Debian Linux Security Advisory 5819-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service, CLRF injection or information disclosure.
2481470ddfb4c98e2a69dca6bc10f1fc70bf8a21d5327573eb900cd624ee6b9d
Debian Linux Security Advisory 5818-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
b10cf31b1e59a50271e644e96c8fcafc944012327273a87c01f28f6ddce9d4d0
Debian Linux Security Advisory 5817-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
8bc594abf735e22959a49511e3a91ff6c647f6a7177161ba0f70782c58881269
Debian Linux Security Advisory 5812-2 - The postgresql minor release shipped in DSA 5812 introduced an ABI break, which has been reverted so that extensions do not need to be rebuilt.
119fdfa54487759cb1de347360df65467051a83c5fce14cae4cc4a6a0ec9f835
Debian Linux Security Advisory 5816-1 - The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Perl code for dependencies, allows an attacker to execute arbitrary shell commands via specially crafted file names.
be57e41b4a34c57cf7b234b08605df86cb03fd9a15befc05712e6544727af3bb
Debian Linux Security Advisory 5815-1 - The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable (CVE-2024-48990) or running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable (CVE-2024-48992). Additionally a local attacker can trick needrestart into running a fake Python interpreter (CVE-2024-48991) or cause needrestart to call the Perl module Module::ScanDeps with attacker-controlled files (CVE-2024-11003).
5e41b21d2bd83511831c10a278bb8fee7846b092ba4f682ead33f207de7216f3
Debian Linux Security Advisory 5814-1 - A security issue was discovered in Thunderbird, which could result in the disclosure of OpenPGP encrypted messages.
f4443ed9384523d3abd4c6e094c23140071005acad52f74522bbc76a50c61b13
Debian Linux Security Advisory 5813-1 - Moritz Rauch discovered that the Symfony PHP framework implemented persisted remember-me cookies incorrectly, which could result in authentication bypass.
e9c9a8326794040dd9177127445ba714c9333b88e1f6e6b41a6df5985ba53e3e
Debian Linux Security Advisory 5812-1 - Multiple security issues were discovered in PostgreSQL, which may result in the execution of arbitrary code, privilege escalation or log manipulation.
abb6dfdb39e0f1210c77d3a3255391005a7200482ed21d2007d66c5cb1de9267
Debian Linux Security Advisory 5810-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
d32a922b2a8d1eb876c604388b3eb6f5ddd165adb14cc7d91e3d4b65f709a256
Debian Linux Security Advisory 5811-1 - An out-of-bounds write vulnerability when handling crafted streams was discovered in mpg123, a real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2 and 3, which could result in the execution of arbitrary code.
d8e041870369384cf1c57cd3b97f22c616a739f5c0a8d9d88154d1d723d68857
Debian Linux Security Advisory 5809-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to privilege escalation, information disclosure, incorrect validation or an open redirect.
42685e4273634d70bafd4714f19e31d4040f05cb92368cbeef41a2ca9b018002
Debian Linux Security Advisory 5808-1 - Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.
e70bdb1f83b40c199ddc64cb93137bbf95782aeb413c59e47cefffa7b6c905fd
Debian Linux Security Advisory 5807-1 - Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in denial of service or potentially the execution of arbitrary code.
8f3c1b077d0762d3db727e29062fd0df1874643887574964ca236b8411191559
Debian Linux Security Advisory 5806-1 - A heap-based out-of-bounds write vulnerability was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if a specially crafted RAR archive is processed.
fce1169174ab0f1c9d395e5ce9be902d51713b7e713e94db3c679c68e190abfe
Debian Linux Security Advisory 5805-1 - It was discovered that the daemon of the GNU Guix functional package manager was susceptible to privilege escalation.
d7113826f5a012f88420ff55af1ebd35c79c1c1fc958896fbdf57676776927d6
Debian Linux Security Advisory 5804-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. An anonymous researcher, Q1IQ (@q1iqF) and P1umer discovered that processing maliciously crafted web content may lead to an unexpected process crash. Narendra Bhati discovered that processing maliciously crafted web content may prevent Content Security Policy from being enforced.
09f18ef696e1eb6325c7311ab9bc19d836da6ca05df20f1f98f6de0e2e800b67
Debian Linux Security Advisory 5803-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
079f70bc7e6f064ea9b0e37764c72e0f7d88c07e92ff7131333c914928edc323
Debian Linux Security Advisory 5802-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
bfa0893d821d2c527b9d8d6d7cf1bc4c6a8c5e7d84d43de272f4e6263b10c570
Debian Linux Security Advisory 5801-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing or information disclosure.
7663ad350ea4147d8c339e47d4e4c09f18b27dab1f732df508fa0ac88122a418
Debian Linux Security Advisory 5800-1 - Jan-Niklas Sohn discovered that a heap-based buffer overflow in the _XkbSetCompatMap function in the X Keyboard Extension of the X.org X server may result in privilege escalation if the X server is running privileged.
7de4b646e251e2d19beaff13447bea9203d84dff1252032449a7a84e3fe4b164
Debian Linux Security Advisory 5799-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
cf85b1f4e4f9f520fe443ebf928e9a4f94614fd6a0180f5558eb6134dd1c5cb0
Debian Linux Security Advisory 5798-1 - Christoper L. Shannon discovered that the implementation of the OpenWire protocol in Apache ActiveMQ was susceptible to the execution of arbitrary code.
45b67c516cd6f0886ceabd7906d8897cff0b47731379675fc4210f9dc1ea42e3
Debian Linux Security Advisory 5797-1 - Multiple security issues were found in Twisted, an event-based framework for internet applications, which could result in incorrect ordering of HTTP requests or cross-site scripting.
d2e4ef02fb6b8a9e62d5bff06f0ca450918e03b813ca797ca8fd981a18bc4e54
Debian Linux Security Advisory 5796-1 - Multiple security issues were found in libheif, a library to parse HEIF and AVIF files, which could result in denial of service or potentially the execution of arbitrary code.
fbd55cb3a70231c0ea733af2b444856fcbaa51d4b20e4652e5aaaa4d05aa8d9f