[DONE] wml://security/2021/dsa-4833.wml

2021-01-18 Пенетрантность Lev Lamberov
="44daa28d7165e7856597605819dd8a2aa51c048f" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Andrew Wesie discovered a buffer overflow in the H264 support of the - -GStreamer multimedia framework, which could potentially result in the - -execution of arbitra

[DONE] wml://security/2021/dsa-4832.wml

2021-01-16 Пенетрантность Lev Lamberov
="a5c79088ff2296ccbad43ece8403cb9d49aa69ac" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues were discovered in the Chromium web browser, which - -could result in the execution of arbitrary code, denial of service - -or information disclo

[DONE] wml://security/2021/dsa-4831.wml

2021-01-15 Пенетрантность Lev Lamberov
="6d1643a67509927d077347faabf9fdb8fdcb2dc5" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Johan Smits discovered that ruby-redcarpet, a markdown parser, did not - -properly validate its input. This would allow an attacker to mount a - -cross-site scripting attac

[DONE] wml://security/2021/dsa-4830.wml

2021-01-14 Пенетрантность Lev Lamberov
="cc173b8d34b89c7d43e8628759e88ae4a67b7db9" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Simon McVittie discovered a bug in the flatpak-portal service that can - -allow sandboxed applications to execute arbitrary code on the host system - -(a sandbox escape). -

[DONE] wml://security/2021/dsa-4829.wml

2021-01-11 Пенетрантность Lev Lamberov
="6deb41e83064921e63d318734179cf3b4d8867e0" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A flaw was discovered in coturn, a TURN and STUN server for VoIP. By - -default coturn does not allow peers on the loopback addresses - -(127.x.x.x and ::1). A remote atta

[DONE] wml://security/2021/dsa-4827.wml

2021-01-08 Пенетрантность Lev Lamberov
="2250192440b4e4662c2bd0c7ab63e34e6ff313ee" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A security issue was found in the Mozilla Firefox web browser, which - -could potentially result in the execution of arbitrary code. +В веб-браузере Mozilla Firefox была об

[DONE] wml://security/2021/dsa-4828.wml

2021-01-08 Пенетрантность Lev Lamberov
="c7278d0cf5a2c92a64386bb83ed50bdb7e9b56f4" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Liaogui Zhong discovered two security issues in XStream, a Java library - -to serialise objects to XML and back again, which could result in the - -deletion of files or se

[DONE] wml://security/2021/dsa-4826.wml

2021-01-07 Пенетрантность Lev Lamberov
="27a3db159df9f47798f0f5c818d5f1dafdd4a815" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Two vulnerabilities were discovered in Node.js, which could result in - -denial of service and potentially the execution of arbitrary code or - -HTTP request smuggling.

Re: [DONE] wml://security/2021/dsa-4825.wml

2021-01-05 Пенетрантность Lev Lamberov
Вт 05 янв 2021 @ 16:12 Vladimir Zhbanov : > On Tue, Jan 05, 2021 at 09:56:04AM +0500, Lev Lamberov wrote: >> +Если включена спящий режим для imap, злоумышленник (с корректными >> данными учётной > включен_ >> +message/rfc822 (или если её родитель имеет

[DONE] wml://security/2021/dsa-4825.wml

2021-01-04 Пенетрантность Lev Lamberov
="28bc87857803972597b697f1aafdfc05773ea8db" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Several vulnerabilities have been discovered in the Dovecot email server. +В почтовом сервере Dovecot было обнаружено несколько уязвимостей. https://security-track

[DONE] wml://security/2021/dsa-4823.wml

2021-01-02 Пенетрантность Lev Lamberov
="df41ee2d83423c2e6bcdc9061671b96ead8a6074" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that incorrect validation of JWT tokens in InfluxDB, - -a time series, metrics, and analytics database, could result in - -authentication bypass. +Был

[DONE] wml://security/2021/dsa-4824.wml

2021-01-02 Пенетрантность Lev Lamberov
="b7239518c823ae53e2826fd2e71efbc6e91007e3" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues were discovered in the Chromium web browser, which - -could result in the execution of arbitrary code, denial of service - -or information disclo

[DONE] wml://security/2021/dsa-4822.wml

2021-01-01 Пенетрантность Lev Lamberov
="ce053bc67f7e188f5978ad5bbfd7c2786669f07c" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -David Cook reported several memory safety issues affecting the RPC - -protocol in p11-kit, a library providing a way to load and enumerate - -PKCS#11 modules. +Дэвид Кук

