Dnsmasq, strongSwan, Chromium, and Jackson-core updates for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian released a batch of security advisories to patch critical flaws across four widely used packages. The dnsmasq update addresses multiple heap overflow and DNSSEC validation bugs that could allow attackers to inject false cache entries or trigger denial of service attacks. strongSwan patches a double free flaw that could crash the daemon. Chromium and Jackson-core also need urgent updates to stop arbitrary code execution and crash attacks, so system owners must deploy these patches immediately.

[DLA 4625-1] dnsmasq security update
[DSA 6330-1] strongswan security update
[DSA 6337-1] chromium security update
[DSA 6336-1] jackson-core security update

Liquorix Linux Kernel 7.0-13 Fixes Thunderbolt Stack Overflows and Graphics Freezes

Debian 10950 Ubuntu 7118 Arch Linux 967 Published by Philipp Esselbach 0

Steven Barrett pushes Liquorix Linux Kernel 7.0-13 based on Kernel 7.0.12 to squash memory leaks, fix Thunderbolt property parsing race conditions, and clean up AMD and Intel graphics drivers. The update routes out of memory failures through proper cleanup paths and adds a hard recursion limit to prevent crafted peer devices from collapsing the kernel stack. Desktop users running external monitors or heavy GPU workloads will notice fewer random freezes and cleaner frame timing across interactive applications.

OpenSSL, Poppler, Mistral, and Okular updates for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian issued a series of security advisories to address serious flaws in several key software packages. The OpenSSL updates tackle numerous vulnerabilities that could lead to denial of service or remote code execution, while Poppler receives patches to prevent data leaks and application crashes. Meanwhile, the Mistral workflow engine gets fixed for broken access controls, and Okular addresses a critical issue that could allow arbitrary code execution when opening damaged fax files.

[DLA 4624-1] openssl security update
[DSA 6335-1] openssl security update
[DSA 6334-1] poppler security update
[DSA 6333-1] mistral security update
[DSA 6332-1] okular security update

XanMod Kernel 6.18.35 LTS and 7.0.12 on Debian-Based Systems for Smoother Desktop Performance

Debian 10950 Ubuntu 7118 Published by Philipp Esselbach 0

The XanMod Kernel 6.18.35 LTS and 7.0.12 drop into Debian-based systems with a heavy focus on fixing memory leaks in USB and Bluetooth drivers while tightening networking stack bounds checking. Official repositories make the five-minute installation straightforward, though users must register the GPG key and add the correct distribution codename before running the package manager. Systems relying on external kernel modules need the dkms and build dependency packages installed first to prevent driver compilation failures after the reboot. Verifying hardware detection and proprietary graphics modules on the first boot prevents silent failures, and the automated repository updates keep the optimized scheduler and memory tweaks current without manual intervention.

Tomcat 10, Tomcat 11, Jackson Core, libxml2, and Keystone updates for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian system administrators should immediately apply security patches for Tomcat 10, Tomcat 11, Jackson Core, libxml2, and Keystone to address numerous critical vulnerabilities. Attackers could exploit these flaws to bypass authorization controls, expose sensitive data, or trigger denial of service conditions through malicious XML and JSON inputs. Fixed package versions are now available across both stable and extended maintenance releases, though upgrading related libraries might be necessary to prevent build failures. System operators must verify their current software versions and follow the official Debian tracking pages to ensure all identified CVEs are properly resolved on their servers.

[DSA 6329-1] tomcat11 security update
[DSA 6328-1] tomcat10 security update
[DLA 4623-1] jackson-core security update
[DLA 4622-1] libxml2 security update
[DSA 6331-1] keystone security update

Apache2, Glibc, Nginx, Chromium, and Request Tracker updates for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian administrators received a batch of urgent security advisories targeting several widely used software packages. The patches address severe vulnerabilities across Apache2, the GNU C Library, Request Tracker, Nginx, and Chromium that could allow attackers to crash systems, execute malicious code, or steal sensitive information. System operators should prioritize upgrading to the recommended versions right away to close these dangerous attack vectors. These fixes span both extended support and current stable releases to maintain security across different Debian environments.

