Debian LTS Linux Security is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals.
Stay Vigilant with Timely Linux Security Advisories LinuxSecurity.com is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the commu
- Debian LTS: DLA-3996-1: gunicorn Security Advisory Updateson December 20, 2024 at 4:59 am
HTTP Request Smuggling has been fixed in the Python WSGI HTTP Server Gunicorn. For Debian 11 bullseye, this problem has been fixed in version 20.1.0-1+deb11u1.
- Debian LTS: DLA-3995-1: libpgjava Security Advisory Updateson December 16, 2024 at 9:08 am
Multiple vulnerabilities have been fixed in the PostgreSQL JDBC Driver. CVE-2022-31197
- Debian LTS: DLA-3994-1: gstreamer1.0 Security Advisory Updateson December 15, 2024 at 9:20 pm
An integer overflow was found in GStreamer a multimedia framework. For Debian 11 bullseye, this problem has been fixed in version 1.18.4-2.1+deb11u1.
- Debian LTS: DLA-3993-1: pgpool2 Security Advisory Updateson December 13, 2024 at 3:30 am
Two vulnerabilities were discovered in pgpool2, a connection pool server and replication proxy for PostgreSQL. CVE-2023-22332
- Debian LTS: DLA-3992-1: libsoup2.4 Security Advisory Updateson December 12, 2024 at 7:10 am
Multiple vulnerabilities were discovered in libsoup2.4, an HTTP library for Gtk+ programs. CVE-2024-52530
- Debian LTS: DLA-3991-1: upx-ucl Security Advisory Updateson December 11, 2024 at 5:16 pm
A heap-based buffer write overflow issue was discovered in UPX, an efficient live-compressor for executables. An attacker could corrupt memory via a crafted file, leading to undefined impact (from denial-of-service to code execution).
- Debian LTS: DLA-3988-2: jinja2 regression updateon December 9, 2024 at 9:19 pm
This update fixes a regression that broke the python-jinja2 package for Python 2. Note that while this regression has been fixed, running applications
- Debian LTS: DLA-3990-1: avahi Security Advisory Updateson December 9, 2024 at 12:41 pm
Multiple vulnerabilities have been fixed in the service discovery system Avahi. CVE-2023-1981
- Debian LTS: DLA-3989-1: ruby-doorkeeper Security Advisory Updateson December 9, 2024 at 3:09 am
Improper Authentication has been fixed in ruby-doorkeeper, an OAuth 2 provider for Rails and Grape. For Debian 11 bullseye, this problem has been fixed in version