secure-testing-team  

Messages by Thread

• [Secure-testing-team] Bug#851485: [imagemagick] ipl file missing malloc check Bastien ROUCARIÈS
• [Secure-testing-team] Bug#851483: [imagemagick] wpg file off by one Bastien ROUCARIÈS
• [Secure-testing-team] Bug#851430: CVE-2016-9571 Moritz Muehlenhoff
• [Secure-testing-team] Bug#851422: openjpeg2: CVE-2016-9572 CVE-2016-9573 Salvatore Bonaccorso
• [Secure-testing-team] Bug#851408: CVE-2016-6814 Moritz Muehlenhoff
• [Secure-testing-team] Bug#851405: CVE-2016-9186 CVE-2016-9187 CVE-2016-9188 Moritz Muehlenhoff
• [Secure-testing-team] Bug#851406: libgit2: CVE-2016-10128 CVE-2016-10129 CVE-2016-10130 CVE-2017-5338 CVE-2017-5339 Salvatore Bonaccorso
• [Secure-testing-team] Bug#851396: CVE-2015-5303 / CVE-2015-5329 Moritz Muehlenhoff
• [Secure-testing-team] Bug#851383: [imagemagick] double free in profile Bastien ROUCARIÈS
• [Secure-testing-team] Bug#851382: [imagemagick] memory leak in MPC file handling Bastien ROUCARIÈS
• [Secure-testing-team] Bug#851381: [imagemagick] Crash - PushQuantumPixel - Heap-Buffer-Overflow (TIFF) Bastien ROUCARIÈS
• [Secure-testing-team] Bug#851380: [imagemagick] memory leak in caption and label handling Bastien ROUCARIÈS
• [Secure-testing-team] Bug#851377: [imagemagick] out of bound in psd file handling Bastien ROUCARIÈS
• [Secure-testing-team] Bug#851376: [imagemagick] memory corruption heap overflow Bastien ROUCARIÈS
• [Secure-testing-team] Bug#851374: [imagemagick] memory corruption heap overflow Bastien ROUCARIÈS
• [Secure-testing-team] Bug#851310: wordpress: Eight security issues in wordpress 4.7 Craig Small
• [Secure-testing-team] Bug#851307: [vtable-dumper] New upstream version fixing securities bug Bastien ROUCARIÈS
• [Secure-testing-team] Bug#851297: tiff: CVE-2017-5225 Salvatore Bonaccorso
• [Secure-testing-team] Bug#851293: CVE-2016-9590 Moritz Muehlenhoff
• [Secure-testing-team] Bug#851278: CVE-2016-9954 Moritz Muehlenhoff
• [Secure-testing-team] Bug#851244: percona-xtrabackup: CVE-2016-6225 Salvatore Bonaccorso
• [Secure-testing-team] Bug#851196: libplist: CVE-2017-5209 Salvatore Bonaccorso
• [Secure-testing-team] Bug#851161: CVE-2016-2339 Moritz Muehlenhoff
• [Secure-testing-team] Bug#851159: Invalid free Moritz Muehlenhoff
• [Secure-testing-team] Bug#851065: bind9: CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion Salvatore Bonaccorso
• [Secure-testing-team] Bug#851063: bind9: CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure Salvatore Bonaccorso
• [Secure-testing-team] Bug#851062: bind9: CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure Salvatore Bonaccorso
• [Secure-testing-team] Bug#850968: CVE-2016-2788 Moritz Muehlenhoff
• [Secure-testing-team] Bug#850954: CVE-2016-10040 Moritz Muehlenhoff
• [Secure-testing-team] Bug#850952: CVE-2016-9962 Moritz Muehlenhoff
• [Secure-testing-team] Bug#850951: CVE-2016-9962 Moritz Muehlenhoff
• [Secure-testing-team] Bug#850939: zabbix: sql injection, remote code execution, privileges escalation IvanBayan
• [Secure-testing-team] Bug#850874: ark: CVE-2017-5330: Unintended execution of scripts and executable files Salvatore Bonaccorso
• [Secure-testing-team] Bug#850846: ansible: CVE-2016-9587: host to controller command execution vulnerability Salvatore Bonaccorso
• [Secure-testing-team] Bug#850725: flickcurl: New upstream release, fixing overflows Jonas Smedegaard
• [Secure-testing-team] Bug#850716: XML External Entity attack Thomas Goirand
• [Secure-testing-team] Bug#850558: firejail: CVE-2017-5206 Salvatore Bonaccorso
