Apache2, Glibc, Nginx, Chromium, and Request Tracker updates for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian administrators received a batch of urgent security advisories targeting several widely used software packages. The patches address severe vulnerabilities across Apache2, the GNU C Library, Request Tracker, Nginx, and Chromium that could allow attackers to crash systems, execute malicious code, or steal sensitive information. System operators should prioritize upgrading to the recommended versions right away to close these dangerous attack vectors. These fixes span both extended support and current stable releases to maintain security across different Debian environments.

[DLA 4620-1] apache2 security update
ELA-1752-1 apache2 security update
[DLA 4621-1] glibc security update
[DSA 6327-1] request-tracker4 security update
[DSA 6326-1] nginx security update
[DSA 6325-1] chromium security update

Dovecot, Apache2, Request Tracker5, and Tomcat9 updates for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian administrators must upgrade Dovecot, Request Tracker5, Apache2, and Tomcat9 to address a wave of critical vulnerabilities. These security advisories patch dangerous flaws ranging from denial of service crashes and path traversal errors to authentication bypasses and cross site scripting risks. Each package requires specific version updates tailored to either the oldstable or stable Debian releases, with some upgrades also demanding compatible native library revisions. System operators should verify their current configurations before applying these patches to ensure uninterrupted service across all affected components.

ELA-1751-1 dovecot security update
[DSA 6324-1] request-tracker5 security update
[DSA 6323-1] apache2 security update
[DLA 4619-1] tomcat9 security update

PHP 8.4.22/8.5.7 Packages for Debian Stable: JIT and OpenSSL Fixes

Debian 10945 Published by Philipp Esselbach 0

Ondřej Surý just pushed PHP 8.4.22/8.5.7 packages for Debian Bullseye, Bookworm, and Trixie, bringing much needed stability fixes to the tracing JIT and OpenSSL 4.0 compatibility layers. The update also patches several URI parsing vulnerabilities and cleans up error reporting in the intl and date extensions so your scripts stop throwing cryptic constant names at you. Getting it onto a Debian machine means adding the debsury.org source, refreshing the package index, and running a standard apt install without breaking older PHP versions that might still be in use. Once installed, verifying the active version and checking opcache behavior will keep background jobs from crashing when they hit unexpected interrupts.

Haveged, Exim4, Gsasl, and Dovecot updates for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian Long Term Support has released urgent security advisories addressing critical vulnerabilities across several widely used packages including haveged, exim4, gsasl, and dovecot. Security researchers uncovered dangerous weaknesses ranging from a credential validation bug that enables local privilege escalation to malformed proxy frame processing that leaks confidential information. Additional flaws within the authentication library and email client introduce denial of service risks alongside potential data exposure caused by weak input validation and flawed access control mechanisms

[DLA 4616-1] haveged security update
[DLA 4615-1] exim4 security update
ELA-1749-1 exim4 security update (by )
[DLA 4618-1] gsasl security update
[DLA 4617-1] dovecot security update
ELA-1750-1 gsasl security update (by )

Sudo, GIMP, and FRRouting updates for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian and Freexian have released urgent security patches addressing critical vulnerabilities across sudo, GIMP, and FRRouting. The updated sudo package resolves a privilege escalation flaw that occurs when error handling fails during user permission drops before mail execution. Older GIMP releases now include fixes for dangerous buffer flaws that could allow attackers to trigger crashes or run malicious code through corrupted image files. System administrators should immediately upgrade FRRouting to patch numerous routing protocol weaknesses that expose BGP, OSPF, and babeld daemons to remote code execution and denial of service attacks.

[DLA 4614-1] sudo security update
ELA-1748-1 gimp security update (by )
ELA-1747-1 gimp security update (by )
[DSA 6322-1] frr security update

Ceph and Corosync update for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian and Freexian have released urgent security advisories addressing critical flaws in both the Ceph distributed storage platform and the Corosync cluster engine. The Ceph update resolves multiple vulnerabilities that could enable privilege escalation or information disclosure across several distribution branches. Meanwhile, the Corosync patch fixes two distinct network weaknesses that allow unauthenticated attackers to trigger denial of service attacks using crafted UDP packets. Administrators should apply these package upgrades immediately and consult official security trackers for comprehensive version details.