[DONE] wml://security/2020/dsa-4821.wml

2020-12-28 Пенетрантность Lev Lamberov
="ac4a3040fa04b98f1db354527f6cdb1ecb042cb4" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Alex Birnberg discovered that roundcube, a skinnable AJAX based webmail - -solution for IMAP servers, is prone to a cross-site scripting - -vulnerability in handli

[DONE] wml://security/2020/dsa-4820.wml

2020-12-28 Пенетрантность Lev Lamberov
="6db6669bbf0a79c0b400f97ed17d0e64d26e337b" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Pritam Singh discovered an open redirect in the workflow forms of +Притам Сингх обнаружил открытое перенаправление в формах работы OpenStack Horizon. - -For t

[DONE] wml://security/2020/dsa-4819.wml

2020-12-27 Пенетрантность Lev Lamberov
="e16ef96d005299e94ef1566037aa03ca560f5d1f" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Stephane Chauveau discovered that the graphics protocol implementation in - -Kitty, a GPU-based terminal emulator, did not sanitise a filename when - -returning an err

[DONE] wml://security/2020/dsa-4818.wml

2020-12-23 Пенетрантность Lev Lamberov
="3f0f1a56a7218bc43e4769bf32b0352523c9a436" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Several vulnerabilities were discovered in Sympa, a mailing list - -manager, which could result in local privilege escalation, denial of - -service or unauthorized acc

Re: [DONE] wml://security/2020/dsa-4814.wml

2020-12-20 Пенетрантность Lev Lamberov
Вс 20 дек 2020 @ 12:21 Galina Anikina : > On Thu, 2020-12-17 at 14:10 +0500, Lev Lamberov wrote: >> --- ../../english/security/2020/dsa-4814.wml2020-12-17 >> 14:05:09.871812631 +0500 >> +++ 2020/dsa-4814.wml   2020-12-17 14:10:01.920175292 +0500 >> @@ -1,24 +

[DONE] wml://security/2020/dsa-4817.wml

2020-12-19 Пенетрантность Lev Lamberov
="39622941f7edb860ecb91d028749e4646a223ee6" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Two vulnerabilities were discovered in the PEAR Archive_Tar package for - -handling tar files in PHP, potentially allowing a remote attacker to - -execute arbitrary code or o

[DONE] wml://security/2020/dsa-4816.wml

2020-12-18 Пенетрантность Lev Lamberov
="a8cb97c201a8d45a55a7f5eaee9906dba8146ca1" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues were discovered in MediaWiki, a website engine - -for collaborative work, which could result in cross-site scripting or - -the disclosure of hidden u

Re: [DONE] wml://security/2020/dsa-4814.wml

2020-12-17 Пенетрантность Lev Lamberov
Чт 17 дек 2020 @ 15:17 shilin.alek...@gmail.com: > В Чт, 17/12/2020 в 14:10 +0500, Lev Lamberov пишет: >> Заметьте, что заплата, исправляющая эту проблему, возможно благодаря >> недавно появившейся утечке памяти. > > Здесь другой смысл: заплата, исправляющая проблему с безоп

[DONE] wml://security/2020/dsa-4815.wml

2020-12-17 Пенетрантность Lev Lamberov
="363db9b6da2f5fc2a5ca52a848bb373866791844" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues have been found in Thunderbird, which may lead - -to the execution of arbitrary code, denial of service or information - -leak. +В Thunderbird

[DONE] wml://security/2020/dsa-4814.wml

2020-12-17 Пенетрантность Lev Lamberov
="3bcb07ac79215b801fafacf8e2f96929da3e7a67" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that xerces-c, a validating XML parser library for - -C++, did not correctly scan DTDs. The use-after-free vulnerability - -resulting from this issue

[DONE] wml://security/2020/dsa-4813.wml

2020-12-16 Пенетрантность Lev Lamberov
="e4169c02d604d087402edc425d03a12498b1acaa" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues have been found in the Mozilla Firefox web - -browser, which could potentially result in the execution of arbitrary - -code, information disclosure o

[DONE] wml://security/2020/dsa-4811.wml

2020-12-15 Пенетрантность Lev Lamberov
="1e5f62f34bcc8da30f41325ca8cb664f8713412c" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that the default blacklist of XStream, a Java library - -to serialise objects to XML and back again, was vulnerable to the - -execution of arbitrary

