Linux Compatible - Debian (Page 535)

Krita security update for Debian 11 LTS

Debian 10794 Published 2025-12-06 08:38 by Philipp Esselbach 0

A security update has been released for Krita, an image manipulation program. The update fixes a vulnerability that could cause a heap-based buffer overflow when loading a manipulated TGA file in Krita. The issue was fixed in version 1:4.4.2+dfsg-1+deb11u1 of the package, which is available for Debian GNU/Linux 11 (Bullseye) LTS users.

[DLA 4395-1] krita security update

Libhtp, Webkit2GTK, Chromium, Unbound updates for Debian

Debian 10794 Published 2025-12-05 08:21 by Philipp Esselbach 0

Several security updates have been released for various Debian packages, including webkit2gtk, chromium, unbound, and libhtp. The updates address multiple vulnerabilities that could lead to denial of service, information disclosure, or arbitrary code execution.

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1588-1 libhtp security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4394-1] webkit2gtk security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6072-1] chromium security update

Debian GNU/Linux 13 (Trixie):
[DSA 6071-1] unbound security update

Mod-Auth-Openidc, Webki2GTK, OpenVPN updates for Debian

Debian 10794 Published 2025-12-04 08:17 by Philipp Esselbach 0

The Debian project has released security updates for several packages, including libapache2-mod-auth-openidc, webkit2gtk, and openvpn. The updates fix vulnerabilities that could allow attackers to crash or exploit systems, with fixes available for various distributions, including Buster, Bookworm, and Trixie. Specific issues addressed in the updates include a denial-of-service vulnerability in mod_auth_openidc, multiple crashes and memory corruption bugs in WebKitGTK, and a flaw allowing bypass of source IP address validation in openvpn.

Debian GNU/Linux 10 (Buster) ELTS:
ELA-1587-1 libapache2-mod-auth-openidc security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6070-1] webkit2gtk security update
[DSA 6069-1] openvpn security update

Mako, Xen, Containerd updates for Debian

Debian 10794 Published 2025-12-03 07:59 by Philipp Esselbach 0

Debian has released security updates for several packages, including mako (version 1.1.3+ds1-2+deb11u1) for Debian GNU/Linux 11 LTS, as well as xen (versions 4.17.5 and 4.20.2) and containerd (versions 1.6.20 and 1.7.24) for both Debian GNU/Linux 12 and 13. The updates address various security vulnerabilities, including denial of service attacks and privilege escalation, which could result in memory disclosure or other issues.

[DLA 4393-1] mako security update
[DSA 6068-1] xen security update
[DSA 6067-1] containerd security update

Liquorix Linux Kernel 6.17-12 released

Debian 10794 Ubuntu 6995 Arch Linux 937 Published 2025-12-01 19:18 by Philipp Esselbach 0

Liquorix Linux kernel version 6.17-12 has been released, which is based on the stable Linux kernel 6.17.10 and designed to optimize desktop experiences for multimedia and gaming workloads. The new kernel has several important updates, like adjustments that make the system respond faster instead of saving power, better management of input/output and memory, and improved CPUFreq control for quicker responses when needed. Additionally, Liquorix 6.17-12 includes better scheduling for high-resolution tasks, a way to manage real-time processes, and support for Budget Fair Queue (BFQ) and TCP BBR2 Congestion Control The kernel can be easily installed on Debian, Ubuntu, or Arch Linux using a provided script or through their own PPA, making it a straightforward replacement for the standard kernel.

Liquorix Linux Kernel 6.17-11 released

Debian 10794 Ubuntu 6995 Arch Linux 937 Published 2025-12-01 08:31 by Philipp Esselbach 0

Steven Barrett has released the Liquorix Linux kernel 6.17-11. The kernel features Zen Interactive Tuning, which adjusts system settings to prioritize responsiveness over power-saving, as well as optimized I/O and memory management. There are also improvements for better performance, like more precise scheduling, better handling of real-time tasks, and support for Budget Fair Queue (BFQ Users can easily install the kernel using a provided script or by downloading binary builds from Liquorix's PPA repository, which supports Debian, Ubuntu, and Arch Linux distributions.

