Richmond wrote: > Dan Ritter <d...@randomstring.org> writes: > > > Richmond wrote: > >> Is there anything that can be done to mitigate against the vulnerability > >> which is apparently according to Bleeping Computer being exploited > >> arbitrary code execution? I looked into upgrading that package to the > >> testing version but I think it would cause problems. > >> > > > > > > https://security-tracker.debian.org/tracker/CVE-2025-27363 > > > > It's being tracked. Expect a fix in a few days. > > > > Thanks. Do you think preventing pages from loading their own fonts (in > firefox) would stop the attack?
I think it's almost always a good idea, unless you are dependent on multiple languages and hate the Noto fonts. -dsr-