[DONE] wml://security/2020/dsa-4812.wml

2020-12-15 Пенетрантность Lev Lamberov
="413d84f94ed95dc443860b5c01ced890a3d079ef" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple vulnerabilities have been discovered in the Xen hypervisor: +В гипервизоре Xen были обнаружены многочисленные уязвимости. - -Several security issues affecting

[DONE] wml://security/2020/dsa-4810.wml

2020-12-14 Пенетрантность Lev Lamberov
="422c1a2029b44bd82236ff5b0b402513dd2c5b8a" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Yaniv Nizry discovered that the clean module of lxml, Python bindings for - -libxml2 and libxslt could be bypassed. +Янив Низри обнаружил, что модуль clean для lxml, привязк

[DONE] wml://News/2020/20201205.wml

2020-12-07 Пенетрантность Lev Lamberov
translation="5c427e44dc4a1503d5262b5edfba60b490ea0ab1" maintainer="Lev Lamberov" +Обновлённый Debian 10: выпуск 10.7 2020-12-05 #use wml::debian::news - -# $Id: 10 buster @@ -24,27 +24,27 @@ https://packages.debian.org/src:%0;>%0 - -The Debian project is pleased to anno

[DONE] wml://security/2020/dsa-4805.wml

2020-12-07 Пенетрантность Lev Lamberov
="5361d530d3775946c18aa99359098765fef27557" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Two vulnerabilities were discovered in Apache Traffic Server, a reverse - -and forward proxy server: +В Apache Traffic Server, обратном прокси и прокси переадресации, б

[DONE] wml://security/2020/dsa-4806.wml

2020-12-07 Пенетрантность Lev Lamberov
="c729654b8b27b17cf75c7c41de57c26fb0f1d02e" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that missing input validation in minidlna, a - -lightweight DLNA/UPnP-AV server could result in the execution of - -arbitrary code. In add

[DONE] wml://security/2020/dsa-4804.wml

2020-12-04 Пенетрантность Lev Lamberov
="52c25a73651cdd0f6563886626d1d0f9e77703f5" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple vulnerabilities have been discovered in the Xen hypervisor, - -which could result in denial of service, privilege escalation or - -information leaks. +В г

[DONE] wml://security/2020/dsa-4803.wml

2020-12-04 Пенетрантность Lev Lamberov
="853e7157b6c69b10b7ad57e8eb149eeb8835c89d" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Jan-Niklas Sohn discovered that the XKB extension of the Xorg X server - -performed incomplete input validation, which could result in privilege - -escalation. +Ян-Никлас Сон

[DONE] wml://security/2020/dsa-4802.wml

2020-12-03 Пенетрантность Lev Lamberov
="1efdaeff47e09a5430403d98cdcceb78fdbdf74c" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Chiaki Ishikawa discovered a stack overflow in SMTP server status - -handling which could potentially result in the execution of arbitrary - -code. +Чиаки Ишикава обнар

[DONE] wml://security/2020/dsa-4801.wml

2020-12-01 Пенетрантность Lev Lamberov
="640681293aeb5a5c716a7d13d9aa732ea601a106" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A buffer overflow was discovered in Brotli, a generic-purpose lossless - -compression suite. +В Brotli, наборе общего назначения для сжатия без потерь, +было

[DONE] wml://security/2020/dsa-4800.wml

2020-11-28 Пенетрантность Lev Lamberov
="cf352e7c81827460aa4e72f28305a794a25189b3" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Two vulnerabilities were discovered in libproxy, an automatic proxy - -configuration management library, which could result in denial of - -service, or possibly, execution

[DONE] wml://security/2020/dsa-4799.wml

2020-11-28 Пенетрантность Lev Lamberov
="0bfac536f987e8669fb3459ac6ce097e4a8556c4" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Guenal Davalan reported a flaw in x11vnc, a VNC server to allow remote - -access to an existing X session. x11vnc creates shared memory segments - -with 0777 mode. A loc

[DONE] wml://security/2020/dsa-4798.wml

2020-11-25 Пенетрантность Lev Lamberov
="ee39b5bf5c4b20218b693e1097819eda8f312d5c" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that SPIP, a website engine for publishing, did not - -correctly validate its input. This would allow authenticated users to - -execute arbitrary code. +

[DONE] wml://security/2020/dsa-4797.wml

2020-11-24 Пенетрантность Lev Lamberov
="9008fd088ac7830da54eead9922fc56073220815" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -The following vulnerabilities have been discovered in the webkit2gtk - -web engine: +В веб-движке webkit2gtk были обнаружены следующие +уязвимости: https://security-

