Advisories LinuxSecurity.com is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals.
- Debian: DSA-4891-1: tomcat9 security updateon April 13, 2021 at 4:47 pm
Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service. For the stable distribution (buster), these problems have been fixed in
- Debian: DSA-4890-1: ruby-kramdown security updateon April 12, 2021 at 3:22 am
Stan Hu discovered that kramdown, a pure Ruby Markdown parser and converter, performed insufficient namespace validation of Rouge syntax highlighting formatters.
- Debian: DSA-4889-1: mediawiki security updateon April 10, 2021 at 11:46 am
Multiple security issues were found in MediaWiki, a website engine for collaborative work, which could result in incomplete page/blocking protection, denial of service or cross-site scripting.
- Debian: DSA-4888-1: xen security updateon April 10, 2021 at 11:38 am
Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, privilege escalation or memory disclosure.
- Debian: DSA-4887-1: lib3mf security updateon April 8, 2021 at 2:27 pm
A use-after-free was discovered in Lib3MF, a C++ implementation of the 3D Manufacturing Format, which could result in the execution of arbitrary code if a malformed file is opened.
- Debian: DSA-4886-1: chromium security updateon April 6, 2021 at 9:38 am
Several vulnerabilites have been discovered in the chromium web browser. CVE-2021-21159
- Debian: DSA-4885-1: netty security updateon April 5, 2021 at 3:06 pm
Multiple security issues were discovered in Netty, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure.
- Debian: DSA-4884-1: ldb security updateon April 2, 2021 at 3:54 am
Multiple vulnerabilities have been discovered in ldb, a LDAP-like embedded database built on top of TDB. CVE-2020-10730
- Debian: DSA-4883-1: underscore security updateon April 1, 2021 at 3:56 pm