[DSA 6321-1] ceph security update
ELA-1746-1 corosync security update

XanMod Kernel 6.18.34 LTS and 7.0.11 Upgrade Delivers Faster Desktop Performance for Debian Systems

Debian 10945 Ubuntu 7112 Published by Philipp Esselbach 0

XanMod just released kernels 6.18.34 LTS and 7.0.11 for Debian and Ubuntu systems, packing in scheduler tweaks, memory management upgrades, and network stack improvements that keep desktops responsive under heavy loads. The update ships with Google's multigenerational LRU framework as the default, while Cloudflare's TCP collapse and BBRv3 congestion control handle data traffic more efficiently. Users can install it through standard APT commands, but anyone relying on NVIDIA drivers, OpenZFS, or virtualization tools should grab DKMS dependencies first since those modules often lag behind new kernel releases. The developers also bundled AMD V-Cache optimizations and Steam Deck hardware support, making this a solid upgrade for workstation and gaming builds that need consistent performance without the stock kernel bloat.

Yelp, PHP-Twig, and Extended Linux Kernels for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian and Freexian just rolled out urgent security advisories targeting several widely used software packages alongside older kernel releases. The Yelp help browser finally closes a dangerous loophole where malicious documents could silently exfiltrate user files or break through sandbox protections, while the PHP-Twig template engine gets patched against multiple code injection and cross-site scripting threats. Administrators running legacy Debian branches need to prioritize upgrading their Linux kernel installations because both version 6.1 and version 5.10 now resolve dozens of newly disclosed vulnerabilities that could easily lead to privilege escalation or unexpected system crashes. You should check the official security tracker pages for your specific distribution branch before running package updates on any affected machines.

[DSA 6319-1] yelp security update
[DSA 6320-1] php-twig security update
ELA-1739-1 linux-6.1 security update
ELA-1738-1 linux-5.10 security update

Liquorix Linux Kernel 7.0-12 Cuts Input Lag for Desktop Gaming and Audio Workflows

Debian 10945 Ubuntu 7112 Arch Linux 966 Published by Philipp Esselbach 0

The Liquorix Linux Kernel 7.0-12 drops straight onto Debian and Arch systems to strip away default scheduling delays that usually make desktops feel sluggish during live audio mixing or fast-paced gaming. Stock kernels often stutter when background updates hijack CPU cycles, so this patched build tightens interrupt handling and frequency scaling to keep frame pacing smooth. Running the official curl script pulls precompiled binaries and configures the bootloader automatically, though users should always keep a fallback kernel handy since real-time tuning occasionally breaks proprietary graphics stacks. Swap it out when raw responsiveness matters more than broad hardware compatibility and let the system handle interactive workloads without waiting for background tasks to catch up.

Python aiohttp, ImageMagick, Node.js, p7zip, GStreamer, and Symfony updates for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian and Freexian have issued urgent security advisories addressing severe vulnerabilities across several widely used software packages including python-aiohttp, ImageMagick, Node.js, p7zip, GStreamer plugins, and the Symfony framework. These updates patch numerous common vulnerability exposures that could allow attackers to trigger remote code execution, exhaust system memory, bypass authentication controls, or crash services through malformed inputs. Administrators managing legacy Debian distributions should prioritize applying these patches immediately since many of the flaws involve critical path traversal issues and unhandled network frame errors. Regular maintenance cycles remain essential for keeping production environments secure against rapidly evolving exploit techniques.

