Posts Tagged Debian Linux Distribution – Security Advisories

1153 results.

Debian WebKitGTK DSA-5937-1: Addresses Critical Memory Corruption

Jun06
by Ike on June 6, 2025 at 8:55 am
Posted In: Debian Linux Distribution - Security Advisories

Debian WebKitGTK memory corruption fix

The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-24223

└ Tags:
 Comment 

Debian DSA-5936-1: libfile-find-rule-perl critical risk of code execution

Jun05
by Ike on June 5, 2025 at 3:19 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian security advisory on libfile-find-rule-perl

It was discovered that libfile-find-rule-perl, a module to search for files based on rules, is vulnerable to arbitrary code execution when grep() encounters a crafted file name.

└ Tags:
 Comment 

Debian: DSA-5935-1 severe: chromium code execution and info leak

Jun04
by Ike on June 4, 2025 at 1:13 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian Security Advisory for Chromium DSA-5935-1

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. Google is aware that an exploit for CVE-2025-5419 exists in the wild.

└ Tags:
 Comment 

Debian: DSA-5933-1 high: tcpdf denial of service and XSS

Jun01
by Ike on June 1, 2025 at 12:59 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian security issues in Tcpdf package

Multiple security issues were discovered in TCPDF, a PHP class for generating PDF files on-the-fly, which may result in denial of service, cross-site scripting or information disclosure.

└ Tags:
 Comment 

Debian Bookworm: DSA-5932-1 Moderate: Thunderbird Arbitrary Code Execution

May30
by Ike on May 30, 2025 at 7:00 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian Thunderbird code execution security fix

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the stable distribution (bookworm), these problems have been fixed in

└ Tags:
 Comment 

Debian: DSA-5931-1 moderate: systemd race condition risk

May29
by Ike on May 29, 2025 at 9:37 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian advisory on systemd info leak issue

The Qualys Threat Research Unit (TRU) discovered that systemd-coredump is prone to a kill-and-replace race condition which may allow a local attacker to gain sensitive information from crashed SUID processes. Additionally systemd-coredump does not specify %d (the kernel’s per-

└ Tags:
 Comment 

Debian: DSA-5930-1 critical: libavif denial of service and code execution

May29
by Ike on May 29, 2025 at 8:34 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian DSA-5930-1 libavif vulnerabilities overview

Multiple vulnerabilities were discovered in libavif, a library for handling .avif files, which could result in denial of service or potentially the execution of arbitrary code.

└ Tags:
 Comment 

Debian: DSA-5929-1 critical: chromium code execution and DoS

May29
by Ike on May 29, 2025 at 6:29 pm
Posted In: Debian Linux Distribution - Security Advisories

Chromium security vulnerabilities in Debian update

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

└ Tags:
 Comment 

Debian: DSA-5923-2 Critical Update for Net-Tools Buffer Overflow

May28
by Ike on May 28, 2025 at 10:39 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian Security Advisory DSA-5923-2 Image

The update for net-tools announced in DSA 5923-1 introduced a regression for ifconfig always showing zero value packet counters. Updated packages are now available to correct this issue. Two additional stack-based buffer overflow flaws are addressed in this update.

└ Tags:
 Comment 

Debian Bookworm DSA-5928-1 critical: libvpx double-free Denial of Service

May28
by Ike on May 28, 2025 at 8:40 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian security update for libvpx double-free issue

It was discovered that a double-free in the encoder of libvpx, a multimedia library for the VP8 and VP9 video codecs, may result in denial of service and potentially the execution of arbitrary code.

└ Tags:
 Comment 

Debian: DSA-5927-1 critical: yelp data exfiltration risk

May28
by Ike on May 28, 2025 at 6:52 pm
Posted In: Debian Linux Distribution - Security Advisories

Critical vulnerability in Debian yelp script

It was discovered that Yelp, the help browser for the GNOME desktop, allowed help files to execute arbitrary scripts. Opening a malformed help file could have resulted in data exfiltration.

└ Tags:
 Comment 

Debian: DSA-5926-1 Critical: Multiple Firefox-esr Flaws

May28
by Ike on May 28, 2025 at 5:57 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian security update for Firefox-esr flaws

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or cross-origin leaks.

└ Tags:
 Comment 

Debian DSA-5925-1: Critical Linux Kernel Security Issues

May24
by Ike on May 24, 2025 at 9:14 am
Posted In: Debian Linux Distribution - Security Advisories

Debian Security Advisory for Linux kernel

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

└ Tags:
 Comment 

Debian: DSA-5924-1 critical: Intel microcode mitigates ITS and injection

May23
by Ike on May 23, 2025 at 7:37 pm
Posted In: Debian Linux Distribution - Security Advisories

Intel microcode update for Debian security advisory

This update ships updated CPU microcode for some types of Intel CPUs. In particular it provides mitigations for the Indirect Target Selection (ITS) vulnerability (CVE-2024-28956) and the Branch Privilege Injection vulnerability (CVE-2024-45332).

