Explore top 10 tips to secure your open-source projects now. Read More
×
rLottie is a platform independent C++ library for rendering vector-based animations and art. Its format is used by Telegram Desktop, fast and secure messaging application, which is the only reverse dependency in Debian. Several flaws caused by C++ undefined behavior in this library were recently reported as CVE issues. The new update addresses six of them as well as. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4675-1
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For Debian 12 bookworm, this problem has been fixed in version 150.0.7871.100-1~deb12u1.. Debian LTS Advisory DLA-4674-1
A vulnerability have been discovered in dpkg, the Debian package manager (dpkg is the low-level tool that actually installs or removes packages). CVE-2025-6297 It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary. Debian LTS Advisory DLA-4673-1
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For Debian 12 bookworm, these problems have been fixed in version 150.0.7871.46-1~deb12u1.. Debian LTS Advisory DLA-4672-1
A regression has been discovered in the latest release of openvpn 2.5.1-3+deb11u3. The fix adressing CVE-2026-40215 contained a bug which could lead to segmentation faults. Furthermore, the function backported for the fix has recently been disovered to be vulnerable to CVE-2026- 12996.. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4653-2
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For Debian 11 bullseye, these problems have been fixed in version 6.1.176-1~deb11u1. This version additionally includes many more bug. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4671-1
Several vulnerabilities were discovered in phpseclib, a PHP secure communications library, which could result in hostname validation bypass, timing side-channel attacks, denial of service, and server-side request forgery (SSRF). CVE-2023-52892. Debian LTS Advisory DLA-4670-1
It was discovered that a buffer overflow in the implementation of AES Key Wrap with Padding in the openssl extension of PHP, a widely-used open source general purpose scripting language, could result in memory corruption. For Debian 12 bookworm, this problem has been fixed in version. Debian LTS Advisory DLA-4669-1
Get the latest Linux and open source security news straight to your inbox.