Debian 12 Bookworm

Debian 12 — chicken — multiple vulnerabilities (17 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — chicken — multiple vulnerabilities (17 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-6122 CVE-2012-6123 CVE-2012-6124 CVE-2012-6125 CVE-2013-1874 CVE-2013-2024 CVE-2013-4385 CVE-2014-3776  +9 more Upstream summary: Buffer overflow in the thread scheduler in Chicken before 4.8.0.1 allows attackers to cause a denial […]

Read more
Debian 12 — android-platform-external-libunwind — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — android-platform-external-libunwind — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-3239 Upstream summary: Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes. Table of contents […]

Read more
Debian 12 — php-horde-trean — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — php-horde-trean — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-12095 CVE-2020-8865 Upstream summary: Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the […]

Read more
Debian 12 — libemail-address-perl — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libemail-address-perl — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-0477 CVE-2014-4720 CVE-2015-7686 CVE-2018-12558 Upstream summary: The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a […]

Read more
Debian 12 — bash — multiple vulnerabilities (16 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — bash — multiple vulnerabilities (16 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-5374 CVE-2012-3410 CVE-2012-6711 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186  +8 more Upstream summary: bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? […]

Read more
Debian 12 — rear — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — rear — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-23301 Upstream summary: Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable […]

Read more
Debian 12 — libgwenhywfar — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libgwenhywfar — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-7542 Upstream summary: A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates. Table of contents Symptom & Impact Environment & Reproduction […]

Read more
Debian 12 — lxdm — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — lxdm — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-8308 Upstream summary: LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections. Table of contents Symptom & […]

Read more
Debian 12 — python-jwcrypto — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — python-jwcrypto — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-6298 CVE-2023-6681 CVE-2024-28102 CVE-2026-39373 Upstream summary: The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which […]

Read more
Debian 12 — pyjwt — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — pyjwt — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-11424 CVE-2022-29217 CVE-2025-45768 CVE-2026-32597 Upstream summary: In PyJWT 1.5.0 and below the `invalid_strings` check in `HMACAlgorithm.prepare_key` does not account for all PEM encoded public keys. Specifically, the PKCS1 […]

Read more
CHAT