Letzte Aktivitäten

Package : less

CVE ID : CVE-2022-48624 CVE-2024-32487

Debian Bug : 1064293 1068938 1069681



Several vulnerabilities were discovered in less, a file pager, which may result in the execution of arbitrary commands if a file with a specially…

Package : glibc

CVE ID : CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602



Several vulnerabilities were discovered in nscd, the Name Service Cache Daemon in the GNU C library which may lead to denial of service or the execution of…

Package : ruby3.1

CVE ID : CVE-2024-27280 CVE-2024-27281 CVE-2024-27282



Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in information disclosure, denial of service or the execution of…

Package : chromium

CVE ID : CVE-2024-4331 CVE-2024-4368



Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.



For the stable distribution (bookworm),…

Package : chromium

CVE ID : CVE-2024-4058 CVE-2024-4059 CVE-2024-4060



Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.



For the stable distribution…

Package : pdns-recursor

CVE ID : CVE-2024-25583



It was discovered that PDNS Recursor, a resolving name server, was susceptible to denial of service if recursive forwarding is configured.



For the stable distribution (bookworm), this problem…

Package : glibc

CVE ID : CVE-2024-2961

Debian Bug : 1069191



Charles Fol discovered that the iconv() function in the GNU C library is prone to a buffer overflow vulnerability when converting strings to the ISO-2022-CN-EXT character set,…

Package : openjdk-17

CVE ID : CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21094



Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.



For the…

Package : openjdk-11

CVE ID : CVE-2024-21011 CVE-2024-21012 CVE-2024-21068 CVE-2024-21085

CVE-2024-21094



Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information…

Package : thunderbird

CVE ID : CVE-2024-2609 CVE-2024-3302 CVE-2024-3852 CVE-2024-3854

CVE-2024-3857 CVE-2024-3859 CVE-2024-3861 CVE-2024-3864



Multiple security issues were discovered in Thunderbird, which could result in denial of service or…

Package : guix

CVE ID : CVE-2024-27297



It was discovered that insufficient restriction of unix daemon sockets in the GNU Guix functional package manager could result in sandbox bypass.



For the oldstable distribution (bullseye), this problem…

Package : chromium

CVE ID : CVE-2024-3832 CVE-2024-3833 CVE-2024-3834 CVE-2024-3837

CVE-2024-3838 CVE-2024-3839 CVE-2024-3840 CVE-2024-3841

CVE-2024-3843 CVE-2024-3844 CVE-2024-3845 CVE-2024-3846

CVE-2024-3847



Security issues were discovered in…

Package : tomcat9

CVE ID : CVE-2023-46589 CVE-2024-23672 CVE-2024-24549

Debian Bug : 1057082 1066877 1066878



Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.



CVE-2023-46589



Tomcat 9 did not…

Package : flatpak

CVE ID : CVE-2024-32462



Gergo Koteles discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could by bypassed in combination with xdg-desktop-portal.



For the oldstable…

Package : tomcat10

CVE ID : CVE-2023-46589 CVE-2024-23672 CVE-2024-24549

Debian Bug : 1057082 1066877 1066878



Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.



CVE-2023-46589



Tomcat 10 did not…

Package : jetty9

CVE ID : CVE-2024-22201



Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state (not closed), TCP congested and idle. Eventually…

Package : firefox-esr

CVE ID : CVE-2024-2609 CVE-2024-3302 CVE-2024-3852 CVE-2024-3854

CVE-2024-3857 CVE-2024-3859 CVE-2024-3861 CVE-2024-3864



Multiple security issues have been found in the Mozilla Firefox web browser, which could…

Package : cockpit

Debian Bug : 1069059



The update of cockpit released in DSA 5655-1 did not correctly built binary packages due to unit test failures when building against libssh 0.10.6. This update corrects that problem.



For the stable…

Package : apache2

CVE ID : CVE-2023-31122 CVE-2023-38709 CVE-2023-43622

CVE-2023-45802 CVE-2024-24795 CVE-2024-27316



Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or…

Package : php8.2

CVE ID : CVE-2023-3823 CVE-2023-3824 CVE-2024-2756 CVE-2024-3096



Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in secure cookie bypass, XXE…