DELTA 559468 0 1402847 SVNf4v@OY?'!X*x^QMo0 =7ݖ4MRhCvd*KD/'͆^MQevq%l^oU]lvzk{_kxCyE.ԃCàDD8 cT:K3tQM\q+^Z\I:, hj)%_:V6/-‡Bߡ' TDCt'E?ac@~nt'DLZy/""bYdRWjR&D L9LEӝ9DK-C1!1Z>(0$om緇_;RS`ƎwcJ,/1B!D#zZ^Yd y6ϔ>n㘻.>"Ai AH"TNO0h0/|š[ͽN%x8D鬷]P-ʈ^eGņE]Jhcn.OtEKGyz_Ӱ/Z?.[-\[jVoy!x^1O0WX;i Y( gZvd;ד&m 7=}OU0|Ɔdga1$,qX: :IYHVZK[8ISj=?9GݙCQ>D\ B#k:rxirdkQ O_qm@JN.~:)D(yZWOXgb$nr%d!(*tJ,άrQ`ɲ-&do8 ZEahϞ]mMT6P'ƺ&ewCY9#-& `>'y'x^RMO@=b8*DE(M`Oά_ߵCAH7c|KљKY?~WRī:Ơyn ny5-7Ct2Kh[eS6.Ne~4fz(1ɚHkܴ'X*=ڼF{Ӿs|ޗqr ( @BIlk$}Lz'"-mU>ۇ(d\ lyJjLoQ7d9$)܄[\X5ۥs o"8"KKrp]hwm1ܵ{>űV7c֙ I=o_N95ฃ;_ak} uFg~o)7/W"ǤR_X8c& wy-x^P=o _cNmRQ/mե[?'Ʈ$jC \c=!ۘ\OXRCڐgҔbYv`4ɟfOV<MMeMڇһ[n؎ r' ` SxM)ngxl 3\r=^.<njgSʔO,Z/ۿ!Qc'=w\tOiAF k TK!Cw+1ux]4 s+^e ->|Ipa`uFy'x^Mr0 FLqbebm ? >=IO$'Fm ֏K @fLJ%S{ʎ{=eK$D]s͞;a%g6;y]H_7.\B+/ơue2)C[]Tc.H:A- RauEZS )ƅ-}k6q#K ɇ菷Ms%[d@\ x^@ S6aE=Z Hܼ3n3dLT s&JI'!$V<<̀1޼;ۏ/ q]ݸf13KH{@j(Sdw ? v8Ey&Ș P왖c4q64}A[ڂ30 򵤍J/*6e6I)'E1SQ!y|=fVv  gY0!)BrSkDp2NHOn~6͏GQmeK6j`LԦfdd?pՖWsu[BoW/ݾ~ufʱ|nZNj&:Į ӕ{:u ozjwҵJ[]ɫ d{y#x^uAo0 ݯ zwkF" [ ٰ+-ѶYr)iieI(~/gKN׆u5sMZZW6ݼgP mVUZy {t@A@ "ZxQƧV [ձ 1q*6CoR#dbghߣcNXjN0@S̢ 2Ϧ oB AMSӨ 6oKiԆY/G H5La7+DNu!D&Kx%uX=:bycԑTBo릯!bU¶<_i https://about.gitlab.com/2019/04/10/critical-security-release-gitlab-11-dot-9-dot-7-released/ CVE-2019-110004-10 2019-04-11

Description

(Medium) SECURITY-1289

Jenkins accepted cached legacy CLI authentication

 _`M5x@G2x^r k)v\#)r,eM&.)=,8@N_{񳻰!謏QǗ V~mD& LM<>}U(+ sw@:Rì>#3Ub!Ho~H&ݨ55"9iqLRa7%?^H]n M9gCK' 4MUb.(IZ۶aO$S=8H ExiO|(I2zS,-ߦ~NF=ڪTRSKZ E-63v9CzIBդBsf잙a,r#jv.jPmK%jX>uZ6$B@8ŀ͢^6fU7՞3 9gX|OOBRZ.kMk>#IX~I6"Hu‘6uꦞvG֊L1c@_\v{ E %C(,`P(=v-8ʦ0XP,ZY'<"nސ#?1 "Gc\j( 1L(1bE$ SF`ÐpF+!FyFAz=N#s=/ Ѡ :yx^m_o0şS7!