[DLA 4620-1] apache2 security update
ELA-1752-1 apache2 security update
[DLA 4621-1] glibc security update
[DSA 6327-1] request-tracker4 security update
[DSA 6326-1] nginx security update
[DSA 6325-1] chromium security update

Dovecot, Apache2, Request Tracker5, and Tomcat9 updates for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian administrators must upgrade Dovecot, Request Tracker5, Apache2, and Tomcat9 to address a wave of critical vulnerabilities. These security advisories patch dangerous flaws ranging from denial of service crashes and path traversal errors to authentication bypasses and cross site scripting risks. Each package requires specific version updates tailored to either the oldstable or stable Debian releases, with some upgrades also demanding compatible native library revisions. System operators should verify their current configurations before applying these patches to ensure uninterrupted service across all affected components.

ELA-1751-1 dovecot security update
[DSA 6324-1] request-tracker5 security update
[DSA 6323-1] apache2 security update
[DLA 4619-1] tomcat9 security update

PHP 8.4.22/8.5.7 Packages for Debian Stable: JIT and OpenSSL Fixes

Debian 10950 Published by Philipp Esselbach 0

Ondřej Surý just pushed PHP 8.4.22/8.5.7 packages for Debian Bullseye, Bookworm, and Trixie, bringing much needed stability fixes to the tracing JIT and OpenSSL 4.0 compatibility layers. The update also patches several URI parsing vulnerabilities and cleans up error reporting in the intl and date extensions so your scripts stop throwing cryptic constant names at you. Getting it onto a Debian machine means adding the debsury.org source, refreshing the package index, and running a standard apt install without breaking older PHP versions that might still be in use. Once installed, verifying the active version and checking opcache behavior will keep background jobs from crashing when they hit unexpected interrupts.

Haveged, Exim4, Gsasl, and Dovecot updates for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian Long Term Support has released urgent security advisories addressing critical vulnerabilities across several widely used packages including haveged, exim4, gsasl, and dovecot. Security researchers uncovered dangerous weaknesses ranging from a credential validation bug that enables local privilege escalation to malformed proxy frame processing that leaks confidential information. Additional flaws within the authentication library and email client introduce denial of service risks alongside potential data exposure caused by weak input validation and flawed access control mechanisms

[DLA 4616-1] haveged security update
[DLA 4615-1] exim4 security update
ELA-1749-1 exim4 security update (by )
[DLA 4618-1] gsasl security update
[DLA 4617-1] dovecot security update
ELA-1750-1 gsasl security update (by )

Sudo, GIMP, and FRRouting updates for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian and Freexian have released urgent security patches addressing critical vulnerabilities across sudo, GIMP, and FRRouting. The updated sudo package resolves a privilege escalation flaw that occurs when error handling fails during user permission drops before mail execution. Older GIMP releases now include fixes for dangerous buffer flaws that could allow attackers to trigger crashes or run malicious code through corrupted image files. System administrators should immediately upgrade FRRouting to patch numerous routing protocol weaknesses that expose BGP, OSPF, and babeld daemons to remote code execution and denial of service attacks.

[DLA 4614-1] sudo security update
ELA-1748-1 gimp security update (by )
ELA-1747-1 gimp security update (by )
[DSA 6322-1] frr security update

Ceph and Corosync update for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian and Freexian have released urgent security advisories addressing critical flaws in both the Ceph distributed storage platform and the Corosync cluster engine. The Ceph update resolves multiple vulnerabilities that could enable privilege escalation or information disclosure across several distribution branches. Meanwhile, the Corosync patch fixes two distinct network weaknesses that allow unauthenticated attackers to trigger denial of service attacks using crafted UDP packets. Administrators should apply these package upgrades immediately and consult official security trackers for comprehensive version details.