└ Tags:
 Comment 

Debian: DSA-5923-1 critical: net-tools buffer overflow causing DoS

May18
by Ike on May 18, 2025 at 12:35 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian net-tools buffer overflow vulnerability warning

Mohamed Maatallah discovered a stack-based buffer overflow in the get_name() function in net-tools, a collection of programs for controlling the network subsystem of the Linux kernel, which may result in denial of service (application crash) or potentially the execution of

└ Tags:
 Comment 

Debian Bookworm: DSA-5922-1 critical: firefox-esr code execution

May18
by Ike on May 18, 2025 at 11:16 am
Posted In: Debian Linux Distribution - Security Advisories

Debian Security Advisory Cover Image

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

└ Tags:
 Comment 

Debian Stable: DSA-5921-1 critical: thunderbird mail header spoofing

May16
by Ike on May 16, 2025 at 8:03 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian Security Advisory for thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird, which could result in spoofing of From: mail headers, execution of JavaScript or information disclosure.

└ Tags:
 Comment 

Debian: DSA-5920-1 critical: chromium code execution risk

May15
by Ike on May 15, 2025 at 6:55 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian announces Chromium security vulnerabilities fix

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

└ Tags:
 Comment 

Debian 12: DSA-5919-1 critical: open-vm-tools file handling issue

May14
by Ike on May 14, 2025 at 9:18 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian 12 open-vm-tools security advisory details

It was discovered that insecure file handling in open-vm-tools, an open source implementation of VMware Tools, may allow an unprivileged local guest user to tamper local files to trigger insecure file operations within that VM.

└ Tags:
 Comment 

Debian: DSA-5918-1 critical: Varnish request smuggling issue

May13
by Ike on May 13, 2025 at 6:17 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian security alert on Varnish smuggling issue

Ben Kallus discovered that incorrect parsing of chunked transfer encodings in the Varnish web accelerator may result in HTTP request smuggling or cache poisoning.

└ Tags:
 Comment 

Debian DSA-5917-1: Critical DoS in libapache2-mod-auth-openidc

May08
by Ike on May 8, 2025 at 9:17 pm
Posted In: Debian Linux Distribution - Security Advisories

Denial of Service in libapache2-mod-auth-openidc

A vulnerability has been discovered in mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache HTTP server that implements the OpenID Connect Relying Party functionality:

└ Tags:
 Comment 

Debian: DSA-5916-1 severe: chromium remote code execution risk

May07
by Ike on May 7, 2025 at 5:25 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian Security Advisory for Chromium Explained

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

└ Tags:
 Comment 

Debian: DSA-5915-1 critical: vips buffer overflow Denial of Service

May03
by Ike on May 3, 2025 at 6:15 am
Posted In: Debian Linux Distribution - Security Advisories

Debian vips vulnerability buffer overflow issue overview

A heap-based buffer overflow vulnerability was discovered in vips, an fast image processing library designed with efficiency in mind, which may result in denial of service (application crash) if a specially crafted TIFF image file is processed.

└ Tags:
 Comment 

Debian Bookworm DSA-5914-1 critical: chromium DoS and code exec risk

May02
by Ike on May 2, 2025 at 2:17 am
Posted In: Debian Linux Distribution - Security Advisories

Debian Chromium code execution risk alert

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

└ Tags:
 Comment 

Debian: DSA-5913-1 critical: openjdk-17 denial of service

May01
by Ike on May 1, 2025 at 8:47 pm
Posted In: Debian Linux Distribution - Security Advisories

Critical OpenJDK-17 update for Debian security

Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of sandbox restrictions.

└ Tags:
 Comment 

Debian: DSA-5912-1 critical: thunderbird arbitrary code execution

May01
by Ike on May 1, 2025 at 6:25 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian security advisory for thunderbird affected by vulnerabilities

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure For the stable distribution (bookworm), these problems have been fixed in

└ Tags:
 Comment 

Debian: DSA-5910-1 Critical: firefox-esr Execute Code Risk

Apr30
by Ike on April 30, 2025 at 10:25 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian Security Advisory for firefox-esr with Multiple Issues

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a bypass of sandbox restrictions.

└ Tags:
 Comment 

Debian: DSA-5911-1 moderate: request tracker information disclosure

Apr30
by Ike on April 30, 2025 at 10:19 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian Security Advisory DSA-5911-1 for Request Tracker

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in information disclosure, cross-site scripting and use of weak encryption for S/MIME emails.

└ Tags:
 Comment 

Debian DSA-5909-1 moderate: request tracker information disclosure

Apr30
by Ike on April 30, 2025 at 9:45 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian Security Advisory for Request Tracker

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in information disclosure, cross-site scripting and use of weak encryption for S/MIME emails.

└ Tags:
 Comment 

Debian: DSA-5909-1 moderate: request tracker cross-site scripting

Apr30
by Ike on April 30, 2025 at 9:41 pm
Posted In: Debian Linux Distribution - Security Advisories

Debian security advisory related to Request Tracker vulnerabilities.

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in information disclosure, cross-site scripting and use of weak encryption for S/MIME emails.

└ Tags:
 Comment 

52 queries. 9 mb Memory usage. 0.436 seconds.