Beveiligingsadviezen uit 2012

[30 dec 2012] DSA-2596 mediawiki-extensions - cross-site scripting
[30 dec 2012] DSA-2595 ghostscript - integer overflow
[30 dec 2012] DSA-2594 virtualbox-ose - programming error
[29 dec 2012] DSA-2593 moin - several vulnerabilities
[28 dec 2012] DSA-2592 elinks - programming error
[27 dec 2012] DSA-2591 mahara - several vulnerabilities
[26 dec 2012] DSA-2590 wireshark - several vulnerabilities
[16 dec 2012] DSA-2589 tiff - buffer overflow
[16 dec 2012] DSA-2588 icedove - several vulnerabilities
[11 dec 2012] DSA-2587 libcgi-pm-perl - HTTP header injection
[11 dec 2012] DSA-2586 perl - several vulnerabilities
[11 dec 2012] DSA-2585 bogofilter - buffer overflow
[ 8 dec 2012] DSA-2584 iceape - several vulnerabilities
[ 8 dec 2012] DSA-2583 iceweasel - several vulnerabilities
[ 7 dec 2012] DSA-2582 xen - several vulnerabilities
[ 4 dec 2012] DSA-2581 mysql-5.1 - several vulnerabilities
[ 2 dec 2012] DSA-2580 libxml2 - buffer overflow
[30 nov 2012] DSA-2579 apache2 - Multiple issues
[28 nov 2012] DSA-2578 rssh - insufficient filtering of rsync command line
[ 1 dec 2012] DSA-2577 libssh - several vulnerabilities
[23 nov 2012] DSA-2576 trousers - denial of service
[18 nov 2012] DSA-2575 tiff - heap-based buffer overflow
[15 nov 2012] DSA-2574 typo3-src - several vulnerabilities
[10 nov 2012] DSA-2573 radsecproxy - SSL certificate verification weakness
[ 4 nov 2012] DSA-2572 iceape - several vulnerabilities
[ 4 nov 2012] DSA-2571 libproxy - buffer overflow
[31 okt 2012] DSA-2570 openoffice.org - several vulnerabilities
[29 okt 2012] DSA-2569 icedove - several vulnerabilities
[26 okt 2012] DSA-2568 rtfm - privilege escalation
[26 okt 2012] DSA-2567 request-tracker3.8 - several vulnerabilities
[25 okt 2012] DSA-2566 exim4 - heap-based buffer overflow
[23 okt 2012] DSA-2565 iceweasel - several vulnerabilities
[23 okt 2012] DSA-2564 tinyproxy - denial of service
[23 okt 2012] DSA-2563 viewvc - several vulnerabilities
[23 okt 2012] DSA-2562 cups-pk-helper - privilege escalation
[21 okt 2012] DSA-2561 tiff - buffer overflow
[20 okt 2012] DSA-2560 bind9 - denial of service
[11 okt 2012] DSA-2559 libexif - several vulnerabilities
[ 8 okt 2012] DSA-2558 bacula - information disclosure
[ 8 okt 2012] DSA-2557 hostapd - buffer overflow
[ 7 okt 2012] DSA-2556 icedove - several vulnerabilities
[ 5 okt 2012] DSA-2555 libxslt - several vulnerabilities
[26 sep 2012] DSA-2554 iceape - several vulnerabilities
[24 sep 2012] DSA-2553 iceweasel - several vulnerabilities
[26 sep 2012] DSA-2552 tiff - several vulnerabilities
[23 sep 2012] DSA-2551 isc-dhcp - denial of service
[26 sep 2012] DSA-2550 asterisk - several vulnerabilities
[15 sep 2012] DSA-2549 devscripts - multiple vulnerabilities
[13 sep 2012] DSA-2548 tor - several vulnerabilities
[12 sep 2012] DSA-2547 bind9 - improper assert
[11 sep 2012] DSA-2546 freeradius - stack-based buffer overflows
[ 8 sep 2012] DSA-2545 qemu - multiple vulnerabilities
[ 8 sep 2012] DSA-2544 xen - denial of service
[ 8 sep 2012] DSA-2543 xen-qemu-dm-4.0 - multiple vulnerabilities
[ 8 sep 2012] DSA-2542 qemu-kvm - multiple vulnerabilities
[ 7 sep 2012] DSA-2541 beaker - information disclosure
