Tietoturvasta / Vuoden 2004 tietoturvatiedotteet

Vuoden 2004 tietoturvatiedotteet

[31.12.2004] DSA-621 cupsys - buffer overflow
[30.12.2004] DSA-620 perl - insecure temporary files / directories
[30.12.2004] DSA-619 xpdf - buffer overflow
[24.12.2004] DSA-618 imlib - buffer overflows, integer overflows
[24.12.2004] DSA-617 tiff - insufficient input validation
[23.12.2004] DSA-616 netkit-telnet-ssl - format string
[22.12.2004] DSA-615 debmake - insecure temporary files
[21.12.2004] DSA-614 xzgv - integer overflows
[21.12.2004] DSA-613 ethereal - infinite loop
[20.12.2004] DSA-612 a2ps - unsanitised input
[20.12.2004] DSA-611 htget - buffer overflow
[17.12.2004] DSA-610 cscope - insecure temporary file
[14.12.2004] DSA-609 atari800 - buffer overflows
[14.12.2004] DSA-608 zgv - integer overflows, unsanitised input
[10.12.2004] DSA-607 xfree86 - several vulnerabilities
[ 8.12.2004] DSA-606 nfs-utils - wrong signal handler
[ 6.12.2004] DSA-605 viewcvs - settings not honored
[ 3.12.2004] DSA-604 hpsockd - missing input sanitising
[ 1.12.2004] DSA-603 openssl - insecure temporary file
[29.11.2004] DSA-602 libgd2 - integer overflow
[29.11.2004] DSA-601 libgd - integer overflow
[ 7.10.2004] DSA-600 samba - arbitrary file access
[25.11.2004] DSA-599 tetex-bin - integer overflows
[25.11.2004] DSA-598 yardradius - buffer overflow
[25.11.2004] DSA-597 cyrus-imapd - buffer overflow
[24.11.2004] DSA-596 sudo - missing input sanitising
[24.11.2004] DSA-595 bnc - buffer overflow
[17.11.2004] DSA-594 apache - buffer overflows
[16.11.2004] DSA-593 imagemagick - buffer overflow
[12.11.2004] DSA-592 ez-ipupdate - format string
[ 9.11.2004] DSA-591 libgd2 - integer overflows
[ 9.11.2004] DSA-590 gnats - format string vulnerability
[ 9.11.2004] DSA-589 libgd1 - integer overflows
[ 8.11.2004] DSA-588 gzip - insecure temporary files
[ 8.11.2004] DSA-587 freeamp - buffer overflow
[ 8.11.2004] DSA-586 ruby - infinite loop
[ 5.11.2004] DSA-585 shadow - programming error
[ 4.11.2004] DSA-584 dhcp - format string vulnerability
[ 3.11.2004] DSA-583 lvm10 - insecure temporary directory
[ 2.11.2004] DSA-582 libxml - buffer overflow
[ 2.11.2004] DSA-581 xpdf - integer overflows
[ 1.11.2004] DSA-580 iptables - missing initialisation
[ 1.11.2004] DSA-579 abiword - buffer overflow
[ 1.11.2004] DSA-578 mpg123 - buffer overflow
[29.10.2004] DSA-577 postgresql - insecure temporary file
[29.10.2004] DSA-576 squid - several vulnerabilities
[28.10.2004] DSA-575 catdoc - insecure temporary file
[28.10.2004] DSA-574 cabextract - missing directory sanitising
[21.10.2004] DSA-573 cupsys - integer overflows
[21.10.2004] DSA-572 ecartis - several vulnerabilities
[20.10.2004] DSA-571 libpng3 - buffer overflows, integer overflow
[20.10.2004] DSA-570 libpng - integer overflow
[18.10.2004] DSA-569 netkit-telnet-ssl - invalid free(3)
[16.10.2004] DSA-568 cyrus-sasl-mit - unsanitised input
[15.10.2004] DSA-567 tiff - heap overflows
[14.10.2004] DSA-566 cupsys - unsanitised input
[13.10.2004] DSA-565 sox - buffer overflow
