You are here
Security
DSA-6034-1 tryton-sao - security update
Brandon Da Costa and Mahdi Asfhar discovered a cross-site scripting
vulnerability in the web client of the Tryton application platform.
Categories: Security
DSA-6033-1 bind9 - security update
Several vulnerabilities were discovered in BIND, a DNS server
implementation, which may result in cache poisoning or denial of service.
Categories: Security
DSA-6032-1 request-tracker4 - security update
It was discovered that Request Tracker, an extensible trouble-ticket
tracking system is prone to a CSV injection via ticket values with
special characters that are exported to a TSV from search results.
Categories: Security
DSA-6031-1 request-tracker5 - security update
Multiple vulnerabilities have been discovered in Request Tracker, an
extensible trouble-ticket tracking system, which could result in CSV
injection via ticket values with special characters, or cross-site
scripting via calendar invitations added to a ticket.
Categories: Security
DSA-6030-1 intel-microcode - security update
This update ships updated CPU microcode for some types of Intel CPUs and
provides mitigations for security vulnerabilities which could result in
privilege escalation or denial of service.
Categories: Security
DSA-6029-1 ark - security update
It was discovered that insecure path handling in the Ark archive utility
could result in overwriting a user's files.
Categories: Security
DSA-6028-1 lxd - security update
Multiple security issues were discovered in LXD, a system container
and virtual machine manager, which could result in file disclosure,
information disclosure or or cross-site request forgery.
Categories: Security
DSA-6027-1 incus - security update
Multiple security issues were discovered in Incus, a system container
and virtual machine manager, which could result in file disclosure,
information disclosure, privilege escalation or cross-site request
forgery.
Categories: Security
DSA-6026-1 chromium - security update
A security issue was discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
Categories: Security
DSA-6025-1 firefox-esr - security update
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, memory disclosure or cross-site scripting.
Categories: Security
DSA-6024-1 ghostscript - security update
Multiple security issues were discovered in Ghostscript, the GPL
PostScript/PDF interpreter, which could result in denial of service and
potentially the execution of arbitrary code if malformed document files
are processed.
Categories: Security
DSA-6023-1 tiff - security update
It was discovered that missing input sanitising in the libtiff library
could result in denial of service or potentially the execution of
arbitrary code if malformed image files are processed.
Categories: Security
Pages
Co-authored by Creative Contingencies's Peter Lieverdink.