Debian Linux Security Advisory 5795-1 - Cedric Krier discovered that python-sql, a library to write SQL queries in a pythonic way, performed insufficient sanitizing which could result in SQL injection.
e6ae4b806618868271a568847282414626155e507e7451c60c2e232cc3aac875
Debian Linux Security Advisory 5794-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
d38e317023dbf069ec3844471d1111a0cc4ddfa3e3de5ea812dcba5c6ee80347
Debian Linux Security Advisory 5793-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
a639a7d1289dbe3e7b752ce962df23b2b6678ccb48fe42b2380c790047568270
Debian Linux Security Advisory 5792-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Hafiizh and YoKo Kho discovered that visiting a malicious website may lead to address bar spoofing. Narendra Bhati discovered that a malicious website may exfiltrate data cross-origin.
6c18c5c48316e22ebdd4c277dc051b11216afc79e2f4ce344b61f3d3a8f4d3ef
Debian Linux Security Advisory 5791-1 - Elyas Damej discovered that a sandbox mechanism in ReportLab, a Python library to create PDF documents, could be bypassed which may result in the execution of arbitrary code when converting malformed HTML to a PDF document.
40f471c19c769dc43b6a721bbf7f55e00b564db69dcafda48f9c8375d8e96ac7
Debian Linux Security Advisory 5790-1 - It was discovered that DOMPurify, a sanitizer for HTML, MathML and SVG was susceptible to nesting-based mXSS.
23913d3e979fc61eebe9070d04b073ddb60db7933133bb5fb757bcc16928b0f2
Debian Linux Security Advisory 5789-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.
e7fccad86bca93bda9c3bee7317c60c197d8f5c1e25808c962f2eea6506ee0a1
Debian Linux Security Advisory 5788-1 - Damien Schaeffer discovered a use-after-free in the Mozilla Firefox web browser, which could result in the execution of arbitrary code.
71cf6e08a29d64dd05cec8da672d495e697c717f5050845adf6c9632bc54af0a
Debian Linux Security Advisory 5787-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
f4228d9be2e94b5178c0ed22259a02e549ea50feae6bfd6228876d967a2f1977
Debian Linux Security Advisory 5729-2 - The fixes for CVE-2024-38474 and CVE-2024-39884 introduced two regressions in mod_rewrite and mod_proxy.
703eefdd0f2dd6fbb59ea885c38a5f69342264fef0c904ef54b8697717bf0ae6
Debian Linux Security Advisory 5786-1 - Integer overflows flaws were discovered in the Compound Document Binary File format parser of libgsf, the GNOME Project G Structured File Library, which could result in the execution of arbitrary code if a specially crafted file is processed.
98c0d59e2d6c56f5374ef98a8c7336b85fff3f90be2ec312d6bc3af96e794ba8
Debian Linux Security Advisory 5785-1 - Dom Walden discovered that the AbuseFilter extension in MediaWiki, a website engine for collaborative work, performed incomplete authorisation checks.
38742c4e799607f311ca3f650942c752a6b19f6597bc2e6819c3e789065b2193
Debian Linux Security Advisory 5784-1 - Fabian Vogt reported that the PAM module in oath-toolkit, a collection of components to build one-time password authentication systems, does not safely perform file operations in users's home directories when using the usersfile feature (allowing to place the OTP state in the home directory of the to-be-authenticated user). A local user can take advantage of this flaw for root privilege escalation.
630b245f04eb1a7ff0cfa42251496c38ea3ce7b755c4c145ac3252c552e621aa
Debian Linux Security Advisory 5783-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
d6e973db117eecd0774e6df97f98106f30600a1abd447da40462c767ea65fcb3
Debian Linux Security Advisory 5782-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
6b1995cd75513141f3e03b2f430413db5d1f10bd1835463af1502d9622c439b4
Debian Linux Security Advisory 5781-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
1ef039858c6f77289a0121b0f10830b4ab7779904de169e39eb4e8d6420d6fe6
Debian Linux Security Advisory 5780-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in incorrect parsing of multipart/form-data, bypass of the cgi.force_direct directive or incorrect logging.
bfa3e5a0c7655d65e84e614bda3fc8f53d019f36e25c18e9829db943709ca29b
Debian Linux Security Advisory 5779-1 - Simone Margaritelli reported that cups, the Common UNIX Printing System, does not properly sanitize IPP attributes when creating PPD files, which may result in the execution of arbitrary code.
83ecd659e56de14800ec1796cd224782a1142b21ab9254aa2e8f5a8461f8cfc3
Debian Linux Security Advisory 5778-1 - Simone Margaritelli reported several vulnerabilities in cups-filters. Missing validation of IPP attributes returned from an IPP server and multiple bugs in the cups-browsed component can result in the execution of arbitrary commands without authentication when a print job is started.
5a1f56f676d00911fffdf604e18b71c26411856c8f03de47176c8199b8debba9
Debian Linux Security Advisory 5777-1 - It was discovered that the Booth cluster ticket manager failed to correctly validate some authentication hashes.
e2ba56c0897ea23719114c79a7e1e668077245323fe2f33ce11a65f997355888
Debian Linux Security Advisory 5776-1 - Albert Cervera discovered two missing authorisation checks in the Tryton application platform.
d8d4e782259fc7ccf5a546c723db85a3fbee2c67828b4a27c739de38071c2d8a
Debian Linux Security Advisory 5775-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
4ef90a203d4a92a51da2468a0cde68b6e452ea76592676b5c73bc801e84ae24f
Debian Linux Security Advisory 5774-1 - It was discovered that ruby-saml, a SAML library implementing the client side of a SAML authorization, does not properly verify the signature of the SAML Response, which could result in bypass of authentication in an application using the ruby-saml library.
240177159ce0b76270aa0280d1ee5b1c3ee1ab29b2d1a466aa814c291e161d28
Debian Linux Security Advisory 5773-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
8898d709ae27812683b98775f6cd9542d1faa76d04a8943e6f4624dc1dd38dd4
Debian Linux Security Advisory 5772-1 - Yufan You discovered that Libreoffice's handling of documents based on ZIP archives was susceptible to spoofing attacks when the repair mode attempts to address a malformed archive structure.
18dfdc4d2a3cb0f1b3ab7cdbfff7c30a72fd566aa85476c85c16480b7d706aa4