Debian: DSA-4978-1: linux security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Debian: DSA-4976-1: wpewebkit security update
The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2021-30858
Debian: DSA-4975-1: webkit2gtk security update
The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2021-30858
Debian: DSA-4977-1: xen security update
Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks.
Debian: DSA-4974-1: nextcloud-desktop security update
Two vulnerabilities were discovered in the Nextcloud desktop client, which could result in information disclosure. For the oldstable distribution (buster), these problems have been fixed
Debian: DSA-4973-1: thunderbird security update
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the oldstable distribution (buster), this problem has been fixed
Debian: DSA-4972-1: ghostscript security update
It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly validate access for the "%pipe%", "%handle%" and "%printer%" io devices, which could result in the execution of arbitrary code if a malformed Postscript file is processed (despite the -dSAFER
Debian: DSA-4971-1: ntfs-3g security update
Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of these flaws for local root privilege escalation.
Debian: DSA-4970-1: postorius security update
Kevin Israel discovered that Postorius, the administrative web frontend for Mailman 3, didn't validate whether a logged-in user owns the email address when unsubscribing.
