Debian Security

Debian 12 13 ruby-rack Critical XSS Directory Traversal DSA-6180-1
Stay Vigilant with Timely Linux Security Advisories Mar 26, 2026 | 21:45 pm
Two security issues (cross-site scripting and directory traversal) were found in Rack, an interface for developing web applications in Ruby. For the oldstable distribution (bookworm), these problems have been fixed in version 2.2.22-0+deb12u1. For the stable distribution (trixie), these problems[…]
Read more...
Debian Bookworm Thunderbird Critical Info Leak and Code Exec DSA-6179-1
Stay Vigilant with Timely Linux Security Advisories Mar 26, 2026 | 20:00 pm
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 1:140.9.0esr-1~deb12u1. For the stable distribution (trixie), these problems have[…]
Read more...
Debian Bookworm Firefox ESR Critical Security Issues DSA-6178-1
Stay Vigilant with Timely Linux Security Advisories Mar 25, 2026 | 22:13 pm
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, information disclosure, denial of service or privilege escalation. For the oldstable distribution (bookworm), these problems have[…]
Read more...
Debian Bookworm Chromium Critical Code Exec Info Disclosure DSA-6177-1
Stay Vigilant with Timely Linux Security Advisories Mar 25, 2026 | 07:53 am
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 146.0.7680.164-1~deb12u1.
Read more...
Debian DSA-6176-1 strongSwan Critical DoS Integer Underflow CVE-2026-25075
Stay Vigilant with Timely Linux Security Advisories Mar 23, 2026 | 18:07 pm
Kazuma Matsumoto discovered an integer overflow bug in the EAP-TTLS plugin of strongSwan, an IKE/IPsec suite. The EAP-TTLS plugin doesn't check the length field in the header of attribute-value pairs (AVPs) tunneled in EAP-TTLS, which can cause an integer underflow[…]
Read more...
Debian DSA-6175-1 libyaml-syck-perl Severe Denial of Service and Code Exec
Stay Vigilant with Timely Linux Security Advisories Mar 22, 2026 | 19:43 pm
Several vulnerabilities were discovered in libyaml-syck-perl, a Perl module providing a fast, lightweight YAML loader and dumper, which may result in denial of service and potentially arbitrary code execution. For the oldstable distribution (bookworm), this problem has been fixed in[…]
Read more...
Ubuntu Jammy SPIP Security Vulnerability Identified as CVE-2023-4567
Stay Vigilant with Timely Linux Security Advisories Mar 22, 2026 | 09:40 am
Jul Blobul discovered that SPIP, a website engine for publishing, is prone to a privilege escalation vulnerability. For the stable distribution (trixie), this problem has been fixed in version 4.4.13+dfsg-0+deb13u1. We recommend that you upgrade your spip packages.
Read more...
Debian Bookworm Freeciv Critical DoS Issue DSA-6173-1 CVE-2026-33250
Stay Vigilant with Timely Linux Security Advisories Mar 21, 2026 | 20:07 pm
Louis Moureaux discovered that incorrect packet processing in the game server of Freeciv, a free clone of the turn based strategy game Civilization, could result in denial of service. For the oldstable distribution (bookworm), this problem has been fixed in[…]
Read more...
Debian webkit2gtk Critical Process Crash and DoS Advisory DSA-6172-1
Stay Vigilant with Timely Linux Security Advisories Mar 21, 2026 | 11:11 am
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-43214 shandikri discovered that processing maliciously crafted web content may lead to an unexpected process crash.
Read more...
Debian Bookworm Chromium Important Security Issues DSA-6171-1
Stay Vigilant with Timely Linux Security Advisories Mar 20, 2026 | 22:17 pm
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 146.0.7680.153-1~deb12u1.
Read more...