It was discovered that a buffer overflow in the TGA parser of Krita, a creative application for raster images, could potentially result in the execution of arbitrary code if malformed images are opened. For the oldstable distribution (bookworm), this problem has been fixed in version 1:5.1.5+dfsg-2+deb12u1.
Several security vulnerabilities were discovered in the server of the Tryton application platform, which could lead to information disclosure. For the oldstable distribution (bookworm), this problem has been fixed in version 6.0.29-2+deb12u4. For the stable distribution (trixie), this problem has been fixed in
CUPS could be made to crash or run programs as an administrator if it opened a specially crafted file.
OpenVPN could allow unintended access to network services.
Several security issues were fixed in libxml2.
libxml2 could be made to crash or run programs if it opened a specially crafted file.
Several security issues were fixed in WebKitGTK.
FFmpeg could be made to crash if it opened a specially crafted file.
Update to release v0.26.1 Update to release v0.26.0 Resolves: rhbz#2412681, rhbz#2412761 Upstream new features and fixes dependency override for moby/policy-helper needed for license (default
Update to release v0.30.1 Upstream fix Update to release v0.30.0 Resolves: rhbz#2413270 Resolves: rhbz#2407614, rhbz#2407881, rhbz#2408158, rhbz#2409066
Update to release v0.26.1 Update to release v0.26.0 Resolves: rhbz#2412681, rhbz#2412761 Upstream new features and fixes dependency override for moby/policy-helper needed for license (default
Various CVE fixes, most importantly CVE-2025-11001 This also backports the Debian patch (PR unfortunately stalled upstream, with no communication from upstream developers) to not echo passwords when dealing with encrypted archives.
51 queries. 8.75 mb Memory usage. 1.703 seconds.