USN-8137-1: Ruby vulnerability
It was discovered that the Ruby URI gem did not properly handle sensitive information when combining URIs. A remote attacker could possibly use this issue to leak authentication credentials.
It was discovered that the Ruby URI gem did not properly handle sensitive information when combining URIs. A remote attacker could possibly use this issue to leak authentication credentials.
It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly…
https://security-tracker.debian.org/tracker/DSA-6188-1
https://security-tracker.debian.org/tracker/DSA-6189-1
It was discovered that Roundcube Webmail did not properly sanitize certain HTML elements within the e-mail body. An attacker could possibly use this issue to cause a cross-site scripting attack. This issue was only addressed in Ubuntu 1…