Beveiligingsadviezen van 2010

[31 dec 2010] DSA-2139 phpmyadmin - several vulnerabilities
[29 dec 2010] DSA-2138 wordpress - SQL injection
[26 dec 2010] DSA-2137 libxml2 - several vulnerabilities
[21 dec 2010] DSA-2136 tor - buffer overflow
[21 dec 2010] DSA-2135 xpdf - several vulnerabilities
[18 dec 2010] DSA-2134 - upcoming changes in advisory format
[13 dec 2010] DSA-2133 collectd - denial of service
[11 dec 2010] DSA-2132 xulrunner - several vulnerabilities
[10 dec 2010] DSA-2131 exim4 - arbitrary code execution
[10 dec 2010] DSA-2130 bind9 - several vulnerabilities
[ 1 dec 2010] DSA-2129 krb5 - checksum verification weakness
[ 1 dec 2010] DSA-2128 libxml2 - invalid memory access
[28 nov 2010] DSA-2127 wireshark - denial of service
[26 nov 2010] DSA-2126 linux-2.6 - privilege escalation/denial of service/information leak
[22 nov 2010] DSA-2125 openssl - buffer overflow
[ 1 nov 2010] DSA-2124 xulrunner - several vulnerabilities
[ 1 nov 2010] DSA-2123 nss - several vulnerabilities
[22 okt 2010] DSA-2122 glibc - missing input sanitization
[19 okt 2010] DSA-2121 typo3-src - several vulnerabilities
[12 okt 2010] DSA-2120 postgresql-8.3 - privilege escalation
[12 okt 2010] DSA-2119 poppler - several vulnerabilities
[ 8 okt 2010] DSA-2118 subversion - logic flaw
[ 4 okt 2010] DSA-2117 apr-util - denial of service
[ 4 okt 2010] DSA-2116 freetype - integer overflow
[29 sep 2010] DSA-2115 moodle - several vulnerabilities
[26 sep 2010] DSA-2114 git-core - buffer overflow
[20 sep 2010] DSA-2113 drupal6 - several vulnerabilities
[20 sep 2010] DSA-2112 bzip2 - integer overflow
[19 sep 2010] DSA-2111 squid3 - denial of service
[17 sep 2010] DSA-2110 linux-2.6 - privilege escalation/denial of service/information leak
[16 sep 2010] DSA-2109 samba - buffer overflow
[14 sep 2010] DSA-2108 cvsnt - programming error
[ 9 sep 2010] DSA-2107 couchdb - untrusted search path
[ 8 sep 2010] DSA-2106 xulrunner - several vulnerabilities
[ 7 sep 2010] DSA-2105 freetype - several vulnerabilities
[ 6 sep 2010] DSA-2104 quagga - several vulnerabilities
[ 5 sep 2010] DSA-2103 smbind - sql injection
[ 3 sep 2010] DSA-2102 barnowl - unchecked return value
[31 aug 2010] DSA-2101 wireshark - several vulnerabilities
[30 aug 2010] DSA-2100 openssl - double free
[30 aug 2010] DSA-2099 openoffice.org - buffer overflows
[29 aug 2010] DSA-2098 typo3-src - several vulnerabilities
[29 aug 2010] DSA-2097 phpmyadmin - insufficient input sanitising
[24 aug 2010] DSA-2096 zope-ldapuserfolder - missing input validation
[23 aug 2010] DSA-2095 lvm2 - insecure communication protocol
[19 aug 2010] DSA-2094 linux-2.6 - privilege escalation/denial of service/information leak
[19 aug 2010] DSA-2093 ghostscript - several vulnerabilities
[17 aug 2010] DSA-2092 lxr-cvs - missing input sanitizing
[12 aug 2010] DSA-2091 squirrelmail - No user-specific token implemented
[ 6 aug 2010] DSA-2090 socat - incorrect user-input validation
[ 6 aug 2010] DSA-2089 php5 - several vulnerabilities
[ 5 aug 2010] DSA-2088 wget - missing input sanitization
[ 4 aug 2010] DSA-2087 cabextract - programming error
[ 4 aug 2010] DSA-2086 avahi - several vulnerabilities
[ 3 aug 2010] DSA-2085 lftp - missing input validation
[ 3 aug 2010] DSA-2084 tiff - integer overflows
[ 2 aug 2010] DSA-2083 moin - missing input sanitization
[ 2 aug 2010] DSA-2082 gmime2.2 - buffer overflow
[ 1 aug 2010] DSA-2081 libmikmod - buffer overflow
