Letzte Aktivitäten

Package : xen

CVE ID : CVE-2021-28694 CVE-2021-28695 CVE-2021-28696 CVE-2021-28697

CVE-2021-28698 CVE-2021-28699 CVE-2021-28700 CVE-2021-28701


Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in…

Package : wpewebkit

CVE ID : CVE-2021-30858


The following vulnerabilities have been discovered in the webkit2gtk web engine:


CVE-2021-30858

An anonymous researcher discovered that processing maliciously

crafted web content may lead to arbitrary…

Package : webkit2gtk

CVE ID : CVE-2021-30858


The following vulnerabilities have been discovered in the webkit2gtk web engine:


CVE-2021-30858

An anonymous researcher discovered that processing maliciously

crafted web content may lead to…

Package : nextcloud-desktop

CVE ID : CVE-2021-22895 CVE-2021-32728

Debian Bug : 989846


Two vulnerabilities were discovered in the Nextcloud desktop client, which could result in information disclosure.


For the oldstable distribution…

Package : thunderbird

CVE ID : CVE-2021-38493


Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.


For the oldstable distribution (buster), this problem has been fixed in version…

Package : ghostscript

CVE ID : CVE-2021-3781

Debian Bug : 994011


It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly validate access for the "%pipe%", "%handle%" and "%printer%" io devices, which…

Package : ntfs-3g

CVE ID : CVE-2021-33285 CVE-2021-33286 CVE-2021-33287 CVE-2021-33289

CVE-2021-35266 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269

CVE-2021-39251 CVE-2021-39252 CVE-2021-39253 CVE-2021-39254

CVE-2021-39255 CVE-2021-39256…

Package : postorius

CVE ID : CVE-2021-40347


Kevin Israel discovered that Postorius, the administrative web frontend for Mailman 3, didn't validate whether a logged-in user owns the email address when unsubscribing.


For the oldstable…

Package : firefox-esr

CVE ID : CVE-2021-38493


Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.


For the oldstable distribution (buster), this…

Package : haproxy

CVE ID : CVE-2021-40346


Ori Hollander reported that missing header name length checks in the

htx_add_header() and htx_add_trailer() functions in HAProxy, a fast and reliable load balancing reverse proxy, could result in…

Package : squashfs-tools

CVE ID : CVE-2021-40153


Etienne Stalmans discovered that unsquashfs in squashfs-tools, the tools to create and extract Squashfs filesystems, does not validate filenames for traversal outside of the destination…

Package : gpac

CVE ID : CVE-2021-21834 CVE-2021-21836 CVE-2021-21837 CVE-2021-21838

CVE-2021-21839 CVE-2021-21840 CVE-2021-21841 CVE-2021-21842

CVE-2021-21843 CVE-2021-21844 CVE-2021-21845 CVE-2021-21846

CVE-2021-21847 CVE-2021-21848…

Package : libssh

CVE ID : CVE-2021-3634

Debian Bug : 993046


It was discovered that a buffer overflow in rekeying in libssh could result in denial of service or potentially the execution of arbitrary code.


The oldstable distribution…

Package : ledgersmb


The update for ledgersmb released as DSA 4862-1 introduced a regression in the display of some search results. Updated ledgersmb packages are now available to correct this issue.


For the oldstable distribution (buster), this…

Package : ledgersmb

CVE ID : CVE-2021-3731 CVE-2021-3693 CVE-2021-3694


Several vulnerabilities were discovered in LedgerSMB, a financial accounting and ERP program, which could result in cross-site scripting or clickjacking.


For the oldstable…

Package : grilo

CVE ID : CVE-2021-39365

Debian Bug : 992971


Michael Catanzaro reported a problem in Grilo, a framework for discovering and browsing media. TLS certificate verification is not enabled on the SoupSessionAsync objects created…

Package : openssl

CVE ID : CVE-2021-3711 CVE-2021-3712


Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.


CVE-2021-3711


John Ouyang reported a buffer overflow vulnerability in the SM2

decryption. An…

Package : tor

CVE ID : CVE-2021-38385


Henry de Valence reported a flaw in the signature verification code in Tor, a connection-based low-latency anonymous communication system. A remote attacker can take advantage of this flaw to cause an…

Package : haproxy

CVE ID : not yet assigned


Several vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which can result in HTTP request smuggling. By carefully crafting HTTP/2 requests, it is…

Package : thunderbird

CVE ID : CVE-2021-29980 CVE-2021-29984 CVE-2021-29985

CVE-2021-29986 CVE-2021-29988 CVE-2021-29989


Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.


For the…