
[22 feb 2006] DSA-980 tutos - several vulnerabilities
[17 feb 2006] DSA-979 pdfkit.framework - several vulnerabilities
[17 feb 2006] DSA-978 gnupg - programming error
[16 feb 2006] DSA-977 heimdal - several vulnerabilities
[15 feb 2006] DSA-976 libast - buffer overflow
[15 feb 2006] DSA-975 nfs-user-server - buffer overflow
[15 feb 2006] DSA-974 gpdf - buffer overflows
[15 feb 2006] DSA-973 otrs - several vulnerabilities
[15 feb 2006] DSA-972 pdfkit.framework - buffer overflows
[14 feb 2006] DSA-971 xpdf - buffer overflow
[14 feb 2006] DSA-970 kronolith - missing input sanitising
[13 feb 2006] DSA-969 scponly - design error
[13 feb 2006] DSA-968 noweb - insecure temporary file
[10 feb 2006] DSA-967 elog - several vulnerabilities
[09 feb 2006] DSA-966 adzapper - denial of service
[06 feb 2006] DSA-965 ipsec-tools - null dereference
[03 feb 2006] DSA-964 gnocatan - buffer overflow
[02 feb 2006] DSA-963 mydns - missing input sanitising
[01 feb 2006] DSA-962 pdftohtml - buffer overflows
[01 feb 2006] DSA-961 pdfkit.framework - buffer overflows
[31 gen 2006] DSA-960 libmail-audit-perl - insecure temporary file creation
[30 gen 2006] DSA-959 unalz - buffer overflow
[27 gen 2006] DSA-958 drupal - several vulnerabilities
[26 gen 2006] DSA-957 imagemagick - missing shell meta sanitising
[26 gen 2006] DSA-956 lsh-server - filedescriptor leak
[25 gen 2006] DSA-955 mailman - DoS
[25 gen 2006] DSA-954 wine - design flaw
[24 gen 2006] DSA-953 flyspray - missing input sanitising
[23 gen 2006] DSA-952 libapache-auth-ldap - format string
[23 gen 2006] DSA-951 trac - missing input sanitising
[23 gen 2006] DSA-950 cupsys - buffer overflows
[20 gen 2006] DSA-949 crawl - insecure program execution
[20 gen 2006] DSA-948 kdelibs - buffer overflow
[21 gen 2006] DSA-947 clamav - heap overflow
[20 gen 2006] DSA-946 sudo - missing input sanitising
[17 gen 2006] DSA-945 antiword - insecure temporary file
[17 gen 2006] DSA-944 mantis - several vulnerabilities
[16 gen 2006] DSA-943 perl - integer overflow
[16 gen 2006] DSA-942 albatross - design error
[16 gen 2006] DSA-941 tuxpaint - insecure temporary file
[13 gen 2006] DSA-940 gpdf - buffer overflows
[13 gen 2006] DSA-939 fetchmail - programming error
[12 gen 2006] DSA-938 koffice - buffer overflows
[12 gen 2006] DSA-937 tetex-bin - buffer overflows
[11 gen 2006] DSA-936 libextractor - buffer overflows
[10 gen 2006] DSA-935 libapache2-mod-auth-pgsql - format string vulnerability
[09 gen 2006] DSA-934 pound - several vulnerabilities
[09 gen 2006] DSA-933 hylafax - arbitrary command execution
[09 gen 2006] DSA-932 kdegraphics - buffer overflows
[09 gen 2006] DSA-931 xpdf - buffer overflows
[09 gen 2006] DSA-930 smstools - format string attack
[09 gen 2006] DSA-929 petris - buffer overflow

Si possono ricevere gli ultimi bollettini della sicurezza Debian iscrivendosi alla lista di messaggi debian-security-announce. È anche possibile sfogliare gli archivi della lista.