It was discovered that a buffer overflow in the implementation of AES Key Wrap with Padding in the openssl extension of PHP, a widely-used open source general purpose scripting language, could result in memory corruption. For the stable distribution (trixie), this problem has been fixed in
Multiple security vulnerabilities were discovered in OpenVPN, which could result in denial of service. For the stable distribution (trixie), these problems have been fixed in version 2.6.14-1+deb13u3. We recommend that you upgrade your openvpn packages.
Multiple security issues have been discovered in FastNetMon, a fast DDoS analyzer: TLS connections were insufficently validated and malformed Netflow/sFlow traffic could result in denial of service. For the stable distribution (trixie), these problems have been fixed in version 1.2.9-0+deb13u1.
Multiple vulnerabilities were discoverd in Nginx, a high-performance web and reverse proxy server, which could result in remote code execution, denial of service or memory disclosure. For the stable distribution (trixie), these problems have been fixed in version 1.26.3-3+deb13u7.
Multiple security issues were discovered in LXD, a system container and virtual machine manager, which could result in a bypass of security restrictions or the execution of arbitrary commands. For the stable distribution (trixie), these problems have been fixed in version 5.0.2+git20231211.1364ae4-9+deb13u7.