Here are the latest security advisories for the Debian Linux distribution:

• DSA-5889-1 firefox-esr - security update
  Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. https://security-tracker.debian.org/tracker/DSA-5889-1
• DSA-5888-1 ghostscript - security update
  Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed. https://security-tracker.debian.org/tracker/DSA-5888-1
• DSA-5887-1 exim4 - security update
  It was discovered that a use-after-free vulnerability in Exim4, a mail transport agent, may result in privilege escalation for a local attacker. https://security-tracker.debian.org/tracker/DSA-5887-1
• DSA-5886-1 ruby-rack - security update
  Multiple security issues were found in Rack, an interface for developing web applications in Ruby, which could result in log injection or information disclosure. https://security-tracker.debian.org/tracker/DSA-5886-1
• DSA-5885-1 webkit2gtk - security update
  The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2024-44192 Tashita Software Security discovered that processing maliciously crafted web content may lead to an unexpected process crash. CVE-2024-54467 Narendra Bhati discovered that a malicious website may exfiltrate data cross-origin. CVE-2025-24201 Apple discovered that maliciously crafted web content may be able to break out of Web Content sandbox. https://security-tracker.debian.org/tracker/DSA-5885-1
• DSA-5884-1 libxslt - security update
  Ivan Fratric discovered two use-after-free vulnerabilities in libxslt, an XSLT processing runtime library, which may result in the execution of arbitrary code if a specially crafted files are processed. https://security-tracker.debian.org/tracker/DSA-5884-1
• DSA-5883-1 mercurial - security update
  A cross-site scripting vulnerability was discovered in hgweb, the integrated stand-alone web interface of the Mercurial version control system. https://security-tracker.debian.org/tracker/DSA-5883-1
• DSA-5882-1 chromium - security update
  Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. https://security-tracker.debian.org/tracker/DSA-5882-1
• DSA-5881-1 rails - security update
  Multiple security issues were discovered in the Rails web framework which could result cross-site scripting, information disclosure, denial of service or bypass of content security policies. https://security-tracker.debian.org/tracker/DSA-5881-1
• DSA-5880-1 freetype - security update
  An out-of-bounds write vulnerability when attempting to parse font subglyph structures related to TrueType GX and variable font files was discovered in FreeType, which may result in the execution of arbitrary code when processing specially crafted fonts. https://security-tracker.debian.org/tracker/DSA-5880-1
• DSA-5879-1 opensaml - security update
  Alexander Tan discovered that the OpenSAML C++ library was susceptible to forging of signed SAML messages. For additional details please refer to the upstream advisory at https://shibboleth.net/community/advisories/secadv_20250313.txt https://security-tracker.debian.org/tracker/DSA-5879-1
• DSA-5878-1 php8.2 - security update
  Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or HTTP request smuggling. https://security-tracker.debian.org/tracker/DSA-5878-1
• DSA-5877-1 chromium - security update
  Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. https://security-tracker.debian.org/tracker/DSA-5877-1
• DSA-5876-1 thunderbird - security update
  Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. https://security-tracker.debian.org/tracker/DSA-5876-1
• DSA-5875-1 chromium - security update
  Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. https://security-tracker.debian.org/tracker/DSA-5875-1
• DSA-5874-1 firefox-esr - security update
  Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. https://security-tracker.debian.org/tracker/DSA-5874-1
• DSA-5873-1 libreoffice - security update
  Amel Bouziane-Leblond discovered that insufficient validation of "vnd.libreoffice.command" URI schemes could result in the execution of arbitrary macro commands. https://security-tracker.debian.org/tracker/DSA-5873-1
• DSA-5872-1 xorg-server - security update
  Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server, which may result in privilege escalation if the X server is running privileged. https://security-tracker.debian.org/tracker/DSA-5872-1
• DSA-5871-1 emacs - security update
  Two security vulnerabilities were discovered in Emacs: CVE-2024-53920 Elisp byte-compilation ('elisp-flymake-byte-compile') in the Flymake mode is now disabled for untrusted files. CVE-2025-1244 An incomplete escaping of shell meta characters in the man reader component could potentially result in the execution of arbitrary shell commands. Discovered by Maxim Nikulin. https://security-tracker.debian.org/tracker/DSA-5871-1
• DSA-5870-1 openh264 - security update
  A heap-based buffer overflow flaw in the decoding functions of openh264, a codec library which supports H.264 encoding and decoding, may allow a remote attacker to cause a denial of service or the execution of arbitrary code if a specially crafted video is processed. https://security-tracker.debian.org/tracker/DSA-5870-1
• More...