Debian Linux Security Advisory 5626-1 - It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against PDNS Recursor, a resolving name server.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5626-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffFebruary 18, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : pdns-recursorCVE ID         : CVE-2023-50387 CVE-2023-50868It was discovered that malformed DNSSEC records within a DNS zone couldresult in denial of service against PDNS Recursor, a resolvingname server.For the stable distribution (bookworm), these problems have been fixed inversion 4.8.6-1.We recommend that you upgrade your pdns-recursor packages.For the detailed security status of pdns-recursor please refer toits security tracker page at:https://security-tracker.debian.org/tracker/pdns-recursorFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXSMZcACgkQEMKTtsN8TjaCXA//RzokD4ns3XxUhHK3Q3i2KDp1Y1c2sbZzSRXw0Lw7K8xrCqZDksURciCkThiKqF+F3sKHaRt2Agj99DwWJ7fC+BuHJ0s73yRsrKX7HL6At/z1XE+Cw4UU775c3pydDoS+hTfLGbSLgnpdKg7do/u9uZ29tMpTWv6QpNl5mF0irsKnbYdz9XEe9SaJnlj5tpBYhptZP4AlmDXbWr4tIjx01X3JWOqKbsT8/08JYqd0AcKlihsqs4Wv1ggBmRBo4/1YjPD3ONgqrswikehbd9dMtzyFIJy6Yjo/HxVe1RnQH39rx4PzdkezP9MX4Ug6a2vzcqy3E3kGBgetQ6e7FETnV+94XFN2UfUtmBWjiTmU84k3+isgb8Xe+liFFVx86OZbUlkQ+tRgsNHw3uSsJf+5J3kr9Bacs4xdvZXxMSz5JrG484/YUd1wHVb3S/bv0vC7/BLhletXBhoz3MBa0m7qntNFexJyYoe2AYD1WLTfl10IuiZwpO6lnolj2XIIulORIhi72TdC4L7ZE6/fZr3XilMA4Y06ODlAQw3hpwf66YcOjuTC2lgrqoX09zyGrO3j729rW/O5JASnSR5jFv6eXV9a+YEqN7f6vgTjiE0GABpAdQ8CSp95WVLis51UtQ37FZdPp27/2lCFAd4UMnrJmDnVpsPTVFyNjQoBuKYdf8Y==rNYz-----END PGP SIGNATURE-----

Debian Security Advisory 5626-1

Debian Linux Security Advisory 5624-1 - Mate Kukri discovered the Debian build of EDK2, a UEFI firmware implementation, used an insecure default configuration which could result in Secure Boot bypass via the UEFI shell.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5624-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffFebruary 14, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : edk2CVE ID         : CVE-2023-48733Mate Kukri discovered the Debian build of EDK2, a UEFI firmwareimplementation, used an insecure default configuration which could resultin Secure Boot bypass via the UEFI shell.This updates disables the UEFI shell if Secure Boot is used.For the oldstable distribution (bullseye), this problem has been fixedin version 2020.11-2+deb11u2.For the stable distribution (bookworm), this problem has been fixed inversion 2022.11-6+deb12u1. This update also addresses several securityissues in the ipv6 network stack (CVE-2022-36763, CVE-2022-36764,CVE-2022-36765, CVE-2023-45230, CVE-2023-45229, CVE-2023-45231,CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235)We recommend that you upgrade your edk2 packages.For the detailed security status of edk2 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/edk2Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXNGWIACgkQEMKTtsN8TjaBVg/8D3psWKk7kf9Ht+2Bbfsp5cN63qKRPAXTDjGELCp+98Dd7CUaZnCCxA4wW0xAqWdHWkx+PbgyLJ3aPzttL//yk3ZIBEXl6pw/o2jicFlf7ds1zlJFZJbfl63hVb9cJCjrgnPgH6SLfQeHckad5876LE78xl5mukRyL3ZWeSHOBRavFvct14H2qDAMquXtQKHtw6NOVc3ZciSHbBhjNG+hhPJL0eZ6HSDf2MI5ulYjMcNwgVm7jEwOGq4lVUowCNbJ71PzI5T26H2HqDkQTCFEEZJzjt3PDStVT7hnhVpbUqtvJxjHYruuWzPIFwpjIyA9LkQqP4CRVgK/6+FeuE/F28iUkrStXzPYAXPUzJ7GWSFfz16ViyuUJf6spWpMhcruIwBnH1iLQt68hFodiCcJeQaim3u3cQfFsE4YvlTPzj9NddoBzXsCdG81EfeFH9/J1iEkKxQ76Ocw8TiLhVe2C09MVqIKCB9YDf1ESR6TaBV7Hdx0Dh7XOVc9+symHPmLP/0Bt7rIQXCi/aYz96qtl5/wHSWiEWRCogSUOJ05OEF+/QJqWWIrim4Z9RMW9BZCGJBaUi83Ye+HUdxjnZkpT5kMiEH2y7CY85R5fuBMn4GC8gf66hcxT4milzLMpt/jtdH3h0J9MKFq85TlPf9pxGAF/o3Neg5KtSmYVKqbkIs=yQYY-----END PGP SIGNATURE-----