• [Secure-testing-team] Bug#850528: firejail: root shell via --bandwidth and --shell Salvatore Bonaccorso
• [Secure-testing-team] Bug#850497: jbig2dec: CVE-2016-9601: Heap-buffer overflow due to Integer overflow in jbig2_image_new function Salvatore Bonaccorso
• [Secure-testing-team] Bug#850491: slurm-llnl: CVE-2016-10030 Salvatore Bonaccorso
• [Secure-testing-team] Bug#850403: irssi: multiple vulnerabilities Salvatore Bonaccorso
• [Secure-testing-team] Bug#850322: npm: CVE-2016-3956 Salvatore Bonaccorso
• [Secure-testing-team] Bug#850320: mock: CVE-2016-6299: privilige escalation via mock-scm Salvatore Bonaccorso
• [Secure-testing-team] Bug#850316: tiff: CVE-2016-10095: stack-based buffer overflow in _TIFFVGetField (tif_dir.c) Salvatore Bonaccorso
• [Secure-testing-team] Bug#850216: mysql-server-5.6: Listens on * by default after installation (related to use of alternatives) Salvatore Bonaccorso
• [Secure-testing-team] Bug#850215: zendframework: CVE-2016-10034 Salvatore Bonaccorso
• [Secure-testing-team] Bug#850160: firejail: Firejail local root exploit Moritz Muehlenhoff
• [Secure-testing-team] Bug#850007: libvncserver: CVE-2016-9941 Salvatore Bonaccorso
• [Secure-testing-team] Bug#850008: libvncserver: CVE-2016-9942 Salvatore Bonaccorso
• [Secure-testing-team] Bug#849970: freeipa: CVE-2016-7030: DoS attack against kerberized services by abusing password policy Salvatore Bonaccorso
• [Secure-testing-team] Bug#849950: freeipa: CVE-2016-9575: Insufficient permission check in certprofile-mod Salvatore Bonaccorso
• [Secure-testing-team] Bug#849849: rabbitmq-server: CVE-2016-9877 Salvatore Bonaccorso
• [Secure-testing-team] Bug#849799: libpng1.6: CVE-2016-10087: NULL pointer dereference in png_set_text_2() Salvatore Bonaccorso
• [Secure-testing-team] Bug#849798: qemu: CVE-2016-10028: display: virtio-gpu-3d: OOB access while reading virgl capabilities Salvatore Bonaccorso
• [Secure-testing-team] Bug#849777: shutter: CVE-2016-10081: Insecure use of perl exec() Salvatore Bonaccorso
• [Secure-testing-team] Bug#849632: tqdm: CVE-2016-10075: insecure use of git Salvatore Bonaccorso
• [Secure-testing-team] Bug#849626: libphp-swiftmailer: CVE-2016-10074 Salvatore Bonaccorso
• [Secure-testing-team] Bug#849495: python-crypto: CVE-2013-7459 Salvatore Bonaccorso
• [Secure-testing-team] Bug#849479: tigervnc: CVE-2014-8240: integer overflow flaw, leading to a heap-based buffer overflow in screen size handling Salvatore Bonaccorso
• [Secure-testing-team] Bug#849478: tigervnc: CVE-2014-8241: NULL pointer dereference flaw in XRegion Salvatore Bonaccorso
• [Secure-testing-team] Bug#849439: imagemagick: CVE-2016-10062: fwrite issue in ReadGROUP4Image Salvatore Bonaccorso
• [Secure-testing-team] Bug#849432: gdm3: CVE-2016-1000002: Information leak before screen lock Salvatore Bonaccorso
• [Secure-testing-team] Bug#849365: libphp-phpmailer: CVE-2016-10033 Salvatore Bonaccorso
• [Secure-testing-team] Bug#849346: CVE-2015-3239 Moritz Muehlenhoff
• [Secure-testing-team] Alles Gute zum Geburtstag lieber Jesus Bodo Schlecht
• [Secure-testing-team] Bug#849212: msgpuck: CVE-2016-9036: Invalid handling of map16 format in mp_check() Salvatore Bonaccorso
• [Secure-testing-team] Bug#849198: libxml2: CVE-2016-9596: stack exhaustion while parsing xml files in recovery mode Salvatore Bonaccorso
• [Secure-testing-team] Bug#849167: libspring-java: CVE-2016-9878 Salvatore Bonaccorso
• [Secure-testing-team] ftp.debian.org: Remove cruft from testing-security Boyuan Yang
• [Secure-testing-team] Bug#849048: ceph: CVE-2016-9579 Salvatore Bonaccorso
