Linux Compatible - Debian (Page 531)

Syslog-NG, PAM, Corosync, Kernel updates for Debian

Debian 10928 Published 2025-09-23 08:04 by Philipp Esselbach 0

Multiple security updates have been issued for various Debian packages, including syslog-ng, pam, corosync, and linux. The updates fix security problems like mishandling of wildcard certificates during TLS authentication, denial-of-service attacks using mkfifo, buffer overflows in corosync, and different issues that could let attackers gain higher access or leak information in the Linux kernel. These vulnerabilities could allow attackers to impersonate legitimate endpoints, compromise secure logging, or elevate their privileges to root. It is recommended that users upgrade their packages to the latest versions to address these security concerns.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1523-1 syslog-ng security update
ELA-1522-1 pam security update
ELA-1524-1 corosync security update

Debian GNU/Linux 11 (Buster) LTS:
[DLA 4308-1] corosync security update

Debian GNU/Linux 12 (Bookworm):
[DSA 6009-1] linux security update

Debian GNU/Linux 13 (Trixie):
[DSA 6008-1] linux security update

PAM, FFmpeg, Jq, Shibboleth-SP updates for Debian

Debian 10928 Published 2025-09-22 09:29 by Philipp Esselbach 0

Multiple security advisories have been issued for various Debian GNU/Linux packages, including pam, ffmpeg, jq, and shibboleth-sp. Attackers could exploit vulnerabilities such as denial of service, privilege escalation, SQL injection, and heap buffer overflows, which these advisories address. The affected packages include pam (CVE-2024-22365 and CVE-2025-6020), ffmpeg (CVE-2025-1594, CVE-2025-7700, and CVE-2025-10256), jq (CVE-2025-48060), and shibboleth-sp (CVE-2025-9943).

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1520-1 jq security update

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1521-1 shibboleth-sp security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4306-1] pam security update
[DLA 4307-1] jq security update

Debian GNU/Linux 13 (Trixie):
[DSA 6007-1] ffmpeg security update

Liquorix Linux Kernel 6.16-7 released

Debian 10928 Ubuntu 7099 Arch Linux 964 Published 2025-09-21 08:48 by Philipp Esselbach 0

Steven Barrett has announced the release of Liquorix Linux Kernel 6.16-7, a custom kernel designed to optimize desktop, multimedia, and gaming workloads by leveraging the performance capabilities of Linux Kernel 6.16.8. This kernel replacement boasts various enhancements, including Zen Interactive Tuning, scheduling improvements, and additional features such as High Resolution Scheduling and Compressed Swap. Liquorix kernel 6.16-7 supports a wide range of hardware and is designed to be used as a drop-in replacement for standard distribution kernels, with binary builds available for popular Debian-based distributions and Ubuntu.

OpenVPN updates for Debian ELTS

Debian 10928 Published 2025-09-21 08:39 by Philipp Esselbach 0

Two security updates are available for OpenVPN, a virtual private network application. The first update (ELA-1519-1) affects Debian GNU/Linux 9 (Stretch) Extended LTS and fixes a vulnerability (CVE-2024-5594) that could result in data injection. The second update (ELA-1518-1) affects Debian GNU/Linux 10 (Buster) Extended LTS and also fixes the CVE-2024-5594 issue, as well as another vulnerability (CVE-2022-0547) that allows authentication bypass. Both updates are available to prevent attackers from injecting unexpected arbitrary data into third-party executables or plug-ins using PUSH_REPLY messages.

