This update provides the upstream 6.1.24 maintenance release that fixes atleast the following security vulnerabilities: An easily exploitable vulnerability in the Oracle VM VirtualBox (component: Core) prior to 6.1.24 allows high privileged attacker with logon to the
Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system (CVE-2021-34825). Also, the default IRC server has been changed from Freenode to Libera Chat, as
filezilla embeds a PuTTY client that was vulnerable: PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client) (CVE-2020-14002).