Debian Rpm vulnerabilities

CVE-2006-5466 [MEDIUM] CVE-2006-5466: rpm - Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Pac... Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages. Scope: local bookworm: resolved (fixed in 4.4.1-11) bullseye: resolved (fixed in 4.4.1-11) forky: resolved (fixed in 4.4.1-11)

CVE-2005-2096 [HIGH] CVE-2005-2096: aide - zlib 1.2 and later versions allows remote attackers to cause a denial of service... zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file. Scope: local bookworm: resolved (fixed in 0.10-6.1.1) bullseye: resolved (fixed in 0.10-6.1.1) forky: resolved (

CVE-2005-4889 [HIGH] CVE-2005-4889: rpm - lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executa... lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file, a related issue to CVE-2010-2059. Scope: local bookworm: resolved (fixed in 4.7.0-1) bullseye: resolved (fixed