#debian

Debian Linux Security Advisory 5682-2 - The update for glib2.0 released as DSA 5682-1 caused a regression in ibus affecting text entry with non-trivial input methods. Updated glib2.0 packages are available to correct this issue.

Debian Linux Security Advisory 5685-1 - Several security vulnerabilities have been discovered in Wordpress, a popular content management framework, which may lead to exposure of sensitive information to an unauthorized actor in WordPress or allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack.

Debian Linux Security Advisory 5683-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Linux Security Advisory 5682-1 - Alicia Boya Garcia reported that the GDBus signal subscriptions in the GLib library are prone to a spoofing vulnerability. A local attacker can take advantage of this flaw to cause a GDBus-based client to behave incorrectly, with an application-dependent impact.

Debian Linux Security Advisory 5679-1 - Several vulnerabilities were discovered in less, a file pager, which may result in the execution of arbitrary commands if a file with a specially crafted file name is processed.

Debian Linux Security Advisory 5678-1 - Several vulnerabilities were discovered in nscd, the Name Service Cache Daemon in the GNU C library which may lead to denial of service or the execution of arbitrary code.

Debian Linux Security Advisory 5677-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in information disclosure, denial of service or the execution of arbitrary code.

Debian Linux Security Advisory 5676-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

March 29, 2024 is a day that will hardly be forgotten by the open source community: Andres Freund disclosed his findings about the compromise in the xz compression library, which would enable an attacker to silently gain access to a targeted affected system. How did that coordination work under the hood? In this article we will give a behind the scenes glimpse into what this looked like at Red Hat.DiscoveryOn Wednesday, March 27, Andres contacted the Debian security team via their contact email ([email protected]) and let them know about the oddities he found in a SSH slowdown when using a n

Debian Linux Security Advisory 5675-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.