Multiple security issues were discovered in the GPAC multimedia framework which could result in denial of service or the execution of arbitrary code. The oldstable distribution is not affected.
Several vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which can result in HTTP request smuggling. By carefully crafting HTTP/2 requests, it is possible to smuggle another HTTP request to the backend selected by the HTTP/2 request. With certain configurations, it allows an attacker to send an HTTP request to a backend, circumventing the backend select ...
Patrick Coleman discovered that the Putty SSH client failed to wipe out unused sensitive memory. In addition Florent Daigniere discovered that exponential values in Diffie Hellman exchanges were insufficienty restricted.
A memory-corrupting integer overflow in the handling of the ECH control sequence was discovered in PuTTY"s terminal emulator. A remote attacker can take advantage of this flaw to mount a denial of service or potentially to execute arbitrary code.
Several vulnerabilities have been discovered in Gitlab, a software platform to collaborate on code: CVE-2017-0915 / CVE-2018-3710 Arbitrary code execution in project import. CVE-2017-0916 Command injection via Webhooks. CVE-2017-0917 Cross-site scripting in CI job output. CVE-2017-0918 Insufficient restriction of CI runner for project cache access. CVE-2017-0925 Information disclosure in Services ...
Several vulnerabilities have been discovered in Gitlab, a software platform to collaborate on code: CVE-2017-0915 / CVE-2018-3710 Arbitrary code execution in project import. CVE-2017-0916 Command injection via Webhooks. CVE-2017-0917 Cross-site scripting in CI job output. CVE-2017-0918 Insufficient restriction of CI runner for project cache access. CVE-2017-0925 Information disclosure in Services ...
This update fixes several vulnerabilities in Graphicsmagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed media files are processed.
This update fixes several vulnerabilities in Graphicsmagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed media files are processed.