Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service. For the stable distribution (bookworm), these problems have been fixed in
Archive for January 29th, 2025
Matthias Gerstner reported that pam-u2f, a PAM module which allows to use U2F (Universal 2nd Factor) devices in the PAM authentication stack, does not properly handle PAM_IGNORE return values, allowing to bypass the second factor or password-less login without inserting the proper
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in PHP.
This is the January 2025 security and bugfix release for .NET 8.0. It updates the SDK to version 8.0.112 and Runtime to version 8.0.12. Release Notes: SDK: https://github.com/dotnet/core/blob/main/release- notes/8.0/8.0.12/8.0.112.md
This is the January 2025 security and bugfix release for .NET 9.0. It updates the SDK to version 9.0.102 and Runtime to version 9.0.1. Release Notes: https://github.com/dotnet/core/blob/main/release- notes/9.0/9.0.1/9.0.1.md
fix VW_VERSION in compiled code, patch security issues
Includes security fixes to the crypto/x509 and net/http packages