[ 1 aug 2010] DSA-2080 ghostscript - several vulnerabilities
[31 jul 2010] DSA-2079 mapserver - several vulnerabilities
[31 jul 2010] DSA-2078 kvirc - programming error
[29 jul 2010] DSA-2077 openldap - several vulnerabilities
[27 jul 2010] DSA-2076 gnupg2 - use-after-free
[27 jul 2010] DSA-2075 xulrunner - several vulnerabilities
[21 jul 2010] DSA-2074 ncompress - integer underflow
[20 jul 2010] DSA-2073 mlmmj - insufficient input sanitising
[19 jul 2010] DSA-2072 libpng - several vulnerabilities
[14 jul 2010] DSA-2071 libmikmod - buffer overflows
[14 jul 2010] DSA-2070 freetype - several vulnerabilities
[11 jul 2010] DSA-2069 znc - denial of service
[11 jul 2010] DSA-2068 python-cjson - buffer overflow
[ 2 jul 2010] DSA-2067 mahara - several vulnerabilities
[ 1 jul 2010] DSA-2066 wireshark - several vulnerabilities
[27 jun 2010] DSA-2065 kvirc - several vulnerabilities
[27 jun 2010] DSA-2064 xulrunner - several vulnerabilities
[17 jun 2010] DSA-2063 pmount - insecure temporary file
[17 jun 2010] DSA-2062 sudo - missing input sanitization
[16 jun 2010] DSA-2061 samba - memory corruption
[13 jun 2010] DSA-2060 cacti - insufficient input sanitization
[10 jun 2010] DSA-2059 pcsc-lite - buffer overflow
[10 jun 2010] DSA-2058 glibc, eglibc - multiple vulnerabilities
[ 7 jun 2010] DSA-2057 mysql-dfsg-5.0 - several vulnerabilities
[ 6 jun 2010] DSA-2056 zonecheck - missing input sanitizing
[ 5 jun 2010] DSA-2055 openoffice.org - macro execution
[ 4 jun 2010] DSA-2054 bind9 - DNS cache poisoning
[25 mei 2010] DSA-2053 linux-2.6 - privilege escalation/denial of service/information leak
[24 mei 2010] DSA-2052 krb5 - null pointer dereference
[24 mei 2010] DSA-2051 postgresql-8.3 - several vulnerabilities
[24 mei 2010] DSA-2050 kdegraphics - several vulnerabilities
[23 mei 2010] DSA-2049 barnowl - buffer overflow
[22 mei 2010] DSA-2048 dvipng - buffer overflow
[17 mei 2010] DSA-2047 aria2 - insufficient input sanitising
[13 mei 2010] DSA-2046 phpgroupware - several vulnerabilities
[11 mei 2010] DSA-2045 libtheora - integer overflow
[11 mei 2010] DSA-2044 mplayer - integer overflow
[11 mei 2010] DSA-2043 vlc - integer overflow
[ 5 mei 2010] DSA-2042 iscsitarget - format string
[ 3 mei 2010] DSA-2041 mediawiki - Cross-Site Request Forgery
[ 2 mei 2010] DSA-2040 squidguard - buffer overflow
[23 apr 2010] DSA-2039 cacti - missing input sanitising
[18 apr 2010] DSA-2038 pidgin - several vulnerabilities
[17 apr 2010] DSA-2037 kdm (kdebase) - race condition
[17 apr 2010] DSA-2036 jasper - programming error
[17 apr 2010] DSA-2035 apache2 - multiple issues
[17 apr 2010] DSA-2034 phpmyadmin - several vulnerabilities
[15 apr 2010] DSA-2033 ejabberd - heap overflow
[11 apr 2010] DSA-2032 libpng - several vulnerabilities
[11 apr 2010] DSA-2031 krb5 - use-after-free
[ 6 apr 2010] DSA-2030 mahara - sql injection
[ 5 apr 2010] DSA-2029 imlib2 - several vulnerabilities
[ 5 apr 2010] DSA-2028 xpdf - multiple vulnerabilities
[ 3 apr 2010] DSA-2027 xulrunner - several vulnerabilities
[ 2 apr 2010] DSA-2026 netpbm-free - stack-based buffer overflow
[31 mrt 2010] DSA-2025 icedove - several vulnerabilities
[31 mrt 2010] DSA-2024 moin - insufficient input sanitising
[28 mrt 2010] DSA-2023 curl - buffer overflow
[23 mrt 2010] DSA-2022 mediawiki - several vulnerabilities
[22 mrt 2010] DSA-2021 spamass-milter - missing input sanitization
[20 mrt 2010] DSA-2020 ikiwiki - insufficient input sanitization
[20 mrt 2010] DSA-2019 pango1.0 - missing input sanitization
