Debian 12 Bookworm

Debian 12 — acl — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — acl — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-4411 Upstream summary: The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the –physical (aka […]

Read more
Debian 12 — rust-ammonia — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — rust-ammonia — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-38193 Upstream summary: An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are […]

Read more
Debian 12 — spamass-milter — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — spamass-milter — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-1132 Upstream summary: The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the expand option, allows remote attackers to execute arbitrary system commands via shell […]

Read more
Debian 12 — pmount — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — pmount — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-2192 Upstream summary: The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/. Table […]

Read more
Debian 12 — cluster-glue — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — cluster-glue — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-2496 Upstream summary: stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack […]

Read more
Debian 12 — python-nbxmpp — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — python-nbxmpp — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-41055 Upstream summary: Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted XMPP Last Message Correction (XEP-0308) message […]

Read more
Debian 12 — cvxopt — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — cvxopt — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-41500 Upstream summary: Incomplete string comparison vulnerability exits in cvxopt.org cvxop <= 1.2.6 in APIs (cvxopt.cholmod.diag, cvxopt.cholmod.getfactor, cvxopt.cholmod.solve, cvxopt.cholmod.spsolve), which allows attackers to conduct Denial of Service attacks […]

Read more
Debian 12 — libbpf — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libbpf — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-45940 CVE-2021-45941 CVE-2022-3533 CVE-2022-3534 CVE-2022-3606 CVE-2025-29481 Upstream summary: libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c). Table of […]

Read more
Debian 12 — libapache-authenhook-perl — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libapache-authenhook-perl — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-3845 Upstream summary: libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error log. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]

Read more
Debian 12 — libnet-cidr-perl — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libnet-cidr-perl — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-4456 Upstream summary: Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions `addr2cidr` and `cidrlookup` may return […]

Read more
CHAT