• [Secure-testing-team] Bug#848958: curl: CVE-2016-9586: printf floating point buffer overflow Salvatore Bonaccorso
• [Secure-testing-team] Bug#848717: openssh: CVE-2016-10012 Salvatore Bonaccorso
• [Secure-testing-team] Bug#848715: openssh: CVE-2016-10010 Salvatore Bonaccorso
• [Secure-testing-team] Bug#848716: openssh: CVE-2016-10011 Salvatore Bonaccorso
• [Secure-testing-team] Bug#848714: openssh: CVE-2016-10009 Salvatore Bonaccorso
• [Secure-testing-team] Bug#848713: xen: CVE-2016-10013: x86: Mishandling of SYSCALL singlestep during emulation Salvatore Bonaccorso
• [Secure-testing-team] Bug#848704: CVE-2016-4973 Moritz Mühlenhoff
• [Secure-testing-team] Hermosas Casas, Departamentos y Terrenos en Venta REMAX
• [Secure-testing-team] Bug#848641: spip: CVE-2016-9997 CVE-2016-9998 Salvatore Bonaccorso
• [Secure-testing-team] Bug#848493: squid3: SQUID-2016:11: Information disclosure in HTTP Request processing Salvatore Bonaccorso
• [Secure-testing-team] Bug#848491: squid3: SQUID-2016:10: Information disclosure n Collapsed Forwarding Salvatore Bonaccorso
• [Secure-testing-team] Bug#848392: python-bottle: CVE-2016-9964: redirect() doesn't filter "\r\n" which allows for CRLF attack Salvatore Bonaccorso
• [Secure-testing-team] Bug#848213: apport: CVE-2016-9949 CVE-2016-9950 CVE-2016-9951 Salvatore Bonaccorso
• [Secure-testing-team] Bug#848139: CVE-2016-8707 ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability Bastien ROUCARIES
• [Secure-testing-team] Bug#848132: most is vulnerable to a shell injection attack using LZMA-compressed files Alberto Garcia
• [Secure-testing-team] Sorpréndele con un ordendor y no le digas lo que te ha costado Informática Ocasión
• [Secure-testing-team] Bug#848114: flightgear: Allows the route manager to overwrite arbitrary files Florent Rougon
• [Secure-testing-team] Casa en Venta en la Calle Buenos Aires CASA EN VENTA
• [Secure-testing-team] Bug#848081: xen: CVE-2016-9932: x86 CMPXCHG8B emulation fails to ignore operand size override Salvatore Bonaccorso
• [Secure-testing-team] Bug#848071: Code execution in SNES code Moritz Muehlenhoff
• [Secure-testing-team] Bug#848009: libcrypto++: CVE-2016-9939: denial-of-service in ASN1 decoder Salvatore Bonaccorso
• [Secure-testing-team] Bug#847960: qemu: CVE-2016-9921 CVE-2016-9922 Salvatore Bonaccorso
• [Secure-testing-team] Bug#847957: qemu: CVE-2016-9923: char: use after free issue in char backend Salvatore Bonaccorso
• [Secure-testing-team] Bug#847953: qemu: CVE-2016-9907: usb: redirector: memory leakage when destroying redirector Salvatore Bonaccorso
• [Secure-testing-team] Bug#847951: qemu: CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer Salvatore Bonaccorso
• [Secure-testing-team] Bug#847837: bluez: CVE-2016-9797 CVE-2016-9798 CVE-2016-9799 CVE-2016-9800 CVE-2016-9801 CVE-2016-9802 CVE-2016-9803 CVE-2016-9804 CVE-2016-9917 CVE-2016-9918 Salvatore Bonaccorso
• [Secure-testing-team] Bug#847668: asterisk: AST-2016-009 Salvatore Bonaccorso
• [Secure-testing-team] Bug#847666: asterisk: AST-2016-008: Crash on SDP offer or answer from endpoint using Opus Salvatore Bonaccorso
• [Secure-testing-team] Bug#847496: qemu: CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 Salvatore Bonaccorso
• [Secure-testing-team] Bug#847486: unzip: CVE-2016-9844: zipinfo buffer overflow Salvatore Bonaccorso
  • Re: [Secure-testing-team] Bug#847486: unzip: CVE-2016-9844: zipinfo buffer overflow Santiago Vila
• [Secure-testing-team] Bug#847485: unzip: CVE-2014-9913: buffer oveflowin "unzip -l" via list_files() in list.c Salvatore Bonaccorso
