Security Information / Security Advisories from 2006

Security Advisories from 2006

[28 Dec 2006] DSA-1244 xine-lib - buffer overflow
[28 Dec 2006] DSA-1243 evince - buffer overflow
[27 Dec 2006] DSA-1242 elog - several vulnerabilities
[25 Dec 2006] DSA-1241 squirrelmail - cross-site scripting
[21 Dec 2006] DSA-1240 links2 - insufficient escaping
[17 Dec 2006] DSA-1239 sql-ledger - several vulnerabilities
[17 Dec 2006] DSA-1238 clamav - several vulnerabilities
[17 Dec 2006] DSA-1237 kernel-source-2.4.27 - several vulnerabilities
[13 Dec 2006] DSA-1236 enemies-of-carlotta - missing sanity checks
[13 Dec 2006] DSA-1235 ruby1.8 - denial of service
[13 Dec 2006] DSA-1234 ruby1.6 - denial of service
[10 Dec 2006] DSA-1233 kernel-source-2.6.8 - several vulnerabilities
[09 Dec 2006] DSA-1232 clamav - missing sanity checks
[09 Dec 2006] DSA-1231 gnupg - several vulnerabilities
[08 Dec 2006] DSA-1230 l2tpns - buffer overflow
[06 Dec 2006] DSA-1229 asterisk - integer overflow
[05 Dec 2006] DSA-1228 elinks - insufficient escaping
[04 Dec 2006] DSA-1227 mozilla-thunderbird - several vulnerabilities
[03 Dec 2006] DSA-1226 links - insufficient escaping
[03 Dec 2006] DSA-1225 mozilla-firefox - several vulnerabilities
[03 Dec 2006] DSA-1224 mozilla - several vulnerabilities
[01 Dec 2006] DSA-1223 tar - input validation error
[30 Nov 2006] DSA-1222 proftpd - several vulnerabilities
[30 Nov 2006] DSA-1221 libgsf - buffer overflow
[26 Nov 2006] DSA-1220 pstotext - insecure file name quoting
[27 Nov 2006] DSA-1219 texinfo - buffer overflow
[21 Nov 2006] DSA-1218 proftpd - programming error
[20 Nov 2006] DSA-1217 linux-ftpd - programming error
[20 Nov 2006] DSA-1216 flexbackup - insecure temporary file
[20 Nov 2006] DSA-1215 xine-lib - several vulnerabilities
[20 Nov 2006] DSA-1214 gv - buffer overflow
[19 Nov 2006] DSA-1213 imagemagick - several vulnerabilities
[15 Nov 2006] DSA-1212 openssh - Denial of service
[14 Nov 2006] DSA-1211 pdns - buffer overflow
[14 Nov 2006] DSA-1210 mozilla-firefox - several vulnerabilities
[12 Nov 2006] DSA-1209 trac - cross-site request forgery
[11 Nov 2006] DSA-1208 bugzilla - several vulnerabilities
[09 Nov 2006] DSA-1207 phpmyadmin - several vulnerabilities
[06 Nov 2006] DSA-1206 php4 - several vulnerabilities
[02 Nov 2006] DSA-1205 thttpd - insecure temporary files
[02 Nov 2006] DSA-1204 ingo1 - missing input sanitising
[02 Nov 2006] DSA-1203 libpam-ldap - programming error
[31 Oct 2006] DSA-1202 screen - programming error
[31 Oct 2006] DSA-1201 ethereal - several vulnerabilities
[30 Oct 2006] DSA-1200 qt-x11-free - integer overflow
[23 Oct 2006] DSA-1199 webmin - multiple vulnerabilities
[23 Oct 2006] DSA-1198 python2.3 - buffer overflow
[22 Oct 2006] DSA-1197 python2.4 - buffer overflow
[19 Oct 2006] DSA-1196 clamav - several vulnerabilities
[10 Oct 2006] DSA-1195 openssl096 - denial of service (multiple)
[09 Oct 2006] DSA-1194 libwmf - integer overflow
