Debian Security

Warning: Invalid argument supplied for foreach() in /var/www/vhosts/webfactories.de/httpdocs/modules/mod_jw_srfr/helper.php on line 42

Debian Trixie cpp-httplib Critical Denial of Service DSA-6228-1
Stay Vigilant with Timely Linux Security Advisories Apr 22, 2026 | 13:04 pm
Multiple security issues were discovered in cpp-httplib, a C++ cross platform HTTP/HTTPS library, which could result in denial of service. For the stable distribution (trixie), these problems have been fixed in version 0.18.7-1+deb13u1. We recommend that you upgrade your cpp-httplib[…]
Read more...
Debian DSA-6227-1 StrongSwan Critical Infinite Loop Crash Vulnerabilities
Stay Vigilant with Timely Linux Security Advisories Apr 22, 2026 | 12:57 pm
Multiple vulnerabilities were fixed in strongSwan, an IKE/IPsec suite. CVE-2026-35328 A vulnerability in libtls related to the processing of the supported_versions extension in TLS that can result in an infinite loop.
Read more...
Debian Bookworm PackageKit Local Privilege Escalation Advisory DSA-6226-1
Stay Vigilant with Timely Linux Security Advisories Apr 22, 2026 | 12:26 pm
Maik Schaefer discovered that a TOCTOU race condition in PackageKit (a package management service over a DBus interface) could result in local privilege escalation. For the oldstable distribution (bookworm), this problem has been fixed in version 1.2.6-5+deb12u1.
Read more...
Debian DSA-6225-1 firefox-esr Important Arbitrary Code Exec
Stay Vigilant with Timely Linux Security Advisories Apr 22, 2026 | 11:12 am
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing, information disclosure or privilege escalation. For the oldstable distribution (bookworm), these problems have been fixed in version[…]
Read more...
Debian DSA-6223-1 Flatpak Important Code Execution Risks
Stay Vigilant with Timely Linux Security Advisories Apr 22, 2026 | 08:43 am
Multiple security vulnerabilities were discovered in Flatpak, an application deployment framework for desktop apps, which could allow a Flatpak app to delete arbitrary hosts on the host or break out of the sandbox resulting in code execution in the host[…]
Read more...
Debian DSA-6222-1 ngtcp2 Important Buffer Overflow CVE-2026-40170
Stay Vigilant with Timely Linux Security Advisories Apr 21, 2026 | 18:29 pm
Zou Dikai discovered a buffer overflow in ngtcp2, a QUIC protocol library. For the oldstable distribution (bookworm), this problem has been fixed in version 0.12.1+dfsg-1+deb12u1. For the stable distribution (trixie), this problem has been fixed in version 1.11.0-1+deb13u1.
Read more...
Debian DSA-6221-1 NTFS-3G Critical Buffer Overflow Privilege Escalation
Stay Vigilant with Timely Linux Security Advisories Apr 21, 2026 | 14:41 pm
Andrea Bocchetti discovered a heap-based buffer overflow in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of this flaw for local root privilege escalation. For the oldstable distribution (bookworm), this problem has been fixed in[…]
Read more...
Debian DSA-6220-1 SimpleEval Important Sandbox Bypass CVE-2026-32640
Stay Vigilant with Timely Linux Security Advisories Apr 20, 2026 | 19:04 pm
Byambadalai Sumiya discovered that SimpleEval, a library for adding evaluatable expressions into Python projects, didn't fully restrict some module references, resulting in sandbox bypass. For the oldstable distribution (bookworm), this problem has been fixed in version 0.9.12-1+deb12u1.
Read more...
Debian Trixie pillow Important DoS Risk DSA-6219-1 CVE-2026-40192
Stay Vigilant with Timely Linux Security Advisories Apr 19, 2026 | 18:22 pm
It was discovered that missing input sanitising in the FITS support of Pillow, a Python imaging library, could result in denial of service. The oldstable distribution (bookworm) is not affected. For the stable distribution (trixie), this problem has been fixed[…]
Read more...
Ubuntu DSA-7219-1 Ghostscript Severe Buffer Underflow DDoS CVE-2026-4401
Stay Vigilant with Timely Linux Security Advisories Apr 18, 2026 | 15:11 pm
A heap-based buffer overflow flaw was discovered in MuPDF, a lightweight PDF viewer, which may result in denial of service or the execution of arbitrary code if malformed documents are opened. For the oldstable distribution (bookworm), this problem has been[…]
Read more...
Debian DSA-6217-1 Luanti Important Sandbox Escape Security Issues
Stay Vigilant with Timely Linux Security Advisories Apr 17, 2026 | 21:19 pm
Two security issues were discovered in Luanti, a multiplayer infinite-world block sandbox game, which could result in incomplete restrictions for installed mods or sandbox escape. For the stable distribution (trixie), these problems have been fixed in version 5.10.0+dfsg-5+deb13u1.
Read more...
Debian Bookworm DSA-6215-1 GIMP Important Denial of Service
Stay Vigilant with Timely Linux Security Advisories Apr 17, 2026 | 21:18 pm
Several vulnerabilities were discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service or potentially the execution of arbitrary code if malformed PSP, JPEG 2000, PSD or ANI files are opened. For the oldstable distribution[…]
Read more...
Debian Bookworm Chromium Critical Code Execution DoS Advisory DSA-6214-1
Stay Vigilant with Timely Linux Security Advisories Apr 17, 2026 | 08:31 am
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 147.0.7727.101-1~deb12u1.
Read more...
Debian DSA-6212-1 Incus Important Privilege Escalation Issues
Stay Vigilant with Timely Linux Security Advisories Apr 15, 2026 | 19:16 pm
Two security issues were discovered in Incus, a system container and virtual machine manager, which could result in restriction bypass or privilege escalation. For the stable distribution (trixie), these problems have been fixed in version 6.0.4-2+deb13u6.
Read more...
Debian DSA-6211-1 Thunderbird Important Exec Code Security Risk
Stay Vigilant with Timely Linux Security Advisories Apr 14, 2026 | 20:43 pm
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the oldstable distribution (bookworm), these problems have been fixed in version 1:140.9.1esr-1~deb12u1. For the stable distribution (trixie), these problems have been fixed in
Read more...
Debian Bookworm Imagemagick Important Code Execution Risks DSA-6210-1
Stay Vigilant with Timely Linux Security Advisories Apr 14, 2026 | 20:29 pm
Multiple security vulnerabilities were discovered in imagemagick, a software suite used for editing and manipulating digital images, which could lead to symlink races, information leaks, denial of service and potentially arbitrary code execution. For the oldstable distribution (bookworm), these problems[…]
Read more...
Debian xdg-dbus-proxy Critical Info Disclosure Vuln DSA-6209-1
Stay Vigilant with Timely Linux Security Advisories Apr 13, 2026 | 20:41 pm
It was discovered that incorrect parsing of policy rules in the xdg-dbus-proxy (a filtering proxy for D-Bus connections) allowed the bypass of eavesdrop restrictions, which could result in information disclosure. For the stable distribution (trixie), this problem has been fixed[…]
Read more...