#Nĩ&6։Z M:iϺ}{n ۵l=O$fEĒ(I7WpNϢ,ONuXՏQ|ƅ3^S7aOwp4᧫#09)K3Ȝ?p42/v(yQELeuL="KUWuFZ?#$/ `[-L#-ϞBsh #ҟ;m_`7|R ˆ{͵о 8i 3n^"?m+I ]C}{[vL-x^N0}wd|AEnqHy{CJTM.|uC银Gw_!z+Y,Àb;+\}jnMcjo%:)'i':{PiA.aRuE~R:Gz;QUF'cb#+;->Y֌Zu޺}sΞ { z@my x^n0 SqVC 00 nw-dȒ"vak;L R"p,#u"zr~ƽ0 xI\r6y:zY49[a^9!/?7WM7/{e͒Yye@yN镶xm@*636cX0Q>0#6E̟eUxO RERbkD%AS3 -`Wa]\r( [ iƱ{=jZ.6}@cjꉅN g',>~H "#[GJ~j(wMZU167ۇ/wEY͠5JT)>N) GIm)BET2Efjf[E< }aywx^= @> 3",6+؋ ($"nni>â6-HqeZp ̋Y)R1BL1EL3d`d N`5Uˋ'###pR+v@{Ayx^uR=o0 sl52v=d:"D_z>Gn :hx"#ߓv;<g>5]I63XeeIGfǣA2ao,'E Z =pYt[TuRV:vYI+R:B8PpuuĠZOg]Я{.BA]}U?n3/4e+A՞g6X'ׄnAI#d\(·.luZB`GE8 8췉@ORL`9F_ཧo OV#ȶGQYز`JԂ0HH^jtyfNה ;w,b3Problem Description:

An integer overflow in computing the size of IGMPv3 data buffer can result in a buffer which is too small for the requested operation.

Impact:

An attacker who can send specifically crafted IGMP packets could cause a denial of service situation by causing the kernel to crash5-1414 SA-15:04.igm2-250aad3ce5-600a-11e6-a6c3-14dae9d210b8"> FreeBSD -- SCTP stream reset vulnerability110.1_5CVE-2016-2808 CVE-2016-2811 CVE-2016-2812 CVE-2016-2814 CVE-2016-2816 CVE-2016-2817 CVE-2016-282039424445464748/ 2016-04-26 2016-04-26 p+X_︮ܤ;@5]x"nKsׁ[7TӨ$НK4%in-{~xh7>nUqt8 m*eihCO.FUòhsH;t挏soji(C ˇ*ɓ4rJ=aw@IyFx^uRMo =ޓ F@>xm'Qrf J Ax墲fƘIl+[#\RhʒJ)<mN:n~/tUqWE?VGUOP(JZuGnSfdNtIznzh͞fyV׀@Ϡȃ>3#nmo& q7?mG ],Y٘I H^yOn2φ8C5 h2BO;FUN}W|a#"9_?A@ K>yx^MQj0}~Ő&1BЇ¬4^ʒ;+N@h4sљQ490#jD<*I ~X'AąDn(6h (ӧ', sv~7(x`$6-eaxJn$ >R2`zu :r\\6Pr@ \WsNImTŵ@MkD1(C 'P3ab5I(cO*} 8!X6Ux˺LG6璘y:C;YUQ("6 ;/d|%XVVY1[fGB~.m>mC So7us_3|&+K:gEZQDpbso{(+HrsR@DRNUjÁ LIMo{uYR!