[09 Oct 2006] DSA-1193 xfree86 - several vulnerabilities
[06 Oct 2006] DSA-1192 mozilla - several vulnerabilities
[05 Oct 2006] DSA-1191 mozilla-thunderbird - several vulnerabilities
[04 Oct 2006] DSA-1190 maxdb-7.5.00 - buffer overflow
[04 Oct 2006] DSA-1189 openssh-krb5 - several vulnerabilities
[04 Oct 2006] DSA-1188 mailman - format string
[30 Sep 2006] DSA-1187 migrationtools - insecure temporary files
[30 Sep 2006] DSA-1186 cscope - buffer overflows
[28 Sep 2006] DSA-1185 openssl - denial of service
[25 Sep 2006] DSA-1184 kernel-source-2.6.8 - several vulnerabilities
[25 Sep 2006] DSA-1183 kernel-source-2.4.27 - several vulnerabilities
[22 Sep 2006] DSA-1182 gnutls11 - cryptographic weakness
[19 Sep 2006] DSA-1181 gzip - several vulnerabilities
[19 Sep 2006] DSA-1180 bomberclone - programming error
[19 Sep 2006] DSA-1179 alsaplayer - programming error
[16 Sep 2006] DSA-1178 freetype - integer overflow
[15 Sep 2006] DSA-1177 usermin - programming error
[13 Sep 2006] DSA-1176 zope2.7 - programming error
[13 Sep 2006] DSA-1175 isakmpd - programming error
[11 Sep 2006] DSA-1174 openssl096 - cryptographic weakness
[10 Sep 2006] DSA-1173 openssl - cryptographic weakness
[09 Sep 2006] DSA-1172 bind9 - programming error
[07 Sep 2006] DSA-1171 ethereal - several vulnerabilities
[06 Sep 2006] DSA-1170 gcc-3.4 - missing sanity check
[05 Sep 2006] DSA-1169 mysql-dfsg-4.1 - several vulnerabilities
[04 Sep 2006] DSA-1168 imagemagick - several vulnerabilities
[04 Sep 2006] DSA-1167 apache - missing input sanitising
[03 Sep 2006] DSA-1166 cheesetracker - buffer overflow
[01 Sep 2006] DSA-1165 capi4hylafax - missing input sanitising
[31 Aug 2006] DSA-1164 sendmail - programming error
[30 Aug 2006] DSA-1163 gtetrinet - programming error
[30 Aug 2006] DSA-1162 libmusicbrainz-2.0 - buffer overflows
[29 Aug 2006] DSA-1161 mozilla-firefox - several vulnerabilities
[29 Aug 2006] DSA-1160 mozilla - several vulnerabilities
[28 Aug 2006] DSA-1159 mozilla-thunderbird - several vulnerabilities
[25 Aug 2006] DSA-1158 streamripper - buffer overflow
[27 Aug 2006] DSA-1157 ruby1.8 - several vulnerabilities
[27 Aug 2006] DSA-1156 kdebase - programming error
[24 Aug 2006] DSA-1155 sendmail - programming error
[20 Aug 2006] DSA-1154 squirrelmail - variable overwriting
[18 Aug 2006] DSA-1153 clamav - buffer overflow
[18 Aug 2006] DSA-1152 trac - missing input sanitising
[15 Aug 2006] DSA-1151 heartbeat - out-of-bounds read
[12 Aug 2006] DSA-1150 shadow - programming error
[10 Aug 2006] DSA-1149 ncompress - buffer underflow
[09 Aug 2006] DSA-1148 gallery - several vulnerabilities
[09 Aug 2006] DSA-1147 drupal - missing input sanitising
[09 Aug 2006] DSA-1146 krb5 - programming error
[08 Aug 2006] DSA-1145 freeradius - several vulnerabilities
[07 Aug 2006] DSA-1144 chmlib - missing input sanitising
[04 Aug 2006] DSA-1143 dhcp - programming error
[04 Aug 2006] DSA-1142 freeciv - missing boundary checks