Debian Security Advisory 5624-1

Debian Linux Security Advisory 5623-1 - It was discovered that a late privilege drop in the "REFRESH MATERIALIZED VIEW CONCURRENTLY" command could allow an attacker to trick a user with higher privileges to run SQL commands with these permissions.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5623-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
February 14, 2024                     https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : postgresql-15  
CVE ID         : CVE-2024-0985

It was discovered that a late privilege drop in the "REFRESH MATERIALIZED  
VIEW CONCURRENTLY" command could allow an attacker to trick a user with  
higher privileges to run SQL commands with these permissions.

For the stable distribution (bookworm), this problem has been fixed in  
version 15.6-0+deb12u1.

We recommend that you upgrade your postgresql-15 packages.

For the detailed security status of postgresql-15 please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/postgresql-15

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXNGWEACgkQEMKTtsN8  
TjaTTA/9HOtLP5LdqTGsquzchn+w+V3WH/WqapW1lw0FZ6UbihaV5E+v1ssef7ty  
Fyr+LsvD7g2gjE6YE+ABGxrYy67rnZWh79TWSK77ReXwzT8Ccz87itxrvUgkVelo  
d0fRlQKWPAtlYOgKAEUcflHzATrf9XJmcr8TdCtISVHAn7kWpdv+kwWUrvp7ZAVm  
Q1rBvTMZKPkP6GRvrSii51FlKaPa8JFmdu9LIPy1WR/ynipxdx3wn/R+hmZ2SHFN  
18KmBd5vAmG8WyvYWGrWx2IntguW0oqC6Lo9pdqgsbC3Uve8RnGfnqP+tLwsB44Q  
82C7uOX3EGDJEAonMXSrgu3jO1v9rjfHF0Gh2Ji6TNmqXwx4bxsMWC6qgqKap4mS  
Y0htECp9juezF9/aaT5zKMynXOpF7U0YmWU5uNW83PZNHJvULYof3SjHvqfnAL6Z  
ZxA5TYcAvm2xD/FFsjzJiLC+hDTCD/nm1R6W/em0qWL7EKhifJFUGjSo5GT8jtc/  
d3dLHPEXAk/SLeXtnSvLmsHIM3T+hl7cmWl37D4tg3XvyztgGC1Blbama81bTAEO  
uj0/ZE+UiMJC2ORywlJljlTlgbaHljBwc3S+H6vaPIDOstDtZLZf46o/x/A2fC97  
Pe59M7w8Salwdp7HZTOIkhFz4cdyMKMb/yd/3jZN9M2jdj6KVao=suSm  
-----END PGP SIGNATURE-----

Debian Security Advisory 5623-1

Debian Linux Security Advisory 5622-1 - It was discovered that a late privilege drop in the "REFRESH MATERIALIZED VIEW CONCURRENTLY" command could allow an attacker to trick a user with higher privileges to run SQL commands with these permissions.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5622-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
February 14, 2024                     https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : postgresql-13  
CVE ID         : CVE-2024-0985

It was discovered that a late privilege drop in the "REFRESH MATERIALIZED  
VIEW CONCURRENTLY" command could allow an attacker to trick a user with  
higher privileges to run SQL commands with these permissions.

For the oldstable distribution (bullseye), this problem has been fixed  
in version 13.14-0+deb11u1.

We recommend that you upgrade your postgresql-13 packages.

