Debian: DSA-5049-1: flatpak security update
Several vulnerabilities were discovered in Flatpak, an application deployment framework for desktop apps. CVE-2021-43860
Debian: DSA-5048-1: libreswan security update
It was discovered that the libreswan IPsec implementation could be forced into a crash/restart via a malformed IKEv1 packet, resulting in denial of service.
Debian: DSA-5047-1: prosody security update
Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service. For the oldstable distribution (buster), this problem has been fixed
Debian: DSA-5046-1: chromium security update
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Debian: DSA-5045-1: thunderbird security update
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the oldstable distribution (buster), these problems have been fixed
Debian: DSA-5044-1: firefox-esr security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, denial of service or spoofing.
Debian: DSA-5043-1: lxml security update
It was discovered that lxml, a Python binding for the libxml2 and libxslt libraries, does not properly sanitize its input, which could lead to cross-site scripting.
Debian: DSA-5042-1: epiphany-browser security update
Several vulnerabities have been discovered in Epiphany, the GNOME web browser, allowing XSS attacks under certain circumstances. For the stable distribution (bullseye), these problems have been fixed in
Debian: DSA-5041-1: cfrpki security update
Multiple vulnerabilities were discovered in Cloudflare's RPKI validator, which could result in denial of service or path traversal. For the stable distribution (bullseye), these problems have been fixed in
