[Secure-testing-team] Bug#699226: rails: CVE-2013-0333: Vulnerability in JSON Parser in Ruby on Rails 3.0 and 2.3

Package: rails Severity: grave Tags: security Justification: user security hole Hi The following advisory was made for rails: [1] http://weblog.rubyonrails.org/ [2]: https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/1h2DR63ViGo Disclaimer: I have not checked which

[Secure-testing-team] Embedded code in mednafen and xmoto

Hi, I maintain mednafen and xmoto which ship other packages' source code. mednafen includes: * lzo2, not-affected since 0.8.D.3-4 and 0.9.17.1-1 (the source package includes minilzo but the binary package is built using the minilzo package instead) * libvorbisidec, not-affected since

[Secure-testing-team] Bug#699316: libupnp: Multiple stack buffer overflow vulnerabilities

Package: libupnp Severity: grave Tags: security Hi, the following vulnerabilities were published for libupnp. CVE-2012-5958[0]: Stack buffer overflow of Tempbuf CVE-2012-5959[1]: Stack buffer overflow of Event-UDN CVE-2012-5960[2]: Stack buffer overflow of Event-UDN CVE-2012-5961[3]: Stack