Debian Linux Security LinuxSecurity Advisories is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals.
LinuxSecurity Advisories LinuxSecurity.com is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the commu
- Debian: DSA-5647-1: samba security updateon March 24, 2024 at 8:21 pm
Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service or information disclosure.
- Debian: DSA-5646-1: cacti security updateon March 24, 2024 at 1:01 pm
Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, or command injection.
- Debian: DSA-5645-1: firefox-esr security updateon March 23, 2024 at 8:10 pm
Manfred Paul discovered a flaw in the Mozilla Firefox web browser, allowing an attacker to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process.
- Debian: DSA-5644-1: thunderbird security updateon March 21, 2024 at 7:21 pm
Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or leaks of encrypted email subjects.
- Debian: DSA-5643-1: firefox-esr security updateon March 21, 2024 at 7:19 pm
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure, bypass of content security policies or spoofing.
- Debian: DSA-5626-2: pdns-recursor regression updateon March 20, 2024 at 7:17 pm
One of the upstream changes in the update released as DSA 5626 contained a regression in the zoneToCache function. Updated pdns-recursor packages are available to correct this issue.
- Debian: DSA-5642-1: php-dompdf-svg-lib security updateon March 20, 2024 at 7:11 pm
Three security issues were discovered in php-svg-lib, a PHP library to read, parse and export to PDF SVG files, which could result in denial of service, restriction bypass or the execution of arbitrary code.
- Debian: DSA-5641-1: fontforge security updateon March 19, 2024 at 8:51 pm
It was discovered that fontforge, a font editor, is prone to shell command injection vulnerabilities when processing specially crafted files. For the oldstable distribution (bullseye), these problems have been fixed
- Debian: DSA-5632-1: composer security updateon March 15, 2024 at 9:05 am
It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should