Debian LTS: DLA-3093-1: rails security update
The following vulnerabilities have been discovered in rails, a ruby based MVC frame work for web development. CVE-2022-21831
Debian LTS: DLA-3091-1: sofia-sip security update
The following vulnerabilities have been discovered in the sofia-sip, a SIP user-agent library. CVE-2022-31001
Debian LTS: DLA-3092-1: dpdk security update
A buffer overflow was discovered in the vhost code of DPDK, a set of libraries for fast packet processing, which could result in denial of service or the execution of arbitrary code by malicious guests/containers.
Debian LTS: DLA-3090-1: php-horde-turba security update
It was discovered that there was an arbitrary object deserialization vulnerability in php-horde-turba, an address book component for the Horde groupware suite.
Debian LTS: DLA-3089-1: php-horde-mime-viewer security update
It was discovered that there was a potential XSS vulnerability in php-horde-mime-viewer, a MIME viewer library for the Horde groupware platform.
Debian LTS: DLA-3088-1: net-snmp security update
Yu Zhang and Nanyu Zhong discovered several vulnerabilities in net-snmp, a suite of Simple Network Management Protocol applications, which could result in denial of service or the execution of arbitrary code.
Debian LTS: DLA-3087-1: webkit2gtk security update
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-32893
Debian LTS: DLA-3086-1: maven-shared-utils security update
It was discovered that the Commandline class in maven-shared-utils, a collection of various utility classes for the Maven build system, can emit double-quoted strings without proper escaping, allowing shell injection attacks.
Debian LTS: DLA-3085-1: curl security update
Multiple security vulnerabilities have been discovered in cURL, an URL transfer library. These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack.
