Python, Pypy, Munge, and Tcpflow updates for Debian

Debian 10794 Published by Philipp Esselbach 0

Multiple security updates have been released for various Debian packages, including Python (python3.7, python3.5, and python2.7) and PyPy (pypy), which address vulnerabilities that can lead to memory corruption, email and HTTP headers injection, and denial of service (DoS). The updates also include a fix for the munge authentication service, which had a buffer overflow vulnerability that could allow local users to leak the MUNGE cryptographic key. Additionally, a security update was released for the tcpflow package, which contained a wrong length check in its 802.11 management frame parser that can cause an out-of-bounds write and potentially lead to code execution.

Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1641-1 python3.5 security update

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1640-1 python2.7 security update

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1642-1 python3.7 security update
ELA-1639-1 pypy security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4477-1] munge security update
[DLA 4478-1] tcpflow security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6129-1] munge security update

PHP Unit, Rlottie, Kernel, and more updates for Debian

Debian 10794 Published by Philipp Esselbach 0

Multiple security updates have been released for various Debian packages, including phpunit, usbmuxd, rlottie, shaarli, and linux. The updates address vulnerabilities such as path traversal issues, missing input sanitizing, and unsafe deserialization that could lead to privilege escalation, denial of service, or information leaks. The affected versions include phpunit 7.5.6-1+deb10u1, usbmuxd 1.1.1-2+deb12u1 and 1.1.1-6+deb13u1, rlottie 0.1+dfsg-2+deb11u1, shaarli 0.14.0+dfsg-2+deb13u1, and linux version 6.1.162-1.

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1638-1 phpunit security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4474-1] rlottie security updat

Debian GNU/Linux 12 (Bookworm):
[DSA 6127-1] linux security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6125-1] usbmuxd security update
[DSA 6128-1] shaarli security update

Debian GNU/Linux 13 (Trixie):
[DSA 6126-1] linux security update

Liquorix Linux Kernel 6.18‑10 released

Debian 10794 Ubuntu 6995 Arch Linux 937 Published by Philipp Esselbach 0

Liquorix Kerne  6.18‑10 has just been released, merging the Linux Kernel 6.18.9 sources and bumping the package version to 6.18.9‑1. The kernel is tuned for extreme responsiveness in interactive desktops, low‑latency A/V production, and reduced frame‑time jitter in games, using features such as Zen Interactive Tuning, a 1000 Hz tick rate, and aggressive preemption. The project supplies Debian packages and Docker‑based build scripts that require Docker and a configured GnuPG key; at present only the AMD64 architecture can be built successfully for Debian, Ubuntu and Arch targets. 

Zabbix and Wireshark updates for Debian

Debian 10794 Published by Philipp Esselbach 0

Two security updates have been released for Debian: Zabbix for Debian GNU/Linux 11 (Bullseye) LTS and Wireshark for Debian GNU/Linux 13 (Trixie). The Zabbix update fixes a vulnerability that allows remote code execution due to an attacker injecting unexpected arguments into the smartctl command, while the Wireshark update addresses multiple vulnerabilities that could result in denial of service or arbitrary code execution. Both updates recommend upgrading the respective packages to fix the security issues.

[DLA 4473-1] zabbix security update
[DSA 6124-1] wireshark security update

XanMod Kernel 6.18.9 and 6.12.69 released

Debian 10794 Ubuntu 6995 Published by Philipp Esselbach 0

The XanMod kernel has released two new versions: 6.18.9 and the long-term 6.12.69, which are now available for Debian/Ubuntu. The XanMod kernel series includes features such as LLVM's ThinLTO and aggressive scheduling, making it suitable for low-latency audio workstations or gaming rigs.

PHPUnit, Sudo, Debian-Security-Support updates for Debian 11 LTS

Debian 10794 Published by Philipp Esselbach 0

Debian has released three security advisories for Debian GNU/Linux 11 (Bullseye) LTS to address vulnerabilities in various packages. The first advisory, DLA-4470-1, fixes a vulnerability in phpunit that could allow remote code execution if malicious .coverage files are present prior to test execution. The second advisory, DLA-4472-1, addresses multiple vulnerabilities in sudo, including issues with escaping control characters in log messages and output. The third advisory, DLA-4471-1, updates debian-security-support to mark the end of security support for certain packages and declare limited security support for others.

[DLA 4470-1] phpunit security update
[DLA 4472-1] sudo security update
[DLA 4471-1] debian-security-support update

OpenJDK, Tomcat, Alsa-Lib, Chromium updates for Debian

Debian 10794 Published by Philipp Esselbach 0

Debian has released several security updates for various packages, including openjdk-25, tomcat9, xrdp, alsa-lib, chromium, and multiple Tomcat versions (10, 11). These updates address vulnerabilities that could lead to code execution, denial of service, or information disclosure. The openjdk-25 update fixes several vulnerabilities that may result in incorrect certificate validation or other attacks, while the tomcat9 update corrects flaws that can lead to a bypass of security constraints or denial of service. Users are advised to upgrade their packages as soon as possible and follow the instructions provided by Debian for applying the updates to their system.