  • Re: [Secure-testing-team] Bug#847485: unzip: CVE-2014-9913: buffer oveflowin "unzip -l" via list_files() in list.c Santiago Vila
  • Re: [Secure-testing-team] Bug#847485: unzip: CVE-2014-9913: buffer oveflowin "unzip -l" via list_files() in list.c Santiago Vila
  • Re: [Secure-testing-team] Bug#847485: unzip: CVE-2014-9913: buffer oveflowin "unzip -l" via list_files() in list.c Salvatore Bonaccorso
• [Secure-testing-team] Bug#847400: qemu: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset Salvatore Bonaccorso
• [Secure-testing-team] Bug#847391: qemu: display: virtio-gpu: memory leakage when destroying gpu resource Salvatore Bonaccorso
• [Secure-testing-team] Bug#847382: qemu: CVE-2016-9846: display: virtio-gpu: memory leakage while updating cursor Salvatore Bonaccorso
• [Secure-testing-team] Bug#847381: qemu: CVE-2016-9845: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset_info Salvatore Bonaccorso
• [Secure-testing-team] Bug#847287: roundcube: Roundcube 1.2.2: Remote command execution via malicious email composing Juan Rossi
• [Secure-testing-team] Bug#847275: zlib: CVE-2016-9843 Salvatore Bonaccorso
• [Secure-testing-team] Bug#847274: zlib: CVE-2016-9842 Salvatore Bonaccorso
• [Secure-testing-team] Bug#847270: zlib: CVE-2016-9840 CVE-2016-9841: out-of-bounds pointer Salvatore Bonaccorso
• [Secure-testing-team] Bug#847157: gitlab: CVE-2016-9469 Salvatore Bonaccorso
• [Secure-testing-team] Bug#847156: spip: CVE-2016-9152 Salvatore Bonaccorso
• [Secure-testing-team] Bug#847124: apache2: CVE-2016-8740: erver memory can be exhausted and service denied when HTTP/2 is used Salvatore Bonaccorso
• [Secure-testing-team] Bug#847072: graphicsmagick: CVE-2016-9830 Salvatore Bonaccorso
• [Secure-testing-team] Bug#846938: dhcpcd5: CVE-2014-7913 Salvatore Bonaccorso
• [Secure-testing-team] Bug#846838: tiff: divide-by-zero in readSeparateStripsIntoBuffer Salvatore Bonaccorso
• [Secure-testing-team] Bug#846837: tiff: heap-based buffer overflow in TIFFFillStrip Salvatore Bonaccorso
• [Secure-testing-team] Bug#846797: qemu: CVE-2016-9776: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive Salvatore Bonaccorso
• [Secure-testing-team] Bug#846605: dovecot: CVE-2016-8652: remote crash when auth-policy component is activated Salvatore Bonaccorso
• [Secure-testing-team] Bug#846545: [golang-1.7] Security issues resolved in 1.7.4 (new version) Tim Sattarov
• [Secure-testing-team] Bug#845670: xen: CVE-2016-9379 CVE-2016-9380: delimiter injection vulnerabilities in pygrub Salvatore Bonaccorso
• [Secure-testing-team] Bug#845669: xen: CVE-2016-9377 CVE-2016-9378: x86 software interrupt injection mis-handled Salvatore Bonaccorso
• [Secure-testing-team] Bug#845668: xen: CVE-2016-9383: x86 64-bit bit test instruction emulation broken Salvatore Bonaccorso
• [Secure-testing-team] Bug#845665: xen: CVE-2016-9385: x86 segment base write emulation lacking canonical address checks Salvatore Bonaccorso
• [Secure-testing-team] Bug#845667: xen: CVE-2016-9384: guest 32-bit ELF symbol table load leaking host data Salvatore Bonaccorso
• [Secure-testing-team] Bug#845664: xen: CVE-2016-9382: x86 task switch to VM86 mode mis-handled Salvatore Bonaccorso
• [Secure-testing-team] Bug#845663: xen: CVE-2016-9386: x86 null segments not always treated as unusable Salvatore Bonaccorso
• [Secure-testing-team] Bug#845634: CVE-2016-8862: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) Bastien ROUCARIES
• [Secure-testing-team] Bug#845465: lxc: CVE-2016-8649: attach: do not send procfd to attached process Salvatore Bonaccorso
• [Secure-testing-team] Bug#845408: dwarfutils: CVE-2016-9558 Salvatore Bonaccorso
