You are here

Home » News » Sources

Debian Security

Subscribe to Debian Security feed
Debian Security Advisories
URL: https://www.debian.org/security/dsa.rdf
Updated: 5 hours 33 min ago

DSA-6200-1 tor - security update

5 April, 2026 - 00:00
Two security vulnerabilities (TROVE-2026-004 and TROVE-2025-015) were discovered in Tor, a connection-based low-latency anonymous communication system, which could result in denial of service.

https://security-tracker.debian.org/tracker/DSA-6200-1

Categories: Security

DSA-6199-1 trafficserver - security update

5 April, 2026 - 00:00
Two vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service or HTTP request smuggling.

https://security-tracker.debian.org/tracker/DSA-6199-1

Categories: Security

DSA-6198-1 valkey - security update

5 April, 2026 - 00:00
Two security vulnerabilities were discovered in Valkey, a persistent key-value database with network interface, which could result in denial of service or data manipulation.

https://security-tracker.debian.org/tracker/DSA-6198-1

Categories: Security

DSA-6197-1 dovecot - security update

5 April, 2026 - 00:00

Multiple vulnerabilities have been discovered in the Dovecot IMAP server which way result in denial of service, SQL injection, path traversal, replay attacks or timing side channel attacks.

https://security-tracker.debian.org/tracker/DSA-6197-1

Categories: Security

DSA-6196-1 roundcube - security update

4 April, 2026 - 00:00
Multiple vulnerabilities were discovered in roundcube, a skinnable AJAX based webmail solution for IMAP servers, which could result in information disclosure, IMAP injection, CSRF bypass, bypass of remote image blocking, cross-site scripting, access control bypass, or privilege escalation.

https://security-tracker.debian.org/tracker/DSA-6196-1

Categories: Security

DSA-6195-1 python-tornado - security update

3 April, 2026 - 00:00
Multiple security vulnerabilities were discovered in the Tornado Python web framework, which could result in denial of service, header injection or cross-site scripting.

https://security-tracker.debian.org/tracker/DSA-6195-1

Categories: Security

DSA-6194-1 pyasn1 - security update

3 April, 2026 - 00:00
It was discovered that pyasn1, a generic ASN.1 library for Python, is prone to a denial of service vulnerability when decoding ASN.1 data with deeply nested structures.

https://security-tracker.debian.org/tracker/DSA-6194-1

Categories: Security

DSA-6193-1 inetutils - security update

3 April, 2026 - 00:00
Several vulnerabilities were discovered in the inetutils implementation of telnetd and telnet, which may result in privilege escalation or information disclosure.

https://security-tracker.debian.org/tracker/DSA-6193-1

Categories: Security

DSA-6192-1 chromium - security update

2 April, 2026 - 00:00
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

https://security-tracker.debian.org/tracker/DSA-6192-1

Categories: Security

DSA-6191-1 gst-plugins-ugly1.0 - security update

1 April, 2026 - 00:00
Multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened.

https://security-tracker.debian.org/tracker/DSA-6191-1

Categories: Security

DSA-6190-1 gst-plugins-bad1.0 - security update

1 April, 2026 - 00:00
Multiple multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened.

https://security-tracker.debian.org/tracker/DSA-6190-1

Categories: Security

DSA-6189-1 libpng1.6 - security update

31 March, 2026 - 00:00
Two security vulnerabilities were discovered in libpng, a library implementing an interface for reading and writing PNG (Portable Network Graphics) files, which could result in denial of service or potentially the execution of arbitrary code.

https://security-tracker.debian.org/tracker/DSA-6189-1

Categories: Security

DSA-6188-1 lxd - security update

31 March, 2026 - 00:00
Multiple security issues were discovered in LXD, a system container and virtual machine manager, which could result in privilege escalation or the execution of arbitrary commands.

https://security-tracker.debian.org/tracker/DSA-6188-1

Categories: Security

DSA-6187-1 php-phpseclib3 - security update

29 March, 2026 - 00:00
It was discovered that the AES-CBC implementation in the PHP Secure Communications Library was susceptible to a padding oracle timing attack.

https://security-tracker.debian.org/tracker/DSA-6187-1

Categories: Security

DSA-6186-1 php-phpseclib - security update

29 March, 2026 - 00:00
It was discovered that the AES-CBC implementation in the PHP Secure Communications Library was susceptible to a padding oracle timing attack.

https://security-tracker.debian.org/tracker/DSA-6186-1

Categories: Security

DSA-6185-1 phpseclib - security update

29 March, 2026 - 00:00
It was discovered that the AES-CBC implementation in the PHP Secure Communications Library was susceptible to a padding oracle timing attack.

https://security-tracker.debian.org/tracker/DSA-6185-1

Categories: Security

DSA-6184-1 incus - security update

29 March, 2026 - 00:00
Multiple security issues were discovered in Incus, a system container and virtual machine manager, which could result in denial of service or the execution of arbitrary commands.

https://security-tracker.debian.org/tracker/DSA-6184-1

Categories: Security

DSA-6183-1 nodejs - security update

29 March, 2026 - 00:00
Multiple vulnerabilities were discovered in Node.js, which could result in denial of service, side channel attacks or information disclosure.

https://security-tracker.debian.org/tracker/DSA-6183-1

Categories: Security

DSA-6182-1 libxml-parser-perl - security update

28 March, 2026 - 00:00
Joris van Rantwijk discovered that libxml-parser-perl, a Perl module for parsing XML files, is prone to a heap-based buffer overflow flaw when parsing an XML file with very deep element nesting.

https://security-tracker.debian.org/tracker/DSA-6182-1

Categories: Security

DSA-6181-1 bind9 - security update

27 March, 2026 - 00:00
Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in bypass of ACL restrictions or denial of service.

https://security-tracker.debian.org/tracker/DSA-6181-1

Categories: Security

Pages