Debian: DSA-5049-1: flatpak security update
Several vulnerabilities were discovered in Flatpak, an application deployment framework for desktop apps. CVE-2021-43860
Find the information you need for your favorite open source distribution .
Several vulnerabilities were discovered in Flatpak, an application deployment framework for desktop apps. CVE-2021-43860
It was discovered that the libreswan IPsec implementation could be forced into a crash/restart via a malformed IKEv1 packet, resulting in denial of service.
Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service. For the oldstable distribution (buster), this problem has been fixed
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the oldstable distribution (buster), these problems have been fixed
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, denial of service or spoofing.
It was discovered that lxml, a Python binding for the libxml2 and libxslt libraries, does not properly sanitize its input, which could lead to cross-site scripting.
Several vulnerabities have been discovered in Epiphany, the GNOME web browser, allowing XSS attacks under certain circumstances. For the stable distribution (bullseye), these problems have been fixed in
Multiple vulnerabilities were discovered in Cloudflare's RPKI validator, which could result in denial of service or path traversal. For the stable distribution (bullseye), these problems have been fixed in