Debian Security Fixes

The Debian Project has officially launched Debian 12.8, the latest point release of Debian 12 “Bookworm” series. This update, the seventh ISO release in the Bookworm series, brings several security...

SUSE researchers discovered a critical vulnerability in a PAM module of the Oath Toolkit, a popular software suite that provides One-Time Password (OTP). This vulnerability (CVE-2024-47191) allows malicious actors to...

The Common UNIX Printing System (CUPS) is a widely used open-source printing system, prevalent on Linux and UNIX-like operating systems such as FreeBSD, NetBSD, and OpenBSD. While CUPS provides essential...

Multiple security vulnerabilities were identified in PHP, a widely-used open source general purpose scripting language which could compromise the security and integrity of web applications. These vulnerabilities include incorrect parsing...

Linux kernel vulnerabilities are critical threats that can compromise the stability and security of Linux-based systems. In 2024, several new vulnerabilities have emerged, some of which may lead to memory...

A recent discovery has highlighted significant security risks within the widely used Expat XML parsing C library. Security researcher Shang-Hung Wan identified three critical Expat vulnerabilities that could potentially lead...

A recently discovered flaw in OpenSSL, identified as CVE-2024-6119, could potentially lead to denial-of-service (DoS) attacks on applications that rely on OpenSSL for certificate validation. This article explores the specifics...

The Debian Project has officially released Debian 12.7, the latest point release in the Debian GNU/Linux 12 “Bookworm” series. It arrives just two months after the previous release, Debian 12.6, as...

A recent discovery has exposed critical vulnerabilities in the Dovecot mail server, potentially allowing attackers to exploit the IMAP implementation and disrupt service. These vulnerabilities, identified as CVE-2024-23184 and CVE-2024-23185,...

A serious vulnerability has been discovered in the widely used wpa_supplicant package, potentially leaving millions of devices at risk. This flaw, tracked as CVE-2024-5290, poses a significant risk of privilege...

krb5, the MIT implementation of Kerberos, is a widely used protocol for network authentication. Recently, two critical vulnerabilities have been discovered in the GSS message token handling in krb5, which...