Liquorix is a kernel replacement designed for desktop, multimedia, and gaming workloads, built with optimized configurations and sources for improved performance, and has been updated to the latest Linux kernel, 6.16.4. It features various tuning options and settings, including Zen Interactive Tuning, PDS/BMQ CPU Scheduler, High Resolution Scheduling, and Compressed Swap, among others. The Liquorix kernel is available for installation on Debian, Ubuntu, and Arch Linux systems through a simple install script or binary builds from the project's GitHub repository.
Debian Security Advisory DSA-5989-1 for Debian GNU/Linux 12 and 13 and Debian LTS advisories DLA 4285-1 and DLA 4284-1 for Debian GNU/Linux 11 LTS were issued to address security vulnerabilities in various packages. The udisks2 package was found to have an out-of-bounds read vulnerability (CVE-2025-8067) that could lead to denial of service or local privilege escalation, which has been fixed in versions 2.9.4-4+deb12u2 and 2.10.1-12.1+deb13u1 for the Bookworm and
Trixie distributions, respectively, as well as in version 2.9.2-2+deb11u3 for Debian 11 Bullseye. Additionally, an issue was found in golang-github-gin-contrib-cors (CVE-2019-25211) that could allow an attacker to circumvent CORS restrictions due to improper wildcard handling, which has been fixed in version 1.3.1-1+deb11u1 for Debian 11 Bullseye. It is recommended to upgrade the affected packages to fix these security vulnerabilities and prevent potential attacks.
[DSA 5989-1] udisks2 security update
[DLA 4285-1] golang-github-gin-contrib-cors security
[DLA 4284-1] udisks2 security update
Trixie distributions, respectively, as well as in version 2.9.2-2+deb11u3 for Debian 11 Bullseye. Additionally, an issue was found in golang-github-gin-contrib-cors (CVE-2019-25211) that could allow an attacker to circumvent CORS restrictions due to improper wildcard handling, which has been fixed in version 1.3.1-1+deb11u1 for Debian 11 Bullseye. It is recommended to upgrade the affected packages to fix these security vulnerabilities and prevent potential attacks.
[DSA 5989-1] udisks2 security update
[DLA 4285-1] golang-github-gin-contrib-cors security
[DLA 4284-1] udisks2 security update
Debian has released two security advisories: DSA-5988-1 for Chromium for Debian 12 (Bookworm) and 13 (Trixie) and DSA-5987-1 for Unbound for Debian 12 (Bookworm). The Chromium update fixes a vulnerability that could result in the execution of arbitrary code, denial of service, or information disclosure (CVE-2025-9478). The unbound update addresses multiple vulnerabilities, including denial of service and cache poisoning via the "rebirthday attack" (CVE-2024-8508, CVE-2024-33655, CVE-2025-5994). Users are recommended to upgrade their Chromium and unbound packages to fix these security issues.
[SECURITY] [DSA 5988-1] chromium security update
[SECURITY] [DSA 5987-1] unbound security update
[SECURITY] [DSA 5988-1] chromium security update
[SECURITY] [DSA 5987-1] unbound security update
A security update has been released for the node-cipher-base package in both Debian GNU/Linux 12 and 13. The vulnerability, identified as CVE-2025-9287, was discovered by Nikita Skorovoda and affects the Node cipher-base due to incomplete type checks. To fix this issue, users are advised to upgrade their node-cipher-base packages to version 1.0.4-6+deb12u1 for the oldstable distribution (Bookworm) or version 1.0.4-6+deb13u1 for the stable distribution (Trixie).
[DSA 5986-1] node-cipher-base security update
[DSA 5986-1] node-cipher-base security update
Multiple security updates have been released for Debian GNU/Linux, including fixes for vulnerabilities in FFmpeg, luajit, and Firebird database. The FFmpeg update addresses several CVEs that could lead to denial of service or arbitrary code execution if malformed files are processed. The luajit update resolves multiple issues that could result in denial of service, including type confusion, out-of-bounds reads, and stack-buffer overflows. Additionally, a security update has been released for the Firebird database, which fixes an XDR message parsing NULL pointer dereference issue (CVE-2025-54989).
Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1507-1 luajit security update
ELA-1506-1 firebird3.0 security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4283-1] luajit security update
Debian GNU/Linux 12 (Bookworm):
[DSA 5985-1] ffmpeg security update
Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1507-1 luajit security update
ELA-1506-1 firebird3.0 security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4283-1] luajit security update
Debian GNU/Linux 12 (Bookworm):
[DSA 5985-1] ffmpeg security update
Multiple security updates have been released for Debian GNU/Linux systems, including iperf3, unbound, and firebird3.0, to address vulnerabilities such as heap buffer overflows, shell code injection, and denial of service attacks via specially timed DNS queries and answers. The affected versions include 3.9-1+deb11u3deb9u1 for iperf3 and 1.9.0-2+deb10u2deb9u6 for unbound, both for Debian 9 (Stretch) ELTS; 1.9.0-2+deb10u6 for unbound on Debian 10 (Buster) ELTS; and 3.0.7.33374.ds4-2+deb11u1 for firebird3.0 on Debian 11 (Bullseye) LTS:
ELA-1505-1 iperf3 security update
ELA-1504-1 unbound1.9 security update
ELA-1503-1 unbound security update
[DLA 4282-1] firebird3.0 security update
ELA-1505-1 iperf3 security update
ELA-1504-1 unbound1.9 security update
ELA-1503-1 unbound security update
[DLA 4282-1] firebird3.0 security update
Liquorix Kernel 6.16-2, a custom kernel replacement designed for desktop, multimedia, and gaming workloads, featuring several major optimizations and tweaks compared to standard kernel configurations, has been released based on the latest Linux Kernel 6.16.3. Some important features are Zen Interactive Tuning, Budget Fair Queue, Hard Kernel Preemption, and TCP BBR2 Congestion Control, which are designed to make the system respond faster and work better in different situations. The Liquorix kernel is available for installation on Debian, Ubuntu, and Arch Linux systems through a simple install script or binary builds from the project's GitHub repository.
