Day: 4 junio, 2018

Man Yue Mo, Lars Krapf and Pierre Ernst discovered that Batik, atoolkit for processing SVG images, did not properly validate itsinput. This would allow an attacker to cause a denial-of-service,mount cross-site scripting attacks, or access restricted files on theserver. More info: https://www.debian.org/security/2018/dsa-4215

It was discovered that Zookeeper, a service for maintaining configurationinformation, enforced no authentication/authorisation when a serverattempts to join a Zookeeper quorum. More info: https://www.debian.org/security/2018/dsa-4214