[04 Aug 2006] DSA-1141 gnupg2 - integer overflow
[03 Aug 2006] DSA-1140 gnupg - integer overflow
[03 Aug 2006] DSA-1139 ruby1.6 - missing privilege checks
[02 Aug 2006] DSA-1138 cfs - integer overflow
[02 Aug 2006] DSA-1137 tiff - several vulnerabilities
[02 Aug 2006] DSA-1136 gpdf - wrong input sanitising
[02 Aug 2006] DSA-1135 libtunepimp - buffer overflow
[02 Aug 2006] DSA-1134 mozilla-thunderbird - several vulnerabilities
[01 Aug 2006] DSA-1133 mantis - missing input sanitising
[01 Aug 2006] DSA-1132 apache2 - buffer overflow
[01 Aug 2006] DSA-1131 apache - buffer overflow
[30 Jul 2006] DSA-1130 sitebar - missing input validation
[28 Jul 2006] DSA-1129 osiris - format string
[28 Jul 2006] DSA-1128 heartbeat - permission error
[28 Jul 2006] DSA-1127 ethereal - several vulnerabilities
[27 Jul 2006] DSA-1126 asterisk - buffer overflow
[27 Jul 2006] DSA-1125 drupal - several vulnerabilities
[24 Jul 2006] DSA-1124 fbi - typo
[24 Jul 2006] DSA-1123 libdumb - buffer overflow
[24 Jul 2006] DSA-1122 libnet-server-perl - format string
[24 Jul 2006] DSA-1121 postgrey - format string
[23 Jul 2006] DSA-1120 mozilla-firefox - several vulnerabilities
[22 Jul 2006] DSA-1119 hiki - design flaw
[22 Jul 2006] DSA-1118 mozilla - several vulnerabilities
[21 Jul 2006] DSA-1117 libgd2 - insufficient input sanitising
[21 Jul 2006] DSA-1116 gimp - buffer overflow
[21 Jul 2006] DSA-1115 gnupg2 - integer overflow
[21 Jul 2006] DSA-1114 hashcash - buffer overflow
[18 Jul 2006] DSA-1113 zope2.7 - programming error
[18 Jul 2006] DSA-1112 mysql-dfsg-4.1 - several vulnerabilities
[26 Jul 2006] DSA-1111 kernel-source-2.6.8 - race condition
[16 Jul 2006] DSA-1110 samba - missing input sanitising
[16 Jul 2006] DSA-1109 rssh - programming error
[11 Jul 2006] DSA-1108 mutt - buffer overflow
[10 Jul 2006] DSA-1107 gnupg - integer overflow
[10 Jul 2006] DSA-1106 ppp - programming error
[07 Jul 2006] DSA-1105 xine-lib - buffer overflow
[30 Jun 2006] DSA-1104 openoffice.org - several vulnerabilities
[27 Jun 2006] DSA-1103 kernel-source-2.6.8 - several vulnerabilities
[26 Jun 2006] DSA-1102 pinball - design error
[23 Jun 2006] DSA-1101 courier - programming error
[15 Jun 2006] DSA-1100 wv2 - integer overflow
[14 Jun 2006] DSA-1099 horde2 - missing input sanitising
[14 Jun 2006] DSA-1098 horde3 - missing input sanitising
[14 Jun 2006] DSA-1097 kernel-source-2.4.27 - several vulnerabilities
[13 Jun 2006] DSA-1096 webcalendar - uninitialised variable
[10 Jun 2006] DSA-1095 freetype - integer overflows
[08 Jun 2006] DSA-1094 gforge - missing input sanitising
[08 Jun 2006] DSA-1093 xine - format string
[08 Jun 2006] DSA-1092 mysql-dfsg-4.1 - programming error
[08 Jun 2006] DSA-1091 tiff - buffer overflows
[06 Jun 2006] DSA-1090 spamassassin - programming error
[03 Jun 2006] DSA-1089 freeradius - several vulnerabilities
[03 Jun 2006] DSA-1088 centericq - buffer overflow
[03 Jun 2006] DSA-1087 postgresql - programming error