[DONE] wml://security/2020/dsa-4795.wml

2020-11-22 Пенетрантность Lev Lamberov
="77f6c6ffc4351230bbf6de54a49a4d73644aa4c1" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Demi Obeneour discovered that unbounded recursion in the ASN1 parser - -of libkrb5 could result in denial of service. +Деми Обенур обнаружил, что неограниченная рекурс

[DONE] wml://security/2020/dsa-4796.wml

2020-11-22 Пенетрантность Lev Lamberov
="a2fe5cd27b7eedde80ea1e6ca891c1ae5314fcc1" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues have been found in Thunderbird, which may lead - -to the execution of arbitrary code or denial of service. +В Thunderbird были обнаружены многоч

[DONE] wml://security/2020/dsa-4794.wml

2020-11-21 Пенетрантность Lev Lamberov
="a77a111514f428d19555f1fbbcfd53999d9d5f39" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A heap-based buffer overflow flaw was discovered in MuPDF, a lightweight - -PDF viewer, which may result in denial of service or the execution of - -arbitrary code if malf

[DONE] wml://security/2020/dsa-4793.wml

2020-11-18 Пенетрантность Lev Lamberov
="01ea964cfe7307b04fa9acda572fbb35e75d9d34" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues have been found in the Mozilla Firefox web - -browser, which could potentially result in the execution of arbitrary - -code, information disclosure,

[DONE] wml://security/2020/dsa-4792.wml

2020-11-17 Пенетрантность Lev Lamberov
="e6c23bf32eb3390fbeabb08bb19f804fcbc2efb3" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Two vulnerabilities in the certificate list syntax verification and - -in the handling of CSN normalization were discovered in OpenLDAP, a - -free implementation of th

Re: [DONE] wml://News/2020/20200926.wml

2020-11-17 Пенетрантность Lev Lamberov
Вт 17 ноя 2020 @ 10:18 Galina Anikina : > On Mon, 2020-09-28 at 11:16 +0500, Lev Lamberov wrote: >> +> deepCopy [CVE-2020-5258] в в методе jqMix [CVE-2020-5259]"> > в в ... два "в" >> +> неправильно выровненного слоя фигуры"> > > может -

Re: [DONE] wml://security/2020/dsa-4791.wml

2020-11-17 Пенетрантность Lev Lamberov
Вт 17 ноя 2020 @ 09:48 Galina Anikina : > On Fri, 2020-11-13 at 15:39 +0500, Lev Lamberov wrote: >> -If the enable-acl cluster option isn't enabled, members of >> the >> -haclient group can modify Pacemaker's Cluster Information >> Base without >> -rest

Re: [DONE] wml://security/2020/dsa-4789.wml

2020-11-17 Пенетрантность Lev Lamberov
Вт 17 ноя 2020 @ 09:50 Galina Anikina : > On Thu, 2020-11-12 at 16:52 +0500, Lev Lamberov wrote: >> +на языке JavaScript, уязвим в отказу в обслуживании из-за ошибки в >> +регулярных выражениях. > уязвим К отказу в обслуживании Исправил. Спасибо!

Re: [DONE] wml://security/2020/dsa-4783.wml

2020-11-17 Пенетрантность Lev Lamberov
Вт 17 ноя 2020 @ 09:53 Galina Anikina : > On Thu, 2020-11-05 at 21:00 +0500, Lev Lamberov wrote: >> +Фабиан Фогт обнаружил уязвимость в sddm, современной дисплейном >> менеджере для X11. > современноМ Исправил. Спасибо!

Re: [DONE] wml://security/2020/dsa-4766.wml

2020-11-17 Пенетрантность Lev Lamberov
Вт 17 ноя 2020 @ 10:19 Galina Anikina : > On Fri, 2020-09-25 at 21:43 +0500, Lev Lamberov wrote: >> +выполнению кода, подделке межсайтовых запросо и обходу ограничений >> загрузки. > межсайтовыХ Исправил. Спасибо!

