An emacs security update has been released for Debian GNU/Linux 11 to address a missing input sanitization in the ctags functionality of Emacs that may result in the execution of arbitrary shell commands.
A libxstream-java security update has been released for Debian GNU/Linux 10 LTS to address an issue that allowed a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation of the processed input stream.
A netty security update has been released for Debian GNU/Linux 10 LTS to address several out-of-memory, stack overflow, and HTTP request smuggling vulnerabilities.
An EXIV2 security update has been released for Debian GNU/Linux 8 Extended LTS to address a number of memory access violations and other input validation failures that can be triggered by passing specially crafted files.
A ViewVC security update has been released for Debian GNU/Linux 9 Extended LTS to address two issues.
A libxstream-java security update has been released for Debian GNU/Linux 11 to address an issue that allowed a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation of the processed input stream.
A libjettison-java security update has been released for Debian GNU/Linux 11 to address several flaws that may cause a denial of service via out-of-memory or stack overflow errors.
A hsqldb security update has been released for Debian GNU/Linux 11 to address a vulnerability that may lead to a remote code execution attack.
A Ruby-Sinatra security update has been released for Debian GNU/Linux 10 LTS to address a potential reflected file download (RFD) vulnerability.
A exiv2 security update has been released for Debian GNU/Linux 10 LTS to address a number of memory access violations and other input validation failures that can be triggered by passing specially crafted files.
A leptonlib security update has been released for Debian GNU/Linux 8 Extended LTS to address several issues related to the unsafe processing of untrusted input and dealing with predictable paths below /tmp.
A leptonlib security update has been released for Debian GNU/Linux 9 Extended LTS to address several issues related to the unsafe processing of untrusted input and dealing with predictable paths below /tmp.
A libtasn1-6 security update has been released for Debian GNU/Linux 10 LTS to address an off-by-one array size issue.
For Debian GNU/Linux 10 LTS and 11, Ondřej Surý has released new PHP 8.2.1 and 8.1.14 packages in addition to PHP 8.0.27, 7.4.33-2, 7.3.33-9, 7.2.34-37, 7.1.33-51, 7.0.33-64, and 5.6.40-64 packages with a security fix for PDO/SQLite.
A trafficserver security update has been released for Debian GNU/Linux 11 to address several vulnerabilities that could result in HTTP request smuggling, cache poisoning, or denial of service.
A grub2 security update has been released for Debian GNU/Linux 8 Extended LTS to address several issues that could result in crashes and potentially the execution of arbitrary code.
The miniDebConf Debian conference, which will be held in Lisbon from February 12 to 16, is now accepting registrations.
A new XanMod Linux Kernel based on the latest Linux Kernel 6.1.4 has been released. XanMod is a general-purpose Linux kernel distribution with custom settings and new features. The real-time version is recommended for critical runtime applications such as Linux gaming eSports, streaming, live productions and ultra-low latency enthusiasts.
With Project-C fixes and improvements, as well as the disabling of CONFIG_INIT_STACK_ALL_ZERO, another update to the Liquorix Linux kernel based on Kernel 6.1.4 has been released.
A new Liquorix Linux kernel based on Kernel 6.1.4 has been released by Steven Barrett for Debian and Ubuntu.
A libetpan security update has been released for Debian GNU/Linux 10.
A smarty3 security update has been released for Debian GNU/Linux 10.
A new XanMod Linux Kernel based on the latest Linux Kernel 6.1.3 has been released. XanMod is a general-purpose Linux kernel distribution with custom settings and new features. The real-time version is recommended for critical runtime applications such as Linux gaming eSports, streaming, live productions and ultra-low latency enthusiasts.
With two Project-C fixes, disabled CONFIG_ZERO_CALL_USED_REGS, and enabled CONFIG_INIT_STACK_ALL_ZERO, Steven Barrett has released a new Liquorix Linux kernel based on Kernel 6.1.3 for Debian and Ubuntu.
A node-xmldom security update has been released for Debian GNU/Linux 10 LTS to address an issue related to the processing of ill-formed XML.
