Package: smb4k
Severity: normal
Tags: security upstream fixed-upstream
Hi,
the following vulnerability was published for smb4k.
CVE-2014-2581[0]:
credentials cache leak
and is fixed in a new upstream version 1.1.1. This minor issue was
already marked no-dsa in the security-tracker.
If you fix
::infoTagsHandler
+Thanks to Klaus Ethgen kl...@ethgen.de (Closes: #773846)
+
+ -- Salvatore Bonaccorso car...@debian.org Wed, 07 Jan 2015 20:25:48 +0100
+
exiv2 (0.24-4) unstable; urgency=medium
* Team upload.
diff -Nru exiv2-0.24/debian/patches/CVE-2014-9449.patch exiv2-0.24/debian/patches/CVE
Hi Pierre,
On Mon, Dec 14, 2015 at 10:28:26PM +0100, Pierre Schweitzer wrote:
> Dear all,
>
> After having asked for a CVE[0] for this Quassel issue [1], I've
> uploaded you (attached) a debdiff & dsc to the bug report for an upload.
> Would you be able to sponsor the upload, as I can't?
> Or
Hi Pierre,
Thanks for you quick reply, really appreciated.
On Sun, Dec 27, 2015 at 10:55:28AM +0100, Pierre Schweitzer wrote:
> Hi Salvatore,
>
> On 27/12/2015 09:09, Salvatore Bonaccorso wrote:
> > Hi Pierre,
> >
> > On Mon, Dec 14, 2015 at 10:28:26PM +0100, Pierre
Hi Pierre,
On Sun, Jun 05, 2016 at 01:34:53PM +0200, Pierre Schweitzer wrote:
> Dear all,
>
> The CVE 2016-4414 was identified earlier in Quassel, which allows an
> unauthenticated remote DoS in quassel-core. Its associated bug report in
> Debian BTS is: #826402.
> Please find attached a debdiff
reassign 826402 src:quassel
found 826402 1:0.10.0-2.3
close 826402 1:0.12.4-2
thanks
___
pkg-kde-extras mailing list
pkg-kde-extras@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: upstream security
Justification: user security hole
Hi,
the following vulnerability was published for exiv2.
CVE-2017-12957[0]:
| There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that
| is triggered in the Exiv2::Image::io
Source: exiv2
Version: 0.25-3.1
Severity: normal
Tags: upstream security
Forwarded: https://github.com/Exiv2/exiv2/issues/55
Hi,
the following vulnerability was published for exiv2.
CVE-2017-11591[0]:
| There is a Floating point exception in the Exiv2::ValueType function in
| Exiv2 0.26 that
Hi
On Mon, Nov 13, 2017 at 10:17:37AM +0100, Yves-Alexis Perez wrote:
> Package: konversation
> Tag: security
>
> On Sun, 2017-11-12 at 17:01 -0500, Joseph Bisch wrote:
> > Hi,
> >
> > See the November 11th security advisory for Konversation at:
> >
> > https://konversation.kde.org/
> >
> >
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/139
Hi,
the following vulnerability was published for exiv2.
CVE-2017-14861[0]:
| There is a stack consumption vulnerability in the
| Exiv2::Internal::stringFormat function of
Hi
On Mon, Jul 17, 2017 at 01:36:41PM +0200, Maximiliano Curia wrote:
> Control: notfound -1 0.25-3.1
> Control: found -1 0.26-1
>
> ??Hola Moritz!
>
> El 2017-07-16 a las 22:49 +0200, Moritz Muehlenhoff escribi??:
> > Package: exiv2 Version: 0.25-3.1 Severity: important Tags: security
> >
> >
Source: smb4k
Version: 1.1.2-1
Severity: important
Tags: security patch upstream
Hi,
the following vulnerability was published for smb4k.
CVE-2017-8849[0]:
No description was found (try on a search engine)
If you fix the vulnerability please also make sure to include the
CVE (Common
Source: exiv2
Version: 0.24-4.1
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for exiv2.
CVE-2017-9239[0]:
| An issue was discovered in Exiv2 0.26. When the data structure of the
| structure ifd is incorrect, the program assigns pValue_ to 0x0, and
Hi Markus,
Thanks for analyzing the code for older versions.