[DONE] wml://security/2020/dsa-4790.wml

2020-11-13 Пенетрантность Lev Lamberov
="2ef47fea430f56ad287c79129641120cbea6aef8" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A use-after-free was found in Thunderbird, which could potentially result - -in the execution of arbitrary code. +В Thunderbird было обнаружено использование указателей после

[DONE] wml://security/2020/dsa-4791.wml

2020-11-13 Пенетрантность Lev Lamberov
="b35f3578f60fe18b9150a0924ba18826c4d6be4c" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Ken Gaillot discovered a vulnerability in the Pacemaker cluster - -resource manager: If ACLs were configured for users in the haclient - -group, the ACL restrictions could be

[DONE] wml://security/2020/dsa-4789.wml

2020-11-12 Пенетрантность Lev Lamberov
="d9df05ea9bcda9e60d3904cbe3a0f3b2bab462dd" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that codemirror, a browser-based text editor - -implemented in JavaScript, was vulnerable to regular expression - -denial-of-service. +Было обнаруже

[DONE] wml://security/2020/dsa-4787.wml

2020-11-09 Пенетрантность Lev Lamberov
="818bc9ca653d5fd8cdbc924b0732dffb39f9d3ec" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Two vulnerabilities were discovered in moin, a Python clone of WikiWiki. +В moin, клоне WikiWiki на языке Python, были обнаружены две уязвимости. https://security-

[DONE] wml://security/2020/dsa-4786.wml

2020-11-08 Пенетрантность Lev Lamberov
="fe4c1fad846bf71114de153423dd8c842e66ed7d" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that a boundary check in libexif, a library to parse - -EXIF files, could be optimised away by the compiler, resulting in - -a potential buffer overflow.

[DONE] wml://security/2020/dsa-4785.wml

2020-11-07 Пенетрантность Lev Lamberov
="38473d2400c549003eb093bbd5cd612b743114dd" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that raptor2, an RDF parser library, is prone to - -heap-based buffer overflow flaws, which could result in denial of - -service, or potentially t

[DONE] wml://security/2020/dsa-4783.wml

2020-11-05 Пенетрантность Lev Lamberov
="62e867385e657a2c428718f79bffc5913ae54876" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Fabian Vogt discovered a flaw in sddm, a modern display manager for X11. - -A local attacker can take advantage of a race condition when creating - -the Xauthority file t

[DONE] wml://security/2020/dsa-4782.wml

2020-10-30 Пенетрантность Lev Lamberov
="3b636d189609fe2f99f2d043ce92a23b50564375" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A vulnerability in the handling of normalization with modrdn was - -discovered in OpenLDAP, a free implementation of the Lightweight - -Directory Access Protocol. An unaut

[DONE] wml://security/2020/dsa-4781.wml

2020-10-28 Пенетрантность Lev Lamberov
="24a8e6648a8e931c21fe16282c314fc49bd9e50f" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Vaisha Bernard discovered that Blueman, a graphical bluetooth manager - -performed insufficient validation on a D-Bus interface, which could - -result in denial of service o

[DONE] wml://security/2020/dsa-4780.wml

2020-10-25 Пенетрантность Lev Lamberov
="77fef7df03831026857223475848c017b9663843" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues have been found in Thunderbird, which may lead - -to the execution of arbitrary code or denial of service. +В Thunderbird были обнаружены многоч

[DONE] wml://security/2020/dsa-4779.wml

2020-10-25 Пенетрантность Lev Lamberov
="49c9c02fcd35a748d1bc71dbd76f36e2398379b9" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Several vulnerabilities have been discovered in the OpenJDK Java runtime, - -which could result in denial of service, information disclosure, bypass of - -access/sandbox

[DONE] wml://security/2020/dsa-4777.wml

2020-10-22 Пенетрантность Lev Lamberov
="ed1e1f09f1a02b5fb64ecaaa2d2c1ad889848e27" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Sergei Glazunov discovered a heap-based buffer overflow vulnerability in - -the handling of embedded PNG bitmaps in FreeType. Opening malformed - -fonts may result in deni

[DONE] wml://security/2020/dsa-4778.wml

2020-10-22 Пенетрантность Lev Lamberov
="ed4ab617fb1a1ab8f472460310403cbe8e0ab0b2" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues have been found in the Mozilla Firefox web - -browser, which could potentially result in the execution of arbitrary - -code. +В веб-браузере M

[DONE] wml://security/2020/dsa-4776.wml

2020-10-20 Пенетрантность Lev Lamberov
="7abec7b84c0b87a48c40352b6c19775c91833576" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A security issue was discovered in the MariaDB database server. +В сервере баз данных MariaDB была обнаружена проблема безопасности. - -For the stable distribution (buster

[DONE] wml://security/2020/dsa-4775.wml

2020-10-20 Пенетрантность Lev Lamberov
="47ed719741866bf1f4d6a0b2a4d1fc150669ebcc" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A directory traversal vulnerability was discovered in python-flask-cors, - -a Flask extension for handling Cross Origin Resource Sharing (CORS), - -allowing to access priv

