Tietoturvasta / Vuoden 2008 tietoturvatiedotteet

Vuoden 2008 tietoturvatiedotteet

[27.12.2008] DSA-1693 phppgadmin - several vulnerabilities
[27.12.2008] DSA-1692 php-xajax - insufficient input sanitising
[22.12.2008] DSA-1691 moodle - several vulnerabilities
[22.12.2008] DSA-1690 avahi - assert errors
[21.12.2008] DSA-1689 proftpd-dfsg - missing input validation
[20.12.2008] DSA-1688 courier-authlib - SQL injection
[15.12.2008] DSA-1687 linux-2.6 - denial of service/privilege escalation
[14.12.2008] DSA-1686 no-ip - buffer overflow
[12.12.2008] DSA-1685 uw-imap - buffer overflows, null pointer dereference
[10.12.2008] DSA-1684 lcms - multiple vulnerabilities
[ 8.12.2008] DSA-1683 streamripper - buffer overflow
[ 7.12.2008] DSA-1682 squirrelmail - insufficient input sanitising
[ 4.12.2008] DSA-1681 linux-2.6.24 - denial of service/privilege escalation
[ 4.12.2008] DSA-1680 clamav - buffer overflow, stack consumption
[ 3.12.2008] DSA-1679 awstats - cross-site scripting
[ 3.12.2008] DSA-1678 perl - design flaws
[ 2.12.2008] DSA-1677 cupsys - integer overflow
[ 1.12.2008] DSA-1676 flamethrower - insecure temp file generation
[30.11.2008] DSA-1675 phpmyadmin - insufficient input sanitising
[30.11.2008] DSA-1674 jailer - insecure temp file generation
[29.11.2008] DSA-1673 wireshark - several vulnerabilities
[29.11.2008] DSA-1672 imlib2 - buffer overflow
[24.11.2008] DSA-1671 iceweasel - several vulnerabilities
[24.11.2008] DSA-1670 enscript - buffer overflows
[23.11.2008] DSA-1669 xulrunner - several vulnerabilities
[22.11.2008] DSA-1668 hf - programming error
[19.11.2008] DSA-1667 python2.4 - several vulnerabilities
[17.11.2008] DSA-1666 libxml2 - several vulnerabilities
[12.11.2008] DSA-1665 libcdaudio - heap overflow
[10.11.2008] DSA-1664 ekg - missing input sanitising
[ 9.11.2008] DSA-1663 net-snmp - several vulnerabilities
[ 6.11.2008] DSA-1662 mysql-dfsg-5.0 - authorization bypass
[29.10.2008] DSA-1661 openoffice.org - several vulnerabilities
[26.10.2008] DSA-1660 clamav - null pointer dereference, resource exhaustion
[23.10.2008] DSA-1659 libspf2 - buffer overflow
[22.10.2008] DSA-1658 dbus - programming error
[20.10.2008] DSA-1657 qemu - insecure temporary files
[20.10.2008] DSA-1656 cupsys - several vulnerabilities
[16.10.2008] DSA-1655 linux-2.6.24 - denial of service/information leak/privilege escalation
[14.10.2008] DSA-1654 libxml2 - buffer overflow
[13.10.2008] DSA-1653 linux-2.6 - denial of service/privilege escalation
[12.10.2008] DSA-1652 ruby1.9 - several vulnerabilities
[12.10.2008] DSA-1651 ruby1.8 - several vulnerabilities
[12.10.2008] DSA-1650 openldap2.3 - denial of service
[ 8.10.2008] DSA-1649 iceweasel - several vulnerabilities
[ 8.10.2008] DSA-1648 mon - insecure temporary files
[ 7.10.2008] DSA-1647 php5 - several vulnerabilities
[ 7.10.2008] DSA-1646 squid - array bounds check
[ 6.10.2008] DSA-1645 lighttpd - various
[ 5.10.2008] DSA-1644 mplayer - integer overflow
[ 5.10.2008] DSA-1643 feta - insecure temp file handling
[20. 9.2008] DSA-1642 horde3 - cross site scripting
[20. 9.2008] DSA-1641 phpmyadmin - several vulnerabilities
[20. 9.2008] DSA-1640 python-django - several vulnerabilities
[19. 9.2008] DSA-1639 twiki - command execution
[16. 9.2008] DSA-1638 openssh - denial of service
[15. 9.2008] DSA-1637 git-core - buffer overflow
[11. 9.2008] DSA-1636 linux-2.6.24 - denial of service/information leak
[10. 9.2008] DSA-1635 freetype - multiple vulnerabilities
[ 1. 9.2008] DSA-1634 wordnet - stack and heap overflows
