Letzte Aktivitäten

Package : thunderbird

CVE ID : CVE-2021-29956 CVE-2021-29957 CVE-2021-29967


Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. In adddition two security issues were addressed in…

Package : lasso

CVE ID : CVE-2021-28091


It was discovered that lasso, a library which implements SAML 2.0 and Liberty Alliance standards, did not properly verify that all assertions in a SAML response were properly signed, allowing an…

Package : firefox-esr

CVE ID : CVE-2021-29967


Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.


For the stable distribution (buster), this problem…

Package : squid

CVE ID : CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806

CVE-2021-31807 CVE-2021-31808

Debian Bug : 988891 988892 988893 989043


Multiple denial of service vulnerabilities were discovered in the Squid proxy…

Package : webkit2gtk

CVE ID : CVE-2021-1788 CVE-2021-1844 CVE-2021-1871


The following vulnerabilities have been discovered in the webkit2gtk web engine:


CVE-2021-1788


Francisco Alonso discovered that processing maliciously crafted

web content…

Package : openjdk-11-jre-dcevm

Debian Bug : 942876


The Dynamic Code Evolution Virtual Machine (DCE VM), an alternative VM for OpenJDK 11 with enhanced class redefinition, has been updated for compatibility with OpenJDK 11.0.11.


For the stable…

Package : hyperkitty

CVE ID : CVE-2021-33038


Amir Sarabadani and Kunal Mehta discovered that the import functionality of Hyperkitty, the web user interface to access Mailman 3 archives, did not restrict the visibility of private archives…

Package : nginx

CVE ID : CVE-2021-23017

Debian Bug : 989095


Luis Merino, Markus Vervier and Eric Sesterhenn discovered an off-by-one in Nginx, a high-performance web and reverse proxy server, which could result in denial of service and…

Package : libx11

CVE ID : CVE-2021-31535

Debian Bug : 988737


Roman Fiedler reported that missing length validation in various functions provided by libx11, the X11 client-side library, allow to inject X11 protocol commands on X clients,…

Package : lz4

CVE ID : CVE-2021-3520

Debian Bug : 987856


Jasper Lievisse Adriaanse reported an integer overflow flaw in lz4, a fast LZ compression algorithm library, resulting in memory corruption.


For the stable distribution (buster),…

Package : prosody

Debian Bug : 988756


The update for prosody released as DSA 4916-1 introduced a regression in websocket support. Updated prosody packages are now available to correct this issue.


For the stable distribution (buster), these…

Package : ruby-rack-cors

CVE ID : CVE-2019-18978

Debian Bug : 944849


Improper pathname handling in ruby-rack-cors, a middleware that makes Rack-based apps CORS compatible, may result in access to private resources.


For the stable…

Package : chromium

CVE ID : CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509

CVE-2021-30510 CVE-2021-30511 CVE-2021-30512 CVE-2021-30513

CVE-2021-30514 CVE-2021-30515 CVE-2021-30516 CVE-2021-30517

CVE-2021-30518 CVE-2021-30519…

Package : prosody

CVE ID : CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920

CVE-2021-32921


Multiple security issues were found in Prosody, a lightweight Jabber/XMPP server, which could result in denial of service or information…

Package : postgresql-11

CVE ID : CVE-2021-32027 CVE-2021-32028 CVE-2021-32029


Multiple security issues have been discovered in the PostgreSQL database system, which could result in the execution of arbitrary code or disclosure of memory…

Package : graphviz

CVE ID : CVE-2020-18032

Debian Bug : 988000


A buffer overflow was discovered in Graphviz, which could potentially result in the execution of arbitrary code when processing a malformed file.


For the stable distribution…

Package : hivex

CVE ID : CVE-2021-3504

Debian Bug : 988024


Jemery Galindo discovered an out-of-bounds memory access in Hivex, a library to parse Windows Registry hive files.


For the stable distribution (buster), this problem has been fixed…

Package : exim4

CVE ID : CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2020-28010

CVE-2020-28011 CVE-2020-28012 CVE-2020-28013 CVE-2020-28014

CVE-2020-28015 CVE-2020-28017 CVE-2020-28019 CVE-2020-28021

CVE-2020-28022 CVE-2020-28023…

Package : chromium

CVE ID : CVE-2021-21227 CVE-2021-21228 CVE-2021-21229 CVE-2021-21230

CVE-2021-21231 CVE-2021-21232 CVE-2021-21233


Several vulnerabilities have been discovered in the chromium web browser.


CVE-2021-21227


Gengming Liu…

Package : libimage-exiftool-perl

CVE ID : CVE-2021-22204

Debian Bug : 987505


A vulnerability was discovered in libimage-exiftool-perl, a library and program to read and write meta information in multimedia files, which may result in…