-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5945-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 20, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : konsole CVE ID : CVE-2025-49091 Dennis Dast discovered that the Konsole terminal emulator insecurely handled the telnet URI scheme, which could result in the execution of arbitrary code in some configurations. For the stable distribution (bookworm), this problem has been fixed in version 4:22.12.3-1+deb12u1. We recommend that you upgrade your konsole packages. For the detailed security status of konsole please refer to its security tracker page at: https://security-tracker.debian.org/tracker/konsole Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmhVuEkACgkQEMKTtsN8 TjZXZQ/+N3pnubXqC7YVpgRz1Ys9BuYnQMTiePu3r5a27cok+TcCI+iLc7yCgK9q 0ruai5Re5/wG278KVHmYnFiWHvnN/7/SDkW6zZuFInis2h1haZM6uMMiLFT3AqIe 4KaYIv4g6fvOLbfuLoew3GsWTiFNAV8Cet6hr6IBSjm9CQYnRRfRNxfhjwtu+E7B efeLX3ELY5eyTsAJ4LyVNO5Hei8rwnxDOeJGaZNmBVLR4LzmIwrfTITUaTCz1sh/ njrkJZJxMfw26T0cAIxePAYia9L7X7swUIKPpvhkGFrCNtM8RomuL5h3W93Qnvch c2hfJAH8n4DoTgLdXlF42xzJDwt8HhIsIWOol25Yy7H82MImQUuBy8rIRhIUBaHU Hf0n+BWUQhni7h3Ryb8h9BN+RpvfFJ1wpuDnKiuNDRGzXrq6VabY5AtzgvdDUOGR KMdf9BRvh55++qtzQtZoJh7rDW8+CRcxFObhgseUUL74V7Dsto2GNiBB5EUoYvo1 w0eq53ajNrQnQa+uLdTfsEjF78OFg93Ht/0aYD0fMvfU1aMcVMFa7kAWbzFa5GZJ vjwdQGP6WHy8aV9YpfzZDK+fJRvuyJg7WHZ+qzq4VEtQAG/3rHkTj/JEa7BUoAyN KPU8ORkwA96IAuBV7wngPGqjTzNhdxAnBcznxzHOWtgWkuAM8i4= =FPY9 -----END PGP SIGNATURE-----