Debian LTS: DLA-3331-2: python-cryptography security update
It was discovered that there was a regression in the previous fix for python-cryptography, a Python library offering a number of encryption and cryptography primitives.
Debian LTS: DLA-3345-1: php7.3 security update
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language, which could result in denial of service or incorrect validation of BCrypt hashes.
Debian LTS: DLA-3344-1: nodejs security update
Vulnerabilities have been found in Node.js, which could result in DNS rebinding or arbitrary code execution. CVE-2022-43548
Debian LTS: DLA-3343-1: mono security update
Triggering arbitrary code execution was possible due to .desktop files registered as application/x-ms-dos-executable MIME handlers in the open source .NET framework Mono.
Debian LTS: DLA-3342-1: freeradius security update
Several flaws were found in freeradius, a high-performance and highly configurable RADIUS server. CVE-2022-41859
Debian LTS: DLA-3341-1: curl security update
HTTP multi-header compression denial of service has been fixed in curl, a command line tool and library for transferring data with URLs. For Debian 10 buster, this problem has been fixed in version
Debian LTS: DLA-3340-1: libgit2 security update
A vulnerability have been found in libgit2, a cross-platform, linkable library implementation of Git, which may result in remote code execution when cloning a repository on a NTFS-like filesystem or man-in-the-middle attacks due to improper verification of cryptographic Signature.
Debian LTS: DLA-3339-1: binwalk security update
Code execution through crafted PFS filesystems was fixed in binwalk, a tool and Python module for analyzing binary blobs and executable code. For Debian 10 buster, this problem has been fixed in version
Debian LTS: DLA-3338-1: git security update
Several vulnerabilities have been discovered in git, a fast, scalable and distributed revision control system. CVE-2023-22490
