Debian Linux Security

Advisories is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals.

  • Debian: DSA-4891-1: tomcat9 security update
    on April 13, 2021 at 4:47 pm

    Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service. For the stable distribution (buster), these problems have been fixed in

  • Debian: DSA-4890-1: ruby-kramdown security update
    on April 12, 2021 at 3:22 am

    Stan Hu discovered that kramdown, a pure Ruby Markdown parser and converter, performed insufficient namespace validation of Rouge syntax highlighting formatters.

  • Debian: DSA-4889-1: mediawiki security update
    on April 10, 2021 at 11:46 am

    Multiple security issues were found in MediaWiki, a website engine for collaborative work, which could result in incomplete page/blocking protection, denial of service or cross-site scripting.

  • Debian: DSA-4888-1: xen security update
    on April 10, 2021 at 11:38 am

    Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, privilege escalation or memory disclosure.

  • Debian: DSA-4887-1: lib3mf security update
    on April 8, 2021 at 2:27 pm

    A use-after-free was discovered in Lib3MF, a C++ implementation of the 3D Manufacturing Format, which could result in the execution of arbitrary code if a malformed file is opened.

  • Debian: DSA-4886-1: chromium security update
    on April 6, 2021 at 9:38 am

    Several vulnerabilites have been discovered in the chromium web browser. CVE-2021-21159

  • Debian: DSA-4885-1: netty security update
    on April 5, 2021 at 3:06 pm

    Multiple security issues were discovered in Netty, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure.

  • Debian: DSA-4884-1: ldb security update
    on April 2, 2021 at 3:54 am

    Multiple vulnerabilities have been discovered in ldb, a LDAP-like embedded database built on top of TDB. CVE-2020-10730

  • Debian: DSA-4883-1: underscore security update
    on April 1, 2021 at 3:56 pm

    It was discovered that missing input sanitising in the template() function of the Underscore JavaScript library could result in the execution of arbitrary code.

Share This Information.

Leave a Reply

Your email address will not be published. Required fields are marked *