Debian Security

Warning: Invalid argument supplied for foreach() in /var/www/vhosts/webfactories.de/httpdocs/modules/mod_jw_srfr/helper.php on line 42

Debian: Rails Severe Command Manipulation DSA-6090-2 CVE-2025-24294
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 15:51 pm
Multiple security issues were discovered in the Rails web framework which could result in command injection or logging of unescaped ANSI sequences. For the oldstable distribution (bookworm), these problems have been fixed in version 2:6.1.7.10+dfsg-1~deb12u2.
Read more...
Debian Trixie WordPress Security Advisory DSA-6091-1 for CVE-2025-58246
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 14:54 pm
Multiple security issues were discovered in the WordPress blogging tool, which could result in cross-site scripting or information disclosure. For the stable distribution (trixie), these problems have been fixed in version 6.8.3+dfsg1-0+deb13u1. We recommend that you upgrade your wordpress packages.
Read more...
Debian: Chromium Important Code Exec and Info Disclosure DSA-6089-1
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 11:55 am
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 143.0.7499.169-1~deb12u1.
Read more...
Debian Trixie: php8.4 Important DoS Memory Disclosure DSA-6088-1
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 11:38 am
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or memory disclosure. For the stable distribution (trixie), these problems have been fixed in version 8.4.16-1~deb13u1.
Read more...
Debian: Roundcube Important XSS and Information Leak Fix DSA-6087-1
Stay Vigilant with Timely Linux Security Advisories Dec 19, 2025 | 21:32 pm
It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability via the animate tag in an SVG document and a information disclosure vulnerability in the HTML style sanitizer. For[…]
Read more...
Debian: MediaWiki DSA-6085-1 Security Updates for DoS and XSS
Stay Vigilant with Timely Linux Security Advisories Dec 19, 2025 | 19:30 pm
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, information disclosure, missing rate limiting or denial of service. For the oldstable distribution (bookworm), these problems have been fixed in version[…]
Read more...
Debian Trixie: c-ares Critical Denial of Service Advisory DSA-6084-1
Stay Vigilant with Timely Linux Security Advisories Dec 18, 2025 | 13:49 pm
It was discovered that c-ares, a library that performs DNS requests and name resolution asynchronously, does not properly handle termination of queries which may result in denial of service. For the stable distribution (trixie), this problem has been fixed in[…]
Read more...
Debian: webkit2gtk Important Memory Corruption Issues DSA-6083-1
Stay Vigilant with Timely Linux Security Advisories Dec 18, 2025 | 08:22 am
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-14174 Apple and the Google Threat Analysis Group discovered that processing maliciously crafted web content may lead to memory
Read more...
Debian: vlc Critical Denial of Service and Code Execution DSA-6082-1
Stay Vigilant with Timely Linux Security Advisories Dec 14, 2025 | 19:42 pm
Multiple vulnerabilities were discovered in the VLC media player, which could result in denial of service or potentially the execution of arbitrary code if a malformed video file is opened. For the oldstable distribution (bookworm), this problem has been fixed[…]
Read more...
Debian: Thunderbird Critical Arbitrary Code Exec DSA-6081-1 CVE-2025-14321
Stay Vigilant with Timely Linux Security Advisories Dec 14, 2025 | 11:11 am
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the oldstable distribution (bookworm), these problems have been fixed in version 1:140.6.0esr-1~deb12u1. For the stable distribution (trixie), these problems have been fixed in
Read more...
Debian: Chromium Important DSA-6080-1 Code Exec DoS Issues
Stay Vigilant with Timely Linux Security Advisories Dec 12, 2025 | 12:16 pm
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. An additional CVE (that has yet to be assigned) is fixed in this release; Google is aware of an[…]
Read more...
Debian: Important DoS Vulnerabilities in FFmpeg DSA-6080-1 Advisory
Stay Vigilant with Timely Linux Security Advisories Dec 10, 2025 | 22:27 pm
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. For the oldstable distribution (bookworm), this problem has been fixed in[…]
Read more...
Debian: firefox-esr Critical Privilege Escalation DSA-6078-1 CVE-2025-14321
Stay Vigilant with Timely Linux Security Advisories Dec 10, 2025 | 22:23 pm
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, same-origin policy bypass or privilege escalation. For the oldstable distribution (bookworm), these problems have been fixed[…]
Read more...
Debian: pdns-recursor Critical Denial of Service Vulnerability DSA-6077-1
Stay Vigilant with Timely Linux Security Advisories Dec 10, 2025 | 09:49 am
Insufficient validation of incoming notifies over TCP in PDNS Recursor, a resolving name server, could result in denial of service. For the stable distribution (trixie), this problem has been fixed in version 5.2.7-0+deb13u1. We recommend that you upgrade your pdns-recursor[…]
Read more...
Debian: libpng1.6 Critical Info Leak & DoS Vulnerabilities DSA-6076-1
Stay Vigilant with Timely Linux Security Advisories Dec 10, 2025 | 08:54 am
Several vulnerabilities were reported in the libpng PNG library, which could lead to information leaks, denial of service or potentially the execution of arbitrary code if a specially crafted image is processed. For the oldstable distribution (bookworm), these problems have[…]
Read more...
Debian: WordPress Important XSS and Info Disclosure DSA-6075-1
Stay Vigilant with Timely Linux Security Advisories Dec 9, 2025 | 23:42 pm
Multiple security issues were discovered in the WordPress blogging tool, which could result in cross-site scripting or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 6.1.9+dfsg1-0+deb12u1. We recommend that you upgrade your wordpress packages.
Read more...
Debian: webkit2gtk Critical Info Exfiltration DSA-6074-1 CVE-2025-13947
Stay Vigilant with Timely Linux Security Advisories Dec 9, 2025 | 17:17 pm
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-13947 Janet Black discovered that a website may be able to exfiltrate sensitive system information.
Read more...
Debian Trixie: FFmpeg Critical Denial of Service and Code Exec DSA-6073-1
Stay Vigilant with Timely Linux Security Advisories Dec 7, 2025 | 16:24 pm
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. For the stable distribution (trixie), this problem has been fixed in[…]
Read more...
Debian: Chromium Critical Exec Abuse DoS Info Disclosure DSA-6072-1
Stay Vigilant with Timely Linux Security Advisories Dec 4, 2025 | 21:28 pm
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 143.0.7499.40-1~deb12u1.
Read more...