[ 1. 9.2008] DSA-1633 slash - SQL Injection, Cross-Site Scripting
[26. 8.2008] DSA-1632 tiff - buffer underflow
[22. 8.2008] DSA-1631 libxml2 - denial of service
[21. 8.2008] DSA-1630 linux-2.6 - denial of service/information leak
[19. 8.2008] DSA-1629 postfix - programming error
[10. 8.2008] DSA-1628 pdns - DNS response spoofing
[ 4. 8.2008] DSA-1627 opensc - programming error
[ 1. 8.2008] DSA-1626 httrack - buffer overflow
[ 1. 8.2008] DSA-1625 cupsys - buffer overflows
[31. 7.2008] DSA-1624 libxslt - buffer overflows
[31. 7.2008] DSA-1623 dnsmasq - DNS cache poisoning
[31. 7.2008] DSA-1622 newsx - buffer overflow
[27. 7.2008] DSA-1621 icedove - several vulnerabilities
[27. 7.2008] DSA-1620 python2.5 - several vulnerabilities
[27. 7.2008] DSA-1619 python-dns - DNS response spoofing
[26. 7.2008] DSA-1618 ruby1.9 - several vulnerabilities
[25. 7.2008] DSA-1617 refpolicy - incompatible policy
[26. 7.2008] DSA-1616 clamav - denial of service
[23. 7.2008] DSA-1615 xulrunner - several vulnerabilities
[23. 7.2008] DSA-1614 iceweasel - several vulnerabilities
[22. 7.2008] DSA-1613 libgd2 - multiple vulnerabilities
[21. 7.2008] DSA-1612 ruby1.8 - several vulnerabilities
[16. 7.2008] DSA-1611 afuse - privilege escalation
[15. 7.2008] DSA-1610 gaim - integer overflow
[15. 7.2008] DSA-1609 lighttpd - various
[13. 7.2008] DSA-1608 mysql-dfsg-5.0 - authorization bypass
[11. 7.2008] DSA-1607 iceweasel - several vulnerabilities
[ 9. 7.2008] DSA-1606 poppler - programming error
[ 8. 7.2008] DSA-1605 glibc - DNS cache poisoning
[ 8. 7.2008] DSA-1604 bind - DNS cache poisoning
[ 8. 7.2008] DSA-1603 bind9 - DNS cache poisoning
[ 5. 7.2008] DSA-1602 pcre3 - buffer overflow
[ 4. 7.2008] DSA-1601 wordpress - several vulnerabilities
[ 1. 7.2008] DSA-1600 sympa - dos
[26. 6.2008] DSA-1599 dbus - programming error
[19. 6.2008] DSA-1598 libtk-img - buffer overflow
[12. 6.2008] DSA-1597 mt-daapd - multiple vulnerabilities
[12. 6.2008] DSA-1596 typo3 - several vulnerabilities
[11. 6.2008] DSA-1595 xorg-server - several vulnerabilities
[11. 6.2008] DSA-1594 imlib2 - buffer overflows
[ 9. 6.2008] DSA-1593 tomcat5.5 - missing input sanitising
[ 9. 6.2008] DSA-1592 linux-2.6 - heap overflow
[ 3. 6.2008] DSA-1591 libvorbis - several vulnerabilities
[30. 5.2008] DSA-1590 samba - buffer overflow
[28. 5.2008] DSA-1589 libxslt - buffer overflow
[27. 5.2008] DSA-1588 linux-2.6 - denial of service
[26. 5.2008] DSA-1587 mtr - buffer overflow
[22. 5.2008] DSA-1586 xine-lib - multiple vulnerabilities
[21. 5.2008] DSA-1585 speex - integer overflow
[21. 5.2008] DSA-1584 libfishsound - buffer overflow
[20. 5.2008] DSA-1583 gnome-peercast - buffer overflow
[20. 5.2008] DSA-1582 peercast - buffer overflow
[20. 5.2008] DSA-1581 gnutls13 - several vulnerabilities
[20. 5.2008] DSA-1580 phpgedview - programming error
[18. 5.2008] DSA-1579 netpbm-free - insufficient input sanitizing
[17. 5.2008] DSA-1578 php4 - several vulnerabilities
[14. 5.2008] DSA-1577 gforge - insecure temporary files
[14. 5.2008] DSA-1576 openssh - ennustettava satunnaislukugeneraattori
[12. 5.2008] DSA-1575 linux-2.6 - denial of service
[12. 5.2008] DSA-1574 icedove - several vulnerabilities
[11. 5.2008] DSA-1573 rdesktop - several vulnerabilities
[11. 5.2008] DSA-1572 php5 - several vulnerabilities
[13. 5.2008] DSA-1571 openssl - ennustettava satunnaislukugeneraattori
[ 6. 5.2008] DSA-1570 kazehakase - various
[ 5. 5.2008] DSA-1569 cacti - insufficient input sanitising
[ 5. 5.2008] DSA-1568 b2evolution - insufficient input sanitising