For the detailed security status of postgresql-13 please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/postgresql-13

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXNGV8ACgkQEMKTtsN8  
TjYPYBAAlJuqv8akj+o9j/7gYbpr2LNymLYvhDuHDtHjMMSoT5zBYxCMtKtgc84v  
aEFLrm+1CAejvV+8kOTN8cbFF2CSacfFKDV2/9JJY/dxKZ50QL92QNPnZ6aq7KeM  
/iX8Sqp58dey+/VyNy9S8Mv2fVRN8g7UprR+hBKNyqtMAW7np+C5LUgOLYJc4Iqc  
DPHTTAcMKSYn5vCCQrF7QbCKEzT9KDena7xax6HPR+8F5EI0TIBXL97naslyoLKK  
oHrZPDl7hDUxw+IBYfpcMHZWQCSpCP50OUDnZBcPVRCatbki6pDdM6lymXhDWxbh  
uRlBAUmuPRozP8qrfh+m2EBb2aRDz2QJlmehrY8J+j0tM0dJi1dX34SSqLd3nFyZ  
/24KZoNwkAXbb+OBZD1jsu1IMxWvZm3QhlGRUXnXF7AyJiKQDaOz2b1W9B19Fmm3  
z6bQaEbgGf0MTtT/IpEwDMqGrnkl210KA/qVl1gFSbLETGjPh0rLY8ANuKNLGuDs  
1yPEULUBm0G7ZO7JgjlfMvZLlbNotz0Jl5jKr0uGdT+q8H8NxDUT7UJlDiUNDXm0  
D0LK1vzhr86fGRW9lG8a+OntOpnHPrWbFi5mVTIcuPmd6ekIvOCTeAg6dLliuLcf  
fFlWOUD20Xxsz8M0Xkd4NEAod67bk4NWzbHA0XSVa6M0z2u1lok=Kp2y  
-----END PGP SIGNATURE-----

Debian Security Advisory 5622-1

Debian Linux Security Advisory 5621-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5621-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffFebruary 14, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : bind9CVE ID         : CVE-2023-4408 CVE-2023-5517 CVE-2023-5679 CVE-2023-6516                  CVE-2023-50387 CVE-2023-50868Several vulnerabilities were discovered in BIND, a DNS serverimplementation, which may result in denial of service.For the oldstable distribution (bullseye), these problems have been fixedin version 1:9.16.48-1.For the stable distribution (bookworm), these problems have been fixed inversion 1:9.18.24-1.We recommend that you upgrade your bind9 packages.For the detailed security status of bind9 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/bind9Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXMcl8ACgkQEMKTtsN8TjZIvg//cFDic8ui1mjgizp0lnhPN3ckeYRMWPVXCdq6MZR8JOOB5q2EGd+dBhDmTOI2ZCPXzjmFRywwkAVowf5iGVT9cczSXyUUr773w4B9MdYAvVc/RZOZVQtz/45w/qnj+sx7drh71ffkQmGf6xJz1hj6NwBK6faprNmyA81gTVvoE2aDBfY5d2gRa0m/xKSVbO+DN2Tmh9wAMqXyf+pSQjUNopllUaEo1otLP1TRA/5LnL2UrLiCt0B7Jn9q3QdrYDS9hke9+p9uuoWEIpS/oiNlxnL2bxE4CdAWy93J6qllSUfJo4RQbIcgySCrdESH7fvCk3walvIkq6mQldB6M5JDUYrY/j0IkA/HptIx3R3+CbBJYu/5ark7/XHVKaTzw5aoerv8JK8NljRlXuG86r/lTjRmObr7WiHBssxgsenfrGcAyXQoKusRwZASgbzh6CiZmg9Ihaqf1DixQ5R/9G/qlyQWDIfXVpevmyBmYPHKymIK2fMHjXTqF/6xBzwzmuKQJGm4Gf4X9gYmvMNx9gh6dqK+hJf6/3ifzuZ4Wx5XMp2ZnlRBENvVfzF/Kk07ej+1UE8QcYAdNSynXQqFmo5+kfGHemtZRmKzqECPJoVYFSWJ09FTXsXo/8je0wDkgZfhuaQ7lhfiXEztFz2dmzOrlc18NUSXyaWhzQFHqP53fQc==mhef-----END PGP SIGNATURE-----

