Debian LTS: DLA-3016-1: rsyslog security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Several vulnerabilities were discovered in rsyslog, a system and kernel logging daemon. When a log server is configured to accept logs from remote clients through specific modules such as 'imptcp', an attacker can cause a denial of service (DoS) and possibly execute code

Debian LTS: DLA-3018-1: libpgjava security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It was found that libpgjava, the official PostgreSQL JDBC Driver, would be vulnerable if an attacker controlled jdbc url or properties. The JDBC driver did not verify if certain classes implemented the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary

Debian LTS: DLA-3014-1: elog security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A vulnerability was reported in src:elog, a logbook system to manage notes through a Web interface. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook. Authentication is not