Debian 11

Debian 11 — gnome-keyring — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — gnome-keyring — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-3466 CVE-2012-6111 CVE-2018-19358 CVE-2018-20781 Upstream summary: GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does not properly limit the amount of time a […]

Read more
Debian 11 — sendmail — multiple vulnerabilities (19 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — sendmail — multiple vulnerabilities (19 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-0906 CVE-2002-1165 CVE-2002-1337 CVE-2002-1827 CVE-2002-2261 CVE-2003-0161 CVE-2003-0308 CVE-2003-0681  +11 more Upstream summary: Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query […]

Read more
Debian 11 — http-parser — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — http-parser — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-15605 CVE-2020-8287 Upstream summary: HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed Table of contents Symptom & Impact Environment […]

Read more
Debian 11 — pyopenssl — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — pyopenssl — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-4314 CVE-2018-1000807 CVE-2018-1000808 CVE-2026-27448 Upstream summary: The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name […]

Read more
Debian 11 — udisks2 — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — udisks2 — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-0004 CVE-2018-17336 CVE-2021-3802 CVE-2025-8067 Upstream summary: Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and […]

Read more
Debian 11 — catfish — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — catfish — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-2093 CVE-2014-2094 CVE-2014-2095 CVE-2014-2096 Upstream summary: Untrusted search path vulnerability in Catfish through 0.4.0.3 allows local users to gain privileges via a Trojan horse catfish.py in the current […]

Read more
Debian 11 — gettext.js — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — gettext.js — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-43370 Upstream summary: gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting (XSS) injection if `.po` dictionary definition files are corrupted. […]

Read more
Debian 11 — python-markdown2 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — python-markdown2 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-11888 CVE-2021-26813 Upstream summary: python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- […]

Read more
Debian 11 — borgbackup — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — borgbackup — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-10099 CVE-2016-10100 CVE-2017-15914 CVE-2023-36811 Upstream summary: Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing […]

Read more
Debian 11 — gst-plugins-bad1.0 — multiple vulnerabilities (18 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — gst-plugins-bad1.0 — multiple vulnerabilities (18 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-9445 CVE-2016-9446 CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 CVE-2017-5843 CVE-2017-5848 CVE-2021-3185  +10 more Upstream summary: Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial […]

Read more
CHAT