NTLUG | Debian / Debian browse

<< Mandriva | Distributions | Gentoo >>

On this page... (hide)

Community
Support
Debian Planet
Debian Security Notices
Debian Forum at linuxquestions.org

Community

Support

Debian Planet

Error: It's not possible to reach RSS file http://planet.debian.net/rss20.xml ...

Debian Security Notices

DSA-6074-1 webkit2gtk - security update
The following vulnerabilities have been discovered in the WebKitGTKweb engine:
CVE-2025-13947
Janet Black discovered that a website may be able to exfiltrate sensitive system information.
CVE-2025-43421
Nan Wang discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43458
Phil Beauvoir discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-66287
Stanislav Fort discovered that processing maliciously crafted web content may lead to an unexpected process crash.
https://security-tracker.debian.org/tracker/DSA-6074-1

DSA-6073-1 ffmpeg - security update
Several vulnerabilities have been discovered in the FFmpeg multimediaframework, which could result in denial of service or potentially theexecution of arbitrary code if malformed files/streams are processed.
https://security-tracker.debian.org/tracker/DSA-6073-1

DSA-6072-1 chromium - security update
Security issues were discovered in Chromium which could resultin the execution of arbitrary code, denial of service, or informationdisclosure.
https://security-tracker.debian.org/tracker/DSA-6072-1

DSA-6071-1 unbound - security update
It was discovered that incorrect handling of promiscuous NS RRSets inUnbound, a validating, recursive, caching DNS resolver, could result incache poisoning.
https://security-tracker.debian.org/tracker/DSA-6071-1

DSA-6070-1 webkit2gtk - security update
The following vulnerabilities have been discovered in the WebKitGTKweb engine:
CVE-2025-43392
Tom Van Goethem discovered that a website may exfiltrate image data cross-origin.
CVE-2025-43425
An anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43427
Gary Kwong and rheza discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43429
Google Big Sleep discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43430
Google Big Sleep discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43431
Google Big Sleep discovered that processing maliciously crafted web content may lead to memory corruption.
CVE-2025-43432
Hossein Lotfi discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43434
Google Big Sleep discovered that processing maliciously crafted web content may lead to an unexpected browser crash.
CVE-2025-43440
Nan Wang discovered that processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43443
An anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected process crash.
https://security-tracker.debian.org/tracker/DSA-6070-1

DSA-6069-1 openvpn - security update
It was discovered that openvpn, a virtual private network application,does not properly handle HMAC verification checks. A remote attacker cantake advantage of this flaw to bypass source IP address validation.
https://security-tracker.debian.org/tracker/DSA-6069-1

DSA-6068-1 xen - security update
Multiple vulnerabilities have been discovered in the Xen hypervisor,which could result in memory disclosure, denial of service orprivilege escalation.
https://security-tracker.debian.org/tracker/DSA-6068-1

DSA-6067-1 containerd - security update
Two security vulnerabilities were discovered in the Containerd containerruntime, which may result in denial of service or local privilegeescalation.
https://security-tracker.debian.org/tracker/DSA-6067-1

DSA-6066-1 gnome-shell-extension-gsconnect - security update
It was discovered that missing validation of the device ID duringhandshakes in KDE Connect, a tool to integrate smart phones to adesktop, could allow an attacker to impersonate another device.
The oldstable distribution (bookworm) is not affected.
https://security-tracker.debian.org/tracker/DSA-6066-1

DSA-6065-1 krita - security update
It was discovered that a buffer overflow in the TGA parser of Krita, acreative application for raster images, could potentially result in theexecution of arbitrary code if malformed images are opened.
https://security-tracker.debian.org/tracker/DSA-6065-1

DSA-6064-1 tryton-server - security update
Several security vulnerabilities were discovered in the server of theTryton application platform, which could lead to information disclosure.
https://security-tracker.debian.org/tracker/DSA-6064-1

DSA-6063-1 kdeconnect - security update
It was discovered that missing validation of the device ID duringhandshakes in KDE Connect, a tool to integrate smart phones to adesktop, could allow an attacker to impersonate another device.
The oldstable distribution (bookworm) is not affected.
https://security-tracker.debian.org/tracker/DSA-6063-1

DSA-6062-1 pdfminer - security update
A vulnerability was discovered in pdfminer, a tool for extractinginformation from PDF documents, which may result in the execution ofarbitrary code if a specially crafted PDF file is processed.
https://security-tracker.debian.org/tracker/DSA-6062-1

DSA-6061-1 tryton-sao - security update
Abdulfatah Abdillahi discovered a cross-site scripting vulnerability inthe web client of the Tryton application platform.
https://security-tracker.debian.org/tracker/DSA-6061-1

