Libsodium and Foomuuri updates for Debian

Debian 10928 Published by Philipp Esselbach 0

The Debian project has released security updates for two packages. The libsodium library, version 1.0.18-1+deb11u1 For Debian GNU/Linux 11 (Bullseye) LTS, it fixes a vulnerability in the crypto_core_ed25519_is_valid_point() function that mishandled checks for valid elliptic curve points. The foomuuri firewall generator package, version 0.27-2+deb13u1 for Debian GNU/Linux 13 (Trixie), addresses two vulnerabilities that could allow unauthorized users to tamper with the firewall configuration.

[DLA 4435-1] libsodium security update
[DSA 6095-1] foomuuri security update

Gimp, U-Boot, ImageMagick, Adminer, Ruby-Rmagick, Libsodium updates for Debian

Debian 10928 Published by Philipp Esselbach 0

Debian GNU/Linux has released several updates to address security concerns. The updates include fixes for ImageMagick, GIMP, U-Boot, Adminer, and Ruby-RMagick vulnerabilities. Additionally, a libsodium security update was also made available.

Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1607-1 gimp security update
ELA-1608-1 u-boot security update

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1606-1 imagemagick security update

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1604-1 gimp security update
ELA-1605-1 adminer security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4433-1] ruby-rmagick security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6094-1] libsodium security update

Liquorix Linux Kernel 6.18-3 released

Debian 10928 Ubuntu 7099 Arch Linux 964 Published by Philipp Esselbach 0

A new version of the Liquorix Linux kernel, 6.18-3, has been released by Steven Barrett, which is designed to optimize desktop experiences for multimedia and gaming workloads. This custom-built kernel includes several notable improvements, such as Zen Interactive Tuning, optimized I/O and memory management, and faster responsiveness through tweaks like adjusted CPUFreq control. The Liquorix 6.18-3 also includes additional performance features like high-resolution scheduling, real-time system handling, and support for Budget Fair Queue (BFQ) to manage disk I/O and latency. Users can easily deploy the kernel on Debian, Ubuntu, or Arch Linux by downloading binary builds from the Liquorix website or using a simple installation script.

Adminer, GIMP, CURL updates for Debian

Debian 10928 Published by Philipp Esselbach 0

Debian has issued security updates for several packages, including curl and GIMP. A vulnerability was found in curl that can cause a crash or memory out-of-bounds read, which has been fixed in version 7.74.0-1.3+deb11u16. Meanwhile, multiple vulnerabilities were discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service or arbitrary code execution if malformed files are opened.

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1605-1 adminer security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4432-1] curl security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6093-1] gimp security update

Gimp security update for Debian ELTS

Debian 10928 Published by Philipp Esselbach 0

The GIMP security update (ELA-1604-1) addresses multiple file parsing problems that could lead to crashes or arbitrary code execution when opening malicious files. The issues include CVE-2007-3126, which was previously fixed in Debian GNU/Linux 10 (Buster) ELTS and now included in Debian GNU/Linux 9 (Stretch) ELTS, and two other vulnerabilities: CVE-2025-14422, which allows remote attackers to execute arbitrary code through PNM file parsing, and CVE-2025-14425, a JP2 file parsing heap-based buffer overflow vulnerability. These issues can be exploited by visiting malicious pages or opening malicious files, requiring user interaction. The update is available for both stretch (version 2.8.18-1+deb9u7) and buster (version 2.10.8-2+deb10u6).

ELA-1604-1 gimp security update

GIMP security update for Debian 11 LTS

Debian 10928 Published by Philipp Esselbach 0

A security update has been released for the GNU Image Manipulation Program (GIMP) in Debian GNU/Linux 11 (Bullseye) LTS, addressing multiple vulnerabilities that could lead to buffer overflows and arbitrary code execution. The vulnerabilities, identified as CVE-2022-30067, CVE-2025-14422, and CVE-2025-14425, affect GIMP's handling of XCF, PNM, and JP2 files, respectively. These issues can be exploited by an attacker to execute malicious code on a user's system if they visit a malicious page or open a malicious file, requiring user interaction.