[DSA 6321-1] ceph security update
ELA-1746-1 corosync security update

XanMod Kernel 6.18.34 LTS and 7.0.11 Upgrade Delivers Faster Desktop Performance for Debian Systems

Debian 10950 Ubuntu 7118 Published by Philipp Esselbach 0

XanMod just released kernels 6.18.34 LTS and 7.0.11 for Debian and Ubuntu systems, packing in scheduler tweaks, memory management upgrades, and network stack improvements that keep desktops responsive under heavy loads. The update ships with Google's multigenerational LRU framework as the default, while Cloudflare's TCP collapse and BBRv3 congestion control handle data traffic more efficiently. Users can install it through standard APT commands, but anyone relying on NVIDIA drivers, OpenZFS, or virtualization tools should grab DKMS dependencies first since those modules often lag behind new kernel releases. The developers also bundled AMD V-Cache optimizations and Steam Deck hardware support, making this a solid upgrade for workstation and gaming builds that need consistent performance without the stock kernel bloat.

Yelp, PHP-Twig, and Extended Linux Kernels for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian and Freexian just rolled out urgent security advisories targeting several widely used software packages alongside older kernel releases. The Yelp help browser finally closes a dangerous loophole where malicious documents could silently exfiltrate user files or break through sandbox protections, while the PHP-Twig template engine gets patched against multiple code injection and cross-site scripting threats. Administrators running legacy Debian branches need to prioritize upgrading their Linux kernel installations because both version 6.1 and version 5.10 now resolve dozens of newly disclosed vulnerabilities that could easily lead to privilege escalation or unexpected system crashes. You should check the official security tracker pages for your specific distribution branch before running package updates on any affected machines.

[DSA 6319-1] yelp security update
[DSA 6320-1] php-twig security update
ELA-1739-1 linux-6.1 security update
ELA-1738-1 linux-5.10 security update

Liquorix Linux Kernel 7.0-12 Cuts Input Lag for Desktop Gaming and Audio Workflows

Debian 10950 Ubuntu 7118 Arch Linux 967 Published by Philipp Esselbach 0

The Liquorix Linux Kernel 7.0-12 drops straight onto Debian and Arch systems to strip away default scheduling delays that usually make desktops feel sluggish during live audio mixing or fast-paced gaming. Stock kernels often stutter when background updates hijack CPU cycles, so this patched build tightens interrupt handling and frequency scaling to keep frame pacing smooth. Running the official curl script pulls precompiled binaries and configures the bootloader automatically, though users should always keep a fallback kernel handy since real-time tuning occasionally breaks proprietary graphics stacks. Swap it out when raw responsiveness matters more than broad hardware compatibility and let the system handle interactive workloads without waiting for background tasks to catch up.

Python aiohttp, ImageMagick, Node.js, p7zip, GStreamer, and Symfony updates for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian and Freexian have issued urgent security advisories addressing severe vulnerabilities across several widely used software packages including python-aiohttp, ImageMagick, Node.js, p7zip, GStreamer plugins, and the Symfony framework. These updates patch numerous common vulnerability exposures that could allow attackers to trigger remote code execution, exhaust system memory, bypass authentication controls, or crash services through malformed inputs. Administrators managing legacy Debian distributions should prioritize applying these patches immediately since many of the flaws involve critical path traversal issues and unhandled network frame errors. Regular maintenance cycles remain essential for keeping production environments secure against rapidly evolving exploit techniques.

[DLA 4613-1] python-aiohttp security update
ELA-1741-1 imagemagick security update
ELA-1734-1 nodejs security update
ELA-1744-1 p7zip-rar security update
ELA-1743-1 p7zip-rar update
ELA-1742-1 p7zip security update
[DSA 6318-1] gst-plugins-good1.0 security update
[DSA 6317-1] symfony security update
ELA-1745-1 imagemagick security update

Symfony, Chromium, Git LFS, Keystone, and Dovecot updates for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian released multiple security advisories addressing numerous vulnerabilities across popular software packages. The updates patch critical flaws in Symfony, Chromium, Git LFS, Sentry Python, Keystone, Cyborg, Swift, and Dovecot that could allow attackers to execute arbitrary code, bypass authentication, or steal sensitive data. System administrators should immediately apply the recommended package upgrades to their Debian stable and long term support environments to prevent potential exploitation. Detailed version information and tracking links are provided in the official advisories for each affected component.