Unbound, CUPS-Filter, PyTorch, and more updates for Debian

Debian 10794 Published 2025-12-01 08:08 by Philipp Esselbach 0

Multiple Debian Security Advisories (DSA) and Extended LTS Advisory (ELA) have been released to address various security vulnerabilities. These advisories include fixes for issues in packages such as gnome-shell-extension-gsconnect, cups-filters, mistral-dashboard, python-mistralclient, pagure, pytorch, unbound, and others. The vulnerabilities affect Debian GNU/Linux distributions, including Bookworm, Trixie, Stretch, Buster, and Bullseye, and users are recommended to upgrade their packages to the latest versions. Moreover, certain advisories indicate that the initial fixes failed to fully resolve the issues, necessitating the application of updated packages.

Debian GNU/Linux 9 (Stretch) ELTS:
ELA-1568-2 unbound1.9 security update

Debian GNU/Linux 10 (Buster) ELTS:
ELA-1567-2 unbound security update

Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1586-1 cups-filters security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4392-1] mistral-dashboard security update
[DLA 4391-1] python-mistralclient security update
[DLA 4390-1] pagure security update
[DLA 4389-1] pytorch security update
[DLA 4365-2] unbound security update

Debian GNU/Linux 13 (Trixie):
[DSA 6066-1] gnome-shell-extension-gsconnect security update

Qtbase-Opensource-Src security update for Debian

Debian 10794 Published 2025-11-30 08:03 by Philipp Esselbach 0

Multiple security updates for the qtbase-opensource-src package have been released for Debian GNU/Linux due to vulnerabilities in Qt, a cross-platform C++ application framework. A race condition was discovered in version 5.15.2+dfsg-9+deb11u2 (Debian 11 Bullseye LTS), where code may execute too early on an established HTTP2 connection. The same issue was also found in versions 5.7.1+dfsg-3+deb9u6 (Debian 9 Stretch ELTS) and 5.11.3+dfsg1-1+deb10u8 (Debian 10 Buster ELTS) of the package, which were addressed by earlier security updates. Users are recommended to upgrade their qtbase-opensource-src packages to fix these vulnerabilities.

[DLA 4387-1] qtbase-opensource-src security update
ELA-1585-1 qtbase-opensource-src security update
ELA-1584-1 qtbase-opensource-src security update

Tryton-Server and Sogo updates for Debian

Debian 10794 Published 2025-11-29 07:22 by Philipp Esselbach 0

Debian has released security updates for two Debian GNU/Linux 11 (Bullseye) LTS packages: tryton-server and sogo. Tryton-server was vulnerable to information disclosure, but this issue has been fixed in version 5.0.33-2+deb11u4. Sogo, on the other hand, had a Cross-Site Scripting (XSS) vulnerability that allowed arbitrary JavaScript to be executed via the "userName" parameter, but this problem was addressed in version 5.0.1-4+deb11u2. Both packages are recommended to be upgraded to their respective fixed versions to ensure system security.

[DLA 4387-1] tryton-server security update
[DLA 4386-1] sogo security update

LibSSH, Krita, Tryton-Server updates for Debian

Debian 10794 Published 2025-11-28 06:49 by Philipp Esselbach 0

Debian has released security updates for several packages, including libssh, Krita, and Tryton-server. Libssh version 0.9.8-0+deb11u2 fixes multiple vulnerabilities found by Ronald Crane and Philippe Antoine, while Krita version 1:5.1.5+dfsg-2+deb12u1 addresses a buffer overflow issue discovered in its TGA parser. Tryton-server, an application platform, has also been updated to fix several security vulnerabilities that could lead to information disclosure.