[DLA 4431-1] gimp security update

Net-Snmp and Smb4k security update for Debian

Debian 10928 Published by Philipp Esselbach 0

A security update for the net-snmp package has been released to fix a vulnerability that allows an attacker to crash the snmptrapd daemon with a specially crafted packet. The bug is not mitigatable, so the only solution is to ensure the SNMP port is firewalled or upgrade the package. A separate update also addressed a parsing issue on Linux systems 6.7 and above. Additionally, two vulnerabilities were found in the smb4k utility, allowing for local denial of service or privilege escalation, which have been fixed with an updated version of the package.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1603-1 net-snmp security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4430-1] net-snmp security update

Debian GNU/Linux 13 (Trixie):
[DSA 6092-1] smb4k security update

Imagemagick security update for Debian 11 LTS

Debian 10928 Published by Philipp Esselbach 0

A security update has been released for the ImageMagick package in Debian GNU/Linux 11 (Bullseye) LTS, which is a popular image processing suite. The update fixes multiple vulnerabilities that were found in ImageMagick, including issues with memory management, integer overflows, and crashes when processing crafted TIFF files or MVG files. The fixed version of ImageMagick is 8:6.9.11.60+dfsg-1.3+deb11u8, which addresses CVEs CVE-2025-65955 to CVE-2025-69204.

[DLA 4429-1] imagemagick security update

PDF-Dompdf and MediaWiki updates for Debian 11 LTS

Debian 10928 Published by Philipp Esselbach 0

Two security updates are available for Debian GNU/Linux 11 (Bullseye) LTS, including one for php-dompdf and another for mediawiki. The php-dompdf update fixes two vulnerabilities: PHAR deserialization and external control of file name bypassing, which can lead to remote code execution. Meanwhile, the MediaWiki update addresses multiple security issues, such as information disclosure, denial of service, and privilege escalation due to various unescaped input handling problems.

[DLA 4427-1] php-dompdf security update
[DLA 4428-1] mediawiki security update

Liquorix Linux Kernel 6.18-2 released

Debian 10928 Ubuntu 7099 Arch Linux 964 Published by Philipp Esselbach 0

Steven Barrett has released Liquorix Linux kernel 6.18-2, which offers several improvements to optimize desktop performance for multimedia and gaming workloads. The new kernel includes features that help improve how the system responds quickly while still being stable, such as better management of input/output, memory, and CPU speed control.

Python-Django, OpenJPEG2, Osslsigncode updates for Debian

Debian 10928 Published by Philipp Esselbach 0

Debian has released several security updates for Debian GNU/Linux 11 (Bullseye) LTS, including fixes for vulnerabilities in openjpeg2, osslsigncode, and python-django. The most recent update for python-django addresses two issues: SQL injection via the _connector keyword argument and a potential denial-of-service vulnerability in XML serialization. Similar vulnerabilities have also been found in previous versions of Python-Django on Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1602-1 python-django security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4424-1] openjpeg2 security update
[DLA 4426-1] osslsigncode security update
[DLA 4425-1] python-django security update

Kodi security update for Debian 11 LTS

Debian 10928 Published by Philipp Esselbach 0

Kodi, a media player and entertainment hub, has been updated to fix multiple security vulnerabilities. The issues include a heap buffer overflow vulnerability (CVE-2023-23082) that allows attackers to cause a denial of service, as well as a divide-by-zero issue (CVE-2023-30207) discovered in crafted MP3 files. For Debian GNU/Linux 11 (Bullseye) LTS users, the problems have been fixed in version 2:19.1+dfsg2-2+deb11u2.

[DLA 4423-1] kodi security update

PgBouncer security update for Debian 11 LTS

Debian 10928 Published by Philipp Esselbach 0

A security update has been released for the pgbouncer package, which is a lightweight connection pooler for PostgreSQL. The update fixes a vulnerability (CVE-2025-12819) that allowed an unauthenticated attacker to execute arbitrary SQL during authentication. The issue was fixed in version 1.15.0-1+deb11u2, and users are recommended to upgrade their pgbouncer packages.

[DLA 4422-1] pgbouncer security update

Python-urllib3 and Rails updates for Debian

Debian 10928 Published by Philipp Esselbach 0

Debian has released security updates for several packages, including python-urllib3 and rails. The python-urllib3 package, which is used for HTTP requests with thread-safe connection pooling, had vulnerabilities that could lead to denial of service or request forgery, but these issues have been resolved in version 1.26.5-1~exp1+deb11u2. Similarly, the Rails web framework had multiple security issues discovered, including command injection and logging of unescaped ANSI sequences, which were addressed in version 2:6.0.3.7+dfsg-2+deb11u4.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1601-1 python-urllib3 security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4421-1] python-urllib3 security update
[DLA 4416-1] rails security update

PostgreSQL and GSt-Plugins updates for Debian

Debian 10928 Published by Philipp Esselbach 0

Debian has released security updates for several packages, including postgresql-13 and gst-plugins-good1.0, to fix vulnerabilities that could lead to denial of service or information disclosure. The fixes are included in versions 13.23-0+deb11u1 and 1.18.4-2+deb11u4, respectively, for Debian GNU/Linux 11 (Bullseye) LTS. There are also multiple vulnerabilities in the gst-plugins-base1.0 packages for Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS, potentially causing a crash due to buffer overflows or NULL pointer dereferences.