[ 5. 5.2008] DSA-1567 blender - buffer overrun
[ 2. 5.2008] DSA-1566 cpio - programming error
[ 1. 5.2008] DSA-1565 linux-2.6 - several vulnerabilities
[ 1. 5.2008] DSA-1564 wordpress - multiple vulnerabilities
[30. 4.2008] DSA-1563 asterisk - programming error
[28. 4.2008] DSA-1562 iceape - programming error
[28. 4.2008] DSA-1561 ldm - programming error
[28. 4.2008] DSA-1560 kronolith2 - insufficient input sanitising
[27. 4.2008] DSA-1559 phpgedview - insufficient input sanitising
[24. 4.2008] DSA-1558 xulrunner - programming error
[24. 4.2008] DSA-1557 phpmyadmin - insufficient input sanitising
[24. 4.2008] DSA-1556 perl - heap buffer overflow
[23. 4.2008] DSA-1555 iceweasel - programming error
[22. 4.2008] DSA-1554 roundup - insufficient input sanitising
[20. 4.2008] DSA-1553 ikiwiki - cross-site request forgery
[19. 4.2008] DSA-1552 mplayer - missing input sanitising
[19. 4.2008] DSA-1551 python2.4 - several vulnerabilities
[17. 4.2008] DSA-1550 suphp - programming error
[17. 4.2008] DSA-1549 clamav - buffer overflows
[17. 4.2008] DSA-1548 xpdf - several vulnerabilities
[17. 4.2008] DSA-1547 openoffice.org - several vulnerabilities
[10. 4.2008] DSA-1546 gnumeric - integer overflow
[10. 4.2008] DSA-1545 rsync - integer overflow
[16. 7.2008] DSA-1544 pdns-recursor - design flaw
[ 9. 4.2008] DSA-1543 vlc - several vulnerabilities
[ 9. 4.2008] DSA-1542 libcairo - integer overflow
[ 8. 4.2008] DSA-1541 openldap2.3 - several vulnerabilities
[ 7. 4.2008] DSA-1540 lighttpd - denial of service
[ 4. 4.2008] DSA-1539 mapserver - several vulnerabilities
[ 4. 4.2008] DSA-1538 alsaplayer - buffer overrun
[ 2. 4.2008] DSA-1537 xpdf - several vulnerabilities
[31. 3.2008] DSA-1536 libxine - several vulnerabilities
[30. 3.2008] DSA-1535 iceweasel - several vulnerabilities
[28. 3.2008] DSA-1534 iceape - several vulnerabilities
[27. 3.2008] DSA-1533 exiftags - insufficient input sanitizing
[27. 3.2008] DSA-1532 xulrunner - several vulnerabilities
[27. 3.2008] DSA-1531 policyd-weight - insecure temporary files
[25. 3.2008] DSA-1530 cupsys - Several vulnerabilities
[24. 3.2008] DSA-1529 firebird - multiple vulnerabilities
[24. 3.2008] DSA-1528 serendipity - insufficient input sanitising
[24. 3.2008] DSA-1527 debian-goodies - insufficient input sanitising
[20. 3.2008] DSA-1526 xwine - several vulnerabilities
[20. 3.2008] DSA-1525 asterisk - several vulnerabilities
[18. 3.2008] DSA-1524 krb5 - several vulnerabilities
[17. 3.2008] DSA-1523 ikiwiki - cross-site scripting
[17. 3.2008] DSA-1522 unzip - programming error
[16. 3.2008] DSA-1521 lighttpd - file disclosure
[16. 3.2008] DSA-1520 smarty - insufficient input sanitising
[15. 3.2008] DSA-1519 horde3 - insufficient input sanitising
[15. 3.2008] DSA-1518 backup-manager - programming error
[15. 3.2008] DSA-1517 ldapscripts - programming error
[14. 3.2008] DSA-1516 dovecot - privilege escalation
[11. 3.2008] DSA-1515 libnet-dns-perl - several vulnerabilities
[ 9. 3.2008] DSA-1514 moin - several vulnerabilities
[ 6. 3.2008] DSA-1513 lighttpd - information disclosure
[ 5. 3.2008] DSA-1512 evolution - format string attack
[ 3. 3.2008] DSA-1511 libicu - various
[27. 2.2008] DSA-1510 ghostscript - buffer overflow
[25. 2.2008] DSA-1509 koffice - multiple vulnerabilities
[25. 2.2008] DSA-1508 diatheke - insufficient input sanitising
[24. 2.2008] DSA-1507 turba2 - programming error
[24. 2.2008] DSA-1506 iceape - several vulnerabilities
[22. 2.2008] DSA-1505 alsa-driver - kernel memory leak
[22. 2.2008] DSA-1504 kernel-source-2.6.8 - several vulnerabilities