The Debian project has released two security advisories for Debian GNU/Linux 11 (Bullseye) LTS to address vulnerabilities in the iperf3 bandwidth measuring tool and the unbound DNS resolver. The iperf3 advisory (DLA-4281-1) fixes two issues, including a heap buffer overflow and a reachable assert, which can be exploited by attackers. The unbound advisory (DLA-4280-1) addresses two vulnerabilities that may lead to denial of service or cache poisoning and includes configuration options to mitigate the impact of these issues.
[DLA 4281-1] iperf3 security update
[DLA 4280-1] unbound security update
[DLA 4281-1] iperf3 security update
[DLA 4280-1] unbound security update
Debian has released security updates for the Thunderbird email client to address multiple vulnerabilities, including arbitrary code execution. The issues were fixed in version 1:128.14.0esr-1deb11u1 for Debian 11 (Bullseye) LTS and versions 1:128.14.0esr-1deb12u1 and 1:128.14.0esr-1~deb13u1 for the oldstable Debian 12 (Bookworm) and stable Debian 13 (Trixie) distributions, respectively. Users are advised to upgrade their Thunderbird packages to ensure security.
[DLA 4279-1] thunderbird security update
[DSA 5984-1] thunderbird security update
[DLA 4279-1] thunderbird security update
[DSA 5984-1] thunderbird security update
Steven Barrett has announced the release of the first Liquorix Linux kernel based on the Linux kernel 6.16 series. The Liquorix Linux kernel is an enthusiast Linux kernel that is optimized for low-latency computing in audiovisual production, reduced frame time variations in games, and unparalleled responsiveness in interactive systems. It is available for Debian, Ubuntu, and Arch Linux.
Debian GNU/Linux has been updated with two security updates: a MuPDF security update for Debian 11 (Bullseye) LTS and a QEMU security update for both Debian 12 (Bookworm) and 13 (Trixie).
[DLA 4278-1] mupdf security update
[DSA 5983-1] qemu security update
[DLA 4278-1] mupdf security update
[DSA 5983-1] qemu security update
Steven Barrett has released a new Liquorix kernel derived from Linux kernel 6.15.11. The Liquorix Linux kernel is an enthusiast Linux kernel that is optimized for low-latency computing in audiovisual production, reduced frame time variations in games, and unparalleled responsiveness in interactive systems. It is available for Debian, Ubuntu, and Arch Linux.
Debian GNU/Linux has been updated with multiple security enhancements, which include updates for Chromium, Firefox-ESR, Squid, and Apache2:
Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1502-1 apache2 security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4277-1] firefox-esr security update
Debian GNU/Linux 12 (Bookworm):
[DSA 5982-1] squid security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 5981-1] chromium security update
Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1502-1 apache2 security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4277-1] firefox-esr security update
Debian GNU/Linux 12 (Bookworm):
[DSA 5982-1] squid security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 5981-1] chromium security update
Debian GNU/Linux has received two new security updates: WebKit2GTK for Debian 11 LTS and Firefox-ESR for Debian 12 and 13:
[DLA 4276-1] webkit2gtk security update
[DSA 5980-1] firefox-esr security update
[DLA 4276-1] webkit2gtk security update
[DSA 5980-1] firefox-esr security update
Debian GNU/Linux has received two security updates: A libxslt update for both Debian 12 and 13 and an openjdk-17 update for Debian 11 LTS
[DSA 5979-1] libxslt security update
[DLA 4275-1] openjdk-17 security update
[DSA 5979-1] libxslt security update
[DLA 4275-1] openjdk-17 security update
Updated WebKitGTK packages have been released for both Debian GNU/Linux 12 (Bookworm) and 13 (Trixie) to address several vulnerabilities. The vulnerabilities include CVE-2025-6558, CVE-2025-31273, CVE-2025-31278, CVE-2025-43211, CVE-2025-43212, CVE-2025-43216, CVE-2025-43227, CVE-2025-43228, CVE-2025-43227, CVE-2025-43228, CVE-2025-43227, CVE-2025-43228, CVE-2025-43224, CVE-2025-43265, and CVE-2025-43265.
[SECURITY] [DSA 5978-1] webkit2gtk security update
[SECURITY] [DSA 5978-1] webkit2gtk security update
A MariaDB security update has been released for Debian GNU/Linux 10 (Buster) ELTS:
ELA-1501-1 mariadb-10.3 security update
ELA-1501-1 mariadb-10.3 security update
Steven Barrett has released another Liquorix kernel derived from Linux kernel 6.15.10. The Liquorix Linux kernel is an enthusiast Linux kernel that is optimized for low-latency computing in audiovisual production, reduced frame time variations in games, and unparalleled responsiveness in interactive systems. It is available for Debian, Ubuntu, and Arch Linux.
Updated dns-root-data packages have been released for both Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1500-1 dns-root-data DNSSEC trust anchors update
ELA-1500-1 dns-root-data DNSSEC trust anchors update
Steven Barrett has released a new Liquorix kernel derived from Linux kernel 6.15.10. The Liquorix Linux kernel is an enthusiast Linux kernel that is optimized for low-latency computing in audiovisual production, reduced frame time variations in games, and unparalleled responsiveness in interactive systems. It is available for Debian, Ubuntu, and Arch Linux.