[DLA 4420-1] postgresql-13 security update
[DLA 4419-1] gst-plugins-good1.0 security update
ELA-1600-1 gst-plugins-base1.0 security update

Liquorix Linux Kernel 6.18-1 released

Debian 10928 Ubuntu 7099 Arch Linux 964 Published by Philipp Esselbach 0

Steven Barrett has released the first Liquorix Linux kernel based on the 6.18 series, designed to optimize desktop experience for multimedia and gaming workloads by tapping into underutilized performance capabilities. The kernel includes various improvements, such as Zen Interactive Tuning, which prioritizes responsiveness over power saving, as well as optimized I/O and memory management through tweaks like background reclaim for hugepages and minimum cache TTL timings. Liquorix 6.18-1 also features other technical enhancements, including high-resolution scheduling, real-time system handling, Budget Fair Queue (BFQ) support, and TCP BBR2 Congestion Control to improve data transfer speed during network congestion. The kernel provides binary builds for Debian, Ubuntu, and Arch Linux through their PPA, making it easy to install and use as a direct replacement for the standard kernel.

USBMuxd security update for Debian ELTS

Debian 10928 Published by Philipp Esselbach 0

The ELA-1599-1 security update affects the usbmuxd package, which is used to manage iPhone and iPod Touch devices. The issue was discovered in how the daemon handles certain paths received with the SavePairRecord command. This flaw can be exploited by a local attacker to delete and write files named *.plist in arbitrary locations on the system.

ELA-1599-1 usbmuxd security update

Chromium, PHP, WordPress, and more updates for Debian

Debian 10928 Published by Philipp Esselbach 0

Several security updates have been released for Debian GNU/Linux, including fixes for vulnerabilities in Chromium (DSA-6089-1), PHP 8.4 (DSA-6088-1), WordPress (DSA-6091-1), python-mechanize (DLA-4418-1), usbmuxd (DLA-4417-1), and Rails (DSA-6090-1).

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4418-1] python-mechanize security update
[DLA 4417-1] usbmuxd security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6089-1] chromium security update
[DSA 6090-1] rails security update

Debian GNU/Linux 13 (Trixie):
[DSA 6088-1] php8.4 security update
[DSA 6091-1] wordpress security update

PHP 8.5.1, PHP 8.4.16, 8.3.29, 8.2.30, 8.1.34 Debian packages released

Debian 10928 Published by Philipp Esselbach 0

Ondřej Surý has released updated PHP packages for Debian GNU/Linux users, including versions from 5.6 to 8.5, addressing security issues across multiple versions. The updates fix three vulnerabilities: command injection via proc_open, CVE-2024-1874; a cookie bypass attack related to CVE-2022-31629 and patched as CVE-2024-2756; and an issue with PHP's password verification function. To add the repository to your Debian installation, you can use a provided script that installs necessary dependencies and configures the repository. Further details on the packages and bug tracker are available at deb.sury.org.

Roundcube, Dropbear, MediaWiki updates for Debian

Debian 10928 Published by Philipp Esselbach 0

There are multiple security updates for Debian GNU/Linux distributions, including Roundcube, Dropbear, and MediaWiki. The Roundcube update, which is available for Debian 10 ELTS, 12, and 13, fixes two vulnerabilities: an information disclosure vulnerability in its HTML style sanitizer and a cross-site scripting (XSS) vulnerability via SVG's animate tag. The dropbear update for Debian 12 and 13 addresses a privilege escalation issue caused by incorrect permission handling in the Dropbear SSH server. The MediaWiki update for Debian 12 and 13 fixes multiple security issues, including XSS, information disclosure, missing rate limiting, and denial of service vulnerabilities.

ELA-1598-1 roundcube security update
[DSA 6087-1] roundcube security update
[DSA 6086-1] dropbear security update
[DSA 6085-1] mediawiki security update

Previous Page

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...