Debian Security Advisory 5621-1

Debian Linux Security Advisory 5620-1 - Two vulnerabilities were discovered in unbound, a validating, recursive, caching DNS resolver. Specially crafted DNSSEC answers could lead unbound down a very CPU intensive and time costly DNSSEC (CVE-2023-50387) or NSEC3 hash (CVE-2023-50868) validation path, resulting in denial of service.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5620-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoFebruary 14, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : unboundCVE ID         : CVE-2023-50387 CVE-2023-50868Debian Bug     : 1063845Two vulnerabilities were discovered in unbound, a validating, recursive,caching DNS resolver. Specially crafted DNSSEC answers could leadunbound down a very CPU intensive and time costly DNSSEC(CVE-2023-50387) or NSEC3 hash (CVE-2023-50868) validation path,resulting in denial of service.Details can be found athttps://nlnetlabs.nl/downloads/unbound/CVE-2023-50387_CVE-2023-50868.txtFor the oldstable distribution (bullseye), these problems have been fixedin version 1.13.1-1+deb11u2.For the stable distribution (bookworm), these problems have been fixed inversion 1.17.1-2+deb12u2.We recommend that you upgrade your unbound packages.For the detailed security status of unbound please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/unboundFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmXMYixfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0TxMxAAmy00/kTKXoaX+YGFHPIZmwdtP/eQnx9SreT40TrvASi7O5d/LKQUhMpYfEPqekyPCmfa/XkFZZVecyaNInoeyuf2olpQ5+gTgZMoxllccCFWqyO+TVhJtobf8iJttIwwdGYToH/tENr2Ady2Rgg5oy8WILF/5F2bckn2dgQAWUw4Tl7K9rkCf1JryO4KJGhXtNpaQZJnvX5dmwm7gDwkXsc9j85diRTRUF14IaMiiPKUpcxmogOGDYJcvY6lBFdLOfmzo1f3BO8SzNV+G0h7kCn/7w9RdpOWqTQoZHdT6IkT0YsZzLuJ0bVyoLWxi8Kh4fdAbEiyffVk0kLOWUmup9hckUSIXQktvOK6koFecm01W8OBzQ/HsB/DNExfo1l7GjAaAv+EkQHMdkiMqdoLI4oduuBxa2nFdCpDESaTN7Li6S0JtVc1YUu+UKHido3J0/U4xleL8sPPupJ2yVwOmbkeqK3hxH0J+e/uDT6mfrZ0moEEjOyAper8lqu4TS7rSK0e6/nNQs8dEEcoQQL1B3HXyXqjOBcMM4A1wPkJib8j2use64/+vIz69tMflOwUxBirQ/J4PGLWTQmIoxF6NNzqTWgeFMIuq1NXIy7t3TPIIgW3+VWsNJwKAe8HGZITdiBpGdSDFEa5qYKtiYQS6NxSx/fzyYNlfv7rUzrSNgQ==m2j/-----END PGP SIGNATURE-----

Debian Security Advisory 5620-1

Debian Linux Security Advisory 5619-1 - Two vulnerabilities were discovered in libgit2, a low-level Git library, which may result in denial of service or potentially the execution of arbitrary code.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5619-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffFebruary 09, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : libgit2CVE ID         : CVE-2024-24577 CVE-2024-24575Two vulnerabilities were discovered in libgit2, a low-level Git library,which may result in denial of service or potentially the execution ofarbitrary code.For the oldstable distribution (bullseye), this problem has been fixedin version 1.1.0+dfsg.1-4+deb11u2.For the stable distribution (bookworm), this problem has been fixed inversion 1.5.1+ds-1+deb12u1.We recommend that you upgrade your libgit2 packages.For the detailed security status of libgit2 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/libgit2Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXGeNgACgkQEMKTtsN8TjatpBAAtY1nwqlQFnE//mah+rLfyeOtoM0XutnWZasAALawlg6h9RKMaOy7R1D3MKk5o4i5U7KqQih6YtCTy4JDfgZzJ+kCVXD5uEWEW6qRZGnEMXYtgrAUkG7VNCcGMwGei4nQFf1ZyCsP1ShaWyXa/sVkLtVYvqrWdXRSxf9p5Ky3lQh3cd9GXK3sWUbnzF3UK0ZFkocEmIX4qLE60s1bMQb/IrlgXguSutMqC5EHiVRhBvINmf3zC+ggLvk5fNre4rKns7RizMrkBKYFVwCeCXaBtKYhyE7T3otWu5mGsanE1c7aGTZDIH9HpRsT1JR9W5XI5HcDusajDJNy5v+Wl2/ohIfB3kECsfPITVql832X5DtqSNazNLA0RnYuAOa+7wElLrh6X2yFrahViOmie4smfc97LznpPhAXqy++jxnnYDTLUK/BCX3bIp5RkCTz5s6fsi64/2SO9KQscw+zKzKHSrIuPU42JYxfpo17kVDWfhU0mUbyygKFQmSKUQndaGUYpLXk7Iv4aoAXXRlWjV21uxxByKziDfHalTfthp2BjTmVdEutD/cc6Uwk9OJFnCMPBat07l4HlOypv0iYddNj7HVqOvgQz7NUuYLuDvC8VwdLgy4XyI8HnKmFOpMv04eqbwbTnv8uKvvvFMOMLWUEkS081a5tHmdVx0mJWInRW5k==ixWD-----END PGP SIGNATURE-----