DSA-6060-1 chromium - security update
Security issues were discovered in Chromium which could resultin the execution of arbitrary code, denial of service, or informationdisclosure. Google is aware that an exploit for CVE-2025-13223 existsin the wild.
https://security-tracker.debian.org/tracker/DSA-6060-1

DSA-6059-1 thunderbird - security update
Multiple security issues were discovered in Thunderbird, which couldresult in the execution of arbitrary code.
https://security-tracker.debian.org/tracker/DSA-6059-1

DSA-6058-1 lasso - security update
Keane O'Kelley discovered several vulnerabilities in lasso, a libraryimplementing Liberty Alliance and SAML protocols, which could result indenial of service or the execution of arbitrary code.
https://security-tracker.debian.org/tracker/DSA-6058-1

DSA-6057-1 lxd - security update
It was discovered that LXD, a system container and virtual machinemanager, is prone to a local privilege escalation vulnerability ifunprivileged users are allowed to access LXD through lxd-user.
https://security-tracker.debian.org/tracker/DSA-6057-1

DSA-6056-1 keystone - security update
A vulnerability was discovered in the ec2tokens and s3tokens APIs ofKeystone, the OpenStack identity service, which may result inauthorisation bypass or privilege escalation if /v3/ec2tokens or/v3/s3tokens are reachable by unauthenticated clients.
The Swift object storage service also requires an update to work withthe updated Keystone: The update to Swift is provided as 2.30.1-0+deb12u1for bookworm and 2.35.1-0+deb13u1 for trixie and is backwards-compatiblewith older Keystone versions. As such, it is recommended to first upgradeSwift before deploying the Keystone update.
https://security-tracker.debian.org/tracker/DSA-6056-1

DSA-6055-1 chromium - security update
A security issue was discovered in Chromium which could resultin the execution of arbitrary code, denial of service, or informationdisclosure.
https://security-tracker.debian.org/tracker/DSA-6055-1

DSA-6054-1 firefox-esr - security update
Multiple security issues have been found in the Mozilla Firefox webbrowser, which could potentially result in the execution of arbitrary codeor bypass of the same-origin policy.
https://security-tracker.debian.org/tracker/DSA-6054-1

DSA-6053-1 linux - security update
Several vulnerabilities have been discovered in the Linux kernel thatmay lead to a privilege escalation, denial of service or informationleaks.
https://security-tracker.debian.org/tracker/DSA-6053-1

DSA-6052-1 rust-sudo-rs - security update
Two security issues were discovered in sudo-rs, a Rust-based implementionof sudo (and su), which could result in the local disclosure of partiallytyped passwords or an authentication bypass in some targetpw/rootpwconfigurations.
https://security-tracker.debian.org/tracker/DSA-6052-1

DSA-6051-1 incus - security update
It was discovered that Incus, a system container and virtual machinemanager, is prone to a local privilege escalation vulnerabilityunprivileged users are allowed access to Incus through incus-user.
https://security-tracker.debian.org/tracker/DSA-6051-1

DSA-6050-1 chromium - security update
Security issues were discovered in Chromium which could resultin the execution of arbitrary code, denial of service, or informationdisclosure.
https://security-tracker.debian.org/tracker/DSA-6050-1

DSA-6049-1 gimp - security update
A buffer overflow was discovered in GIMP, the GNU Image ManipulationProgram, which could result in denial of service or potentially theexecution of arbitrary code if malformed XWD images are opened.
https://security-tracker.debian.org/tracker/DSA-6049-1

DSA-6048-1 ruby-rack - security update
Multiple security issues were found in Rack, an interface for developingweb applications in Ruby, which could result in denial of service orproxy bypass.
https://security-tracker.debian.org/tracker/DSA-6048-1

DSA-6047-1 squid - security update
Leonardo Giovanni discovered that missing redaction of authenticationdata in the Squid proxy caching server could result in informationdisclosure.
https://security-tracker.debian.org/tracker/DSA-6047-1

DSA-6046-1 chromium - security update
Security issues were discovered in Chromium which could resultin the execution of arbitrary code, denial of service, or informationdisclosure.
https://security-tracker.debian.org/tracker/DSA-6046-1

DSA-6045-1 pdns-recursor - security update
Two vulnerabiliites have been discovered in PDNS Recursor, a resolvingname server: Delegation information was insufficiently validated, whichcould result in cache pollution.
These changes are too intrusive to be backported to the version ofthe PDNS recursor in the oldstable distribution (bookworm). Foraffected setups an update to Debian stable/trixie is recommended,no further security updates for pdns-recursor in Bookworm will be issued.
https://security-tracker.debian.org/tracker/DSA-6045-1

Community

Support

Debian Planet

Debian Security Notices

Debian Forum at linuxquestions.org