[DLA 4613-1] python-aiohttp security update
ELA-1741-1 imagemagick security update
ELA-1734-1 nodejs security update
ELA-1744-1 p7zip-rar security update
ELA-1743-1 p7zip-rar update
ELA-1742-1 p7zip security update
[DSA 6318-1] gst-plugins-good1.0 security update
[DSA 6317-1] symfony security update
ELA-1745-1 imagemagick security update

Symfony, Chromium, Git LFS, Keystone, and Dovecot updates for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian released multiple security advisories addressing numerous vulnerabilities across popular software packages. The updates patch critical flaws in Symfony, Chromium, Git LFS, Sentry Python, Keystone, Cyborg, Swift, and Dovecot that could allow attackers to execute arbitrary code, bypass authentication, or steal sensitive data. System administrators should immediately apply the recommended package upgrades to their Debian stable and long term support environments to prevent potential exploitation. Detailed version information and tracking links are provided in the official advisories for each affected component.

[DSA 6312-1] symfony security update
[DLA 4610-1] git-lfs security update
[DLA 4612-1] sentry-python security update
[DLA 4611-1] keystone security update
[DSA 6316-1] chromium security update
[DSA 6315-1] cyborg security update
[DSA 6314-1] swift security update
[DSA 6313-1] dovecot security update

Linux Kernel, ImageMagick, and Nginx Security Updates for Debian

Debian 10945 Published by Philipp Esselbach 0

System administrators managing Debian LTS environments should prioritize these critical patches for the Linux kernel versions 6.1 and 5.10, which address dozens of newly discovered flaws that could otherwise trigger privilege escalation or expose sensitive data. The ImageMagick update specifically targets Debian 11 users by closing multiple security gaps that malicious actors might exploit through carefully crafted image files to execute arbitrary code or crash the application entirely. Meanwhile, the Nginx release tackles a wide array of module-specific vulnerabilities ranging from heap buffer overflows in MP4 handling to dangerous memory leaks within SMTP authentication workflows. Deploying these updates without delay remains essential for protecting web infrastructure against increasingly sophisticated network attacks and unauthorized access attempts.

ELA-1739-1 linux-6.1 security update (by )
ELA-1738-1 linux-5.10 security update (by )
[DLA 4609-1] imagemagick security update
ELA-1740-1 nginx security update (by )

Update libexif, Corosync, PHP Twig, ImageMagick, Linux Kernel, and Exim4 to Patch Critical CVEs in Debian

Debian 10945 Published by Philipp Esselbach 0

Recent Debian security advisories address multiple critical vulnerabilities across essential system packages including libexif, corosync, php-twig, imagemagick, the Linux kernel, and exim4. Attackers could exploit these flaws to trigger application crashes or leak sensitive memory data through malformed inputs. The updates resolve dozens of tracked CVEs by patching integer overflows, improper input validation, and protocol handling errors that previously left systems exposed. System administrators should immediately apply the recommended package upgrades to their Debian stable environments before malicious actors can leverage these weaknesses.

ELA-1737-1 libexif security update (by )
[DLA 4608-1] corosync security update
[DSA 6311-1] php-twig security update
[DSA 6310-1] imagemagick security update
[DLA 4607-1] linux-6.1 security update
[DLA 4606-1] linux security update
[DSA 6309-1] exim4 security update

Patches for Linux Kernel, Roundcube, krb5, and more for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian issued a comprehensive security update to patch critical flaws across multiple essential software packages. The Linux kernel receives fixes for privilege escalation and information disclosure vulnerabilities while krb5 and nghttp2 address remote denial of service risks. Web infrastructure faces serious threats from newly disclosed cross site scripting and SQL injection bugs in Roundcube alongside authentication bypass issues in lemonldap ng and python flask httpauth. Administrators should apply these patches immediately to prevent unauthorized access and system compromise across their networks.