[DONE] wml://security/2020/dsa-4774.wml

2020-10-20 Пенетрантность Lev Lamberov
="43f8d7b8b91b167696b5c84ec0911bab7b7073f2" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Several vulnerabilities have been discovered in the Linux kernel that - -may lead to the execution of arbitrary code, privilege escalation, - -denial of service or informa

[DONE] wml://security/2020/dsa-4773.wml

2020-10-17 Пенетрантность Lev Lamberov
="7c87d7393452c5b5f751f8802a32709ff0440f1d" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Two vulnerabilities were discovered in yaws, a high performance HTTP 1.1 - -webserver written in Erlang. +В yaws, высокопроизводительном веб-сервере HTTP 1.1, написанном на я

[DONE] wml://security/2020/dsa-4772.wml

2020-10-14 Пенетрантность Lev Lamberov
="8694e8a0aa6b66cc5eac0865b3ee6a1d16f88792" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Priyank Nigam discovered that HttpComponents Client, a Java HTTP agent - -implementation, could misinterpret malformed authority component in a - -request URI and pick the

[DONE] wml://security/2020/dsa-4771.wml

2020-10-12 Пенетрантность Lev Lamberov
="222ebe7a6bf792277dd58f45e6374e0bd033" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Frediano Ziglio discovered multiple buffer overflow vulnerabilities in - -the QUIC image decoding process of spice, a SPICE protocol client and - -server library, which cou

[DONE] wml://security/2020/dsa-4770.wml

2020-10-06 Пенетрантность Lev Lamberov
="ff8a3d6698e4eb0dad68c425924fd9c4c266c453" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues have been found in Thunderbird, which may lead - -to the execution of arbitrary code or denial of service. +В Thunderbird были обнаружены многоч

[DONE] wml://security/2020/dsa-4769.wml

2020-10-02 Пенетрантность Lev Lamberov
="084086e7e0be0ea4314be25891e17ee613e4971f" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple vulnerabilities have been discovered in the Xen hypervisor, - -which could result in denial of service, guest-to-host privilege - -escalation or information

[DONE] wml://security/2020/dsa-4768.wml

2020-09-28 Пенетрантность Lev Lamberov
="48834d10a4104ac36c3f9d5f545e09374d165f06" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues have been found in the Mozilla Firefox web - -browser, which could potentially result in the execution of arbitrary - -code, cross-site sc

Re: [DONE] wml://News/2020/20200926.wml

2020-09-28 Пенетрантность Lev Lamberov
Пн 28 сен 2020 @ 12:58 Vladimir Zhbanov : > On Mon, Sep 28, 2020 at 11:16:36AM +0500, Lev Lamberov wrote: >> +> CVE-2020-14363]"> >> +> и удобства использования"> > > О_б_ратный перенос нескольких исправлени_й_ безопасности и _улучшений_ > уд

[DONE] wml://News/2020/20200926.wml

2020-09-28 Пенетрантность Lev Lamberov
translation="cc3aa11466129a6224ab33a305a554cb8d65f63c" maintainer="Lev Lamberov" +Обновлённый Debian 10: выпуск 10.6 2020-09-26 #use wml::debian::news - -# $Id: 10 buster @@ -24,106 +24,103 @@ https://packages.debian.org/src:%0;>%0 - -The Debian project is pleased to an

[DONE] wml://security/2020/dsa-4767.wml

2020-09-26 Пенетрантность Lev Lamberov
="dbf424479529f1ce388c9563597e59b1ae9a621e" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues were discovered in MediaWiki, a website engine - -for collaborative work: SpecialUserRights could leak whether a user - -existed or not, m

[DONE] wml://security/2020/dsa-4766.wml

2020-09-25 Пенетрантность Lev Lamberov
="7f3364db3e477a10e1a23c76dc53d567620d9ab7" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues were discovered in the Rails web framework - -which could result in cross-site scripting, information leaks, code - -execution, cross-site reque

[DONE] wml://security/2020/dsa-4765.wml

2020-09-18 Пенетрантность Lev Lamberov
="b065b1cb4aeee3043ecfbff6dedae4d7f50fbcaf" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Ervin Hegedues discovered that ModSecurity v3 enabled global regular - -expression matching which could result in denial of service. For - -additional information please refe