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4385-1] libssh security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6065-1] krita security update
[DSA 6064-1] tryton-server security update

KDE Connect, Samba, xrdp, ImageMagic updates for Debian

Debian 10794 Published 2025-11-27 06:33 by Philipp Esselbach 0

The Debian project has released several security updates to address vulnerabilities in various packages. The first update addresses a vulnerability in the KDE Connect package, which could allow an attacker to impersonate another device. Three other packages, Samba, xrdp, and ImageMagick, also have issues that need to be addressed, with Samba having an information disclosure vulnerability and xrdp having vulnerabilities related to login attempts and memory reads.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1545-1 imagemagick security update

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1552-1 xrdp security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4384-1] samba security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6063-1] kdeconnect security update

Linux, Erlang, Rails, and more updates for Debian

Debian 10794 Published 2025-11-26 09:11 by Philipp Esselbach 0

Multiple Debian security advisories (DSA) were issued, addressing vulnerabilities in various packages, including Linux kernel, pdfminer, tryton-sao, rails, cups-filters, libsdl2, and net-snmp. These updates fix issues related to privilege escalation, denial of service, information leaks, cross-site scripting (XSS), and out-of-bounds reads or writes. The affected packages have been updated with new versions that include security patches, including CVE-2025-21861, CVE-2025-39929, and others.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1583-1 linux-6.1 security update
ELA-1583-1 linux-6.1 security update
ELA-1582-1 erlang security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4383-1] rails security update
[DLA 4380-1] cups-filters security update
[DLA 4382-1] libsdl2 security update
[DLA 4381-1] net-snmp security update
[DLA 4379-1] linux-6.1 security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6062-1] pdfminer security update
[DSA 6061-1] tryton-sao security update

Erlang, R-Cran-GH, Python-Gevent updates for Debian

Debian 10794 Published 2025-11-25 08:18 by Philipp Esselbach 0

Multiple security updates have been released for various Debian GNU/Linux packages, including Erlang, which is available for Debian 9 ELTS, 10 ELTS, and 11 LTS, as well as r-cran-gh and python-gevent for Debian 11 LTS. The updates address vulnerabilities such as improper path traversal, excessive allocation, and privilege escalation. The affected packages include erlang 1:23.2.6+dfsg-1+deb11u3, r-cran-gh 1.2.0-1+deb11u1, and python-gevent 20.9.0-2+deb11u1.

ELA-1582-1 erlang security update
[DLA 4376-1] erlang security update
[DLA 4378-1] r-cran-gh security update
[DLA 4377-1] python-gevent security update

Liquorix Linux Kernel 6.17-10 released

Debian 10794 Ubuntu 6995 Arch Linux 937 Published 2025-11-24 19:22 by Philipp Esselbach 0

Liquorix Linux Kernel 6.17-10 has been released by Steven Barrett, based on the stable kernel 6.17.9, with several notable improvements aimed at optimizing desktop performance for multimedia and gaming workloads. The kernel features interactive tuning to prioritize responsiveness over power saving, optimized I/O and memory management, and enhanced CPUFreq control for faster responsiveness when needed. Liquorix 6.17-10 also has extra features to improve performance, like better scheduling, handling of real-time tasks, and support for Budget Fair Queue (BFQ) and TCP The kernel is designed to be easy to deploy on Debian, Ubuntu, or Arch Linux using binary builds available through the Liquorix PPA, and installation is made simple by an automatic installation script.

PHP 8.5.0, PHP 8.4.15, and 8.3.28 Debian packages released

Debian 10794 Published 2025-11-22 09:40 by Philipp Esselbach 0

Ondřej Surý has released the latest PHP packages for Debian GNU/Linux users, including updates for PHP 8.5.0, PHP 8.4.15, and PHP 8.3.28 for various Debian versions. The new PHP 8.5 major release introduces several notable features, such as a "URI" extension that allows direct manipulation of URIs in code. Other enhancements include the pipe operator (|>), which streamlines complex operations by letting you chain commands naturally, and improvements to object and array cloning, function return values, and closure usage.