[13.10.2004] DSA-564 mpg123 - missing user input sanitising
[14.10.2004] DSA-563 cyrus-sasl - unsanitised input
[11.10.2004] DSA-562 mysql - several vulnerabilities
[11.10.2004] DSA-561 xfree86 - integer and stack overflows
[ 7.10.2004] DSA-560 lesstif1-1 - integer and stack overflows
[ 6.10.2004] DSA-559 net-acct - insecure temporary file
[ 6.10.2004] DSA-558 libapache-mod-dav - null pointer dereference
[ 4.10.2004] DSA-557 rp-pppoe - missing privilege dropping
[18.10.2004] DSA-556 netkit-telnet - invalid free(3)
[30. 9.2004] DSA-555 freenet6 - wrong file permissions
[27. 9.2004] DSA-554 sendmail - pre-set password
[27. 9.2004] DSA-553 getmail - symlink vulnerability
[22. 9.2004] DSA-552 imlib2 - unsanitised input
[21. 9.2004] DSA-551 lukemftpd - incorrect internal variable handling
[20. 9.2004] DSA-550 wv - buffer overflow
[17. 9.2004] DSA-549 gtk+ - several vulnerabilities
[16. 9.2004] DSA-548 imlib - unsanitised input
[16. 9.2004] DSA-547 imagemagick - buffer overflows
[16. 9.2004] DSA-546 gdk-pixbuf - several vulnerabilities
[15. 9.2004] DSA-545 cupsys - denial of service
[14. 9.2004] DSA-544 webmin - insecure temporary directory
[31. 8.2004] DSA-543 krb5 - several vulnerabilities
[30. 8.2004] DSA-542 qt - unsanitised input
[24. 8.2004] DSA-541 icecast-server - missing escape
[18. 8.2004] DSA-540 mysql - insecure file creation
[17. 8.2004] DSA-539 kdelibs - temporary directory vulnerability
[17. 8.2004] DSA-538 rsync - unsanitised input processing
[16. 8.2004] DSA-537 ruby - insecure file permissions
[ 4. 8.2004] DSA-536 libpng - several vulnerabilities
[ 2. 8.2004] DSA-535 squirrelmail - several vulnerabilities
[22. 7.2004] DSA-534 mailreader - directory traversal
[22. 7.2004] DSA-533 courier - cross-site scripting
[27. 7.2004] DSA-532 libapache-mod-ssl - several vulnerabilities
[20. 7.2004] DSA-531 php4 - several vulnerabilities
[17. 7.2004] DSA-530 l2tpd - buffer overflow
[17. 7.2004] DSA-529 netkit-telnet-ssl - format string
[17. 7.2004] DSA-528 ethereal - denial of service
[ 3. 7.2004] DSA-527 pavuk - buffer overflow
[ 3. 7.2004] DSA-526 webmin - several vulnerabilities
[24. 6.2004] DSA-525 apache - buffer overflow
[19. 6.2004] DSA-524 rlpr - several vulnerabilities
[19. 6.2004] DSA-523 www-sql - buffer overflow
[19. 6.2004] DSA-522 super - format string vulnerability
[18. 6.2004] DSA-521 sup - format string vulnerability
[16. 6.2004] DSA-520 krb5 - buffer overflows
[15. 6.2004] DSA-519 cvs - several vulnerabilities
[14. 6.2004] DSA-518 kdelibs - unsanitised input
[10. 6.2004] DSA-517 cvs - buffer overflow
[ 7. 6.2004] DSA-516 postgresql - buffer overflow
[ 5. 6.2004] DSA-515 lha - several vulnerabilities
[ 4. 6.2004] DSA-514 kernel-image-sparc-2.2 - failing function and TLB flush
[ 3. 6.2004] DSA-513 log2mail - format string
[ 2. 6.2004] DSA-512 gallery - unauthenticated access
[30. 5.2004] DSA-511 ethereal - buffer overflows
[29. 5.2004] DSA-510 jftpgw - format string
[29. 5.2004] DSA-509 gatos - privilege escalation
[22. 5.2004] DSA-508 xpcd - buffer overflow