Debian GNU/Linux 10 (Bullseye) Extended LTS:
ELA-1636-1 xrdp security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4468-1] tomcat9 security update
[DLA 4469-1] alsa-lib security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6122-1] chromium security update
[DSA 6120-1] tomcat10 security update

Debian GNU/Linux 13 (Trixie):
[DSA 6119-1] openjdk-25 security update
[DSA 6121-1] tomcat11 security update

Thunderbird and Containerd updates for Debian

Debian 10794 Published by Philipp Esselbach 0

Two security update have been released for Debian GNU/Linux 11 (Bullseye) LTS. The first update, DLA-4466-1, addresses a security issue in Thunderbird that could result in information disclosure and has been fixed with version 1:140.7.1esr-1~deb11u1. The second update, DLA-4467-1, fixes multiple vulnerabilities in containerd, including overly broad default permission issues and a bug in CRI Attach implementation that can exhaust host memory. Both advisories recommend upgrading the respective packages to fix the security issues.

[DLA 4466-1] thunderbird security update
[DLA 4467-1] containerd security update

ClamAV, Tomcat9, Thunderbird updates for Debian

Debian 10794 Published by Philipp Esselbach 0

Debian has released several security updates to address vulnerabilities in various packages, including ClamAV, Tomcat9, and Thunderbird. The ClamAV update brings the package up to version 1.4.3+dfsg-1~deb11u1 on Debian GNU/Linux 11 (Bullseye) LTS, extending upstream support. Meanwhile, the Tomcat9 regression update (ELA-1615-2) for Debian GNU/Linux 10 (Bullseye) ELTS, restores missing classes in the tomcat9-jasper-el.jar and tomcat9-embed-el.jar files due to toolchain changes between version 9.0.31 and 9.0.107. The Thunderbird security update (DSA-6118-1) fixes a security issue that could result in information disclosure, available both Debian GNU/Linux 12 (Bookworm) and 13 (Trixie).

[DLA 4465-1] clamav new upstream version
ELA-1615-2 tomcat9 regression update
[DSA 6118-1] thunderbird security update

Xrdp security update for Debian 11 LTS

Debian 10794 Published by Philipp Esselbach 0

A security update is available for the xrdp package, which contains an unauthenticated stack-based buffer overflow vulnerability. If exploited, this could allow remote attackers to execute arbitrary code on the target system. The issue has been fixed in version 0.9.21.1-1~deb11u3, and users are recommended to upgrade their xrdp packages for Debian GNU/Linux 11 (Bullseye) LTS. Further information about the update can be found on the Debian LTS security advisories page or the security tracker page for xrdp.

[DLA 4464-1] xrdp security update

ModSecurity, Pyasn1, Python Tornado updates for Debian

Debian 10794 Published by Philipp Esselbach 0

Several Debian LTS advisories were released covering vulnerabilities in the web application firewall ModSecurity, the ASN.1 library pyasn1, and the asynchronous web framework Tornado. The modsecurity‑apache update addresses CVE-2025-54571 by preventing attackers from overriding HTTP response Content-Type headers, while the pyasn1 updates fix a denial‑of‑service flaw that can exhaust memory when parsing malformed OID/RELATIVE-OID values (CVE-2026-23490). The python-tornado advisories cover three CVEs, CVE-2025-67724, CVE-2025-67725, and CVE-2025-67726, which expose issues such as XSS, header injection, and quadratic performance attacks that can lead to denial of service. All affected packages have been upgraded to patched versions, and users are urged to install the latest releases promptly.

Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1633-1 modsecurity-apache security update

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1634-1 pyasn1 security update

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1635-1 python-tornado security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4463-1] pyasn1 security update

Ceph, Libsodium, Pillow, and more updates for Debian

Debian 10794 Published by Philipp Esselbach 0

Multiple security issues have been found in various Debian packages, including python-django (SQL injection and directory traversal vulnerabilities), pillow (path traversal vulnerability and decompression bomb), python-tornado (XSS and DoS vulnerabilities due to unescaped HTTP headers), ceph (file system compromise and DoS attack), and libsodium (mishandling of elliptic curve points). These issues have been fixed in updated versions of each package. Users are recommended to upgrade their packages to the latest versions to address these security vulnerabilities.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1632-1 ceph security update

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1631-1 libsodium security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4462-1] pillow security update
[DLA 4461-1] python-tornado security update
[DLA 4460-1] ceph security update

