Find the information you need for your favorite open source distribution .
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. For the stable distribution (buster), these problems have been fixed in
A NULL pointer dereference was found in the signature_algorithms processing in OpenSSL, a Secure Sockets Layer toolkit, which could result in denial of service.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing attacks.
Jianjun Chen discovered that the Squid proxy caching server was susceptible to HTTP request smuggling. For the stable distribution (buster), this problem has been fixed in
Toni Huttunen discovered that the Shibboleth service provider's template engine used to render error pages could be abused for phishing attacks. For additional information please refer to the upstream advisory at
Two vulnerabilities were discovered in Tor, a connection-based low-latency anonymous communication system, which could lead to excessive CPU usage or cause a directory authority to crash.
It was discovered that Pygments, a syntax highlighting package written in Python, could be forced into an infinite loop, resulting in denial of service.
Two vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code if malformed image files are processed.
Anton Lydike discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could by bypassed via a malicious .desktop file.