[ 7 sep 2012] DSA-2540 mahara - cross-site scripting
[ 6 sep 2012] DSA-2539 zabbix - SQL injection
[ 5 sep 2012] DSA-2538 moin - privilege escalation
[30 aug 2012] DSA-2537 typo3-src - several vulnerabilities
[30 aug 2012] DSA-2536 otrs2 - cross-site scripting
[29 aug 2012] DSA-2535 rtfm - cross-site scripting
[25 aug 2012] DSA-2534 postgresql-8.4 - several vulnerabilities
[23 aug 2012] DSA-2533 pcp - several vulnerabilities
[22 aug 2012] DSA-2532 libapache2-mod-rpaf - denial of service
[18 aug 2012] DSA-2531 xen - Denial of Service
[15 aug 2012] DSA-2530 rssh - shell command injection
[14 aug 2012] DSA-2529 python-django - several vulnerabilities
[14 aug 2012] DSA-2528 icedove - several vulnerabilities
[13 aug 2012] DSA-2527 php5 - several vulnerabilities
[12 aug 2012] DSA-2526 libotr - heap-based buffer overflows
[ 6 aug 2012] DSA-2525 expat - several vulnerabilities
[ 6 aug 2012] DSA-2524 openttd - several vulnerabilities
[ 6 aug 2012] DSA-2523 globus-gridftp-server - programming error
[ 5 aug 2012] DSA-2522 fckeditor - cross site scripting
[ 4 aug 2012] DSA-2521 libxml2 - integer overflows
[ 1 aug 2012] DSA-2520 openoffice.org - Multiple heap-based buffer overflows
[ 4 aug 2012] DSA-2519 isc-dhcp - several vulnerabilities
[31 jul 2012] DSA-2518 krb5 - denial of service and remote code execution
[30 jul 2012] DSA-2517 bind9 - denial of service
[26 jul 2012] DSA-2516 isc-dhcp - several vulnerabilities
[19 jul 2012] DSA-2515 nsd3 - null pointer dereference
[17 jul 2012] DSA-2514 iceweasel - several vulnerabilities
[17 jul 2012] DSA-2513 iceape - several vulnerabilities
[12 jul 2012] DSA-2512 mono - missing input sanitising
[12 jul 2012] DSA-2511 puppet - several vulnerabilities
[12 jul 2012] DSA-2510 extplorer - Cross-site request forgery
[ 8 jul 2012] DSA-2509 pidgin - remote code execution
[22 jul 2012] DSA-2508 kfreebsd-8 - privilege escalation
[ 4 jul 2012] DSA-2507 openjdk-6 - several vulnerabilities
[ 2 jul 2012] DSA-2506 libapache-mod-security - ModSecurity bypass
[29 jun 2012] DSA-2505 zendframework - information disclosure
[28 jun 2012] DSA-2504 libspring-2.5-java - information disclosure
[28 jun 2012] DSA-2503 bcfg2 - shell command injection
[24 jun 2012] DSA-2502 python-crypto - programming error
[24 jun 2012] DSA-2501 xen - several vulnerabilities
[24 jun 2012] DSA-2500 mantis - several vulnerabilities
[24 jun 2012] DSA-2499 icedove - several vulnerabilities
[23 jun 2012] DSA-2498 dhcpcd - remote stack overflow
[20 jun 2012] DSA-2497 quagga - denial of service
[18 jun 2012] DSA-2496 mysql-5.1 - several vulnerabilities
[16 jun 2012] DSA-2495 openconnect - buffer overflow
[14 jun 2012] DSA-2494 ffmpeg - several vulnerabilities
[12 jun 2012] DSA-2493 asterisk - denial of service
[10 jun 2012] DSA-2492 php5 - buffer overflow
[ 9 jun 2012] DSA-2491 postgresql-8.4 - several vulnerabilities
[ 7 jun 2012] DSA-2490 nss - denial of service
[ 7 jun 2012] DSA-2489 iceape - several vulnerabilities
[ 7 jun 2012] DSA-2488 iceweasel - several vulnerabilities
[ 7 jun 2012] DSA-2487 openoffice.org - buffer overflow
[ 5 jun 2012] DSA-2486 bind9 - denial of service
[ 3 jun 2012] DSA-2485 imp4 - cross site scripting