Libsoup2.4 and Webkit2GTK updates for Debian

Debian 10794 Published 2025-11-21 08:26 by Philipp Esselbach 0

The Debian project has released security updates for two packages: libsoup2.4 for Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS and webkit2gtk for Debian GNU/Linux 11 (Bullseye) LTS. The libsoup2.4 update addresses 11 vulnerabilities, including heap buffer over-reads and NULL pointer dereferences that can lead to crashes or memory corruption. The webkit2gtk update fixes four vulnerabilities in the WebKitGTK web engine, which can cause unexpected process crashes or allow websites to access user sensor information without consent.

ELA-1581-1 libsoup2.4 security update
[DLA 4375-1] webkit2gtk security update

Libsoup2.4 and Chromium security update for Debian

Debian 10794 Published 2025-11-20 07:28 by Philipp Esselbach 0

The Libsoup2.4 packages for Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS have been updated to fix multiple security issues, including heap buffer over-reads and NULL pointer dereferences that could allow attackers to crash or exploit vulnerable systems. The update fixes CVE-2025-2784 through CVE-2025-32914, with additional patches expected for some of the recently allocated CVE IDs. Meanwhile, Chromium for Debian GNU/Linux 12 (Bookworm) and 13 (Trixie) has been updated to fix security issues that could result in arbitrary code execution, denial of service, or information disclosure, with exploits existing in the wild for at least one of these vulnerabilities (CVE-2025-13223).

ELA-1581-1 libsoup2.4 security update
[DSA 6060-1] chromium security update

LibSSH and PDFMiner updates for Debian

Debian 10794 Published 2025-11-19 08:19 by Philipp Esselbach 0

The libssh library has been updated to version 0.8.7-1+deb10u3 for Debian GNU/Linux 10 (Buster) ELTS due to several vulnerabilities, including CVE-2020-16135, which can cause a denial-of-service by triggering a NULL pointer dereference, and CVE-2023-6004, where an attacker could inject malicious code through crafted hostnames. Additionally, the library's digest checks were found lacking in CVE-2023-6918, potentially causing application crashes or usage of uninitialized memory. Meanwhile, pdfminer has also been updated to version 20200726-1+deb11u1 for Debian GNU/Linux 11 (Bullseye) LTS due to a vulnerability (CVE-2025-64512) that could allow arbitrary code execution through zipped pickle files. Users are advised to upgrade their packages and refer to the security tracker page or the wiki for more information on the updates.

ELA-1580-1 libssh security update
[DLA 4374-1] pdfminer security update

Mbedtls and libwebsockets updates for Debian

Debian 10794 Published 2025-11-18 07:39 by Philipp Esselbach 0

Two security updates have been released for Debian systems: ELA-1579-1 mbedtls for Debian GNU/Linux 10 (Buster) ELTS and DLA-4373-1 libwebsockets for Debian GNU/Linux 11 (Buster) LTS. The mbedtls update fixes multiple vulnerabilities, including use-after-free issues, NULL pointer dereferences, and buffer underflows that could be exploited by attackers. The libwebsockets update addresses two specific security flaws: a use-after-free vulnerability in the WebSocket server implementation and a stack-based buffer overflow when handling DNS requests with crafted labels.

ELA-1579-1 mbedtls security update
[DLA 4373-1] libwebsockets security update

Thunderbird security update for Debian

Debian 10794 Published 2025-11-17 07:03 by Philipp Esselbach 0

Debian has released security updates for Thunderbird, which address multiple vulnerabilities that could lead to arbitrary code execution. The affected versions are 1:140.5.0esr-1deb11u1 for Debian GNU/Linux 11 (Bullseye) LTS and 1:140.5.0esr-1deb12u1 and 1:140.5.0esr-1~deb13u1 for Debian GNU/Linux 12 (Bookworm) and 13 (Trixie). Users are recommended to upgrade their Thunderbird packages to fix these security issues.

[DLA 4372-1] thunderbird security update
[DSA 6059-1] thunderbird security update