• [Secure-testing-team] Bug#845393: Privilege escalation via upgrade Paul Szabo
• [Secure-testing-team] Bug#845385: Privilege escalation via removal Paul Szabo
• [Secure-testing-team] Bug#845375: gst-plugins-good1.0: heap corruption vulnerability in the gstreamer decoder for the FLIC file format Salvatore Bonaccorso
• [Secure-testing-team] Bug#845301: hdf5: CVE-2016-4330 CVE-2016-4331 CVE-2016-4332 CVE-2016-4333 Salvatore Bonaccorso
• [Secure-testing-team] Bug#845258: mcabber: remote attacker can modify the roster and intercept messages via a crafted roster-push IQ stanza Salvatore Bonaccorso
• [Secure-testing-team] Bug#845246: mat file out of bound Bastien ROUCARIES
• [Secure-testing-team] Bug#845244: Add check for invalid mat file Bastien ROUCARIES
• [Secure-testing-team] Bug#845243: null pointer passed as argument 2, which is declared to never be null Bastien ROUCARIES
• [Secure-testing-team] Bug#845241: Prevent fault in MSL interpreter Bastien ROUCARIES
• [Secure-testing-team] Bug#845242: Heap buffer overflow in heap-buffer-overflow in IsPixelGray Bastien ROUCARIES
• [Secure-testing-team] Bug#845239: Fixed memory leak in psd file handling Bastien ROUCARIES
• [Secure-testing-team] Bug#845212: Fix out of bound read in viff file handling Bastien ROUCARIES
• [Secure-testing-team] Bug#845213: Suspend exception processing if there are too many exceptions Bastien ROUCARIES
• [Secure-testing-team] Bug#845206: CVE-2016-8677: memory allocate failure in AcquireQuantumPixels Bastien ROUCARIES
• [Secure-testing-team] Bug#845204: CVE-2016-8678: heap-based buffer overflow in IsPixelMonochrome Bastien ROUCARIES
• [Secure-testing-team] Bug#845202: Better check for bufferoverflow for TIFF handling Bastien ROUCARIES
• [Secure-testing-team] Bug#845198: Check validity of extend during TIFF file reading Bastien ROUCARIES
• [Secure-testing-team] Bug#845196: Check return of write function Bastien ROUCARIES
• [Secure-testing-team] Bug#845195: Imagemagick (jessie and older) buffer overlfow Bastien ROUCARIES
• [Secure-testing-team] Bug#844732: dokuwiki: CVE-2016-7965 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844731: dokuwiki: CVE-2016-7964 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844727: bash: CVE-2016-9401: popd controlled free Salvatore Bonaccorso
• [Secure-testing-team] Bug#844726: w3m: CVE-2016-9439: stack overflow Salvatore Bonaccorso
• [Secure-testing-team] Bug#844691: ansible: CVE-2016-8647: in some circumstances the mysql_user module may fail to correctly change a password Salvatore Bonaccorso
• [Secure-testing-team] Bug#844584: dhclient should perform additional validity checks Anton Ivanov
• [Secure-testing-team] Bug#844581: libxml2: CVE-2016-9318 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844557: openjpeg2: CVE-2016-9118 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844556: openjpeg2: CVE-2016-9117 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844555: openjpeg2: CVE-2016-9116 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844553: openjpeg2: CVE-2016-9114 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844551: openjpeg2: CVE-2016-9112 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844554: openjpeg2: CVE-2016-9115 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844552: openjpeg2: CVE-2016-9113 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844546: teeworlds: possible remote code execution on the client Felix Geyer
• [Secure-testing-team] Bug#844520: ntpdate: should not set the date from /etc/network/if-up.d/ntpdate Vincent Lefevre