+xby//m.%ae#{F9#*Ӡ(Y|$`Yo`9bbD;+m^:ztˑ:ԂBo@q5 9˙~&\hQ~~#Rۊǜ o_aV}N &Ĺjsb$W-p?x)\1M=l˨ݖ/қX-/%_h`(́ ض6HG]i>Ax|nw̪s=_QU.,~۩zBG9V! *ʡW:(Z }=dթ9u庯uhͷ>U{q' ߿A+JJvxyGx^mRM0=gX:Ԫ*UC/+c `6$Tˇ7oo><~WF㟦p/c3huYB8][> }k Zh?C((Mp:f5T"IX^U>Q%,cſ-bQV^8vP^pa^,=H3SAb(Q֠n!䥖kjˇ.Ma{qH넦*J(4H:hU2_Zq"oL;<"c 9ǎ;7P֗4NbFc(2aJkk[!⎸;2O4.~flMӚ99XTߣp/4mN]ӺJ^3x! h$PHHpLy;IM@Qr=yHx^]M ɯIvjS{I#6-ć8Ir@gd^ɳl5ȺZ5N:)S~ڼß('d ߎȮ =tQ {_<5FuIWa!m69CR +uE 5eMv]^uT3`QPx>qP:T$(rh~}qQf˨jGVza&tZYY2WRcRhZIlo)!jyftJ7վm_#RIU Oy}++Eo F0E' Agtwy?ri vH2:f)lM)jF~b@p< (鳂":.pD>>h/ܔiZysx^mN0 SDp-LBBJwH*qV?W'Gwlm=L: A#4ݭ4iAdL 7b|'!YH:ȯkOg|3k(w:S &eTʩ'`NNĽ[r; 4Ƴ.zQaUEE-/RO5,6pr)ɺj2զ5Xl:Yel7FEU3Xz,{!x}ʊAd9=.Fcb1ڴ' wBˠbV >Y#R#@,fvj К%}TzvJS>4^+SyYyx^Pn0<_꩕ YCC9 &N~}mCBTΎ RlpUp8_I-U0iȳNdm&T""^RD,őJ6%ԝU (D7ޱ!/n0Y9(/iВ<:ރGMa5~ +4 .>:ĺq[ {cWF n/>0ſSO(`ȀB/vbyx^M ϛ_1e/_7r\{V=Z^ a7PgIs&{mEQh n!TM"p=it˸35rSS$R%mVE]ɞvw/ofIgŀ=iFfG̒ >B;V\ w,f8Rzh4nd u5ʷU6ş_WXM>Gm|}["dOy-zufˑE:ƓE"~$=ԑ=̄$Ym!Jpm@Ċ`DGUh&4Q.xAbJϹ ˒3ZÒ"@K/Π Tw?`@y0x^]ao1 ?_a+tT1$(t]XdSvz}UwrSlMٻ kxc*3G+~Pr4z췋_}XY^/V n](@8bB(lw@PZ O؛ͣ>Z F0z?8Bqf~s|,-\JP^F?Bak+Z(&drޚpjH {o0:61';F)[ռC:˙@X:8 X7/F>Đp_&Q'F}!\?X)Tfm=]}"6瑁K)OUU:eycx^Qn0<7_Ȕd ]YS+XSk$2\I剻7_2?`W 5<n-_^Hh13s!NX{6XV4 0ɃU"0JD0i u4JScp5:80AY>nWf]<˲zx(-Aր ^ugeM=ZcuG4 Xޢ*SéV~ x@PS=ȵgR/?WD?|ד D왬17cmFX)6 ^Ƶk> Wl7̟JU-&8Wag\12y*xH] fL +,vӐ p+R^iƙ8gtv(U2 &N4HtBUL66J. mAOo^Qm7X뀁> F5Dx^n@ E+Q7- UeZQT)8av&8ilxMc>9ltJ]{prp~4 *_'7N7uo3ev)fI10y-?iQ@{Wt?Lvf VM+U~ORr=bv՞^7L\ t'<*Q K abBfNa=  Iq5,yw7.php CVE-2013-47296-30 2013-06-30 apache-xml-security-c -- heap overflow during XPointer evaluation apache-xml-security-c 1.7210.txt">