[ 2 jun 2012] DSA-2484 nut - denial of service
[31 mei 2012] DSA-2483 strongswan - authentication bypass
[ 2 jun 2012] DSA-2482 libgdata - insufficient certificate validation
[ 2 jun 2012] DSA-2481 arpwatch - fails to drop supplementary groups
[15 sep 2012] DSA-2480 request-tracker3.8 - several vulnerabilities
[23 mei 2012] DSA-2479 libxml2 - off-by-one
[23 mei 2012] DSA-2478 sudo - parsing error
[20 mei 2012] DSA-2477 sympa - authorization bypass
[19 mei 2012] DSA-2476 pidgin-otr - format string vulnerability
[17 mei 2012] DSA-2475 openssl - integer underflow
[16 mei 2012] DSA-2474 ikiwiki - cross-site scripting
[16 mei 2012] DSA-2473 openoffice.org - buffer overflow
[15 mei 2012] DSA-2472 gridengine - privilege escalation
[13 mei 2012] DSA-2471 ffmpeg - several vulnerabilities
[11 mei 2012] DSA-2470 wordpress - several vulnerabilities
[10 mei 2012] DSA-2469 linux-2.6 - privilege escalation/denial of service
[ 9 mei 2012] DSA-2468 libjakarta-poi-java - unbounded memory allocation
[ 9 mei 2012] DSA-2467 mahara - insecure defaults
[ 9 mei 2012] DSA-2466 rails - cross site scripting
[ 9 mei 2012] DSA-2465 php5 - several vulnerabilities
[ 8 mei 2012] DSA-2464 icedove - several vulnerabilities
[ 2 mei 2012] DSA-2463 samba - missing permission checks
[ 3 mei 2012] DSA-2462 imagemagick - several vulnerabilities
[26 apr 2012] DSA-2461 spip - several vulnerabilities
[25 apr 2012] DSA-2460 asterisk - several vulnerabilities
[ 4 mei 2012] DSA-2459 quagga - several vulnerabilities
[13 mei 2012] DSA-2458 iceape - several vulnerabilities
[13 mei 2012] DSA-2457 iceweasel - several vulnerabilities
[23 apr 2012] DSA-2456 dropbear - use after free
[20 apr 2012] DSA-2455 typo3-src - missing input sanitization
[24 apr 2012] DSA-2454 openssl - multiple vulnerabilities
[16 apr 2012] DSA-2453 gajim - several vulnerabilities
[15 apr 2012] DSA-2452 apache2 - insecure default configuration
[13 apr 2012] DSA-2451 puppet - several vulnerabilities
[12 apr 2012] DSA-2450 samba - privilege escalation
[12 apr 2012] DSA-2449 sqlalchemy - missing input sanitization
[10 apr 2012] DSA-2448 inspircd - buffer overflow
[ 4 apr 2012] DSA-2447 tiff - integer overflow
[ 4 apr 2012] DSA-2446 libpng - incorrect memory handling
[31 mrt 2012] DSA-2445 typo3-src - several vulnerabilities
[29 mrt 2012] DSA-2444 tryton-server - privilege escalation
[26 mrt 2012] DSA-2443 linux-2.6 - privilege escalation/denial of service
[31 mrt 2012] DSA-2442 openarena - UDP traffic amplification
[25 mrt 2012] DSA-2441 gnutls26 - missing bounds check
[24 mrt 2012] DSA-2440 libtasn1-3 - missing bounds check
[22 mrt 2012] DSA-2439 libpng - buffer overflow
[22 mrt 2012] DSA-2438 raptor - programming error
[21 mrt 2012] DSA-2437 icedove - several vulnerabilities
[19 mrt 2012] DSA-2436 libapache2-mod-fcgid - inactive resource limits
[19 mrt 2012] DSA-2435 gnash - several vulnerabilities
[19 mrt 2012] DSA-2434 nginx - sensitive information leak
[15 mrt 2012] DSA-2433 iceweasel - several vulnerabilities
[12 mrt 2012] DSA-2432 libyaml-libyaml-perl - format string vulnerabilities
[11 mrt 2012] DSA-2431 libdbd-pg-perl - format string vulnerabilities
[10 mrt 2012] DSA-2430 python-pam - double free
