Dawid Golunski of LegalHackers discovered that the Tomcat init script
performed unsafe file handling, which could result in local privilege
escalation.
Category Archives: Debian
Debian Security Advisories
DSA-3669 tomcat7 – security update
Dawid Golunski of LegalHackers discovered that the Tomcat init script
performed unsafe file handling, which could result in local privilege
escalation.
DSA-3667 chromium-browser – security update
Several vulnerabilities have been discovered in the chromium web browser.
DSA-3666 mysql-5.5 – security update
Dawid Golunski discovered that the mysqld_safe wrapper provided by the
MySQL database server insufficiently restricted the load path for custom
malloc implementations, which could result in privilege escalation.
DSA-3665 openjpeg2 – security update
Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression /
decompression library, may result in denial of service or the execution
of arbitrary code if a malformed JPEG 2000 file is processed.
DSA-3664 pdns – security update
Multiple vulnerabilities have been discovered in pdns, an authoritative
DNS server. The Common Vulnerabilities and Exposures project identifies
the following problems:
DSA-3663 xen – security update
Multiple vulnerabilities have been discovered in the Xen hypervisor. The
Common Vulnerabilities and Exposures project identifies the following
problems:
DSA-3662 inspircd – security update
It was discovered that incorrect SASL authentication in the Inspircd
IRC server may lead to users impersonating other users.
DSA-3661 charybdis – security update
It was discovered that incorrect SASL authentication in the Charybdis
IRC server may lead to users impersonating other users.
DSA-3660 chromium-browser – security update
Several vulnerabilities have been discovered in the chromium web browser.