Debian Security

Warning: Invalid argument supplied for foreach() in /var/www/vhosts/webfactories.de/httpdocs/modules/mod_jw_srfr/helper.php on line 42

Debian: Thunderbird Critical Arbitrary Code Exec DSA-6103-1 CVE-2025-14327
Stay Vigilant with Timely Linux Security Advisories Jan 17, 2026 | 16:51 pm
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the oldstable distribution (bookworm), these problems have been fixed in version 1:140.7.0esr-1~deb12u1. For the stable distribution (trixie), these problems have been fixed in
Read more...
Debian: python-urllib3 Important Denial of Service DSA-6102-1
Stay Vigilant with Timely Linux Security Advisories Jan 17, 2026 | 11:25 am
Several vulnerabilities were discovered in python-urllib3, a HTTP library with thread-safe connection pooling for Python3, which could result in denial of service or request forgery. For the oldstable distribution (bookworm), these problems have been fixed in version 1.26.12-1+deb12u2.
Read more...
Debian: firefox-esr Important Sandbox Escape and Code Exec DSA-6101-1
Stay Vigilant with Timely Linux Security Advisories Jan 15, 2026 | 19:42 pm
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, information disclosure or spoofing. For the oldstable distribution (bookworm), these problems have been fixed in version[…]
Read more...
Debian Bookworm: Chromium Low Denial Of Service Risk DSA-6100-1
Stay Vigilant with Timely Linux Security Advisories Jan 15, 2026 | 03:59 am
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 144.0.7559.59-1~deb12u1.
Read more...
Debian: python-parsl Important SQL Injection Fix DSA-6099-1 CVE-2026-21892
Stay Vigilant with Timely Linux Security Advisories Jan 14, 2026 | 07:58 am
Viral Vaghela discovered an SQL injection vulnerability in Parsl, a parallel scripting library for Python. For the stable distribution (trixie), this problem has been fixed in version 2025.01.13+ds-1+deb13u1. We recommend that you upgrade your python-parsl packages.
Read more...
Debian: net-snmp Critical Denial of Service and Code Exec DSA-6098-1
Stay Vigilant with Timely Linux Security Advisories Jan 12, 2026 | 19:52 pm
A vulnerability was discovered in the snmptrapd daemon in net-snmp, a suite of Simple Network Management Protocol applications, which could result in denial of service or the execution of arbitrary code. For the oldstable distribution (bookworm), this problem has been[…]
Read more...
Debian: Chromium Critical Arbitrary Code Execution DSA-6097-1
Stay Vigilant with Timely Linux Security Advisories Jan 10, 2026 | 03:32 am
A security issue was discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), this problem has been fixed in version 143.0.7499.192-1~deb12u1.
Read more...
Debian: VLC DSA-6096-1 Denial of Service and Code Exec Fix
Stay Vigilant with Timely Linux Security Advisories Jan 8, 2026 | 20:00 pm
Multiple vulnerabilities were discovered in the VLC media player, which could result in denial of service or potentially the execution of arbitrary code if a malformed video file is opened. For the oldstable distribution (bookworm), this problem has been fixed[…]
Read more...
Debian: Critical Firewall Unauthorized Config Alteration DSA-6095-1
Stay Vigilant with Timely Linux Security Advisories Jan 7, 2026 | 19:16 pm
Matthias Gerstner discovered two vulnerabilities in the Foomuuri firewall generator, which could result in tampering of the firewall configuration by unauthorised users. For the stable distribution (trixie), these problems have been fixed in version 0.27-2+deb13u1.
Read more...
Debian Bookworm: Libsodium Critical Crypto Core Integrity Issue DSA-6094-1
Stay Vigilant with Timely Linux Security Advisories Jan 5, 2026 | 19:33 pm
It was discovered that the crypto_core_ed25519_is_valid_point() function of the Sodium cryptography library mishandled checks for valid elliptic curve points. For the oldstable distribution (bookworm), this problem has been fixed in version 1.0.18-1+deb12u1.
Read more...
Debian Bookworm: GIMP Important Denial Of Service DSA-6093-1 CVE-2025-14422
Stay Vigilant with Timely Linux Security Advisories Jan 4, 2026 | 19:38 pm
Several vulnerabilities were discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service or potentially the execution of arbitrary code if malformed XCF, JPEG 2000 or PNM files are opened. For the oldstable distribution (bookworm),[…]
Read more...
Debian Trixie: DSA-6092-1 smb4k Critical Local Privilege Escalation
Stay Vigilant with Timely Linux Security Advisories Jan 1, 2026 | 22:26 pm
Two vulnerabilities were discovered in smb4k, a KDE desktop utility which allows unprivileged mounting of Samba/CIFS network shares, which may result in local denial of service or local privilege escalation. For the stable distribution (trixie), these problems have been fixed[…]
Read more...
Debian: Rails Severe Command Manipulation DSA-6090-2 CVE-2025-24294
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 15:51 pm
Multiple security issues were discovered in the Rails web framework which could result in command injection or logging of unescaped ANSI sequences. For the oldstable distribution (bookworm), these problems have been fixed in version 2:6.1.7.10+dfsg-1~deb12u2.
Read more...
Debian Trixie WordPress Security Advisory DSA-6091-1 for CVE-2025-58246
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 14:54 pm
Multiple security issues were discovered in the WordPress blogging tool, which could result in cross-site scripting or information disclosure. For the stable distribution (trixie), these problems have been fixed in version 6.8.3+dfsg1-0+deb13u1. We recommend that you upgrade your wordpress packages.
Read more...
Debian: Chromium Important Code Exec and Info Disclosure DSA-6089-1
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 11:55 am
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 143.0.7499.169-1~deb12u1.
Read more...
Debian Trixie: php8.4 Important DoS Memory Disclosure DSA-6088-1
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 11:38 am
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or memory disclosure. For the stable distribution (trixie), these problems have been fixed in version 8.4.16-1~deb13u1.
Read more...
Debian: Roundcube Important XSS and Information Leak Fix DSA-6087-1
Stay Vigilant with Timely Linux Security Advisories Dec 19, 2025 | 21:32 pm
It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability via the animate tag in an SVG document and a information disclosure vulnerability in the HTML style sanitizer. For[…]
Read more...
Debian: MediaWiki DSA-6085-1 Security Updates for DoS and XSS
Stay Vigilant with Timely Linux Security Advisories Dec 19, 2025 | 19:30 pm
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, information disclosure, missing rate limiting or denial of service. For the oldstable distribution (bookworm), these problems have been fixed in version[…]
Read more...
Debian Trixie: c-ares Critical Denial of Service Advisory DSA-6084-1
Stay Vigilant with Timely Linux Security Advisories Dec 18, 2025 | 13:49 pm
It was discovered that c-ares, a library that performs DNS requests and name resolution asynchronously, does not properly handle termination of queries which may result in denial of service. For the stable distribution (trixie), this problem has been fixed in[…]
Read more...