[ 7 mrt 2012] DSA-2429 mysql-5.1 - several vulnerabilities
[ 7 mrt 2012] DSA-2428 freetype - several vulnerabilities
[ 6 mrt 2012] DSA-2427 imagemagick - several vulnerabilities
[ 6 mrt 2012] DSA-2426 gimp - several vulnerabilities
[ 4 mrt 2012] DSA-2425 plib - buffer overflow
[ 4 mrt 2012] DSA-2424 libxml-atom-perl - XML external entity expansion
[ 2 mrt 2012] DSA-2423 movabletype-opensource - several vulnerabilities
[ 9 mei 2012] DSA-2422 file - missing bounds checks
[29 feb 2012] DSA-2421 moodle - several vulnerabilities
[28 feb 2012] DSA-2420 openjdk-6 - several vulnerabilities
[27 feb 2012] DSA-2419 puppet - several vulnerabilities
[27 feb 2012] DSA-2418 postgresql-8.4 - several vulnerabilities
[22 feb 2012] DSA-2417 libxml2 - computational denial of service
[22 feb 2012] DSA-2416 notmuch - information disclosure
[21 feb 2012] DSA-2415 libmodplug - several vulnerabilities
[25 feb 2012] DSA-2414 fex - insufficient input sanitization
[20 feb 2012] DSA-2413 libarchive - buffer overflows
[19 feb 2012] DSA-2412 libvorbis - buffer overflow
[19 feb 2012] DSA-2411 mumble - information disclosure
[15 feb 2012] DSA-2410 libpng - integer overflow
[15 feb 2012] DSA-2409 devscripts - several vulnerabilities
[13 feb 2012] DSA-2408 php5 - several vulnerabilities
[ 9 feb 2012] DSA-2407 cvs - heap overflow
[ 9 feb 2012] DSA-2406 icedove - several vulnerabilities
[ 6 feb 2012] DSA-2405 apache2 - multiple issues
[ 5 feb 2012] DSA-2404 xen-qemu-dm-4.0 - buffer overflow
[ 6 feb 2012] DSA-2403 php5 - code injection
[ 2 feb 2012] DSA-2402 iceape - several vulnerabilities
[ 2 feb 2012] DSA-2401 tomcat6 - several vulnerabilities
[ 2 feb 2012] DSA-2400 iceweasel - several vulnerabilities
[31 jan 2012] DSA-2399 php5 - several vulnerabilities
[31 mrt 2012] DSA-2398 curl - several vulnerabilities
[29 jan 2012] DSA-2397 icu - buffer underflow
[27 jan 2012] DSA-2396 qemu-kvm - buffer underflow
[27 jan 2012] DSA-2395 wireshark - buffer underflow
[27 jan 2012] DSA-2394 libxml2 - several vulnerabilities
[25 jan 2012] DSA-2393 bip - buffer overflow
[23 jan 2012] DSA-2392 openssl - out-of-bounds read
[22 jan 2012] DSA-2391 phpmyadmin - several vulnerabilities
[15 jan 2012] DSA-2390 openssl - several vulnerabilities
[15 jan 2012] DSA-2389 linux-2.6 - privilege escalation/denial of service/information leak
[14 jan 2012] DSA-2388 t1lib - several vulnerabilities
[11 jan 2012] DSA-2387 simplesamlphp - insufficient input sanitation
[10 jan 2012] DSA-2386 openttd - several vulnerabilities
[10 jan 2012] DSA-2385 pdns - packet loop
[ 4 feb 2012] DSA-2384 cacti - several vulnerabilities
[ 8 jan 2012] DSA-2383 super - buffer overflow
[ 7 jan 2012] DSA-2382 ecryptfs-utils - multiple vulnerabilities
[ 6 jan 2012] DSA-2381 squid3 - invalid memory deallocation
[ 4 jan 2012] DSA-2380 foomatic-filters - shell command injection
[ 4 jan 2012] DSA-2379 krb5 - several vulnerabilities
[ 3 jan 2012] DSA-2378 ffmpeg - several vulnerabilities
[ 1 jan 2012] DSA-2377 cyrus-imapd-2.2 - NULL pointer dereference

U kunt de recentste beveiligingsadviezen van Debian krijgen door in te tekenen op onze mailinglijst debian-security-announce. U kunt ook bladeren in de archieven van de lijst.