Debian Security

Debian 2026 Munge Important Buffer Overflow Vuln DSA-6129-1

Stay Vigilant with Timely Linux Security Advisories Feb 10, 2026 | 18:21 pm

Titouan Lazard discovered a buffer overflow vulnerability in munge, an authentication service to create and validate credentials, which may allow local users to leak the MUNGE cryptographic key and forge arbitrary credentials. Additional details can be found in the upstream[…]

Debian Bookworm Shaarli Important Cross-Site Scripting Fix DSA-6128-1

Stay Vigilant with Timely Linux Security Advisories Feb 9, 2026 | 19:36 pm

Moritz Woermann discovered that missing input sanitising in Shaarli, a personal bookmarking service, could result in cross-site scripting. For the oldstable distribution (bookworm), this problem has been fixed in version 0.12.1+dfsg-8+deb12u2. For the stable distribution (trixie), this problem has been[…]

Debian Bookworm Linux Critical Notice DSA-6127-1 Privilege Escalation

Stay Vigilant with Timely Linux Security Advisories Feb 9, 2026 | 19:19 pm

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For the oldstable distribution (bookworm), these problems have been fixed in version 6.1.162-1.

Debian trixie DSA-6126-1 Linux Critical Privilege Escalation DoS

Stay Vigilant with Timely Linux Security Advisories Feb 9, 2026 | 18:21 pm

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For the stable distribution (trixie), these problems have been fixed in version 6.12.69-1.

Debian usbmuxd DSA-6125-1 Path Traversal Risk CVE-2025-66004

Stay Vigilant with Timely Linux Security Advisories Feb 9, 2026 | 16:06 pm

A path traversal vulnerability was discovered in usbmuxd, a multiplexor daemon used to coordinate USB connections from and to Apple devices (iPhone, iPad, iPod). Exploiting this vulnerability enables an unprivileged user to create and delete files named `*.plist` (and, in[…]

Debian Trixie Wireshark Key Denial of Service Vulnerabilities DSA-6124-1

Stay Vigilant with Timely Linux Security Advisories Feb 8, 2026 | 19:52 pm

Multiple vulnerabilities have been discocvered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. For the stable distribution (trixie), these problems have been fixed in version 4.4.13-0+deb13u1.

Debian xrdp Important Buffer Overflow Remote Exec CVE-2025-68670 DSA-6123-1

Stay Vigilant with Timely Linux Security Advisories Feb 7, 2026 | 06:25 am

Denis Skvortsov discovered that xrdp, a Remote Desktop Protocol (RDP) server, was susceptible to an unauthenticated stack-based buffer overflow vulnerability, which may result in remote execution of arbitrary code. For the oldstable distribution (bookworm), this problem has been fixed

Debian Chromium Critical Code Exec DoS Info Disclosure DSA-6122-1

Stay Vigilant with Timely Linux Security Advisories Feb 5, 2026 | 21:16 pm

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 144.0.7559.109-2~deb12u1.

Debian DSA-6121-1 Tomcat11 Important Denial of Service Vulnerabilities

Stay Vigilant with Timely Linux Security Advisories Feb 5, 2026 | 20:56 pm

Several security vulnerabilities have been found in Tomcat 11, a Java web server and servlet engine. This update improves the handling of HTTP/2 connections and corrects various flaws which can lead to uncontrolled resource consumption and a denial of service.[…]

Debian DSA-6120-1 Tomcat10 Serious Vulnerabilities Resource Depletion DoS

Stay Vigilant with Timely Linux Security Advisories Feb 5, 2026 | 20:48 pm

Several security vulnerabilities have been found in Tomcat 10, a Java web server and servlet engine. This update improves the handling of HTTP/2 connections and corrects various flaws which can lead to uncontrolled resource consumption and a denial of service.[…]

Debian Trixie OpenJDK Important Man-in-the-Middle Attacks DSA-6119-1

Stay Vigilant with Timely Linux Security Advisories Feb 5, 2026 | 19:43 pm

Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in incorrect certificate validation, CRLF injection or man-in-the-middle attacks. For the stable distribution (trixie), these problems have been fixed in version 25.0.2+10-1~deb13u2. This version of OpenJDK now[…]

Debian thunderbird Important Info Disclosure Vuln DSA-6118-1 CVE-2026-0818

Stay Vigilant with Timely Linux Security Advisories Feb 3, 2026 | 19:26 pm

A security issue was discovered in Thunderbird, which could result in information disclosure For the oldstable distribution (bookworm), this problem has been fixed in version 1:140.7.1esr-1~deb12u1. For the stable distribution (trixie), this problem has been fixed in

Debian DSA-6117-1 python-django Important SQL Injection DoS CVE-2025-13372

Stay Vigilant with Timely Linux Security Advisories Jan 31, 2026 | 12:32 pm

Multiple security issues were found in Django, a Python web development framework, which could result in SQL injection, directory traversal or denial of service. For the stable distribution (trixie), these problems have been fixed in version 3:4.2.27-0+deb13u1.

Debian Bookworm Chromium Important Security Risk DSA-6116-1 CVE-2026-1504

Stay Vigilant with Timely Linux Security Advisories Jan 30, 2026 | 10:55 am

A security issue was discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), this problem has been fixed in version 144.0.7559.109-1~deb12u1.

Debian DSA-6115-1 GIMP Important Buffer Overflow DoS CVE-2025-15059

Stay Vigilant with Timely Linux Security Advisories Jan 28, 2026 | 23:26 pm

A buffer overflow was discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service or potentially the execution of arbitrary code if malformed PSP images are opened. For the oldstable distribution (bookworm), this problem has[…]

Debian pyasn1 Important Denial of Service Fix DSA-6114-1 CVE-2026-23490

Stay Vigilant with Timely Linux Security Advisories Jan 28, 2026 | 21:44 pm

It was discovered that pyasn1, a generic ASN.1 library for Python, is prone to a denial of service vulnerability, which may result in memory exhaustion from malformed OID/RELATIVE-OID with excessive continuation octets. For the oldstable distribution (bookworm), this problem has[…]

Debian OpenSSL Critical DSA-6113-1 DoS Information Leak Execution

Stay Vigilant with Timely Linux Security Advisories Jan 27, 2026 | 19:47 pm

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit, which may result in denial of service, information leaks, or potentially remote code execution. Additional details can be found in the upstream advisory: https://openssl-library.org/news/secadv/20260127.txt

Critical Issues with Debian Trixie OpenJDK-21 DSA-6112-1 Announcement

Stay Vigilant with Timely Linux Security Advisories Jan 27, 2026 | 07:20 am

Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in incorrect certificate validation, CRLF injection or man-in-the-middle attacks. For the stable distribution (trixie), these problems have been fixed in version 21.0.10+7-1~deb13u1.

Debian Imagemagick Critical DoS Code Exec Vuln DSA-6111-1

Stay Vigilant with Timely Linux Security Advisories Jan 26, 2026 | 22:54 pm

This update fixes multiple vulnerabilities in Imagemagick, which could result in denial of service via MSL scripts or potentially the execution of arbitrary code if malformed XBM images are processed. For the oldstable distribution (bookworm), these problems have been fixed[…]

Debian OpenJDK DSA-6110-1 Critical Cert Validation Man-in-the-Middle Attack

Stay Vigilant with Timely Linux Security Advisories Jan 25, 2026 | 12:39 pm

Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in incorrect certificate validation, CRLF injection or man-in-the-middle attacks. For the oldstable distribution (bookworm), these problems have been fixed in version 17.0.18+8-1~deb12u1.

Beitrag teilen

Das Neueste von Support

Ähnliche Artikel