Debian LTS: DLA-3528-1: poppler security update
Two vulnerabilities have been fixed in poppler, a PDF rendering library. CVE-2020-36023
Debian LTS: DLA-3426-3: netatalk regression update
Another regression was identified in Netatalk, the Apple Filing Protocol service, introduced with the patch for CVE-2022-23123. It is impacting a subset of users that have certain metadata in their shared files. The issue leads to an unavoidable crash and renders netatalk useless with their shared
Debian LTS: DLA-3527-1: sox security update
SoX is a command line utility that can convert various formats of computer audio files in to other formats. It can also apply various effects to these sound files during the conversion.
Debian LTS: DLA-3526-1: libreoffice security update
LibreOffice an office productivity suite was affected by multiple vulnerabilities. CVE-2022-3874
Debian LTS: DLA-3525-1: linux-5.10 security update
CVE-2022-40982 Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware vulnerability for Intel CPUs which allows unprivileged speculative
Debian LTS: DLA-3495-2: php-dompdf regression update
Ubuntu security team noted after extensive testing that DLA-3495-1 was incomplete as one PoC for CVE-2022-2400 (particularly the chroot escape) was still working on the patched version of the package.
Debian LTS: DLA-3524-1: linux security update
Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers.
Debian LTS: DLA-3523-1: firefox-esr security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the same-origin policy, spoofing or sandbox bypass.
Debian LTS: DLA-3522-1: hdf5 security update
Multiple security vulnerabilities were discovered in HDF5, a Hierarchical Data Format and a library for scientific data. Memory leaks, out-of-bound reads and division by zero errors may lead to a denial of service when processing a malformed HDF file.
