Information on source package mono

Available versions

ReleaseVersion
jessie3.2.8+dfsg-10+deb8u1
stretch4.6.2.7+dfsg-1+deb9u1
buster5.18.0.240+dfsg-3+deb10u1
bullseye6.8.0.105+dfsg-3.3~deb11u1
bookworm6.8.0.105+dfsg-3.3
trixie6.12.0.199+dfsg-2
sid6.12.0.199+dfsg-2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-26314vulnerablefixedfixedfixedfixedfixedfixedThe mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary ...
CVE-2018-1002208vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedfixedSharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allow ...

Resolved issues

BugDescription
CVE-2021-32842SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starti ...
CVE-2021-32841SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Starti ...
CVE-2021-32840SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior ...
CVE-2015-2320The TLS stack in Mono before 3.12.1 allows remote attackers to have un ...
CVE-2015-2319The TLS stack in Mono before 3.12.1 makes it easier for remote attacke ...
CVE-2015-2318The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers ...
CVE-2012-3543mono 2.10.x ASP.NET Web Form Hash collision DoS
CVE-2012-3382Cross-site scripting (XSS) vulnerability in the ProcessRequest functio ...
CVE-2011-0992Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 ...
CVE-2011-0991Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 ...
CVE-2011-0990Race condition in the FastCopy optimization in the Array.Copy method i ...
CVE-2011-0989The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, ...
CVE-2010-4225Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x ...
CVE-2010-4159Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 a ...
CVE-2010-1459The default configuration of ASP.NET in Mono before 2.6.4 has a value ...
CVE-2009-0689Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa. ...
CVE-2009-0217The design of the W3C XML Signature Syntax and Processing (XMLDsig) re ...
CVE-2008-3906CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows ...
CVE-2008-3422Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net cla ...
CVE-2007-5473StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when runnin ...
CVE-2007-5197Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and ...
CVE-2006-6104The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in ...
CVE-2006-5072The System.CodeDom.Compiler classes in Novell Mono create temporary fi ...
CVE-2005-0509Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 ...

Security announcements

DSA / DLADescription
ELA-812-1mono - security update
DLA-3343-1mono - security update
DLA-1564-1mono - security update
DLA-376-1mono - security update
DSA-3202-1mono - security update
DLA-176-1mono - security update
DSA-2512-1mono - missing input sanitising
DSA-1397-1mono - buffer overflow

Search for package or bug name: Reporting problems