[DLA 4603-1] krb5 security update
ELA-1735-1 nghttp2 security update
[DLA 4604-1] roundcube security update
[DSA 6308-1] nagios4 security update
[DLA 4602-1] lemonldap-ng security update
[DLA 4605-1] python-flask-httpauth security update
[DSA 6307-1] kitty security update
[DSA 6306-1] linux security update
[DSA 6305-1] linux security update

Unbound, Varnish, Starlette, Roundcube, Erlang updates for Debian

Debian 10945 Published by Philipp Esselbach 0

Recent security advisories address critical flaws in several widely used Debian packages like unbound, varnish, starlette, roundcube, and erlang. Attackers could exploit these weaknesses to trigger denial of service attacks, poison DNS caches, bypass authentication checks, or inject malicious code directly into affected systems. Patches have already been rolled out for older stable releases and current testing branches to resolve the listed CVE identifiers.

[DSA 6304-1] unbound security update
[DSA 6303-1] varnish security update
[DSA 6302-1] starlette security update
[DSA 6301-1] roundcube security update
ELA-1736-1 erlang security update (by )

Samba, Node-Shell-Quote, Kdenlive, ImageMagick, Memcached updates for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian released several security advisories to address critical flaws across multiple widely used software packages. The updates target vulnerabilities in Samba, node-shell-quote, Kdenlive, ImageMagick, and Memcached that could allow attackers to execute arbitrary code, inject shell commands, or steal sensitive authentication information through various exploit methods. Each advisory provides specific patched versions for older stable releases as well as current distributions, ensuring administrators can apply the necessary fixes without disrupting their systems.

[DSA 6297-1] samba security update
[DSA 6300-1] node-shell-quote security update
[DSA 6299-1] kdenlive security update
[DSA 6298-1] imagemagick security update
[DLA 4601-1] memcached security update
ELA-1733-1 memcached security update

Jq, Snip, Postorius updates for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian released three security advisories to address critical flaws in popular open source software. The jq parser now includes patches for heap corruption issues that could allow attackers to execute arbitrary code or crash applications. Meanwhile the spip website engine and postorius mailing list interface received fixes for remote execution risks and a malicious script injection flaw respectively. System administrators should apply these package updates right away to keep their Debian systems secure and stable.

[DLA 4599-1] jq security update
[DSA 6296-1] spip security update
[DLA 4600-1] postorius security update

NodeJS and GnuTLS updates for Debian

Debian 10945 Published by Philipp Esselbach 0

Debian just issued a Node.js update that fixes several vulnerabilities capable of crashing servers or leaking private data. GnuTLS received an extended support patch covering dangerous flaws in TLS processing, certificate validation, and token management. These releases target older Debian distributions like Bullseye, Stretch, and Buster to stop heap overruns and authentication bypasses. You really should install them right away before attackers exploit these known weaknesses.

[DLA 4598-1] nodejs security update
ELA-1732-1 gnutls28 security update

Liquorix Linux Kernel 7.0-11 released

Debian 10945 Ubuntu 7112 Arch Linux 966 Published by Philipp Esselbach 0

The Liquorix Linux Kernel 7.0-11 builds on the stable 7.0.10 base to deliver tighter scheduler tuning and real-time patches aimed at audio production and gaming performance. Desktop users will notice fewer buffer underruns during recording sessions and more consistent frame delivery because the kernel prioritizes foreground tasks over background noise. Installing it on Debian or Arch systems is as simple as running a single curl script, though proprietary drivers like Nvidia may still need manual recompilation after rebooting. Testing the update in a safe environment first keeps things from breaking when hardware quirks inevitably show up.

XanMod Kernel 7.0.10 and 6.18.33 LTS released

Debian 10945 Ubuntu 7112 Published by Philipp Esselbach 0

XanMod just dropped kernels 7.0.10 and 6.18.33 LTS to give Debian and Ubuntu systems a noticeable performance bump without requiring manual patching. The builds ship with LLVM ThinLTO, Google multigenerational LRU, BBRv3 networking, and an AMD 3D V-Cache driver that handles modern hardware quirks better than stock options. Installing them through the official APT repository is straightforward, but users should keep a fallback boot entry handy since proprietary drivers like NVIDIA or VirtualBox often break until maintainers catch up. Heavy workloads and sustained multitasking run noticeably smoother, though casual desktop users might find the extra tuning unnecessary compared to standard kernel stability.

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...