Debian Security

DSA-6033-1 bind9 - security update

23 October, 2025 - 00:00

Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in cache poisoning or denial of service.

https://security-tracker.debian.org/tracker/DSA-6033-1

Categories: Security

DSA-6032-1 request-tracker4 - security update

22 October, 2025 - 00:00

It was discovered that Request Tracker, an extensible trouble-ticket tracking system is prone to a CSV injection via ticket values with special characters that are exported to a TSV from search results.

https://security-tracker.debian.org/tracker/DSA-6032-1

Categories: Security

DSA-6031-1 request-tracker5 - security update

22 October, 2025 - 00:00

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in CSV injection via ticket values with special characters, or cross-site scripting via calendar invitations added to a ticket.

https://security-tracker.debian.org/tracker/DSA-6031-1

Categories: Security

DSA-6030-1 intel-microcode - security update

22 October, 2025 - 00:00

This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities which could result in privilege escalation or denial of service.

https://security-tracker.debian.org/tracker/DSA-6030-1

Categories: Security

DSA-6029-1 ark - security update

20 October, 2025 - 00:00

It was discovered that insecure path handling in the Ark archive utility could result in overwriting a user's files.

https://security-tracker.debian.org/tracker/DSA-6029-1

Categories: Security

DSA-6028-1 lxd - security update

17 October, 2025 - 00:00

Multiple security issues were discovered in LXD, a system container and virtual machine manager, which could result in file disclosure, information disclosure or or cross-site request forgery.

https://security-tracker.debian.org/tracker/DSA-6028-1

Categories: Security

DSA-6027-1 incus - security update

17 October, 2025 - 00:00

Multiple security issues were discovered in Incus, a system container and virtual machine manager, which could result in file disclosure, information disclosure, privilege escalation or cross-site request forgery.

https://security-tracker.debian.org/tracker/DSA-6027-1

Categories: Security

DSA-6026-1 chromium - security update

16 October, 2025 - 00:00

A security issue was discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

https://security-tracker.debian.org/tracker/DSA-6026-1

Categories: Security

DSA-6025-1 firefox-esr - security update

15 October, 2025 - 00:00

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, memory disclosure or cross-site scripting.

https://security-tracker.debian.org/tracker/DSA-6025-1

Categories: Security

DSA-6024-1 ghostscript - security update

11 October, 2025 - 00:00

Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.

https://security-tracker.debian.org/tracker/DSA-6024-1

Categories: Security

DSA-6023-1 tiff - security update

10 October, 2025 - 00:00

It was discovered that missing input sanitising in the libtiff library could result in denial of service or potentially the execution of arbitrary code if malformed image files are processed.

https://security-tracker.debian.org/tracker/DSA-6023-1

Categories: Security

DSA-6022-1 valkey - security update

9 October, 2025 - 00:00

Multiple security issues were discovered in the Lua scripting interface of Valkey, a persistent key-value database, which could result in the execution of arbitrary code or denial of service.

https://security-tracker.debian.org/tracker/DSA-6022-1

Categories: Security

DSA-6021-1 chromium - security update

9 October, 2025 - 00:00

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

https://security-tracker.debian.org/tracker/DSA-6021-1

Categories: Security

DSA-6020-1 redis - security update

8 October, 2025 - 00:00

Multiple security issues were discovered in the Lua scripting interface of Redis, a persistent key-value database, which could result in the execution of arbitrary code or denial of service.

https://security-tracker.debian.org/tracker/DSA-6020-1

Categories: Security

DSA-6019-1 dovecot - security update

5 October, 2025 - 00:00

A flaw with the authentication cache management was discovered in the Dovecot email server, which could result in users being logged in as the wrong user in certain configurations.

https://security-tracker.debian.org/tracker/DSA-6019-1

Categories: Security

DSA-6018-1 gegl - security update

3 October, 2025 - 00:00

A buffer overflow was discovered in the RGBE/HDR parser of GEGL, a graph-based image processing library, which could result in denial of service or the execution of arbitrary code if malformed files are processed.

https://security-tracker.debian.org/tracker/DSA-6018-1

Categories: Security

DSA-6017-1 haproxy - security update

3 October, 2025 - 00:00

Oula Kivalo reported that HAProxy, a fast and reliable load balancing reverse proxy, is prone to a denial of service vulnerability when parsing JSON numbers.

https://security-tracker.debian.org/tracker/DSA-6017-1

Categories: Security

DSA-6016-1 chromium - security update

2 October, 2025 - 00:00

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

https://security-tracker.debian.org/tracker/DSA-6016-1

Categories: Security

DSA-6015-1 openssl - security update

1 October, 2025 - 00:00

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit, which may result in denial of service or information leaks.

Additional details can be found in the upstream advisory: https://openssl-library.org/news/secadv/20250930.txt

https://security-tracker.debian.org/tracker/DSA-6015-1

Categories: Security

DSA-6014-1 gimp - security update

28 September, 2025 - 00:00

Several vulnerabilities were discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service or potentially the execution of arbitrary code if malformed Farbfeld, Wireless Bitmap, DICOM or Apple Icon images are opened.

https://security-tracker.debian.org/tracker/DSA-6014-1

Categories: Security

You are here

DSA-6033-1 bind9 - security update

DSA-6032-1 request-tracker4 - security update

DSA-6031-1 request-tracker5 - security update

DSA-6030-1 intel-microcode - security update

DSA-6029-1 ark - security update

DSA-6028-1 lxd - security update

DSA-6027-1 incus - security update

DSA-6026-1 chromium - security update

DSA-6025-1 firefox-esr - security update

DSA-6024-1 ghostscript - security update

DSA-6023-1 tiff - security update

DSA-6022-1 valkey - security update

DSA-6021-1 chromium - security update

DSA-6020-1 redis - security update

DSA-6019-1 dovecot - security update

DSA-6018-1 gegl - security update

DSA-6017-1 haproxy - security update

DSA-6016-1 chromium - security update

DSA-6015-1 openssl - security update

DSA-6014-1 gimp - security update

Pages

Services

Books

Open & Distributed WOW