[DONE] wml://security/2020/dsa-4764.wml

2020-09-18 Пенетрантность Lev Lamberov
="5f3e79ef877d23efa55fa544436afab853649de5" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Two security issues were discovered in the pgsql and mysql modules of - -the InspIRCd IRC daemon, which could result in denial of service. +В модулях pgsql и mysql для IRC-с

[DONE] wml://security/2020/dsa-4763.wml

2020-09-15 Пенетрантность Lev Lamberov
="f4c135d01ebacd4f69abc7f34e19ce2af0d49d07" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that insufficient sanitising of received network - -packets in the game server of Teeworlds, an online multi-player platform - -2D shooter, could resu

[DONE] wml://security/2020/dsa-4762.wml

2020-09-07 Пенетрантность Lev Lamberov
="77a1a54a1e720b7b6a4728d7991dec5b71920476" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that the default configuration files for running the - -Lemonldap::NG Web SSO system on the Nginx web server were susceptible - -to authorisation bypass o

[DONE] wml://security/2020/dsa-4761.wml

2020-09-07 Пенетрантность Lev Lamberov
="176fe9aed0fbc36fe1bc0303df50e4f7e7fa68d4" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that ZeroMQ, a lightweight messaging kernel library - -does not properly handle connecting peers before a handshake is - -completed. A remote, una

[DONE] wml://security/2020/dsa-4760.wml

2020-09-06 Пенетрантность Lev Lamberov
="ae43a20b2d5aa41f311b5844ffc0f9d06f6b1090" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues were discovered in QEMU, a fast processor - -emulator: +В QEMU, быстром эмуляторе процессора, были обнаружены многочисленные проблемы +безопас

[DONE] wml://security/2020/dsa-4759.wml

2020-09-05 Пенетрантность Lev Lamberov
="54cb7987eeaacf4385374a59f97f480a812c4ae5" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Fabian Vogt reported that the Ark archive manager did not sanitise - -extraction paths, which could result in maliciously crafted archives - -with symlinks writing ou

[DONE] wml://security/2020/dsa-4758.wml

2020-09-05 Пенетрантность Lev Lamberov
="bfcc219f5681a7e9fe3402cc59af5549d48a67c0" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Several vulnerabilities have been discovered in the X.Org X server. - -Missing input sanitising in X server extensions may result in local - -privilege escalation if the

Re: [DONE] wml://security/2020/dsa-4757.wml

2020-09-02 Пенетрантность Lev Lamberov
Ср 02 сен 2020 @ 13:23 Galina Anikina : > On Mon, 2020-08-31 at 21:01 +0500, Lev Lamberov wrote: >> --- ../../english/security/2020/dsa-4757.wml 2020-08-31 >> 20:50:14.602974313 +0500 >> +++ 2020/dsa-4757.wml2020-08-31 21:00:13.558894850 +0500 >> @@ -1,50 +

[DONE] wml://security/2020/dsa-4757.wml

2020-08-31 Пенетрантность Lev Lamberov
="2592e40c5d7143a6f575ff96f6127ba4fb3f18d5" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Several vulnerabilities have been found in the Apache HTTPD server. +В HTTPD-сервере Apache было обнаружено несколько уязвимостей. https://security-tracker.debian.

Re: [DONE] wml://security/2020/dsa-4752.wml

2020-08-30 Пенетрантность Lev Lamberov
Вс 30 авг 2020 @ 00:46 Galina Anikina : > On Fri, 2020-08-28 at 11:31 +0500, Lev Lamberov wrote: >> --- ../../english/security/2020/dsa-4752.wml 2020-08-28 >> 11:22:10.864197686 +0500 >> +++ 2020/dsa-4752.wml2020-08-28 11:31:27.190671477 +0500 >> @@ -1,45 +

[DONE] wml://security/2020/dsa-4754.wml

2020-08-30 Пенетрантность Lev Lamberov
="958314d2c44403b1e7e52a101ee2cceaba26ea73" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues have been found in Thunderbird which could - -result in the execution of arbitrary code or the unintended installation - -of extensions.