On Mon, Jun 12, 2017 at 11:52:00PM +0200, Markus Koschany wrote:
> Hi,
>
> I had a look at smb4k and CVE-2017-8849 and wanted to mark the package
> in Wheezy and Jessie as not-affected. However I'm not completely sure
> and I would
Hi Maximiliano and Markus,
On Wed, Jun 14, 2017 at 12:51:04PM +0200, Maximiliano Curia wrote:
> ¡Hola Salvatore!
>
> El 2017-06-13 a las 13:47 +0200, Salvatore Bonaccorso escribió:
> > Thanks for analyzing the code for older versions.
>
> > On Mon, Jun 12, 2017 at
Control: found -1 1.1.2-1
Upstream (Albert Astals Cid) confirmed that the version in Jessie is
affected.
cut-cut-cut-cut-cut-cut-
proc.setProgram( args["command"].toStringList() );
// Run the mount process.
proc.start();
Hi
On Wed, Nov 09, 2016 at 05:52:59PM +0100, Balint Reczey wrote:
> On Thu, 6 Oct 2016 02:31:33 +0200 Balint Reczey <bal...@balintreczey.hu>
> wrote:
> > On Wed, 05 Oct 2016 21:48:58 +0200 Salvatore Bonaccorso
> > <car...@debian.org> wrote:
> > > Hi,
&
Source: exiv2
Version: 0.26-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/202
Hi,
the following vulnerability was published for exiv2.
CVE-2018-4868[0]:
| The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2
| 0.26 allows remote
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/134
Hi,
the following vulnerability was published for exiv2, only affecting
the experimental version.
CVE-2017-14865[0]:
| There is a heap-based buffer overflow in the
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/175
Hi,
the following vulnerability was published for exiv2, only affecting
experimental version.
CVE-2017-1000126[0]:
| exiv2 0.26 contains a Stack out of bounds read in webp
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: security upstream
Hi,
the following vulnerability was published for exiv2, and is only
affecting experimental version. Marking grave to indicate should not
go into unstable (the issue itself does not really warrant grave
severity, so if you
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/59
Hi,
the following vulnerability was published for exiv2, only affecting
experimental.
CVE-2017-12956[0]:
| There is an illegal address access in
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/54
Hi,
the following vulnerability was published for exiv2, only experimental
is affected.
CVE-2017-11553[0]:
| There is an illegal address access in the extend_alias_table
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/71
Hi,
the following vulnerability was published for exiv2, only affecting
the experimental version.
CVE-2017-14860[0]:
| There is a heap-based buffer over-read in the
|
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/132
Hi,
the following vulnerability was published for exiv2, only affecting
the experimental version.
CVE-2017-14863[0]:
| A NULL pointer dereference was discovered in
|
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/58
Hi,
the following vulnerability was published for exiv2, only affecting
experimental version.
CVE-2017-12955[0]:
| There is a heap-based buffer overflow in basicio.cpp of
Source: exiv2
Version: 0.26-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/208
Hi,
the following vulnerability was published for exiv2, should affect
only the experimental version (0.26-1).
CVE-2017-17722[0]:
| In Exiv2 0.26, there is a reachable
Source: exiv2
Version: 0.24-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/187
Hi,
the following vulnerability was published for exiv2.
CVE-2017-17669[0]:
| There is a heap-based buffer over-read in the
| Exiv2::Internal::PngChunk::keyTXTChunk
Source: exiv2
Version: 0.24-1
Severity: normal
Tags: patch security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/168
Hi,
the following vulnerability was published for exiv2.
CVE-2017-18005[0]:
| Exiv2 0.26 has a Null Pointer Dereference in the
| Exiv2::DataValue::toLong function in
Source: exiv2
Version: 0.26-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/210
Hi,
the following vulnerability was published for exiv2, another one
affecting only exiv2 starting from 0.26 and thus for the moment only
experimental.
Source: exiv2
Version: 0.26-1
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://github.com/Exiv2/exiv2/issues/247
Hi,
The following vulnerability was published for exiv2, which affects in
Debian only the exerimental version.
CVE-2018-8977[0]:
| In
31 matches
Mail list logo