Debian Security Advisory 5619-1

Debian Linux Security Advisory 5618-1 - Vulnerabilities have been discovered in the WebKitGTK web engine. An anonymous researcher discovered that a maliciously crafted webpage may be able to fingerprint the user. Wangtaiyu discovered that processing web content may lead to arbitrary code execution. Apple discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5618-1                   security@debian.org  
https://www.debian.org/security/                           Alberto Garcia  
February 08, 2024                     https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : webkit2gtk  
CVE ID         : CVE-2024-23206 CVE-2024-23213 CVE-2024-23222

The following vulnerabilities have been discovered in the WebKitGTK  
web engine:

CVE-2024-23206

    An anonymous researcher discovered that a maliciously crafted  
    webpage may be able to fingerprint the user.

CVE-2024-23213

    Wangtaiyu discovered that processing web content may lead to  
    arbitrary code execution.

CVE-2024-23222

    Apple discovered that processing maliciously crafted web content  
    may lead to arbitrary code execution. Apple is aware of a report  
    that this issue may have been exploited.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 2.42.5-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 2.42.5-1~deb12u1.

We recommend that you upgrade your webkit2gtk packages.

For the detailed security status of webkit2gtk please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/webkit2gtk

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmXFXGQACgkQAAyEYu0C  
2AJWJA//fFEMVOvrgBf8I2Nnz37Bm/jR4IRM52osjsI6I23tjJ1vA9UR7Y/03QGN  
qOzfOsb6wcRGZfYdEy945N6vf/XN3opl44ApyJ6RHStbQ8EuTw+IXVSKs49x6FBC  
P7glTc3I4R5gYpOKDwc/jQwkB6VeCYPq0LeqgVNx2/Ja0eJ3KUEjXo+yYJbowRj+  
oiR9R+WKIEnz7BdxMbOLrlHc9CpR3UynozFprFha8bKNlyJAq/hwsO546NgYnSQH  
+n/hAad1NDvcptljLHrXjw/GYTVc2lEGoFFr8H8EDVdWrtzSlecHenthIxfjoKL9  
4eWGvilyZJGAKvtlaNRCFNorHTsAcqRUYhDT87TNScU+ONwdk3tdl9d4F/CcTylA  
7ZQGQ1OQk2f5h/E2Ns1CD0KE64+Qv4Eima/A7VNDKc2hXPNavaekIbziVKEJ4r+m  
ypJrJDm+RLeOcDKuyxfz6REQvAOinjMnfPQhMXRCdk4vz3RXl9bEpoao35C2rtLe  
HcL3/tg24hOooj6NJYQRuiKfmrZKhHivNrg4QJ/71Y1/JXtlmLiol6h8nfKKvb19  
ObFGbF27htKmSGXR3Oig5tQWcjhnbH4CSqXoTOYwDPRgb9dutViclKu605A97Fm5  
l5U0fyIT8mwkN/thk8KOE1AtNC2n90Y9Yx/gBPFRypHN+CBQCbY=  
=Lfkz  
-----END PGP SIGNATURE-----

