AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
My nmu squirrelmail11/28/2023 ![]() True, the screen still "flashes" so one might think there is still aĬrash, but this is actually expected behavior. Jessie, either in the kernel messages or through a debugger. Patches seemed to work in my tests as I couldn't see any segfault in I reviewed Markus Koschany's work on CVE-2018-14424. The patches were easy toīackport, tests passed, so I just uploaded and published ![]() Since I could not reproduce, I marked the package as N/A inĪnother classic source of vulnerabilities. Results that the proof of concept eats up all memory in his I tried and failed to reproduce CVE-2018-15209 In future releases, and remove older releases from the archive. More widely in the v4 series, and Debian should follow suite, at least Want to audit the entire Bootstrap codebase: upstream fixed this issue Wasn't able to exploit it in a quick attempt. May found at least one similar other issue although I What's concerning with this set of vulnerabilities is they show aīroader problem than the one identified in those specific I tested the patch with a private copy of theĬode which works here and published the result as DLA-1479-1. The patch for the latter was a little tricky to figure out, but ended Suites, which will hopefully be fixed in buster) I also found that CVE-2018-14040 was relevant onlyįor Bootstrap 3 (because yes, we still have Bootstrap 2, in all Vulnerabilities, I couldn't reproduce two ( CVE-2018-14041Īnd CVE-2018-14042) so I marked them as "not affecting" I researched some of the security issue of the Twitter Bootstrapįramework which is clearly showing its age in Debian.
0 Comments
Read More
Leave a Reply. |