Debian - SITE - Advanced Web Factories

Debian DSA-5917-1: Critical DoS in libapache2-mod-auth-openidc

Stay Vigilant with Timely Linux Security Advisories May 8, 2025 | 21:01 pm

A vulnerability has been discovered in mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache HTTP server that implements the OpenID Connect Relying Party functionality:

Debian: DSA-5916-1 severe: chromium remote code execution risk

Stay Vigilant with Timely Linux Security Advisories May 7, 2025 | 17:22 pm

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

Debian: DSA-5915-1 critical: vips buffer overflow Denial of Service

Stay Vigilant with Timely Linux Security Advisories May 3, 2025 | 05:35 am

A heap-based buffer overflow vulnerability was discovered in vips, an fast image processing library designed with efficiency in mind, which may result in denial of service (application crash) if a specially crafted TIFF image file is processed.

Debian Bookworm DSA-5914-1 critical: chromium DoS and code exec risk

Stay Vigilant with Timely Linux Security Advisories May 2, 2025 | 01:33 am

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

Debian: DSA-5913-1 critical: openjdk-17 denial of service

Stay Vigilant with Timely Linux Security Advisories May 1, 2025 | 20:32 pm

Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of sandbox restrictions.

Debian: DSA-5912-1 critical: thunderbird arbitrary code execution

Stay Vigilant with Timely Linux Security Advisories May 1, 2025 | 18:12 pm

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure For the stable distribution (bookworm), these problems have been fixed in

Debian: DSA-5911-1 moderate: request tracker information disclosure

Stay Vigilant with Timely Linux Security Advisories Apr 30, 2025 | 21:41 pm

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in information disclosure, cross-site scripting and use of weak encryption for S/MIME emails.

Debian: DSA-5909-1 moderate: request tracker cross-site scripting

Stay Vigilant with Timely Linux Security Advisories Apr 30, 2025 | 21:26 pm

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in information disclosure, cross-site scripting and use of weak encryption for S/MIME emails.

Debian DSA-5909-1 moderate: request tracker information disclosure

Stay Vigilant with Timely Linux Security Advisories Apr 30, 2025 | 21:25 pm

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in information disclosure, cross-site scripting and use of weak encryption for S/MIME emails.

Debian: DSA-5908-1: Critical Issue in LibreOffice PDF Signature Validation

Stay Vigilant with Timely Linux Security Advisories Apr 28, 2025 | 19:20 pm

Juray Sarinay discovered that PDF documents signed with the adbe.pkcs7.sha1 standard were incompletely validated by LibreOffice, which could cause invalid signatures to be accepted as legitimate.

Debian Bookworm: DSA-5907-1 critical: linux kernel information leak

Stay Vigilant with Timely Linux Security Advisories Apr 27, 2025 | 15:37 pm

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Debian: DSA-5906-1 erlang critical: SSH protocol issues

Stay Vigilant with Timely Linux Security Advisories Apr 20, 2025 | 09:23 am

Several vulnerabilities were discovered in the Erlang/OTP implementation of the SSH protocol, which may result in denial of service or the execution of arbitrary code.

Debian: DSA-5905-1 critical issue with GraphicsMagick DoS or Code Exec

Stay Vigilant with Timely Linux Security Advisories Apr 17, 2025 | 20:46 pm

Two vulnerabilities have been discovered in GraphicsMagick, a set of ommand-line applications to manipulate image files, which may result in denial of service or the execution of arbitrary code if malformed image files are processed.

Debian DSA-5904-1: mod_auth_openidc Critical Info Disclosure Fix

Stay Vigilant with Timely Linux Security Advisories Apr 17, 2025 | 19:27 pm

It was discovered that mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache HTTP server that implements the OpenID Connect Relying Party functionality, was susceptible to information disclosure in some configurations

Debian Bookworm: DSA-5903-1 critical: Chromium code execution risks

Stay Vigilant with Timely Linux Security Advisories Apr 17, 2025 | 06:24 am

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

Debian: DSA-5902-1 critical: perl buffer overflow exploitation

Stay Vigilant with Timely Linux Security Advisories Apr 13, 2025 | 13:39 pm

Nathan Mills discovered a heap-based buffer overflow vulnerability in the implementation of the Perl programming language when transliterating non-ASCII bytes with tr///, which may result in denial of service, or potentially the execution of arbitrary code.

Debian DSA-5901-1: addressing security vulnerabilities in mediawiki

Stay Vigilant with Timely Linux Security Advisories Apr 13, 2025 | 12:29 pm

Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in information disclosure, cross-site scripting or restriction bypass.