ELA-1519-1 openvpn security update
ELA-1518-1 openvpn security update

Firefox, Chromium, Python-Eventlet, Jetty updates for Debian

Debian 10928 Published 2025-09-20 08:02 by Philipp Esselbach 0

Debian has issued several security updates for various packages, including Firefox ESR, Chromium, Python-Eventlet, and Jetty. The Firefox ESR update fixes several security problems that could allow harmful code to run, let attackers escape from a secure area, reveal private information, or ignore security rules about web origins, and it suggests upgrading to version 140.3.0esr-1 The Chromium update addresses security issues that could result in the execution of arbitrary code, denial of service, or information disclosures and recommends upgrading to version 140.0.7339.185-1deb12u1 for Debian 12 (Bookworm) or version 140.0.7339.185-1deb13u1 for Debian 13 (Trixie). The Jetty updates fix a protocol-level vulnerability in HTTP/2 support referred to as "MadeYouReset" and recommend upgrading to version 12.0.17-3.1deb13u1 or version 9.4.57-1.1~deb12u1 for jetty9.

Debian GNU/linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1517-1 python-eventlet security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4305-1] firefox-esr security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6004-1] chromium security update
[DSA 6005-1] jetty9 security update

Debian GNU/Linux 13 (Trixie):
[DSA 6006-1] jetty12 security update

Firefox-ESR and cJSON updates for Debian

Debian 10928 Published 2025-09-19 08:30 by Philipp Esselbach 0

A security update has been issued for the cJSON library, which was discovered to have an insufficient input sanitizing vulnerability that could lead to out-of-bounds memory access. The issue affects Debian GNU/Linux 11 (Bullseye) LTS and has been fixed in version 1.7.14-1+deb11u3 of the cjson package. Additionally, a security update has been issued for Mozilla Firefox ESR due to multiple vulnerabilities discovered in versions between 128.x and 140.x that could allow arbitrary code execution or information disclosure. The issue affects both Debian GNU/Linux 12 (Bookworm) and 13 (Trixie) distributions and has been fixed in version 140.3.0esr-1deb12u1 and version 140.3.0esr-1deb13u1, respectively.

[DLA 4304-1] cjson security update
[DSA 6003-1] firefox-esr security update

Nextcloud-desktop update for Debian 11 LTS

Debian 10928 Published 2025-09-18 07:04 by Philipp Esselbach 0

A security update has been released for the next cloud desktop package in the Debian GNU/Linux 11 (Bullseye) LTS to fix multiple vulnerabilities. The vulnerabilities include the injection of arbitrary HTML into the desktop client application via notifications, user status, and information, as well as potential man-in-the-middle attacks and the exposure of sensitive data. Additionally, a malicious server administrator can recover and modify the contents of end-to-end encrypted files.

[SECURITY] [DLA 4303-1] nextcloud-desktop security update

Node SHA.js security update for Debian

Debian 10928 Published 2025-09-17 07:39 by Philipp Esselbach 0

A security update has been released for the Node SHA.js package in both Debian GNU/Linux 12 (Bookworm) and 13 (Trixie), which implements SHA hash functions in JavaScript. The problem with the package was that it performed incomplete type checks, leading to potential security vulnerabilities.

[DSA 6002-1] node-sha.js security update

Python-Django and Node-SHA.js updates for Debian 11 LTS

Debian 10928 Published 2025-09-16 09:01 by Philipp Esselbach 0

Two security updates have been issued for Debian GNU/Linux 11 (Bullseye) LTS. The first update addresses a potential SQL injection attack in the Django web development framework, which has been fixed in version 2:2.2.28-1~deb11u8. The second update fixes an improper input validation vulnerability in node-sha.js, a popular streamable SHA hashes implementation, which has been addressed in version 2.4.11-2+deb11u1.

[DLA 4301-1] python-django security update
[DLA 4302-1] node-sha.js security update

Liquorix Linux Kernel 6.16-6 released

Debian 10928 Ubuntu 7099 Arch Linux 964 Published 2025-09-15 07:49 by Philipp Esselbach 0

Steven Barrett has announced the release of Liquorix kernel version 6.16-6, which is built on top of Linux Kernel 6.16.7 and optimized for desktop, multimedia, and gaming workloads. The new kernel features several significant enhancements, including scheduling improvements, CPUFreq settings tweaks, and a faster disk scheduler called Budget Fair Queue. Liquorix kernel 6.16-6 also allows for better timing control, quicker responses from the CPU, uses LZ4 compression Users can install the Liquorix kernel on their Debian, Ubuntu, or Arch-based Linux distribution by running a script available on the Liquorix website.

