ELA-1343-2 proftpd-dfsg regression update
[DLA 4122-1] libbssolv-perl security update
[DSA 5898-1] chromium security update
ELA-1343-2 proftpd-dfsg regression update
Package : proftpd-dfsg
Version : 1.3.5e+r1.3.5b-4+deb9u5 (stretch)
Proftpd a popular ftp server was affected by a regression.
sftp authentification public key authentification was rejected by default.ELA-1343-2 proftpd-dfsg regression update
[SECURITY] [DLA 4122-1] libbssolv-perl security update
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4122-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Andrej Shadura
April 09, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : libbssolv-perl
Version : 0.17-3+deb11u1
This update includes an upstream patch to accept "0" as a valid epoch
in Debian packages processed by BSSolv.
This fixes a bug that prevents the Open Build Service backend from working
correctly. In particular, the Download on Demand feature is unable
to process woff-tools package from Debian, and ends up deleting the .deb
file immediately after downloading it.
See https://github.com/openSUSE/perl-BSSolv/pull/17 for more details
on this bug upstream.
This bug has also been fixed in Debian 12 bookworm and newer.
No other software is known to be affected by this issue.
For Debian 11 bullseye, this problem has been fixed in version
0.17-3+deb11u1.
We recommend that you upgrade your libbssolv-perl packages.
For the detailed security status of libbssolv-perl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libbssolv-perl
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
[SECURITY] [DSA 5898-1] chromium security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5898-1 security@debian.org
https://www.debian.org/security/ Andres Salomon
April 09, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : chromium
CVE ID : CVE-2025-3066
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
For the stable distribution (bookworm), this problem has been fixed in
version 135.0.7049.84-1~deb12u1.
We recommend that you upgrade your chromium packages.
For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
