Debian Security

DSA-5923-1 net-tools - security update

18 May, 2025 - 00:00

Mohamed Maatallah discovered a stack-based buffer overflow in the get_name() function in net-tools, a collection of programs for controlling the network subsystem of the Linux kernel, which may result in denial of service (application crash) or potentially the execution of arbitrary code.

https://security-tracker.debian.org/tracker/DSA-5923-1

Categories: Security

DSA-5922-1 firefox-esr - security update

18 May, 2025 - 00:00

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

https://security-tracker.debian.org/tracker/DSA-5922-1

Categories: Security

DSA-5921-1 thunderbird - security update

16 May, 2025 - 00:00

Multiple security issues were discovered in Thunderbird, which could result in spoofing of From: mail headers, execution of JavaScript or information disclosure.

https://security-tracker.debian.org/tracker/DSA-5921-1

Categories: Security

DSA-5920-1 chromium - security update

15 May, 2025 - 00:00

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

https://security-tracker.debian.org/tracker/DSA-5920-1

Categories: Security

DSA-5919-1 open-vm-tools - security update

14 May, 2025 - 00:00

It was discovered that insecure file handling in open-vm-tools, an open source implementation of VMware Tools, may allow an unprivileged local guest user to tamper local files to trigger insecure file operations within that VM.

https://security-tracker.debian.org/tracker/DSA-5919-1

Categories: Security

DSA-5918-1 varnish - security update

13 May, 2025 - 00:00

Ben Kallus discovered that incorrect parsing of chunked transfer encodings in the Varnish web accelerator may result in HTTP request smuggling or cache poisoning.

https://security-tracker.debian.org/tracker/DSA-5918-1

Categories: Security

DSA-5917-1 libapache2-mod-auth-openidc - security update

8 May, 2025 - 00:00

A vulnerability has been discovered in mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache HTTP server that implements the OpenID Connect Relying Party functionality:

An unauthenticated attacker could crash the Apache httpd process by sending a POST request without a Content-Type header if the 'OIDCPreservePost' directive is enabled, resulting in denial of service.

https://security-tracker.debian.org/tracker/DSA-5917-1

Categories: Security

DSA-5916-1 chromium - security update

7 May, 2025 - 00:00

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

https://security-tracker.debian.org/tracker/DSA-5916-1

Categories: Security

DSA-5915-1 vips - security update

3 May, 2025 - 00:00

A heap-based buffer overflow vulnerability was discovered in vips, an fast image processing library designed with efficiency in mind, which may result in denial of service (application crash) if a specially crafted TIFF image file is processed.

https://security-tracker.debian.org/tracker/DSA-5915-1

Categories: Security

DSA-5914-1 chromium - security update

1 May, 2025 - 00:00

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

https://security-tracker.debian.org/tracker/DSA-5914-1

Categories: Security

DSA-5913-1 openjdk-17 - security update

1 May, 2025 - 00:00

Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of sandbox restrictions.

https://security-tracker.debian.org/tracker/DSA-5913-1

Categories: Security

DSA-5912-1 thunderbird - security update

1 May, 2025 - 00:00

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure

https://security-tracker.debian.org/tracker/DSA-5912-1

Categories: Security

DSA-5911-1 request-tracker4 - security update

30 April, 2025 - 00:00

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in information disclosure, cross-site scripting and use of weak encryption for S/MIME emails.

https://security-tracker.debian.org/tracker/DSA-5911-1

Categories: Security

DSA-5910-1 firefox-esr - security update

30 April, 2025 - 00:00

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a bypass of sandbox restrictions.

https://security-tracker.debian.org/tracker/DSA-5910-1

Categories: Security

DSA-5909-1 request-tracker5 - security update

30 April, 2025 - 00:00

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in information disclosure, cross-site scripting and use of weak encryption for S/MIME emails.

https://security-tracker.debian.org/tracker/DSA-5909-1

Categories: Security

DSA-5908-1 libreoffice - security update

28 April, 2025 - 00:00

Juray Sarinay discovered that PDF documents signed with the adbe.pkcs7.sha1 standard were incompletely validated by LibreOffice, which could cause invalid signatures to be accepted as legitimate.

https://security-tracker.debian.org/tracker/DSA-5908-1

Categories: Security

DSA-5907-1 linux - security update

27 April, 2025 - 00:00

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

https://security-tracker.debian.org/tracker/DSA-5907-1

Categories: Security

DSA-5906-1 erlang - security update

20 April, 2025 - 00:00

Several vulnerabilities were discovered in the Erlang/OTP implementation of the SSH protocol, which may result in denial of service or the execution of arbitrary code.

https://security-tracker.debian.org/tracker/DSA-5906-1

Categories: Security

DSA-5905-1 graphicsmagick - security update

17 April, 2025 - 00:00

Two vulnerabilities have been discovered in GraphicsMagick, a set of ommand-line applications to manipulate image files, which may result in denial of service or the execution of arbitrary code if malformed image files are processed.

https://security-tracker.debian.org/tracker/DSA-5905-1

Categories: Security

DSA-5904-1 libapache2-mod-auth-openidc - security update

17 April, 2025 - 00:00

It was discovered that mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache HTTP server that implements the OpenID Connect Relying Party functionality, was susceptible to information disclosure in some configurations

https://security-tracker.debian.org/tracker/DSA-5904-1

Categories: Security

You are here

DSA-5923-1 net-tools - security update

DSA-5922-1 firefox-esr - security update

DSA-5921-1 thunderbird - security update

DSA-5920-1 chromium - security update

DSA-5919-1 open-vm-tools - security update

DSA-5918-1 varnish - security update

DSA-5917-1 libapache2-mod-auth-openidc - security update

DSA-5916-1 chromium - security update

DSA-5915-1 vips - security update

DSA-5914-1 chromium - security update

DSA-5913-1 openjdk-17 - security update

DSA-5912-1 thunderbird - security update

DSA-5911-1 request-tracker4 - security update

DSA-5910-1 firefox-esr - security update

DSA-5909-1 request-tracker5 - security update

DSA-5908-1 libreoffice - security update

DSA-5907-1 linux - security update

DSA-5906-1 erlang - security update

DSA-5905-1 graphicsmagick - security update

DSA-5904-1 libapache2-mod-auth-openidc - security update

Pages

Services

Books

Open & Distributed WOW