Shibboleth-SP, Jetty9, CJson, ImageMagick updates for Debian

Debian 10928 Published 2025-09-15 07:36 by Philipp Esselbach 0

Debian has released several security advisories, including DLA-4300-1 for Shibboleth Service Provider (shibboleth-sp), which fixes a SQL vulnerability; DLA-4299-1 for Jetty 9 (jetty9), which resolves an HTTP/2 vulnerability; and ELA-1516-1 for ImageMagick (imagemagick), which addresses multiple vulnerabilities. The Shibboleth Service Provider advisory recommends upgrading to version 3.2.2+dfsg1-1+deb11u1, while the Jetty 9 advisory suggests updating to version 9.4.57-0+deb11u3. The ImageMagick advisory fixes issues, including memory leaks and format string bugs, in various functions of the software suite. Users are advised to upgrade their packages to address these vulnerabilities and prevent potential security risks.

Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1516-1 imagemagick security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4300-1] shibboleth-sp security update
[DLA 4299-1] jetty9 security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6001-1] cjson security update

ImageMagick and ca-certificates-java updates for Debian 10 ELTS

Debian 10928 Published 2025-09-14 08:19 by Philipp Esselbach 0

Debian GNU/Linux 10 (Buster) Extended LTS has received two security updates. The imagemagick package has been updated to fix multiple security vulnerabilities, including heap buffer overflows, memory leaks, and format string bugs. The vulnerabilities (CVEs) listed include issues with processing format strings containing consecutive percent signs (%%), memory corruption due to unsafe size calculations, and arbitrary memory region overwrites. These updates address various commands within ImageMagick, such as magick stream, magick mogrify, and montage, which were found to be vulnerable to these security issues. Additionally, the ca-certificates-java package requires an upgrade to resolve a circular dependency between Java packages and system certificates.

ELA-1515-1 imagemagick security update
ELA-1514-1 ca-certificates-java bugfix update

OpenCV update for Debian 10 ELTS

Debian 10928 Published 2025-09-13 07:52 by Philipp Esselbach 0

An update has been released for the OpenCV package in Debian GNU/Linux 10 (Buster) Extended LTS to fix multiple vulnerabilities. The vulnerabilities include buffer overflows, out-of-bounds reads and writes, NULL pointer dereferences, and divide-by-zero errors in various functions of the OpenCV library.

ELA-1513-1 opencv security update

Amanda, CUPS, Libcpanel, Libjson, ImageMagick updates for Debian

Debian 10928 Published 2025-09-12 08:07 by Philipp Esselbach 0

Debian has issued several security updates for various packages, including cups, libcpanel-json-xs-perl, libjson-xs-perl, imagemagick, and amanda. The cups package has been updated to fix two vulnerabilities that may result in authentication bypass or denial-of-service attacks, with fixes available for Debian 11 (Bullseye) LTS and older distributions. Other packages have also been updated, including libcpanel-json-xs-perl and libjson-xs-perl to fix integer buffer overflow vulnerabilities, and imagemagick to address multiple memory corruption vulnerabilities. Users are recommended to upgrade their packages to the latest versions to ensure security.

Debian GNU/Linux9 (Stretch) Extended LTS:
ELA-822-2 amanda regression update

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1512-1 cups security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4298-1] cups security update

Debian gNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6000-1] libcpanel-json-xs-perl security update
[DSA 5999-1] libjson-xs-perl security update
[DSA 5998-1] cups security update
[DSA 5997-1] imagemagick security update

MariaDB, ImageMagick, Chromium, hsqldb1.8.0 updates for Debian

Debian 10928 Published 2025-09-11 07:34 by Philipp Esselbach 0

Debian has released several security updates for various packages, including hsqldb1.8.0, Chromium, ImageMagick, and MariaDB-10.3. The hsqldb1.8.0 update fixes a vulnerability that allowed an attacker to execute spurious scripting commands in certain files. The Chromium update addresses security issues that could result in the execution of arbitrary code, denial of service, or information disclosure. The ImageMagick and MariaDB-10.3 updates fix multiple vulnerabilities, including heap buffer overflows, memory leaks, and Denial Of Service (DoS) attacks.