• [Secure-testing-team] controle des paiements Suivi Société Generale
• [Secure-testing-team] Bug#844344: p7zip: CVE-2016-9296: Null pointer dereference (in 7zIn.cpp) Salvatore Bonaccorso
• [Secure-testing-team] Bug#844341: moin: CVE-2016-7148: XSS in AttachFile view (multifile related) Salvatore Bonaccorso
• [Secure-testing-team] Bug#844340: moin: CVE-2016-7146: XSS in GUI editor's attachment dialogue Salvatore Bonaccorso
• [Secure-testing-team] Bug#844338: moin: CVE-2016-9119: XSS in GUI editor's link dialogue Salvatore Bonaccorso
• [Secure-testing-team] Bug#844285: pidgin: steals (warps) mouse cursor (not just focus) when new message comes in [SEC=UNCLASSIFIED] Tim Connors
• [Secure-testing-team] Bug#844226: tiff: potential read outside buffer in _TIFFPrintField() Salvatore Bonaccorso
• [Secure-testing-team] Bug#844211: imagemagick: heap overflow Salvatore Bonaccorso
• [Secure-testing-team] Bug#844200: ceph: CVE-2016-8626: RGW Denial of Service by sending POST object with null conditions Salvatore Bonaccorso
• [Secure-testing-team] Bug#844057: tiff: Heap buffer overflow via writeBufferToSeparateStrips tiffcrop.c:1170 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844013: tiff: CVE-2016-9273 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844011: dwarfutils: CVE-2016-9276 Salvatore Bonaccorso
• [Secure-testing-team] Bug#844012: dwarfutils: CVE-2016-9275 Salvatore Bonaccorso
• [Secure-testing-team] OFERTA DE UNIFORMES, ROPA DE TRABAJO Y MUCHO MAS CASAS EN BOLIVIA S.R.L.
• [Secure-testing-team] Bug#843928: ming: CVE-2016-9264 CVE-2016-9265 CVE-2016-9266 Salvatore Bonaccorso
• [Secure-testing-team] Bug#843697: dracut: CVE-2016-8637: dracut creates world readble initramfs when early cpio is used Salvatore Bonaccorso
• [Secure-testing-team] Aumente las ventas de su empresa en Navidades y Fin de Año CASAS EN BOLIVIA S.R.L.
• [Secure-testing-team] Bug#843519: gitlab: CVE-2016-9086 Salvatore Bonaccorso
• [Secure-testing-team] Bug#843462: emacs25: Please disable xwidgets/webkit David Bremner
• [Secure-testing-team] Bug#843431: [pidgin-sipe] Possibly a use-after-free on a buffer in telepathy transport Marcin Szewczyk
• [Secure-testing-team] Bug#843258: ynx: CVE-2016-9179 Salvatore Bonaccorso
• [Secure-testing-team] Bug#843232: heat: CVE-2016-9185: template source URL allows network port scan Salvatore Bonaccorso
• [Secure-testing-team] Bug#843091: otrs2: CVE-2016-9139 Salvatore Bonaccorso
• [Secure-testing-team] Bug#843041: pacemaker: CVE-2016-7035 Salvatore Bonaccorso
• [Secure-testing-team] Bug#843012: libcsp: CVE-2016-8596 CVE-2016-8597 CVE-2016-8598 Salvatore Bonaccorso
• [Secure-testing-team] Bug#842987: redis: CVE-2016-2121: weak permissions on sensitive files Salvatore Bonaccorso
• [Secure-testing-team] Bug#842985: ansible: CVE-2016-8628: Command injection by compromised server via fact variables Salvatore Bonaccorso
• [Secure-testing-team] Bug#842984: ansible: CVE-2016-8614: Improper verification of key fingerprints in apt_key module Salvatore Bonaccorso
• [Secure-testing-team] Bug#842895: mariadb-10.0: CVE-2016-6664 CVE-2016-5617 Salvatore Bonaccorso
• [Secure-testing-team] Bug#842893: libxml-twig-perl: expand_external_ents fails to work as documented Salvatore Bonaccorso
• [Secure-testing-team] Bug#842891: libimage-info-perl: XXE in SVG files Salvatore Bonaccorso
• [Secure-testing-team] Bug#842858: bind9: CVE-2016-8864: A problem handling responses containing a DNAME answer can lead to an assertion failure Salvatore Bonaccorso

• Earlier messages
• Later messages