Debian 12 Bookworm

Debian 12 — jbig2dec — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — jbig2dec — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-8729 CVE-2016-9601 CVE-2017-7885 CVE-2017-7975 CVE-2017-7976 CVE-2017-9216 CVE-2020-12268 CVE-2023-46361 Upstream summary: An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF […]

Read more
Debian 12 — libpgjava — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libpgjava — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-10936 CVE-2020-13692 CVE-2022-21724 CVE-2022-26520 CVE-2022-31197 CVE-2022-41946 CVE-2024-1597 CVE-2026-42198 Upstream summary: A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and […]

Read more
Debian 12 — picolibc — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — picolibc — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-14871 CVE-2019-14872 CVE-2019-14873 CVE-2019-14874 CVE-2019-14876 CVE-2019-14877 CVE-2019-14878 CVE-2021-3420 Upstream summary: The REENT_CHECK macro (see newlib/libc/include/sys/reent.h) as used by REENT_CHECK_TM, REENT_CHECK_MISC, REENT_CHECK_MP and other newlib macros in versions prior […]

Read more
Debian 12 — libelfin — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libelfin — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-24821 CVE-2020-24822 CVE-2020-24823 CVE-2020-24824 CVE-2020-24825 CVE-2020-24826 CVE-2020-24827 CVE-2023-24180 Upstream summary: A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) […]

Read more
Debian 12 — apache-jena — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — apache-jena — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-33192 CVE-2021-39239 CVE-2022-28890 CVE-2022-45136 CVE-2023-22665 CVE-2023-32200 CVE-2025-49656 CVE-2025-50151 Upstream summary: A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on […]

Read more
Debian 12 — arm-trusted-firmware — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — arm-trusted-firmware — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-47630 CVE-2023-49100 CVE-2024-5660 CVE-2024-6285 CVE-2024-6287 CVE-2024-6563 CVE-2024-6564 CVE-2024-7881 Upstream summary: Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects […]

Read more
Debian 12 — amanda — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — amanda — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-0901 CVE-2016-10729 CVE-2016-10730 CVE-2022-37703 CVE-2022-37704 CVE-2022-37705 CVE-2023-30577 Upstream summary: Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary […]

Read more
Debian 12 — freeciv — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — freeciv — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2006-0047 CVE-2006-3913 CVE-2010-2445 CVE-2012-5645 CVE-2012-6083 CVE-2022-39047 CVE-2026-33250 Upstream summary: packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted […]

Read more
Debian 12 — id3lib3.8.3 — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — id3lib3.8.3 — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-4460 Upstream summary: The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file […]

Read more
Debian 12 — apr-util — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — apr-util — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-0023 CVE-2009-1955 CVE-2009-1956 CVE-2009-2412 CVE-2010-1623 CVE-2017-12618 CVE-2022-25147 Upstream summary: The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service […]

Read more
CHAT