Debian LTS: DLA-3052-1: cyrus-imapd security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It was discovered that the Cyrus IMAP server was prone to a denial of service attack via input that is mishandled during hash-table interaction. Furthermore it allowed privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over

Debian LTS: DLA-3047-1: avahi security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It was discovered that the Debian package of Avahi, a framework for Multicast DNS Service Discovery, executed the script avahi-daemon-check-dns.sh with root privileges which would allow a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under