[22. 2.2008] DSA-1503 kernel-source-2.4.27 - several vulnerabilities
[22. 2.2008] DSA-1502 wordpress - several vulnerabilities
[21. 2.2008] DSA-1501 dspam - programming error
[21. 2.2008] DSA-1500 splitvt - privilege escalation
[19. 2.2008] DSA-1499 pcre3 - buffer overflow
[19. 2.2008] DSA-1498 libimager-perl - buffer overflow
[16. 2.2008] DSA-1497 clamav - several vulnerabilities
[12. 2.2008] DSA-1496 mplayer - buffer overflows
[12. 2.2008] DSA-1495 nagios-plugins - buffer overflows
[11. 2.2008] DSA-1494 linux-2.6 - missing access checks
[10. 2.2008] DSA-1493 sdl-image1.2 - buffer overflows
[10. 2.2008] DSA-1492 wml - insecure temporary files
[10. 2.2008] DSA-1491 tk8.4 - buffer overflow
[10. 2.2008] DSA-1490 tk8.3 - buffer overflow
[10. 2.2008] DSA-1489 iceweasel - several vulnerabilities
[ 9. 2.2008] DSA-1488 phpbb2 - several vulnerabilities
[ 8. 2.2008] DSA-1487 libexif - several vulnerabilities
[ 4. 2.2008] DSA-1486 gnatsweb - cross-site scripting
[10. 2.2008] DSA-1485 icedove - several vulnerabilities
[10. 2.2008] DSA-1484 xulrunner - several vulnerabilities
[ 6. 2.2008] DSA-1483 net-snmp - design error
[ 5. 2.2008] DSA-1482 squid - programming error
[ 5. 2.2008] DSA-1481 python-cherrypy - missing input sanitising
[ 5. 2.2008] DSA-1480 poppler - several vulnerabilities
[29. 1.2008] DSA-1479 linux-2.6 - several vulnerabilities
[28. 1.2008] DSA-1478 mysql-dfsg-5.0 - buffer overflows
[27. 1.2008] DSA-1477 yarssr - missing input sanitising
[27. 1.2008] DSA-1476 pulseaudio - programming error
[26. 1.2008] DSA-1475 gforge - missing input sanitising
[23. 1.2008] DSA-1474 exiv2 - integer overflow
[21. 1.2008] DSA-1473 scponly - design flaw
[21. 1.2008] DSA-1472 xine-lib - buffer overflow
[21. 1.2008] DSA-1471 libvorbis - several vulnerabilities
[20. 1.2008] DSA-1470 horde3 - missing input sanitising
[20. 1.2008] DSA-1469 flac - several vulnerabilities
[20. 1.2008] DSA-1468 tomcat5.5 - several vulnerabilities
[19. 1.2008] DSA-1467 mantis - several vulnerabilities
[21. 1.2008] DSA-1466 xorg-server - several vulnerabilities
[17. 1.2008] DSA-1465 apt-listchanges - programming error
[15. 1.2008] DSA-1464 syslog-ng - null pointer dereference
[14. 1.2008] DSA-1463 postgresql-7.4 - several vulnerabilities
[13. 1.2008] DSA-1462 hplip - missing input sanitising
[13. 1.2008] DSA-1461 libxml2 - missing input validation
[13. 1.2008] DSA-1460 postgresql-8.1 - several vulnerabilities
[13. 1.2008] DSA-1459 gforge - insufficient input validation
[10. 1.2008] DSA-1458 openafs - programming error
[ 9. 1.2008] DSA-1457 dovecot - programming error
[ 9. 1.2008] DSA-1456 fail2ban - programming error
[ 8. 1.2008] DSA-1455 libarchive - denial of service
[ 7. 1.2008] DSA-1454 freetype - integer overflow
[ 7. 1.2008] DSA-1453 tomcat5 - several vulnerabilities
[ 6. 1.2008] DSA-1452 wzdftpd - denial of service
[ 6. 1.2008] DSA-1451 mysql-dfsg-5.0 - several vulnerabilities
[ 5. 1.2008] DSA-1450 util-linux - programming error
[ 5. 1.2008] DSA-1449 loop-aes-utils - programming error
[ 5. 1.2008] DSA-1448 eggdrop - buffer overflow
[ 3. 1.2008] DSA-1447 tomcat5.5 - several vulnerabilities
[ 3. 1.2008] DSA-1446 wireshark - several vulnerabilities
[ 3. 1.2008] DSA-1445 maradns - programming error
[23. 1.2008] DSA-1444 php5 - several vulnerabilities
[ 3. 1.2008] DSA-1443 tcpreen - buffer overflows

Saat tuoreimmat Debianin tietoturvatiedotteet liittymällä debian-security-announce-postilistalle. Voit myös selata listan arkistoja.

---

Takaisin Debian-projektin kotisivulle.

---

---