[19. 5.2004] DSA-507 cadaver - buffer overflow
[19. 5.2004] DSA-506 neon - buffer overflow
[19. 5.2004] DSA-505 cvs - heap overflow
[18. 5.2004] DSA-504 heimdal - missing input sanitising
[13. 5.2004] DSA-503 mah-jong - missing argument check
[11. 5.2004] DSA-502 exim-tls - buffer overflow
[ 7. 5.2004] DSA-501 exim - buffer overflow
[ 1. 5.2004] DSA-500 flim - insecure temporary file
[ 2. 6.2004] DSA-499 rsync - directory traversal
[30. 4.2004] DSA-498 libpng - out of bound access
[29. 4.2004] DSA-497 mc - several vulnerabilities
[29. 4.2004] DSA-496 eterm - missing input sanitising
[26. 4.2004] DSA-495 linux-kernel-2.4.16-arm - several vulnerabilities
[21. 4.2004] DSA-494 ident2 - buffer overflow
[21. 4.2004] DSA-493 xchat - buffer overflow
[18. 4.2004] DSA-492 iproute - denial of service
[17. 4.2004] DSA-491 linux-kernel-2.4.19-mips - several vulnerabilities
[17. 4.2004] DSA-490 zope - arbitrary code execution
[17. 4.2004] DSA-489 linux-kernel-2.4.17-mips+mipsel - several vulnerabilities
[16. 4.2004] DSA-488 logcheck - insecure temporary directory
[16. 4.2004] DSA-487 neon - format string
[16. 4.2004] DSA-486 cvs - several vulnerabilities
[14. 4.2004] DSA-485 ssmtp - format string
[14. 4.2004] DSA-484 xonix - failure to drop privileges
[14. 4.2004] DSA-483 mysql - insecure temporary file creation
[14. 4.2004] DSA-482 linux-kernel-2.4.17-apus+s390 - several vulnerabilities
[14. 4.2004] DSA-481 linux-kernel-2.4.17-ia64 - several vulnerabilities
[14. 4.2004] DSA-480 linux-kernel-2.4.17+2.4.18-hppa - several vulnerabilities
[14. 4.2004] DSA-479 linux-kernel-2.4.18-alpha+i386+powerpc - several vulnerabilities
[ 6. 4.2004] DSA-478 tcpdump - denial of service
[ 6. 4.2004] DSA-477 xine-ui - insecure temporary file creation
[ 6. 4.2004] DSA-476 heimdal - cross-realm
[ 5. 4.2004] DSA-475 linux-kernel-2.4.18-hppa - several vulnerabilities
[ 3. 4.2004] DSA-474 squid - ACL bypass
[ 3. 4.2004] DSA-473 oftpd - denial of service
[ 3. 4.2004] DSA-472 fte - several vulnerabilities
[ 2. 4.2004] DSA-471 interchange - missing input sanitising
[ 1. 4.2004] DSA-470 linux-kernel-2.4.17-hppa - several vulnerabilities
[29. 3.2004] DSA-469 pam-pgsql - missing input sanitising
[24. 3.2004] DSA-468 emil - several vulnerabilities
[23. 3.2004] DSA-467 ecartis - several vulnerabilities
[18. 3.2004] DSA-466 linux-kernel-2.2.10-powerpc-apus - failing function and TLB flush
[17. 3.2004] DSA-465 openssl - several vulnerabilities
[16. 3.2004] DSA-464 gdk-pixbuf - broken image handling
[12. 3.2004] DSA-463 samba - privilege escalation
[12. 3.2004] DSA-462 xitalk - missing privilege release
[11. 3.2004] DSA-461 calife - buffer overflow
[10. 3.2004] DSA-460 sysstat - insecure temporary file
[10. 3.2004] DSA-459 kdelibs - cookie path traversal
[10.10.2004] DSA-458 python2.2 - buffer overflow
[ 8. 3.2004] DSA-457 wu-ftpd - several vulnerabilities
[ 6. 3.2004] DSA-456 linux-kernel-2.2.19-arm - failing function and TLB flush
[ 3. 3.2004] DSA-455 libxml - buffer overflows
[ 2. 3.2004] DSA-454 linux-kernel-2.2.22-alpha - failing function and TLB flush