[02 Jun 2006] DSA-1086 xmcd - design flaw
[01 Jun 2006] DSA-1085 lynx-cur - several vulnerabilities
[31 May 2006] DSA-1084 typespeed - buffer overflow
[31 May 2006] DSA-1083 motor - buffer overflow
[29 May 2006] DSA-1082 kernel-source-2.4.17 - several vulnerabilities
[29 May 2006] DSA-1081 libextractor - buffer overflow
[29 May 2006] DSA-1080 dovecot - programming error
[29 May 2006] DSA-1079 mysql-dfsg - several vulnerabilities
[27 May 2006] DSA-1078 tiff - out-of-bounds read
[26 May 2006] DSA-1077 lynx-ssl - programming error
[26 May 2006] DSA-1076 lynx - programming error
[26 May 2006] DSA-1075 awstats - programming error
[24 May 2006] DSA-1074 mpg123 - buffer overflow
[22 May 2006] DSA-1073 mysql-dfsg-4.1 - several vulnerabilities
[22 May 2006] DSA-1072 nagios - buffer overflow
[22 May 2006] DSA-1071 mysql - several vulnerabilities
[21 May 2006] DSA-1070 kernel-source-2.4.19 - several vulnerabilities
[20 May 2006] DSA-1069 kernel-source-2.4.18 - several vulnerabilities
[20 May 2006] DSA-1068 fbi - insecure temporary file
[20 May 2006] DSA-1067 kernel-source-2.4.16 - several vulnerabilities
[20 May 2006] DSA-1066 phpbb2 - missing input sanitising
[19 May 2006] DSA-1065 hostapd - missing input sanitising
[19 May 2006] DSA-1064 cscope - buffer overflows
[08 May 2006] DSA-1063 phpgroupware - missing input sanitising
[19 May 2006] DSA-1062 kphone - insecure file creation
[19 May 2006] DSA-1061 popfile - missing input sanitising
[19 May 2006] DSA-1060 kernel-patch-vserver - programming error
[19 May 2006] DSA-1059 quagga - several vulnerabilities
[18 May 2006] DSA-1058 awstats - missing input sanitising
[15 May 2006] DSA-1057 phpldapadmin - missing input sanitising
[15 May 2006] DSA-1056 webcalendar - verbose error message
[11 May 2006] DSA-1055 mozilla-firefox - programming error
[09 May 2006] DSA-1054 tiff - several vulnerabilities
[09 May 2006] DSA-1053 mozilla - programming error
[08 May 2006] DSA-1052 cgiirc - buffer overflows
[04 May 2006] DSA-1051 mozilla-thunderbird - several vulnerabilities
[02 May 2006] DSA-1050 clamav - buffer overflow
[02 May 2006] DSA-1049 ethereal - several vulnerabilities
[01 May 2006] DSA-1048 asterisk - several vulnerabilities
[30 Apr 2006] DSA-1047 resmgr - programming error
[27 Apr 2006] DSA-1046 mozilla - several vulnerabilities
[27 Apr 2006] DSA-1045 openvpn - design error
[26 Apr 2006] DSA-1044 mozilla-firefox - several vulnerabilities
[26 Apr 2006] DSA-1043 abcmidi - buffer overflows
[25 Apr 2006] DSA-1042 cyrus-sasl2 - programming error
[25 Apr 2006] DSA-1041 abc2ps - buffer overflows
[24 Apr 2006] DSA-1040 gdm - programming error
[24 Apr 2006] DSA-1039 blender - several vulnerabilities
[22 Apr 2006] DSA-1038 xzgv - programming error
[21 Apr 2006] DSA-1037 zgv - programming error
[17 Apr 2006] DSA-1036 bsdgames - buffer overflow
[15 Apr 2006] DSA-1035 fcheck - insecure temporary file
[14 Apr 2006] DSA-1034 horde2 - several vulnerabilities
