Debian

Debian 12 — miniupnpd — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — miniupnpd — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-2600 CVE-2017-1000494 CVE-2019-12107 CVE-2019-12108 CVE-2019-12109 CVE-2019-12110 CVE-2019-12111 CVE-2026-5720 Upstream summary: MiniUPnPd has information disclosure use of snprintf() Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

Read more
Debian 13 — libsepol — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — libsepol — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 Upstream summary: The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper). Table of contents Symptom & Impact […]

Read more
Debian 11 — cyclonedds — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — cyclonedds — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-38441 CVE-2021-38443 Upstream summary: Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML […]

Read more
Debian 11 — xfsdump — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — xfsdump — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0173 CVE-2007-2654 Upstream summary: xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges. Table of contents Symptom & Impact […]

Read more
Debian 12 — bzflag — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — bzflag — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-4584 Upstream summary: BZFlag server 2.0.4 and earlier allows remote attackers to cause a denial of service (application crash) via a callsign that is not followed by a […]

Read more
Debian 13 — jpegoptim — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — jpegoptim — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-32325 CVE-2023-27781 Upstream summary: JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c. Table of contents Symptom & […]

Read more
Debian 13 — uglify-js — vulnerability — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — uglify-js — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-37598 Upstream summary: Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report. […]

Read more
Debian 11 — python-pysaml2 — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — python-pysaml2 — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-10127 CVE-2016-10149 CVE-2017-1000246 CVE-2017-1000433 CVE-2020-5390 CVE-2021-21238 CVE-2021-21239 Upstream summary: PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response. […]

Read more
Debian 11 — gnome-session — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — gnome-session — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-11171 Upstream summary: Bad reference counting in the context of accept_ice_connection() in gsm-xsmp-server.c in old versions of gnome-session up until version 2.29.92 allows a local attacker to establish […]

Read more
Debian 13 — patch — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — patch — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-4651 CVE-2014-9637 CVE-2015-1196 CVE-2015-1395 CVE-2015-1396 CVE-2015-1416 CVE-2016-10713 CVE-2018-1000156  +6 more Upstream summary: Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to […]

Read more
CHAT