Debian: DSA-5267-1: pysha3 security update
Nicky Mouha discovered a buffer overflow in 'sha3', a Python library for the SHA-3 hashing functions. For the stable distribution (bullseye), this problem has been fixed in
Debian: DSA-5266-1: expat security update
A heap use-after-free vulnerability after overeager destruction of a shared DTD in the XML_ExternalEntityParserCreate function in Expat, an XML parsing C library, may result in denial of service or potentially the execution of arbitrary code.
Debian: DSA-5265-1: tomcat9 security update
Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2021-43980
Debian: DSA-5264-1: batik security update
It was discovered that Apache Batik, a SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file. For the stable distribution (bullseye), these problems have been fixed in
Debian: DSA-5263-1: chromium security update
A security issue was discovered in Chromium, which could result in the execution of arbitrary code. For the stable distribution (bullseye), this problem has been fixed in
Debian: DSA-5262-1: thunderbird security update
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the stable distribution (bullseye), these problems have been fixed in
Debian: DSA-5261-1: chromium security update
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Debian: DSA-5260-1: lava security update
Igor Ponomarev discovered that LAVA, a continuous integration system for deploying operating systems onto physical and virtual hardware for running tests, used exec() on input passed to the server component.
Debian: DSA-5257-2: linux regression update
The security update announced as DSA 5257-1 caused regressions on certain systems using the amdgpu driver. Updated packages are now available to correct this issue.