[ 2. 3.2004] DSA-453 linux-kernel-2.2.20-i386+m68k+powerpc - failing function and TLB flush
[29. 2.2004] DSA-452 libapache-mod-python - denial of service
[27. 2.2004] DSA-451 xboing - buffer overflows
[27. 2.2004] DSA-450 linux-kernel-2.4.19-mips - several vulnerabilities
[24. 2.2004] DSA-449 metamail - buffer overflow, format string bugs
[22. 2.2004] DSA-448 pwlib - several vulnerabilities
[22. 2.2004] DSA-447 hsftp - format string
[21. 2.2004] DSA-446 synaesthesia - insecure file creation
[21. 2.2004] DSA-445 lbreakout2 - buffer overflow
[20. 2.2004] DSA-444 linux-kernel-2.4.17-ia64 - missing function return value check
[19. 2.2004] DSA-443 xfree86 - several vulnerabilities
[19. 2.2004] DSA-442 linux-kernel-2.4.17-s390 - several vulnerabilities
[18. 2.2004] DSA-441 linux-kernel-2.4.17-mips+mipsel - missing function return value check
[18. 2.2004] DSA-440 linux-kernel-2.4.17-powerpc-apus - several vulnerabilities
[18. 2.2004] DSA-439 linux-kernel-2.4.16-arm - several vulnerabilities
[18. 2.2004] DSA-438 linux-kernel-2.4.18-alpha+i386+powerpc - missing function return value check
[11. 2.2004] DSA-437 cgiemail - open mail relay
[ 8. 2.2004] DSA-436 mailman - several vulnerabilities
[ 6. 2.2004] DSA-435 mpg123 - heap overflow
[ 5. 2.2004] DSA-434 gaim - several vulnerabilities
[ 4. 2.2004] DSA-433 kernel-patch-2.4.17-mips - integer overflow
[ 3. 2.2004] DSA-432 crawl - buffer overflow
[ 1. 2.2004] DSA-431 perl - information leak
[28. 1.2004] DSA-430 trr19 - missing privilege release
[26. 1.2004] DSA-429 gnupg - cryptographic weakness
[20. 1.2004] DSA-428 slocate - buffer overflow
[19. 1.2004] DSA-427 linux-kernel-2.4.17-mips+mipsel - missing boundary check
[18. 1.2004] DSA-426 netpbm-free - insecure temporary files
[16. 1.2004] DSA-425 tcpdump - multiple vulnerabilities
[16. 1.2004] DSA-424 mc - buffer overflow
[15. 1.2004] DSA-423 linux-kernel-2.4.17-ia64 - several vulnerabilities
[13. 1.2004] DSA-422 cvs - remote vulnerability
[12. 1.2004] DSA-421 mod-auth-shadow - password expiration
[12. 1.2004] DSA-420 jitterbug - improperly sanitised input
[ 9. 1.2004] DSA-419 phpgroupware - missing filename sanitising, SQL injection
[ 7. 1.2004] DSA-418 vbox3 - privilege leak
[ 7. 1.2004] DSA-417 linux-kernel-2.4.18-powerpc+alpha - missing boundary check
[ 6. 1.2004] DSA-416 fsp - buffer overflow, directory traversal
[ 6. 1.2004] DSA-415 zebra - denial of service
[ 6. 1.2004] DSA-414 jabber - denial of service
[ 6. 1.2004] DSA-413 linux-kernel-2.4.18 - missing boundary check
[ 5. 1.2004] DSA-412 nd - buffer overflows
[ 5. 1.2004] DSA-411 mpg321 - format string vulnerability
[ 5. 1.2004] DSA-410 libnids - buffer overflow
[ 5. 1.2004] DSA-409 bind - denial of service
[ 5. 1.2004] DSA-408 screen - integer overflow
[ 5. 1.2004] DSA-407 ethereal - buffer overflows
[ 5. 1.2004] DSA-406 lftp - buffer overflow

Saat tuoreimmat Debianin tietoturvatiedotteet liittymällä debian-security-announce-postilistalle. Voit myös selata listan arkistoa.

---

Takaisin Debian-projektin kotisivulle.

---

---