Debian Security

Warning: Invalid argument supplied for foreach() in /var/www/vhosts/webfactories.de/httpdocs/modules/mod_jw_srfr/helper.php on line 42

Debian Trixie pdns-recursor Important DoS Issues DSA-6234-1
Stay Vigilant with Timely Linux Security Advisories Apr 28, 2026 | 19:03 pm
Multiple vulnerabiliites have been discovered in PDNS Recursor, a resolving name server, which could result in denial of service. For the stable distribution (trixie), these problems have been fixed in version 5.2.9-0+deb13u1. We recommend that you upgrade your pdns-recursor packages.
Read more...
Debian Trixie pdns Important Denial of Service ACL Fix DSA-6233-1
Stay Vigilant with Timely Linux Security Advisories Apr 28, 2026 | 19:02 pm
Multiple security vulnerabilities were discovered in the dnsdist DNS loadbalancer, which could result in denial of service, information disclosure or ACL bypass. For the stable distribution (trixie), these problems have been fixed in version 4.9.14-0+deb13u1.
Read more...
Debian WebKitGTK Critical CVE-2025-46299 App Disclosure March 2026
Stay Vigilant with Timely Linux Security Advisories Apr 28, 2026 | 08:00 am
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-46299 Google Big Sleep discovered that processing maliciously crafted web content may disclose internal states of the app.
Read more...
Debian OpenJDK DSA-6231-1 Important Crypto Key Issues CVE-2026-22007
Stay Vigilant with Timely Linux Security Advisories Apr 27, 2026 | 20:20 pm
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in incorrect generation of cryptographic keys, denial of service, information disclosure, XEE/XEE attacks or incorrect validation of Kerberos credentials. For the stable distribution (trixie), these problems have[…]
Read more...
Debian DSA-6230-1 Chromium Critical Code Exec DoS Fixes
Stay Vigilant with Timely Linux Security Advisories Apr 25, 2026 | 00:09 am
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 147.0.7727.116-1~deb12u1.
Read more...
Debian DSA-6229-1 Thunderbird Critical Code Exec Issues
Stay Vigilant with Timely Linux Security Advisories Apr 24, 2026 | 18:31 pm
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the oldstable distribution (bookworm), these problems have been fixed in version 1:140.10.0esr-1~deb12u1. For the stable distribution (trixie), these problems have been fixed in
Read more...
Debian Trixie cpp-httplib Critical Denial of Service DSA-6228-1
Stay Vigilant with Timely Linux Security Advisories Apr 22, 2026 | 13:04 pm
Multiple security issues were discovered in cpp-httplib, a C++ cross platform HTTP/HTTPS library, which could result in denial of service. For the stable distribution (trixie), these problems have been fixed in version 0.18.7-1+deb13u1. We recommend that you upgrade your cpp-httplib[…]
Read more...
Debian DSA-6227-1 StrongSwan Critical Infinite Loop Crash Vulnerabilities
Stay Vigilant with Timely Linux Security Advisories Apr 22, 2026 | 12:57 pm
Multiple vulnerabilities were fixed in strongSwan, an IKE/IPsec suite. CVE-2026-35328 A vulnerability in libtls related to the processing of the supported_versions extension in TLS that can result in an infinite loop.
Read more...
Debian Bookworm PackageKit Local Privilege Escalation Advisory DSA-6226-1
Stay Vigilant with Timely Linux Security Advisories Apr 22, 2026 | 12:26 pm
Maik Schaefer discovered that a TOCTOU race condition in PackageKit (a package management service over a DBus interface) could result in local privilege escalation. For the oldstable distribution (bookworm), this problem has been fixed in version 1.2.6-5+deb12u1.
Read more...
Debian DSA-6225-1 firefox-esr Important Arbitrary Code Exec
Stay Vigilant with Timely Linux Security Advisories Apr 22, 2026 | 11:12 am
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing, information disclosure or privilege escalation. For the oldstable distribution (bookworm), these problems have been fixed in version[…]
Read more...
Debian DSA-6223-1 Flatpak Important Code Execution Risks
Stay Vigilant with Timely Linux Security Advisories Apr 22, 2026 | 08:43 am
Multiple security vulnerabilities were discovered in Flatpak, an application deployment framework for desktop apps, which could allow a Flatpak app to delete arbitrary hosts on the host or break out of the sandbox resulting in code execution in the host[…]
Read more...
Debian DSA-6222-1 ngtcp2 Important Buffer Overflow CVE-2026-40170
Stay Vigilant with Timely Linux Security Advisories Apr 21, 2026 | 18:29 pm
Zou Dikai discovered a buffer overflow in ngtcp2, a QUIC protocol library. For the oldstable distribution (bookworm), this problem has been fixed in version 0.12.1+dfsg-1+deb12u1. For the stable distribution (trixie), this problem has been fixed in version 1.11.0-1+deb13u1.
Read more...
Debian DSA-6221-1 NTFS-3G Critical Buffer Overflow Privilege Escalation
Stay Vigilant with Timely Linux Security Advisories Apr 21, 2026 | 14:41 pm
Andrea Bocchetti discovered a heap-based buffer overflow in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of this flaw for local root privilege escalation. For the oldstable distribution (bookworm), this problem has been fixed in[…]
Read more...
Debian DSA-6220-1 SimpleEval Important Sandbox Bypass CVE-2026-32640
Stay Vigilant with Timely Linux Security Advisories Apr 20, 2026 | 19:04 pm
Byambadalai Sumiya discovered that SimpleEval, a library for adding evaluatable expressions into Python projects, didn't fully restrict some module references, resulting in sandbox bypass. For the oldstable distribution (bookworm), this problem has been fixed in version 0.9.12-1+deb12u1.
Read more...
Debian Trixie pillow Important DoS Risk DSA-6219-1 CVE-2026-40192
Stay Vigilant with Timely Linux Security Advisories Apr 19, 2026 | 18:22 pm
It was discovered that missing input sanitising in the FITS support of Pillow, a Python imaging library, could result in denial of service. The oldstable distribution (bookworm) is not affected. For the stable distribution (trixie), this problem has been fixed[…]
Read more...
Ubuntu DSA-7219-1 Ghostscript Severe Buffer Underflow DDoS CVE-2026-4401
Stay Vigilant with Timely Linux Security Advisories Apr 18, 2026 | 15:11 pm
A heap-based buffer overflow flaw was discovered in MuPDF, a lightweight PDF viewer, which may result in denial of service or the execution of arbitrary code if malformed documents are opened. For the oldstable distribution (bookworm), this problem has been[…]
Read more...
Debian DSA-6217-1 Luanti Important Sandbox Escape Security Issues
Stay Vigilant with Timely Linux Security Advisories Apr 17, 2026 | 21:19 pm
Two security issues were discovered in Luanti, a multiplayer infinite-world block sandbox game, which could result in incomplete restrictions for installed mods or sandbox escape. For the stable distribution (trixie), these problems have been fixed in version 5.10.0+dfsg-5+deb13u1.
Read more...
Debian DSA-6216-1 OPAM Critical Directory Traversal Issue CVE-2026-41082
Stay Vigilant with Timely Linux Security Advisories Apr 17, 2026 | 21:18 pm
Andrew Nesbitt discovered that .install file directives were insufficiently restricted in OPAM, a package manager for OCaml. This could result in directory traversal out of the package area. For the oldstable distribution (bookworm), this problem has been fixed in version[…]
Read more...