The attempted fix to address CVE-2013-2154 introduced the possibility of a heap overflow, possibly leading to arbitrary code execution, in the process$=#xCC1w@>;;345/ https://puppetlabs.com/security/cve/cve-2013-2275/ https://groups.google.com/forum/?fromgroups=#!topic/puppet-announce/f_gybceSV6E https://groups.google.com/forum/?fromgroups=#!topic/puppet-announce/kgDyaPhHniw04042f95-14b8-4382-a8b9-b30e365776cf"> puppet26 -- multiple vulnerabilities puppet26 2.62.6.1 `yx^uMo@+FN_*ѢA @Mxzw]I=Œ;Ͼuݤ5NlT#c;6$áO\~p.#lef( CM=x,)G[iϳI:_:I'YbF3jʒlKRjAW&2 -,s G@-lUP`ib}P?]opE9~|>c^ p_oW1Q86ZRO[D~p3q1{3;8Lgc+t/ zu >*s02ء>xc3h8,TZ ?VP/T13X9Ƀ֔X;rbYCƆAO;q(&FUuVJ>z=#U*  eHW(.x_HdG@1w4yIx^ER0<'_K[`I6Yy꥗JժȘGbl~אd00_)[CDP#*@DžsOAI3*7M=<n]`3\i5J^Y}:1'όPas c6I/屬v`'XZδx~Q õ^"]SCKCVݘ-廬Mz3)ۨP!#o"kʊg[smS\Jy}D4wx^Eݎ )&SJ{1dS%RҩƷv. 0M1nImtbY*rOz<K;B|Ed0FK~m/ƽ\LPeيM1G& 9ҙZ,U>y(VeYxNɽdTtT2c멅=6Z.i2YK^G -fr&לn%:Tm|.بU_g뜭KmhΊ`:Ĉ'hJ2Īk~̠jx/AA`[V_: ? :_CȞ&_rJn$,M=x^Mn0)Kԏm, t45P@䨧(rҠrA<>,Ev?ӣ gWu^(C&f 9|v/&[Kcug9u(AAšFMŠ%I0T!^-WPW5NxkBsa~&"{A8yk%?qK!*63v}My [@ yix^mR0=wbBmWK[_hb`#;C,Y~3。]xp*. .!~ 0= $h{Lh7Fm5udwxB>}j^O:Uy~4&AEl]LwQߋXWղeVa`w^,&Ǚ Z9ki3x#@P5fT g!@>4-t%; i] @Gc |ɞ@rA-A4.{̜^Y׵U 6fPl"s*5yL^oؘLni,݇8Ug/d*P|\vPyAx^UR=o0 _AdGv"FzZnV$:*K(ȿ?Nax)>L1ee=h4RV^#mAD|iC聐yP,W4FKb`1^`"pB?!,ZY {LXze,ptuSW#R|g8'bܪ|Jq%,\yMڃӡXƺmNQ榕C*:<# iT.Ӛ^hlba,lz%q֕b9;r쎻7o9&a )ӳ`Llˆ^ ݿx_F tG n y1xy(lVLH2Ս2ZOM=O쮳 . ٥pf`>>*yIx^MRKO0 >_aqMAP w$^$J=ct=Η撟Mudȣf~nctQ 1 + lWmgde"1SA؁1+YYrNo82l,* 6f, %J+tEVhNQhuG@ђ, c]OXaTGm=7PD3)6 v(.xz vq6i$ױ.m~8/,Y|/@ND<9cj ~Z%Zh ih8]S}GihAi5DҜ3w3jCч$/$St.