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1501-1 mariadb-10.3 security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4297-1] imagemagick security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 5996-1] chromium security update

Debian GNU/Linux 13 (Trixie):
[DSA 5995-1] hsqldb1.8.0 security update

Liquorix Kernel 6.16-5 Now Available for Enhanced System Performance

Debian 10928 Ubuntu 7099 Arch Linux 964 Published 2025-09-10 07:52 by Philipp Esselbach 0

Steven Barrett has announced the release of Liquorix kernel version 6.16-5, a distro kernel replacement optimized for desktop, multimedia, and gaming workloads. This updated kernel includes significant enhancements such as improved scheduling algorithms, increased system responsiveness, and optimized CPU frequency settings. Additionally, it features advanced technologies like High Resolution Scheduling, Preemptible tree-based hierarchical RCU, and Compressed Swap to provide a faster and more efficient computing experience. The Liquorix kernel is available for installation on Debian, Ubuntu, and Arch Linux systems through a simple script.

QEMU security update for Debian

Debian 10928 Published 2025-09-10 07:31 by Philipp Esselbach 0

A security update has been released for the QEMU package on Debian GNU/Linux 11 (Bullseye) LTS to address two issues that could result in denial of service and privilege escalation. The update removes the use of a flag that allowed privileged binaries to run with elevated privileges under QEMU, which may require changes for those relying on this behavior. The affected packages are qemu-user-static and qemu-user-binfmt, which have been fixed in version 1:5.2+dfsg-11+deb11u5.

[DLA 4296-1] qemu security update

Libhtp and OpenAFS updates for Debian 11 LTS

Debian 10928 Published 2025-09-09 07:54 by Philipp Esselbach 0

The Debian project has released two security advisories for Debian GNU/Linux 11 (Bullseye) LTS: DLA-4295-1 for libhtp and DLA-4168-2 for openafs. The libhtp advisory fixes multiple denial-of-service vulnerabilities, which have been fixed in version 1:0.5.36-1+deb11u1. Meanwhile, the OpenAFS advisory addresses a regression introduced by a missing commit, which has been resolved in version 1.8.6-5+deb11u2.

[DLA 4295-1] libhtp security update
[DLA 4168-2] openafs regression update

PHP 8.4.12 and 8.3.25 packages for Debian 11, 12, and 13 released

Debian 10928 Published 2025-09-08 16:34 by Philipp Esselbach 0

Ondřej Surý has released PHP 8.4.12 and 8.3.25 packages for Debian GNU/Linux 11 (Bullseye) LTS, 12 (Bookworm), and 13 (Trixie). The updates address various bugs and issues across different components, including Core, Calendar, FTP, GD, Hash, Intl, LDAP, LibXML, MbString, Opcache, OpenSSL, PDO Pgsql, Readline, SOAP, Sockets, and Standard. Fixes include resolving crashes, memory leaks, and incorrect return values, as well as addressing theoretical issues with unavailable functions.

Shibboleth-SP and Mod Security security updates for Debian

Debian 10928 Published 2025-09-08 08:00 by Philipp Esselbach 0

Debian has released security updates for two packages: Shibboleth-SP (DSA 5994-1) for both Debian GNU/Linux 12 (Bookworm) and 13 (Trixie) and modsecurity-apache (DLA 4294-1) for Debian GNU/Linux 11 (Bullseye) LTS. The Shibboleth-SP update fixes an SQL vulnerability in its ODBC plugin, which could result in an information leak. The modsecurity-apache update fixes a cross-site scripting issue caused by insufficient return value handling.

[DSA 5994-1] shibboleth-sp security update
[DLA 4294-1] modsecurity-apache security update