Several vulnerabilities were discovered in libXfont, the X11 font rasterisation library, which may result in arbitrary code execution in the X server context for authenticated X clients. For the stable distribution (trixie), these problems have been fixed in version 1:2.0.6-1+deb13u1.
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (trixie), these problems have been fixed in version 150.0.7871.114-1~deb13u1.
Kate Deplaix reported that .install file directives were insufficiently restricted in OPAM, a package manager for OCaml. Installing files through .install files did not check symlinks resolution on the target path, which could result in directory traversal out of the package area. For the stable distribution (trixie), this problem has been fixed in
Guillaume Winter discovered that pgextwlist, an extension for PostgreSQL implementing a whitelist mechanism for PostgreSQL extensions, was susceptible to SQL injection via crafted schema and user names. For the stable distribution (trixie), this problem has been fixed in version 1.19-1+deb13u1.
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (trixie), this problem has been fixed in version 150.0.7871.100-1~deb13u1.