[12 Apr 2006] DSA-1033 horde3 - several vulnerabilities
[12 Apr 2006] DSA-1032 zope-cmfplone - programming error
[08 Apr 2006] DSA-1031 cacti - several vulnerabilities
[08 Apr 2006] DSA-1030 moodle - several vulnerabilities
[08 Apr 2006] DSA-1029 libphp-adodb - several vulnerabilities
[07 Mar 2006] DSA-1028 libimager-perl - programming error
[06 Apr 2006] DSA-1027 mailman - programming error
[06 Apr 2006] DSA-1026 sash - buffer overflows
[06 Apr 2006] DSA-1025 dia - programming error
[05 Apr 2006] DSA-1024 clamav - several vulnerabilities
[05 Apr 2006] DSA-1023 kaffeine - buffer overflow
[04 Apr 2006] DSA-1022 storebackup - several vulnerabilities
[28 Mar 2006] DSA-1021 netpbm-free - insecure program execution
[28 Mar 2006] DSA-1020 flex - buffer overflow
[24 Mar 2006] DSA-1019 koffice - several vulnerabilities
[24 Mar 2006] DSA-1018 kernel-source-2.4.27 - several vulnerabilities
[23 Mar 2006] DSA-1017 kernel-source-2.6.8 - several vulnerabilities
[23 Mar 2006] DSA-1016 evolution - format string vulnerabilities
[23 Mar 2006] DSA-1015 sendmail - programming error
[23 Mar 2006] DSA-1014 firebird2 - buffer overflow
[22 Mar 2006] DSA-1013 snmptrapfmt - insecure temporary file
[21 Mar 2006] DSA-1012 unzip - buffer overflow
[21 Mar 2005] DSA-1011 kernel-patch-vserver - missing attribute support
[20 Mar 2006] DSA-1010 ilohamail - missing input sanitising
[21 Mar 2006] DSA-1009 crossfire - buffer overflow
[17 Mar 2006] DSA-1008 kdegraphics - buffer overflow
[17 Mar 2006] DSA-1007 drupal - several vulnerabilities
[16 Mar 2006] DSA-1006 wzdftpd - missing input sanitising
[16 Mar 2006] DSA-1005 xine-lib - buffer overflow
[16 Mar 2006] DSA-1004 vlc - buffer overflow
[16 Mar 2006] DSA-1003 xpvm - insecure temporary file
[15 Mar 2006] DSA-1002 webcalendar - several vulnerabilities
[14 Mar 2006] DSA-1001 crossfire - buffer overflow
[14 Mar 2006] DSA-1000 libapreq2-perl - design error
[14 Mar 2006] DSA-999 lurker - several vulnerabilities
[14 Mar 2006] DSA-998 libextractor - several vulnerabilities
[13 Mar 2006] DSA-997 bomberclone - buffer overflows
[13 Mar 2006] DSA-996 libcrypt-cbc-perl - programming error
[13 Mar 2006] DSA-995 metamail - buffer overflow
[13 Mar 2006] DSA-994 freeciv - denial of service
[10 Mar 2006] DSA-993 gnupg - programming error
[10 Mar 2006] DSA-992 ffmpeg - buffer overflow
[10 Mar 2006] DSA-991 zoo - buffer overflow
[10 Mar 2006] DSA-990 bluez-hcidump - programming error
[09 Mar 2006] DSA-989 zoph - SQL injection
[08 Mar 2006] DSA-988 squirrelmail - several vulnerabilities
[07 Mar 2006] DSA-987 tar - buffer overflow
[06 Mar 2006] DSA-986 gnutls11 - buffer overflows
[06 Mar 2006] DSA-985 libtasn1-2 - buffer overflows
[02 Mar 2006] DSA-984 xpdf - several vulnerabilities
[28 Feb 2006] DSA-983 pdftohtml - several vulnerabilities
[27 Feb 2006] DSA-982 gpdf - several vulnerabilities
[26 Feb 2006] DSA-981 bmv - integer overflow
[22 Feb 2006] DSA-980 tutos - several vulnerabilities
