- Mar 02, 2018
-
-
Michal Hrusecky authored
-
- Feb 26, 2018
-
-
Michal Hrusecky authored
-
- Feb 23, 2018
-
-
Michal Hrusecky authored
-
- Feb 22, 2018
-
-
Jan Pavlinec authored
CVE-2018-7054 - Use after free when server is disconnected during netsplits. CVE-2018-7053 - Use after free when SASL messages are received in unexpected order. CVE-2018-7050 - Null pointer dereference when an “empty” nick has been observed by Irssi. CVE-2018-7052 - When the number of windows exceed the available space, Irssi would crash due to Null pointer dereference. CVE-2018-7051 - Certain nick names could result in out of bounds access when printing theme strings.X: patch version xx.xx (security fix) Issue #164
-
Jan Pavlinec authored
CVE-2018-1000035 - Heap-based buffer overflow in password protected ZIP archives Issue #161
-
Jan Pavlinec authored
CVE-2018-6003 - An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS. Issue #160
-
Jan Pavlinec authored
CVE-2018-5764 - https://www.cvedetails.com/cve/CVE-2018-5764/ Issue #158
-
Jan Pavlinec authored
CVE-2017-14632 - Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. CVE-2017-14633 In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). Issue #165
-
Jan Pavlinec authored
Memory leak in Dovecot auth client used by login processes can cause the process to crash due to memory exhaustion. Issue #155
-
Jan Pavlinec authored
CVE-2016-4570 - mxmlDelete could require large amounts of stack space depending on the file CVE-2016-4571 - mxmlWrite* could require large amounts of stack space depending on the file Issue #137
-
Jan Pavlinec authored
CVE-2018-1000024 - http://www.squid-cache.org/Advisories/SQUID-2018_1.txt CVE-2018-1000027 - http://www.squid-cache.org/Advisories/SQUID-2018_2.txt Issue #146
-
- Feb 13, 2018
-
-
Michal Hrusecky authored
-
- Feb 07, 2018
-
-
Martin Petráček authored
-
- Feb 05, 2018
-
-
Karel Koci authored
-
- Feb 04, 2018
-
-
Michal Hrusecky authored
-
- Feb 01, 2018
-
-
Michal Hrusecky authored
-
Michal Hrusecky authored
-
Michal Hrusecky authored
There is some weird hidden issue when running as nobody and some information gets silently dropped. Running as root for now as risk is low and we need to fix it for now before diving into further lengthy investigation.
-
Martin Petráček authored
-
- Jan 31, 2018
-
-
Karel Koci authored
-
From version 60.0.3 we are using system certificates and there is possibility that user doesn't have them (because for some stupid reason did opkg install --force-reinstall or upgrade ca-certificates which at first removes ca-certificates and then tries to download new version which fails. This ensures that updater when it's updating to new version also installs ca-certificates before it if they are missing.
-
Karel Koci authored
We should make clear that this does not only generate but also maintains access tokens.
-
- Jan 29, 2018
-
-
Michal Hrusecky authored
-
Karel Koci authored
-
Štěpán Henek authored
-
- Jan 26, 2018
-
-
Michal Hrusecky authored
Let's keep this for 3.10 This reverts commit 06728fe3.
-
Michal Hrusecky authored
-
- Jan 25, 2018
-
-
Jan Pavlinec authored
CVE-2017-3137 - A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME see https://kb.isc.org/article/AA-01466/0
-
Jan Pavlinec authored
CVE-2017-15105 - vulnerability in the processing of wildcard synthesized NSEC records
-
- Jan 23, 2018
-
-
Michal Hrusecky authored
-
Michal Hrusecky authored
-
- Jan 22, 2018
-
-
Michal Hrusecky authored
-
CVE-2017-1000472 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000472
-
Michal Hrusecky authored
-
Michal Hrusecky authored
-
Michal Hrusecky authored
-
Michal Hrusecky authored
-
- Jan 17, 2018
-
-
Jan Pavlinec authored
CVE-2018-1000002 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000002
-
- Jan 15, 2018
-
-
Michal Hrusecky authored
-
Michal Hrusecky authored
-