Debian Linux Security Advisory 5245-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
bf60ece012a5fb91455e6049309baad6373f25ba811def84fdd72d5cad781e24
Debian Linux Security Advisory 5246-1 - Marlon Starkloff discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This would allow a malicious user to execute arbitrary code.
bafe6fbd63e7ce336ce7f16d95873da98aa675c25a5d71e8b2d0b10a0af1e05a
Debian Linux Security Advisory 5247-1 - Douglas Mendizabal discovered that Barbican, the OpenStack Key Management Service, incorrectly parsed requests which could allow an authenticated user to bypass Barbican access policies.
0d413d1d6f6432591be3a3d48216c92d4d62cd19a834ad7625f9ff5c141970bf
Debian Linux Security Advisory 5249-1 - Lahav Schlesinger discovered a vulnerability in the revocation plugin of strongSwan, an IKE/IPsec suite.
001ab0bf44e202413c681162d6a7d7fcf47fe3d1980576d2c2a32989a5ee3e3a
Debian Linux Security Advisory 5255-1 - An integer overflow flaw was discovered in the CRL parser in libksba, an X.509 and CMS support library, which could result in denial of service or the execution of arbitrary code.
5b80c721a5174b5f9be5b4356b1742a0911041872cc1d6159fd559f1608285e7
Debian Linux Security Advisory 5254-1 - Multiple security issues were found in Django, a Python web development framework, which could result in denial of service, SQL injection or cross-site scripting.
f1deaa074be2780bc47f540868f469aef9215c48a81c548946be8c4d1bf75ee6
Debian Linux Security Advisory 5250-1 - Evgeny Vereshchagin discovered multiple vulnerabilities in D-Bus, a simple interprocess messaging system, which may result in denial of service by an authenticated user.
c17db3125a645538d77cbf33babc4af9091a3054ec91dd36976ec447aabbc18b
Debian Linux Security Advisory 5251-1 - Several vulnerabilities have been discovered in the ISC DHCP client, relay and server.
e75a1017009f4cad5bc08bfc50f14390812d8d810301608598ec114925f7bc11
Debian Linux Security Advisory 5252-1 - It was discovered that insufficient validation of "vnd.libreoffice.command" URI schemes could result in the execution of arbitrary macro commands.
02baca49b53329fd1a22ea245384ae22aebba5a94a919a180cf0082dfcea82b9
Debian Linux Security Advisory 5253-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
66cbec92e74c8792856040aad3136f685c8557a6136f41bb2dad3b0b6c2c812c
Debian Linux Security Advisory 5223-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
eaccf2c4f13785f27ea55d281296ec9a704251dbe2c16cc511b155f0d5dbc78f
Debian Linux Security Advisory 5224-1 - Two vulnerabilities were discovered in poppler, a PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file or JBIG2 image is processed.
fff5c555e685acd923ce1cd2043a40d9c2db36d0eed0627070038e954e24e95c
Debian Linux Security Advisory 5225-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code.
98a8f68e6eeb765491847e5b3440d501a6818cac4dc84af5724f091a2bc33174
Debian Linux Security Advisory 5226-1 - Two security issues were discovered in pcs, a corosync and pacemaker configuration tool.
6063675b6309f8ba39ab444e7fce5c743b477418ff598c15909fc9e571447b45
Debian Linux Security Advisory 5227-1 - It was discovered that Gson, a Java library that can be used to convert Java Objects into their JSON representations and vice versa, was vulnerable to a de- serialization flaw. An application would de-serialize untrusted data without sufficiently verifying that the resulting data will be valid, letting the attacker to control the state or the flow of the execution. This can lead to a denial of service or even the execution of arbitrary code.
b6af2512c97e2e986859b67b105cb3eb62cba8bf639bf250fd2d00129989f97f
Debian Linux Security Advisory 5228-1 - Several vulnerabilities were discovered in gdk-pixbuf, the GDK Pixbuf library.
2779b19645046756f046040b839f7910204298a4f8304bb68cd29482f89ab133
Debian Linux Security Advisory 5229-1 - Two vulnerabilities were discovered in FreeCAD, a CAD/CAM program, which could result in the execution of arbitrary shell commands when opening a malformed file.
e221b714aa252c043fe261bba268b9bb76b8a4565c7895307eb7ff13412d67b8
Debian Linux Security Advisory 5230-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
8340f3ab3bae220f6698fed84dcfba3c97ba7964c3362899da056ede5c1f36ab
Debian Linux Security Advisory 5231-1 - Several vulnerabilities were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code.
ce4def7ac6b137a13c8cf721dd5db4140415515ed52baee6a0d76baf78234bf0
Debian Linux Security Advisory 5232-1 - It was discovered that the wordexp() function of tinygltf, a library to load/save glTF (GL Transmission Format) files was susceptible to command execution when processing untrusted files.
6d3bf5420ed67b1fc16a49e517a64ee582d74c3582eaa12ad4ef5cb2c1800fce
Debian Linux Security Advisory 5233-1 - Maher Azzouzi discovered that missing input sanitising in the Enlightenment window manager may result in local privilege escalation to root.
038bc6131b6fd2cfa407d7ba8198b1856f3aa45cd0d7b1b66c8e56e410074926
Debian Linux Security Advisory 5234-1 - An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically ran `git` commands in order to display information about the current repository in the prompt. Such repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands.
d6134612ed2eb603546e00e78930c6db0692023b8724bb62b9827ee351491ec4
Debian Linux Security Advisory 5235-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.
9fd2bd0b8d48add568238f3194fca9fcb514629ef89a06fc88c357586fed0e7d
Debian Linux Security Advisory 5236-1 - Rhodri James discovered a heap use-after-free vulnerability in the doContent function in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed.
f673ba4a86fe72896d4316423099d0e96f4f5358812e777c79d4d4a321d08a6e
Debian Linux Security Advisory 5237-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, CSP bypass or session fixation.
69842b76196deeb3b59a7b469816fe3cfbd6e3bc5d7e2ef801971d08ee2caa0f