+ZH9G&UMU ;QǓ 5gv^Z,ᵂ RuAw?H*yvx^]O0\6+YHmPFul6lB߼><*@ "ls^Um^፺_ry`m8iP\;ͩtM˩dOmQڞZ7ǿ.L!hn(p$}\!GvB o'4r_G{ $ioɨjHG (^} esזMYZwؼݗ E2[G{W>>ȍ6@6sk -ks@>XpA"8B|afJUGo.$Dp|GkR%.%螉8/EBB'7jO2nyS$^;-~L◊-Lǂs_R>\yVx^Mo0ͯn` !UUzksԻŊ;l[QU q;fj?C@5,uH36EaOٰT{5"L&#`F@ʅNRg"I@qN필-DWgT3 {X=N֛2!$&W :9b{/?EYH7m&1N|],5^2O6$ >&OeGB+zeSd S!ʏe٩gq:i-s-*ꢼE?rDi˄NCGށLsǣ?ie {yx^Mk1rB@!R uY;F+)3#v8zY/x̫g_`̉UV|j|*I<)~Urr.4˘Z\ ;_m{H1 GPA"؂&( 7♲V-|~ ޖs O 95 dۢ4y"IE9$R`|*(S{ + Ы:S)IŤV4pד{3Xi.#u1~1dQlq!EaO۫y|Nes9Ż\i_ .T?͏))n?/wD(ʇȃk9N,>F{T%Qc6ebY, KJ;6]Ը6cfaQ۝dg"l&JTVV37Vug]iy0Oӻ"7~QG?:14nN@^XvyGx^R =7_1y18cbVUS^+x* o5d{衜޼y?r\<ʄkP 09Vm>Yrq>|Q'8!z8ydFCFI;w-F vd(\fÞ~w,joG>O?>*eԘ$/·"#Lw%d‚n}$>t7MđVO@hgfby'wyo-yٷX,dM 1t kMwfwv}LF 8irX\ 0.dBy_hr!]0kUGO xFT|EeuUsi/?)ŀTxHu>my>x^]QMo0=_1ʩHkV(J{aLȨƶʿ1oyu5ucm4ƾ[ yS5ն/oXu Jl;=&;= !{!cd v}S)8|==uぺ9^nzYMo lGk(8vd" ?@}A N4ybG"tP,aPDK{U.c %E>gIyIx^EQN1 >SX{3R(R rՓlR8ufJZ߿B?5p_Z z%3T*\UH-j(./H#ُpy"JΫqGr\GV hdB5AQi|ʳ ))謉NJbsA=r]H[άbG),T[ Bh_K8En1Bb73hBl·LuGoO::$YAZӬ֍f{hGlrh~-#/O}E=l [v@c'Hy.x^mRMk@ =w{7e qһc0N+{ؒg=9w.;q֧woZwdqycxfVH?Un4þ98Qfw{{많/ O>3G^2f<J s>* |\7% ZN9k` ’ ;Aꕛ8B 䝑`kwdu+)0 +)'0BcyY4)QIgâ_^qJC21:\ 'ׁ LZklׂ6ڐ̴VPTvg 2@92HWkJYGOg#GqI-e+F@]!LkYӼԯOe#"aA@$N^gJw?9@cx^}RMo =zm0xmm/ZaƸ04ݦRT\1xJeL1_׏hy &W`PZ3X_";E b)BVd=\6ea}rTԄ4%"eMMs\V _i{yx^MRˎ0 <'_Ay׏m{ P. tk!K-D /8E.I Gф <[gL=tjPs,t'5⭂Ϋ׸P.v\ZUշ~$Nj:Q%{2WǯOVV맊XáL rGU sl^t/ /}QHʻcJvZ¦| Bo9p4yԉc?? iI-U[ GCGbn}gMr|}Ay>2004-03-23 2004-12-16 2005-03-15 phpmyadmin --range>2.6.0.2WGUze\&(H 2twL8eRLcrfGxHy+Q?ۡCʜ`y<* @Ӽx ;_bےnUA(>Du vT}Cf[ k<*q?6`z [I@$F4r*Z^9>{ߧ4M[%%h+lbk%pɧUT8?Ye(!߱WxCy9/)#׹ޚ_3 0ѱCSn`.So'.!u Mu(s=4C|R?Z'2x^Qn =gbS*kG9# bnxwJ=C1{21{deiZ @Q%),Nϣ/<*`IYք91JJ)]QƋoj~w'32=:“ OS