Debian GNU/Linux 13 (Trixie):
[DSA 6117-1] python-django security update

Liquorix Linux Kernel 6.18‑9 released

Debian 10794 Ubuntu 6995 Arch Linux 937 Published by Philipp Esselbach 0

The new Liquorix Kernel 6.18-9, based on Kernel 6.18.8, has been released, promising a snappier desktop experience with lower frame-time jitter in games and smoother video work. The kernel sacrifices some power efficiency for improved interactivity, making it suitable for users who spend more time in browsers or games rather than spreadsheets. To install the new kernel safely, users can run a provided script that pulls pre-built packages and updates GRUB, allowing them to verify the new entry before rebooting into "hyper-responsive" mode. The kernel includes various changes under the hood, including scheduler tweaks, memory reclamation, CPUFreq adjustments, and more aggressive preemptive handling of interactive tasks.

Chromium security update for Debian

Debian 10794 Published by Philipp Esselbach 0

A security issue has been discovered in Chromium that could lead to arbitrary code execution, denial of service, or information disclosure. The problem has been fixed in Debian GNU/Linux 12 (Bookworm) and 13 (Trixie) distributions in versions 144.0.7559.109-1deb12u1 and 144.0.7559.109-1deb13u1, respectively. Users are recommended to upgrade their Chromium packages to fix the issue.

[DSA 6116-1] chromium security update

XanMod Kernel 6.18.8 and 6.12.68 LTS released

Debian 10794 Ubuntu 6995 Published by Philipp Esselbach 0

XanMod 6.18.8 brings LLVM ThinLTO, BBRv3 and an optional PREEMPT_RT build to Debian‑based machines, delivering noticeably smoother I/O and scheduler performance on everyday hardware. This step‑by‑step guide shows how to add the repository, import the signing key, install the kernel and pull in just the DKMS toolchain you actually need. It also warns about the most common module breakages – NVIDIA, VirtualBox and older NVIDIA drivers – and gives quick fixes that saved me from a black screen. Keep a fallback kernel handy, reboot, and verify with uname -r to make sure you’re running the new 6.18.8‑xanmod1 kernel.

Libmatio security update for Debian

Debian 10794 Published by Philipp Esselbach 0

The Debian LTS project has released an update for the libmatio library, a MAT File I/O Library. This update addresses multiple vulnerabilities found in various versions of the library, including CVE-2022-1515, CVE-2025-2338, and CVE-2025-50343. These vulnerabilities could potentially lead to Denial of Service (DoS) or remote code execution if libmatio is embedded in services that accept user-supplied .mat files. Debian 11 users are advised to upgrade their libmatio packages to version 1.5.19-2+deb11u1 to fix these issues.

[DLA 4459-1] libmatio security update

Python-Django, DCMTK, EDK2, and more updates for Debian

Debian 10794 Published by Philipp Esselbach 0

Several security updates have been released for Debian GNU/Linux, including DCMTK, Apache Log4j2, EDK II, Python-Django, GIMP, and pyasn1. The updates address multiple vulnerabilities, such as denial-of-service attacks, buffer overflows, and SQL injection, which could potentially lead to arbitrary code execution or data compromise.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1627-1 python-django security update

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1630-1 dcmtk security update
ELA-1629-1 apache-log4j2 security update
ELA-1628-1 edk2 security update

Debian GNU/Linux 11 (Buster) LTS:
[DLA 4458-1] python-django security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6115-1] gimp security update
[DSA 6114-1] pyasn1 security update

OpenSSL security update for Debian 12 and 13

Debian 10794 Published by Philipp Esselbach 0

Debian has released an update for OpenSSL to address multiple vulnerabilities that could lead to denial of service, information leaks, or remote code execution. These issues have been fixed in versions 3.0.18-1deb12u2 for Debian GNU/Linux 12 (Bookworm) and 3.5.4-1deb13u2 for Debian GNU/Linux 13 (Trixie). To resolve these security problems, it's recommended that you upgrade your openssl packages to the latest version.

[SECURITY] [DSA 6113-1] openssl security update

Apache, ImageMagick, OpenJDK updates for Debian

Debian 10794 Published by Philipp Esselbach 0

Multiple security updates have been released for Debian GNU/Linux for various packages, including openjdk-11, openjdk-17, imagemagick, and apache2. The updates address several vulnerabilities that could result in incorrect certificate validation, CRLF injection, man-in-the-middle attacks, denial of service, or potentially the execution of arbitrary code.

Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1626-1 apache2 security update

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1624-1 imagemagick security update

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1623-1 openjdk-11 security update
ELA-1625-1 apache2 security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4457-1] openjdk-11 security update
[DLA 4456-1] openjdk-17 security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6111-1] imagemagick security update

Debian GNU/Linux 13 (Trixie):
[DSA 6112-1] openjdk-21 security update

Previous Page

Next Page

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...