Debian Security Advisory 5618-1

Debian Linux Security Advisory 5617-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5617-1                   security@debian.orghttps://www.debian.org/security/                           Andres SalomonFebruary 08, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2024-1283 CVE-2024-1284Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bookworm), these problems have been fixed inversion 121.0.6167.160-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIyBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmXEllwACgkQZF0CR8NudjcIrQ/4nDJyajY62INMkRpAFjT9a7+IDO5ozl2IcYf7+Jz11HhZmc891MSHbnFEVeZfaCFGmt6Xo9WRwvDlkDjAiQ7jA571PoNE8cF3oaLpD6+6/oj2apUpD7LkTNaviWRct19zRflJyhehYl2oxR7A0Yi6GTvGtn+azkhoqYTSw9WWdFzKNI1wmpID0bxp+CgtzZmVkDCa0WFM4MP2C+IdGWzhBTc9+7VggO91ATAwHscSJ/2D3jJVJMVP8vKqla6QJabGwo7N3wRE3aB3YybluhvYWzhaOmf8oNavwFarEwrEhm5siJWadkte7OlZeusBfONZVircFx4zqfYqilyCLx384qlKyRtjwMwiTE/vk61xm3dl6AV5mUIbyVu4FUIVTftBBE0mwW055ncDCEy3FgEc3ZRxFdvolcWJhONt6f8jAn6iOfH82nQ8SfVmgpQPP2eKLHT/l9IT9T0blJYlNIjXM1T4IjMZvtFb7KUp9rP/T2UDDKwxR8ahs0/EC7FubjjzhnmZFAe/L2xFlM612Fl+C+6mgqUH0oS0TF6CLmWH1gNuXUFjiyVL+zkQA7Fcp6iiUdhSrEAz8y+Igv0Ty2n06xRxkUF3t1SG6XxAxbKW3BuyEz5B9fivLh9KzXGiXWHrvpTHvNYMuKPXeOM9QvcFKhzXLvcWRpirgC22ca7JNA===+kgA-----END PGP SIGNATURE-----

Debian Security Advisory 5617-1

Debian Linux Security Advisory 5616-1 - It was discovered that ruby-sanitize, a whitelist-based HTML sanitizer, insufficiently sanitized style elements, which may result in cross-site scripting.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5616-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffFebruary 05, 2024                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : ruby-sanitizeCVE ID         : CVE-2023-36823It was discovered that ruby-sanitize, a whitelist-based HTML sanitizer,insufficiently sanitised <style> elements, which may result incross-site scripting.For the oldstable distribution (bullseye), this problem has been fixedin version 5.2.1-2+deb11u1.For the stable distribution (bookworm), this problem has been fixed inversion 6.0.0-1.1+deb12u1.We recommend that you upgrade your ruby-sanitize packages.For the detailed security status of ruby-sanitize please refer toits security tracker page at:https://security-tracker.debian.org/tracker/ruby-sanitizeFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXBWGUACgkQEMKTtsN8TjZKxRAAmKe0iFtImy6hV4qVVAAWxtWArqFhQlMS6SDiBdkkN+0Ep3QMnBX1DKdqHYjtaKSaSr6ho6oWtmQQc4YQfVze+EwQfCQKERYenoJtYS1ljsfrmMpnF6dmonOJzG5W9nf/8JVqmUwwmVCEGtATPBWu7SqLb5zkKqh6zPyf853bNBAqjE6z+CbWaYEkCkIsfe7euOOW3zIIF2GiYCZBEkM9HieehyZdDVOlwTsIlMiELU5BX1eAFAdyBZhoky88c2N4a0uSE8WWXoaNJN5T55sAv1DdqQF0sqfWxOXmmhcu6xbpif4Qh82CO58awW+m/DUHwqSr5pSey2AlThamV0H9CvKOkhZZWQ67ew9HpDEd2AW9aOv0TKuCMGBXqovvSHjvmAI6Jg4VlFe1rD9yFXEhvB5A34/9mh3IRKSk01jrGXIkDqYGPYGEbAle/qGwrTQvUou/js5flST87i3YYh0J8+WzldtVt42jr4RbjcvVefe+sQA8G0ILEgM/+CYjMjSjefnJkTEjGOix522D/qukpBimLjPL+/28Vk41PzF8+q4t665oqpNFHaaGTlrjnoo0HXAxKDpSoK6LbclQGmPjRDe/CFBEUj7tAY5IUXt4yiNLlil3bCCAM5czlnVx3V1Cs236JTwVjR1YFtPUf5/tL7cLyPeelQWenHQ/YJDf4dk==5owE-----END PGP SIGNATURE-----

Tag

#debian