Package: postgresql-9.4
Version: 9.4.24-0+deb8u1
CVE ID : CVE-2019-10208
* CVE-2019-10208: `TYPE` in `pg_temp` executes arbitrary SQL during
`SECURITY DEFINER` execution
Versions Affected: 9.4 - 11
Given a suitable `SECURITY DEFINER` function, an attacker can execute
arbi
Hi,
I had a look at CVE-2019-12977:
This allows attackers to manipulate the JP2 compression arguments passed by
imagemagick to openjpeg. As long as openjpeg sanitizes its arguments, this
issue does not have any security impact. Any useful exploit of this issue
requires to chain it with another vu
Am 08.08.19 um 00:50 schrieb Sylvain Beucler:
> Hi,
>
> So I reworked CVE-2017-5647, which involved 5 new commits related to
> non-blocking I/O (NIO2 and COMET).
> Stable build.
>
> Then I got upstream to renew their new certs that were expiring tomorrow (!)
> https://bz.apache.org/bugzilla/show_
Hi,
Here is my LTS report for July 2019.
July was -- again -- a very busy month and I could not spend as much time
on LTS and security duties as I wanted to. I was allocated 18.5 hours and
could only spend 9.75 of them in the following tasks:
libsdl2-image, sdl-image1.2:
+ prepare, test and up
