Debian 12 Bookworm

Debian 12 — git-extras — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — git-extras — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-6114 Upstream summary: The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort. Table of […]

Read more
Debian 12 — fontforge — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — fontforge — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-4259 CVE-2017-11568 CVE-2017-11569 CVE-2017-11570 CVE-2017-11571 CVE-2017-11572 CVE-2017-11573 CVE-2017-11574  +12 more Upstream summary: Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application […]

Read more
Debian 12 — clutter-1.0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — clutter-1.0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-2190 CVE-2015-3213 Upstream summary: The translate_hierarchy_event function in x11/clutter-device-manager-xi2.c in Clutter, when resuming the system, does not properly handle XIQueryDevice errors when a device has "disappeared," which causes […]

Read more
Debian 12 — poetry-core — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — poetry-core — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-36069 Upstream summary: Poetry is a dependency manager for Python. When handling dependencies that come from a Git repository instead of a registry, Poetry uses various commands, such […]

Read more
Debian 12 — openjpa — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — openjpa — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-1768 Upstream summary: The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization […]

Read more
Debian 12 — gambas3 — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — gambas3 — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-1809 Upstream summary: Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. Table […]

Read more
Debian 12 — libemail-address-list-perl — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libemail-address-list-perl — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-1474 CVE-2018-18898 Upstream summary: Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service (CPU […]

Read more
Debian 12 — logilab-common — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — logilab-common — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-1838 CVE-2014-1839 Upstream summary: The (1) extract_keys_from_pdf and (2) fill_pdf functions in pdf_ext.py in logilab-commons before 0.61.0 allows local users to overwrite arbitrary files and possibly have other […]

Read more
Debian 12 — powerline-gitstatus — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — powerline-gitstatus — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-42906 Upstream summary: powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary […]

Read more
Debian 12 — pdfresurrect — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — pdfresurrect — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-14267 CVE-2019-14934 CVE-2020-20740 CVE-2020-9549 CVE-2021-3508 Upstream summary: PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled. Table […]

Read more
CHAT