Debian 11

Debian 11 — golang-github-tidwall-gjson — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — golang-github-tidwall-gjson — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-35380 CVE-2020-36066 CVE-2020-36067 CVE-2021-42836 Upstream summary: GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON. Table of contents Symptom & Impact Environment & […]

Read more
Debian 11 — mapproxy — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — mapproxy — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-1000426 Upstream summary: MapProxy version 1.10.3 and older is vulnerable to a Cross Site Scripting attack in the demo service resulting in possible information disclosure. Table of contents […]

Read more
Debian 11 — sope — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — sope — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-53603 Upstream summary: In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via a request in which a parameter in the […]

Read more
Debian 11 — botan — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — botan — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-12435 CVE-2018-20187 CVE-2018-9127 CVE-2018-9860 CVE-2021-24115 CVE-2021-40529 CVE-2022-43705 CVE-2024-34702  +7 more Upstream summary: Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the […]

Read more
Debian 11 — aodh — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — aodh — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-12440 Upstream summary: Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when […]

Read more
Debian 11 — libblockdev — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — libblockdev — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-6019 Upstream summary: A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions […]

Read more
Debian 11 — ecryptfs-utils — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — ecryptfs-utils — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-5188 CVE-2009-1296 CVE-2011-1831 CVE-2011-1832 CVE-2011-1833 CVE-2011-1834 CVE-2011-1835 CVE-2011-1836  +6 more Upstream summary: The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs […]

Read more
Debian 11 — php-guzzlehttp-psr7 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — php-guzzlehttp-psr7 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-24775 CVE-2023-29197 Upstream summary: guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in […]

Read more
Debian 11 — mah-jong — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — mah-jong — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0705 CVE-2003-0706 CVE-2004-0458 Upstream summary: Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code. Table of contents Symptom & Impact Environment & Reproduction […]

Read more
Debian 11 — docopt.cpp — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — docopt.cpp — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-67125 Upstream summary: A signed integer overflow in docopt.cpp v0.6.2 (LeafPattern::match in docopt_private.h) when merging occurrence counters (e.g., default LONG_MAX + first user "-v/–verbose") can cause counter wrap […]

Read more
CHAT