[17 Feb 2006] DSA-979 pdfkit.framework - several vulnerabilities
[17 Feb 2006] DSA-978 gnupg - programming error
[16 Feb 2006] DSA-977 heimdal - several vulnerabilities
[15 Feb 2006] DSA-976 libast - buffer overflow
[15 Feb 2006] DSA-975 nfs-user-server - buffer overflow
[15 Feb 2006] DSA-974 gpdf - buffer overflows
[15 Feb 2006] DSA-973 otrs - several vulnerabilities
[15 Feb 2006] DSA-972 pdfkit.framework - buffer overflows
[14 Feb 2006] DSA-971 xpdf - buffer overflow
[14 Feb 2006] DSA-970 kronolith - missing input sanitising
[13 Feb 2006] DSA-969 scponly - design error
[13 Feb 2006] DSA-968 noweb - insecure temporary file
[10 Feb 2006] DSA-967 elog - several vulnerabilities
[09 Feb 2006] DSA-966 adzapper - denial of service
[06 Feb 2006] DSA-965 ipsec-tools - null dereference
[03 Feb 2006] DSA-964 gnocatan - buffer overflow
[02 Feb 2006] DSA-963 mydns - missing input sanitising
[01 Feb 2006] DSA-962 pdftohtml - buffer overflows
[01 Feb 2006] DSA-961 pdfkit.framework - buffer overflows
[31 Jan 2006] DSA-960 libmail-audit-perl - insecure temporary file creation
[30 Jan 2006] DSA-959 unalz - buffer overflow
[27 Jan 2006] DSA-958 drupal - several vulnerabilities
[26 Jan 2006] DSA-957 imagemagick - missing shell meta sanitising
[26 Jan 2006] DSA-956 lsh-server - filedescriptor leak
[25 Jan 2006] DSA-955 mailman - DoS
[25 Jan 2006] DSA-954 wine - design flaw
[24 Jan 2006] DSA-953 flyspray - missing input sanitising
[23 Jan 2006] DSA-952 libapache-auth-ldap - format string
[23 Jan 2006] DSA-951 trac - missing input sanitising
[23 Jan 2006] DSA-950 cupsys - buffer overflows
[20 Jan 2006] DSA-949 crawl - insecure program execution
[20 Jan 2006] DSA-948 kdelibs - buffer overflow
[21 Jan 2006] DSA-947 clamav - heap overflow
[20 Jan 2006] DSA-946 sudo - missing input sanitising
[17 Jan 2006] DSA-945 antiword - insecure temporary file
[17 Jan 2006] DSA-944 mantis - several vulnerabilities
[16 Jan 2006] DSA-943 perl - integer overflow
[16 Jan 2006] DSA-942 albatross - design error
[16 Jan 2006] DSA-941 tuxpaint - insecure temporary file
[13 Jan 2006] DSA-940 gpdf - buffer overflows
[13 Jan 2006] DSA-939 fetchmail - programming error
[12 Jan 2006] DSA-938 koffice - buffer overflows
[12 Jan 2006] DSA-937 tetex-bin - buffer overflows
[11 Jan 2006] DSA-936 libextractor - buffer overflows
[10 Jan 2006] DSA-935 libapache2-mod-auth-pgsql - format string vulnerability
[09 Jan 2006] DSA-934 pound - several vulnerabilities
[09 Jan 2006] DSA-933 hylafax - arbitrary command execution
[09 Jan 2006] DSA-932 kdegraphics - buffer overflows
[09 Jan 2006] DSA-931 xpdf - buffer overflows
[09 Jan 2006] DSA-930 smstools - format string attack
[09 Jan 2006] DSA-929 petris - buffer overflow

You can get the latest Debian security advisories by subscribing to our debian-security-announce mailing list. You can also browse the archives for the list.

---

Back to the Debian Project homepage.

---

---