280 matches found
CLSA-2025-1757076749 Fix CVE(s): CVE-2025-54574
SECURITY UPDATE: Disable URN protocol access to prevent potential security vulnerabilities - debian/patches/CVE-2025-54574.patch: Add ACL rules to deny URN protocol access by default - CVE-2025-54574...
CLSA-2025-1756928197 Fix CVE(s): CVE-2025-26603
SECURITY UPDATE: fix use-after-free vulnerability in buffer closing - debian/patches/CVE-2025-26603.patch: Fix heap use-after-free in strtoreg - CVE-2025-26603...
CLSA-2025-1756830276 Fix CVE(s): CVE-2024-47252
SECURITY UPDATE: insufficient escaping of user-supplied data in logging configurations - debian/patches/CVE-2024-47252.patch: Escape ssl vars to prevent potential security vulnerabilities - CVE-2024-47252...
DEBIAN-CVE-2025-38675
In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize stateptrs earlier in xfrmstatefind In case of preemption, xfrmstatelookat will find a different pcpuid and look up states for that other CPU. If we matched a state for CPU2 in the statecache while the look...
DEBIAN-CVE-2023-32249
In the Linux kernel, the following vulnerability has been resolved: ksmbd: not allow guest user on multichannel This patch return STATUSNOTSUPPORTED if binding session is guest...
CLSA-2025-1755113204 Fix CVE(s): CVE-2025-29088
SECURITY UPDATE: denial of service issue due to incorrect memory allocations - debian/patches/CVE-2025-29088.patch: harden the SQLITEDBCONFIGLOOKASIDE interface against misuse, such as described in forum post 48f365daec Enhancements to the SQLITEDBCONFIGLOOKASIDE documentation - CVE-2025-29088...
DEBIAN-CVE-2025-55154
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage in coders/png.c are unsafe and can overflow, leading to memory corruption. This issue has been patched in...
DEBIAN-CVE-2025-55004
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This c...
CLSA-2025-1754940449 Fix CVE(s): CVE-2024-46901
SECURITY UPDATE: Insufficient validation of filenames against control characters in repositories served via moddavsvn - debian/patches/CVE-2024-46901.patch: fix moddavsvn denial-of-service via control characters in paths...
CLSA-2025-1754411479 Fix CVE(s): CVE-2025-48384
SECURITY UPDATE: security vulnerability - debian/patches/CVE-2025-48384.patch: quote values containing CR character in config to prevent unintended stripping of CR - CVE-2025-48384...
CLSA-2025-1754338599 Fix CVE(s): CVE-2025-6965
SECURITY UPDATE: aggregate term exceeding column count vulnerability - debian/patches/CVE-2025-6965.patch: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns - CVE-2025-6965...
CLSA-2025-1753799801 Fix CVE(s): CVE-2025-32462
SECURITY UPDATE: unauthorized command execution on remote hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462...
CLSA-2025-1753207140 Fix CVE(s): CVE-2025-48384
SECURITY UPDATE: security vulnerability discovered - debian/patches/CVE-2025-48384.patch: quote values containing CR character in config to prevent unintentional stripping when reading - CVE-2025-48384...
CLSA-2025-1753121050 Fix CVE(s): CVE-2025-48384
SECURITY UPDATE: security vulnerability addressed - debian/patches/CVE-2025-48384.patch: quote values containing CR character to prevent unintended behavior - CVE-2025-48384...
DEBIAN-CVE-2025-38279
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: 10 PID: 2315...
DEBIAN-CVE-2025-38206
In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayedfree The double free could happen in the following path. exfatcreateupcasetable exfatcreateupcasetable : return error exfatfreeupcasetable : free -volutbl exfatloaddefaultupcasetable : return erro...
CLSA-2025-1750780819 Fix CVE(s): CVE-2025-31651
SECURITY UPDATE: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability - debian/patches/CVE-2025-31651.patch: Enforces rewrite rules to preventing bypass of security constraints in specific configurations - CVE-2025-31651...
CLSA-2025-1750752721 Fix CVE(s): CVE-2025-24813
SECURITY UPDATE: Remote code execution - debian/patches/CVE-2025-24813.patch: Delete temporary file right after finishing request processing - CVE-2025-24813...
DEBIAN-CVE-2022-50186
In the Linux kernel, the following vulnerability has been resolved: ath11k: fix missing skb drop on htctxcompletion error On htctxcompletion error the skb is not dropped. This is wrong since the completionhandler logic expect the skb to be consumed anyway even when an error is triggered. Not...
DEBIAN-CVE-2022-50050
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow although it's...