[DSA 6312-1] symfony security update
[DLA 4610-1] git-lfs security update
[DLA 4612-1] sentry-python security update
[DLA 4611-1] keystone security update
[DSA 6316-1] chromium security update
[DSA 6315-1] cyborg security update
[DSA 6314-1] swift security update
[DSA 6313-1] dovecot security update

Linux Kernel, ImageMagick, and Nginx Security Updates for Debian

Debian 10950 Published by Philipp Esselbach 0

System administrators managing Debian LTS environments should prioritize these critical patches for the Linux kernel versions 6.1 and 5.10, which address dozens of newly discovered flaws that could otherwise trigger privilege escalation or expose sensitive data. The ImageMagick update specifically targets Debian 11 users by closing multiple security gaps that malicious actors might exploit through carefully crafted image files to execute arbitrary code or crash the application entirely. Meanwhile, the Nginx release tackles a wide array of module-specific vulnerabilities ranging from heap buffer overflows in MP4 handling to dangerous memory leaks within SMTP authentication workflows. Deploying these updates without delay remains essential for protecting web infrastructure against increasingly sophisticated network attacks and unauthorized access attempts.

ELA-1739-1 linux-6.1 security update (by )
ELA-1738-1 linux-5.10 security update (by )
[DLA 4609-1] imagemagick security update
ELA-1740-1 nginx security update (by )

Update libexif, Corosync, PHP Twig, ImageMagick, Linux Kernel, and Exim4 to Patch Critical CVEs in Debian

Debian 10950 Published by Philipp Esselbach 0

Recent Debian security advisories address multiple critical vulnerabilities across essential system packages including libexif, corosync, php-twig, imagemagick, the Linux kernel, and exim4. Attackers could exploit these flaws to trigger application crashes or leak sensitive memory data through malformed inputs. The updates resolve dozens of tracked CVEs by patching integer overflows, improper input validation, and protocol handling errors that previously left systems exposed. System administrators should immediately apply the recommended package upgrades to their Debian stable environments before malicious actors can leverage these weaknesses.

ELA-1737-1 libexif security update (by )
[DLA 4608-1] corosync security update
[DSA 6311-1] php-twig security update
[DSA 6310-1] imagemagick security update
[DLA 4607-1] linux-6.1 security update
[DLA 4606-1] linux security update
[DSA 6309-1] exim4 security update

Patches for Linux Kernel, Roundcube, krb5, and more for Debian

Debian 10950 Published by Philipp Esselbach 0

Debian issued a comprehensive security update to patch critical flaws across multiple essential software packages. The Linux kernel receives fixes for privilege escalation and information disclosure vulnerabilities while krb5 and nghttp2 address remote denial of service risks. Web infrastructure faces serious threats from newly disclosed cross site scripting and SQL injection bugs in Roundcube alongside authentication bypass issues in lemonldap ng and python flask httpauth. Administrators should apply these patches immediately to prevent unauthorized access and system compromise across their networks.

[DLA 4603-1] krb5 security update
ELA-1735-1 nghttp2 security update
[DLA 4604-1] roundcube security update
[DSA 6308-1] nagios4 security update
[DLA 4602-1] lemonldap-ng security update
[DLA 4605-1] python-flask-httpauth security update
[DSA 6307-1] kitty security update
[DSA 6306-1] linux security update
[DSA 6305-1] linux security update

Unbound, Varnish, Starlette, Roundcube, Erlang updates for Debian

Debian 10950 Published by Philipp Esselbach 0

Recent security advisories address critical flaws in several widely used Debian packages like unbound, varnish, starlette, roundcube, and erlang. Attackers could exploit these weaknesses to trigger denial of service attacks, poison DNS caches, bypass authentication checks, or inject malicious code directly into affected systems. Patches have already been rolled out for older stable releases and current testing branches to resolve the listed CVE identifiers.

[DSA 6304-1] unbound security update
[DSA 6303-1] varnish security update
[DSA 6302-1] starlette security update
[DSA 6301-1] roundcube security update
ELA-1736-1 erlang security update (by )

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...