A new XanMod Linux Kernel based on the latest Linux Kernel 6.1.2 has been released. XanMod is a general-purpose Linux kernel distribution with custom settings and new features. The real-time version is recommended for critical runtime applications such as Linux gaming eSports, streaming, live productions and ultra-low latency enthusiasts.
A node-loader-utils security update has been released for Debian GNU/Linux 10 LTS to address a prototype pollution vulnerability.
A libjettison-java security update has been released for Debian GNU/Linux 10 LTS to address several flaws where specially crafted user input may cause a denial of service via out-of-memory or stack overflow errors
An emacs security update has been released for Debian GNU/Linux 10 LTS to address an issue where attackers could have executed arbitrary commands via shell metacharacters in the name of a source-code file.
A libjettison-java security update has been released for Debian GNU/Linux 9 Extended LTS to address several flaws where specially crafted user input may cause a denial of service via out-of-memory or stack overflow errors.
Steven Barrett has released a new Liquorix Linux kernel based on Kernel 6.1.2 for Debian and Ubuntu.
An openvswitch security update has been released for Debian GNU/Linux 10 LTS to address an out-of-bounds read and integer underflow vulnerability.
A xorg-server security update has been released for Debian GNU/Linux 10 LTS to address several vulnerabilities that may result in privilege escalation if the X server is running privileged.
A mplayer security update has been released for Debian GNU/Linux 10 LTS to address several security issues.
A exuberant-ctags security update has been released for Debian GNU/Linux 10 LTS to address a flaw that could result in arbitrary command execution.
An exuberant-ctags security update has been released for Debian GNU/Linux 9 Extended LTS to address a flaw that could result in arbitrary command execution.
A Cacti security update has been released for Debian GNU/Linux 10 LTS to address multiple issues that may result in information disclosure, authentication bypass, or remote code execution.
A ruby-image-processing security update has been released for Debian GNU/Linux 11 to address a remote shell execution vulnerability when using the #apply method to apply a series of operations coming from unsanitized user input.
A webkit2gtk security update has been released for Debian GNU/Linux 11 to address multiple security issues in the WebKitGTK web engine.
A wpewebkit security update has been released for Debian GNU/Linux 11 to address multiple security issues in the WPE WebKit web engine.
A grub2 security update has been released for Debian GNU/Linux 9 Extended LTS to address several issues in GRUB2’s font handling code that could result in crashes and potentially the execution of arbitrary code.
Project-C v6.1.1-r1 has been merged into a new Liquorix Linux kernel that Steven Barrett has released for Debian and Ubuntu.
Steven Barrett has released a new version of the Liquorix Linux kernel for Debian and Ubuntu, based on Kernel 6.1.1 and including a fix for AMDGPU HDMI audio and some configuration changes.
A libcommons-net-java security update has been released for Debian GNU/Linux 9 Extended LTS to address an issue where a malicious server can redirect the Commons Net code to use a different host, which may lead to the leakage of information about services running on the private network of the client.
A libcommons-net-java security update has been released for Debian GNU/Linux 10 LTS to address an issue where a malicious server can redirect the Commons Net code to use a different host, which may lead to the leakage of information about services running on the private network of the client.
A multipath-tools security update has been released for Debian GNU/Linux 10 LTS to address multiple issues that may be used by local attackers to obtain root privileges or create a directories or overwrite files via symlink attacks.
A libde265 security update has been released for Debian GNU/Linux 9 Extended LTS to address multiple issues that may result in denial of service or have unspecified other impacts.
A libcommons-net-java security update has been released for Debian GNU/Linux 11 to address an issue where a malicious server can redirect the Commons Net code to use a different host, which may lead to the leakage of information about services running on the private network of the client.
An exempi security update has been released for Debian GNU/Linux 9 Extended LTS to address multiple security issues that may result in denial of service (infinite loops and crashes), memory disclosures, potentially arbitrary code executions in the context of the current user, or other unspecified impacts.
A gerbv security update has been released for Debian GNU/Linux 11 to address several vulnerabilities that could result in the execution of arbitrary code, denial of service, or information disclosure if a specially crafted file is processed.