[DONE] wml://security/2020/dsa-4755.wml

2020-08-30 Пенетрантность Lev Lamberov
="780d252ffaf680836cda837cd5f28e1485f96081" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues were found in the OpenEXR image library, which - -could result in denial of service and potentially the execution of - -arbitrary code when proces

[DONE] wml://security/2020/dsa-4756.wml

2020-08-30 Пенетрантность Lev Lamberov
="3fbbca4921406382e3b6172f575f8c87cbcc5ea6" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Faidon Liambotis discovered that Lilypond, a program for typesetting - -sheet music, did not restrict the inclusion of Postscript and SVG - -commands when operating in

[DONE] wml://security/2020/dsa-4753.wml

2020-08-29 Пенетрантность Lev Lamberov
="ac7ded650ad95977c0af57ac41dc59efcd7e5d28" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A heap-based buffer overflow flaw was discovered in MuPDF, a lightweight - -PDF viewer, which may result in denial of service or the execution of - -arbitrary code if a ma

[DONE] wml://security/2020/dsa-4752.wml

2020-08-28 Пенетрантность Lev Lamberov
="5346ad19e1bb39a2123f70e49de6fe4ffa9caa5b" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Several vulnerabilities were discovered in BIND, a DNS server - -implementation. +В BIND, реализации DNS-сервера, было обнаружено несколько +уязвимостей. https://secur

[DONE] wml://security/2020/dsa-4751.wml

2020-08-27 Пенетрантность Lev Lamberov
="f542876b792062f3c2d2e7040bc21033b1fbc887" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Several vulnerabilities were discovered in Squid, a fully featured web - -proxy cache, which could result in request splitting, request smuggling - -(leading to cache poisoni

[DONE] wml://security/2020/dsa-4750.wml

2020-08-26 Пенетрантность Lev Lamberov
="7060e6d28fcf2f959a5d7be907131d1d7b70b7f4" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was reported that the Lua module for Nginx, a high-performance web - -and reverse proxy server, is prone to a HTTP request smuggling - -vulnerability. +Было сообщено, чт

[DONE] wml://security/2020/dsa-4749.wml

2020-08-26 Пенетрантность Lev Lamberov
="17f01874d49c6a574936a09667741e3d63ccdbda" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues have been found in the Mozilla Firefox web - -browser, which could potentially result in the execution of arbitrary - -code or unintended or malici

[DONE] wml://security/2020/dsa-4748.wml

2020-08-26 Пенетрантность Lev Lamberov
="f608e4db49e6cb7ea48b9fee91ffab3cc8d5c11c" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Multiple security issues were discovered in Ghostscript, the GPL - -PostScript/PDF interpreter which could result in denial of service and - -potentially the execution

[DONE] wml://security/2020/dsa-4747.wml

2020-08-24 Пенетрантность Lev Lamberov
="518a7803359678db05da2d9b06e674aab4073a2f" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A directory traversal vulnerability was discovered in Icinga Web 2, a - -web interface for Icinga, which could result in the disclosure of files - -readable by the process. +

[DONE] wml://security/2020/dsa-4746.wml

2020-08-15 Пенетрантность Lev Lamberov
="4336abe86a49e12943eb9b9ea334670f09ed6b54" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Several vulnerabilities were discovered in net-snmp, a suite of Simple - -Network Management Protocol applications, which could lead to privilege - -escalation. +В net-

[DONE] wml://security/2020/dsa-4745.wml

2020-08-12 Пенетрантность Lev Lamberov
="7fbf113ef094837f72d2bdb71154488accfe2afb" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Several vulnerabilities have been discovered in the Dovecot email - -server. +В почтовом сервере Dovecot было обнаружено несколько +уязвимостей. https://security-track

[DONE] wml://security/2020/dsa-4744.wml

2020-08-11 Пенетрантность Lev Lamberov
="143b5edcd9c9f2a19ad8b68426833a133c5cfe48" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -It was discovered that roundcube, a skinnable AJAX based webmail - -solution for IMAP servers, is prone to cross-site scripting - -vulnerabilities in handling invalid s

[DONE] wml://security/2020/dsa-4743.wml

2020-08-11 Пенетрантность Lev Lamberov
="8d1a7f256ceac3440cf5499bfeeb299321730754" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -A flaw was discovered in ruby-kramdown, a fast, pure ruby, Markdown - -parser and converter, which could result in unintended read access to - -files or unintended emb

[DONE] wml://security/2020/dsa-4742.wml

2020-08-06 Пенетрантность Lev Lamberov
="2f2e4e4ed7b781eff447b99c3d177c672b61e21f" mindelta="1" maintainer="Lev Lamberov" +обновление безопасности - -Tim Starling discovered two vulnerabilities in firejail, a sandbox - -program to restrict the running environment of untrusted applications. +Тим Старлинг обнаружил две уя

  1   2   3   4   5   6   7   8   9   10   >