Hello Samuel,
looks like valid request. Upstream bugzilla entry created at:
[1] https://bugs.g10code.com/gnupg/issue1509
Thank you Regards, Jan.
--
Jan iankko Lieskovsky
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Hello,
https://code.google.com/p/smarty-php/source/detail?r=4660
Good catch, thanks for your report :)
And I've made a debdiff as attached.
security team
I think it would be released as stable-proposed-updates since it has
no CVEs, so I guess we probably say no DSAs for it.
Just FYI
Thank you for your report, Ian.
Package: libpam-rsa
Version: 0.8-9-2.4
Tags: security
* What led up to the situation?
1. I manually locked my screen using xscreensaver-command -lock.
2. I moved the pointer, causing the xscreensaver password screen to appear.
3. I moved the pointer some
Thank you for your report, Sergio.
Package: cups
Version: 1.5.3-1
Severity: important
Tags: security
I've created a print queue with an
AllowUser user1
option. When submitting a print job as user1 all goes as expected, but
if I submit it as some other user I see a flood of error
not completely
sure this is a security issue (and first wanted to obtain feedback from
gpm developers / upstream).
On Thu, 2012-06-14 at 11:06 +0200, Jan Lieskovsky wrote:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677418
I've updated some information there:
Mainly that I think
The CVE identifier of CVE-2011-4357 has been assigned to this issue:
[2] http://www.openwall.com/lists/oss-security/2011/11/28/6
Thank you Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a
The CVE identifier for this issue has been requested here:
[1] http://www.openwall.com/lists/oss-security/2011/11/27/1
Thank you Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of
Hello Josh, Steve, vendors,
it was found that DokuWiki's RSS embedding mechanism did not properly
escape user-provided links. An attacker could use this flaw to conduct
cross-site scripting (XSS) attacks, potentially leading to arbitrary
JavaScript code execution.
References:
---
[1]
Hello, Josh, Steve, vendors,
It was found that D-BUS message bus service / messaging facility did
not update the byte-order flag of the message properly by swapping the
byte order of incoming messages into their native endiannes. A local,
authenticated user could use this flaw to send a
Hello, Josh, Steve, vendors,
It was found that perl-Data-FormValidator, a HTML form user input
validator, used to treat certain invalid fields as valid, when the
untaint_all_constraints directive was used (default for majority of
Data-FormValidator routines). A remote attacker could use this
Hi Steve, vendors,
Guillem Jover pointed out:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583435#5
a deficiency in the way rpcbind gathered / saved registrations from / to
dumped file(s). A local attacker could use this flaw to conduct symbolic
link attacks, leading to
Hi guys,
CVE identifier of CVE-2010-0426 has been already assigned to this issue.
Thanks Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
12 matches
Mail list logo