[18 mrt 2010] DSA-2018 php5 - DoS (crash)
[15 mrt 2010] DSA-2017 pulseaudio - insecure temporary directory
[13 mrt 2010] DSA-2016 drupal6 - several vulnerabilities
[15 mrt 2010] DSA-2015 drbd8 - privilege escalation
[12 mrt 2010] DSA-2014 moin - several vulnerabilities
[11 mrt 2010] DSA-2013 egroupware - several vulnerabilities
[11 mrt 2010] DSA-2012 linux-2.6 - privilege escalation/denial of service
[10 mrt 2010] DSA-2011 dpkg - path traversal
[10 mrt 2010] DSA-2010 kvm - privilege escalation/denial of service
[ 9 mrt 2010] DSA-2009 tdiary - insufficient input sanitising
[ 8 mrt 2010] DSA-2008 typo3-src - several vulnerabilities
[ 3 mrt 2010] DSA-2007 cups - format string vulnerability
[ 2 mrt 2010] DSA-2006 sudo - several vulnerabilities
[27 feb 2010] DSA-2005 linux-2.6.24 - privilege escalation/denial of service/sensitive memory leak
[28 feb 2010] DSA-2004 samba - several vulnerabilities
[22 feb 2010] DSA-2003 linux-2.6 - privilege escalation/denial of service
[19 feb 2010] DSA-2002 polipo - denial of service
[19 feb 2010] DSA-2001 php5 - multiple vulnerabilities
[18 feb 2010] DSA-2000 ffmpeg-debian - several vulnerabilities
[18 feb 2010] DSA-1999 xulrunner - several vulnerabilities
[17 feb 2010] DSA-1998 kdelibs - buffer overflow
[14 feb 2010] DSA-1997 mysql-dfsg-5.0 - several vulnerabilities
[12 feb 2010] DSA-1996 linux-2.6 - privilege escalation/denial of service/sensitive memory leak
[12 feb 2010] DSA-1995 openoffice.org - several vulnerabilities
[11 feb 2010] DSA-1994 ajaxterm - weak session IDs
[10 feb 2010] DSA-1993 otrs2 - sql injection
[ 4 feb 2010] DSA-1992 chrony - several vulnerabilities
[ 4 feb 2010] DSA-1991 squid/squid3 - denial of service
[ 3 feb 2010] DSA-1990 trac-git - shell command injection
[ 2 feb 2010] DSA-1989 fuse - denial of service
[ 2 feb 2010] DSA-1988 qt4-x11 - several vulnerabilities
[ 2 feb 2010] DSA-1987 lighttpd - denial of service
[ 2 feb 2010] DSA-1986 moodle - several vulnerabilities
[31 jan 2010] DSA-1985 sendmail - insufficient input validation
[30 jan 2010] DSA-1984 libxerces2-java - denial of service
[30 jan 2010] DSA-1983 wireshark - several vulnerabilities
[29 jan 2010] DSA-1982 hybserv - denial of service
[28 jan 2010] DSA-1981 maildrop - privilege escalation
[27 jan 2010] DSA-1980 ircd-hybrid/ircd-ratbox - integer underflow/denial of service
[27 jan 2010] DSA-1979 lintian - multiple vulnerabilities
[26 jan 2010] DSA-1978 phpgroupware - several vulnerabilities
[25 jan 2010] DSA-1977 python2.4 python2.5 - several vulnerabilities
[22 jan 2010] DSA-1976 dokuwiki - several vulnerabilities
[20 jan 2010] DSA-1975 - Security Support for Debian 4.0 to be discontinued on February 15th
[20 jan 2010] DSA-1974 gzip - several vulnerabilities
[19 jan 2010] DSA-1973 glibc, eglibc - information disclosure
[17 jan 2010] DSA-1972 audiofile - buffer overflow
[15 jan 2010] DSA-1971 libthai - integer overflow
[13 jan 2010] DSA-1970 openssl - denial of service
[12 jan 2010] DSA-1969 krb5 - integer underflow
[ 8 jan 2010] DSA-1968 pdns-recursor - several vulnerabilities
[ 7 jan 2010] DSA-1967 transmission - directory traversal
[ 7 jan 2010] DSA-1966 horde3 - insufficient input sanitising
[ 6 jan 2010] DSA-1965 phpldapadmin - missing input sanitising

U kunt de recentste beveiligingsadviezen van Debian verkrijgen door in te tekenen op onze mailinglijst debian-security-announce. U kunt ook bladeren in de archieven van de lijst.