Debian Security

Debian: Rails Severe Command Manipulation DSA-6090-2 CVE-2025-24294
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 15:51 pm
Multiple security issues were discovered in the Rails web framework which could result in command injection or logging of unescaped ANSI sequences. For the oldstable distribution (bookworm), these problems have been fixed in version 2:6.1.7.10+dfsg-1~deb12u2.
Read more...
Debian Trixie WordPress Security Advisory DSA-6091-1 for CVE-2025-58246
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 14:54 pm
Multiple security issues were discovered in the WordPress blogging tool, which could result in cross-site scripting or information disclosure. For the stable distribution (trixie), these problems have been fixed in version 6.8.3+dfsg1-0+deb13u1. We recommend that you upgrade your wordpress packages.
Read more...
Debian: Chromium Important Code Exec and Info Disclosure DSA-6089-1
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 11:55 am
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 143.0.7499.169-1~deb12u1.
Read more...
Debian Trixie: php8.4 Important DoS Memory Disclosure DSA-6088-1
Stay Vigilant with Timely Linux Security Advisories Dec 21, 2025 | 11:38 am
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or memory disclosure. For the stable distribution (trixie), these problems have been fixed in version 8.4.16-1~deb13u1.
Read more...
Debian: Roundcube Important XSS and Information Leak Fix DSA-6087-1
Stay Vigilant with Timely Linux Security Advisories Dec 19, 2025 | 21:32 pm
It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability via the animate tag in an SVG document and a information disclosure vulnerability in the HTML style sanitizer. For[…]
Read more...
Debian: MediaWiki DSA-6085-1 Security Updates for DoS and XSS
Stay Vigilant with Timely Linux Security Advisories Dec 19, 2025 | 19:30 pm
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, information disclosure, missing rate limiting or denial of service. For the oldstable distribution (bookworm), these problems have been fixed in version[…]
Read more...
Debian: Urgent Vulnerability in Dropbear DSA-6086-1 CVE-2025-14282
Stay Vigilant with Timely Linux Security Advisories Dec 19, 2025 | 19:30 pm
"Turistu" discovered that incorrect permission handling in the Dropbear SSH server could result in privilege escalation. The oldstable distribution (bookworm) is not affected. For the stable distribution (trixie), this problem has been fixed in version 2025.89-1~deb13u1.
Read more...
Debian Trixie: c-ares Critical Denial of Service Advisory DSA-6084-1
Stay Vigilant with Timely Linux Security Advisories Dec 18, 2025 | 13:49 pm
It was discovered that c-ares, a library that performs DNS requests and name resolution asynchronously, does not properly handle termination of queries which may result in denial of service. For the stable distribution (trixie), this problem has been fixed in[…]
Read more...
Debian: webkit2gtk Important Memory Corruption Issues DSA-6083-1
Stay Vigilant with Timely Linux Security Advisories Dec 18, 2025 | 08:22 am
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-14174 Apple and the Google Threat Analysis Group discovered that processing maliciously crafted web content may lead to memory
Read more...
Debian: vlc Critical Denial of Service and Code Execution DSA-6082-1
Stay Vigilant with Timely Linux Security Advisories Dec 14, 2025 | 19:42 pm
Multiple vulnerabilities were discovered in the VLC media player, which could result in denial of service or potentially the execution of arbitrary code if a malformed video file is opened. For the oldstable distribution (bookworm), this problem has been fixed[…]
Read more...