Debian Linux project released the Openssh security updates for computers powered by its Debian Linux operating systems. It has been discovered that the signal handler implementing the login timeout in Debian’s version of the OpenSSH server uses functions which are not async-signal-safe, leading to a denial of service vulnerability.
Postfix MTA updated to fix security vulnerabilities such as incorrectly checks the ownership of a mailbox. In some configurations, this allows for appending data to arbitrary files as root. This update has been rated as having moderate security impact.
Debian Linux project released today bug fixes for lighttpd and gaim package that allows remote attacks and DoS attacks.
Havoc Pennington discovered that DBus, a simple interprocess messaging system, performs insufficient validation of security policies, which might allow local privilege escalation.
Several remote vulnerabilities have been discovered in the TYPO3 content management framework.