Liquorix Kernel 6.19-1 has been released, offering a smoother gaming and AV experience by tweaking scheduler parameters and disabling performance-dragging features. Users who tested the previous 6.18 release reported less "jitter" in video editing timelines and improved frame rates while playing competitive titles. The new build includes bug fixes from earlier iterations and can be installed on Debian, Ubuntu, or Arch using a single-liner installer that pulls the package from the Liquorix repository.
The latest release of Liquorix Kernel, version 6.18-19, has been made available for Debian, Ubuntu, and Arch Linux distributions, offering improved performance and efficiency through tweaks like Kyber and BFQ schedulers. These changes result in faster UI wake-ups when copying large files or rendering video frames, as well as snappier mouse movement and lower frame-time jitter in fast-paced games. While Liquorix may not be necessary for users with office boxes that rarely leave the desk, those who engage in competitive gaming or audio/video production are likely to notice a significant difference. To install Liquorix on any of these distributions, simply run an installation script provided by the project, which will automatically add the repository and update GRUB.
XanMod has released two new kernels, 6.19.6 and 6.18.16 LTS, which offer significant performance improvements for tasks like number crunching and high-resolution video streaming. To install these kernels on Debian or Ubuntu systems, you'll need to add a PGP key and register the XanMod repository; this process involves running two commands in the terminal. After installing the kernel, be sure to reboot your system and verify that it's working correctly by checking the version number in /proc/version; if everything went smoothly, the output should contain "xanmod" followed by the exact version number. Upgrading to XanMod kernels can provide noticeable speed and responsiveness gains for desktops and servers alike, making them a worthwhile upgrade for anyone looking to boost their system's performance.
A security update has been released for the SPIP website engine, which fixes several vulnerabilities that could allow attackers to access protected information and execute arbitrary code. The issues have been fixed in version 4.4.11+dfsg-0+deb13u1 for the stable Debian distribution (trixie). Additionally, a security update has been released for the GIMP image manipulation program, which fixes several vulnerabilities that could allow attackers to execute arbitrary code or cause denial of service by opening malformed files. The issues have been fixed in version 2.10.34-1+deb12u9 for the oldstable Debian distribution (bookworm) and version 3.0.4-3+deb13u7 for the stable distribution (trixie).
[SECURITY] [DSA 6155-1] spip security update
[SECURITY] [DSA 6156-1] gimp security update
[SECURITY] [DSA 6155-1] spip security update
[SECURITY] [DSA 6156-1] gimp security update
A security update has been released for PHP 8.2 for Debian GNU/Linux 12 (Bookworm), which fixes multiple issues that could result in denial of service or memory disclosure. Another issue was found in the Mozilla Firefox web browser for Debian GNU/Linux 11 (Bullseye) LTS, where multiple security vulnerabilities were discovered that could potentially lead to code execution, sandbox escape, or privilege escalation.
[DSA 6154-1] php8.2 security update
[DLA 4496-1] firefox-esr security update
[DSA 6154-1] php8.2 security update
[DLA 4496-1] firefox-esr security update
A security update has been released for the LXD package in both Debian GNU/Linux 12 (Bookworm) and 13 (Trixie). The update fixes two security issues that could allow the execution of arbitrary commands via malformed images.
[DSA 6153-1] lxd security update
[DSA 6153-1] lxd security update
The new Liquorix Kernel 6.18-17 brings together the upstream Linux 6.18.15 tree with tweaks aimed at improving responsiveness and gaming performance, while sacrificing some throughput and power efficiency. This community-maintained kernel keeps classic Zen patches and adds preemptible RCU implementation, resulting in faster mouse clicks, smoother video rendering, and steadier game frames under mixed workloads. The release also includes key tuning changes such as shrinking scheduling timeslice to 2 ms, adjusting CPU-frequency governor settings, and enabling background hugepage reclamation. For those looking for low jitter and fast wake-ups, Liquorix Kernel 6.18-17 is a solid choice, but users prioritizing battery life or stability under exotic hardware may want to stick with the distro kernel.
The XanMod kernel release 6.8.15 brings several improvements, including ThinLTO, better block I/O handling, and a built-in BBRv3 TCP congestion controller. To get this new kernel running on Debian or Ubuntu while keeping graphics working, you need to trust the upstream signing key and add the XanMod repository to your system. The process involves updating the package index, installing the main XanMod package, and installing any required external modules or drivers like NVIDIA. After installation, a quick sanity check can be performed by reading /proc/version to confirm that the new kernel is running, and troubleshooting may involve verifying GRUB's default entry and rebuilding custom packages like OpenZFS DKMS.
Debian has released several security updates to address vulnerabilities in various packages. The ELA-1652-1 glib2.0 security update fixes multiple issues that could lead to denial of service, memory corruption, or arbitrary code execution in GLib. Additionally, the ELA-1654-1 python-tornado security update addresses four vulnerabilities in the Tornado web framework that can cause denial of service attacks or other issues. Other updates include a fix for an authorization logic flaw in the Orthanc application and multiple security issues in Thunderbird that could result in arbitrary code execution or information disclosure.
Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1654-1 python-tornado security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1652-1 glib2.0 security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4494-1] orthanc security update
[DLA 4495-1] thunderbird security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6152-1] thunderbird security update
Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1654-1 python-tornado security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1652-1 glib2.0 security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4494-1] orthanc security update
[DLA 4495-1] thunderbird security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6152-1] thunderbird security update
The GnuTLS library has been updated for Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS to fix several security vulnerabilities. The library, used for Transport Layer Security and Datagram Transport Layer Security protocols, may have led to Denial of Service due to the issues found. Two specific CVEs were identified: CVE-2025-9820 and CVE-2025-14831. These vulnerabilities involved out-of-bound write issues with PKCS#11 tokens and resource exhaustion from malicious certificates containing large name constraints and subject alternative names.
ELA-1653-1 gnutls28 security update
ELA-1653-1 gnutls28 security update
XanMod has released its latest kernel, version 6.19.4, which brings improvements such as LLVM ThinLTO and aggressive CPU-level tweaks that can enhance download speeds and overall system performance. The new build also includes an all-new BBRv3 congestion engine and a scx scheduler extension for handling heavy CPU loads more efficiently. However, users who rely on NVIDIA's proprietary driver or other specific software may experience issues with the latest kernel, requiring them to run certain commands after booting to confirm module loading. To install XanMod 6.19.4, users can follow the provided instructions, which involve adding a repository, refreshing APT, and rebooting into the new kernel.
Debian has released several security updates to address vulnerabilities in various packages. The first update affects libstb, which is used for single-file image and audio processing libraries for C/C++ programmers, and fixes multiple buffer overflow and denial-of-service vulnerabilities. Meanwhile, nss, a Mozilla Network Security Service library, was also updated to fix an integer overflow issue that could allow an attacker to cause a denial of service. Additionally, python-django, chromium, and other packages received security updates to address various issues, including arbitrary code execution, denial of service, and information disclosure vulnerabilities.
[DLA 4493-1] libstb security update
[DSA 6149-1] nss security update
[DSA 6150-1] python-django security update
[DSA 6151-1] chromium security update
[DLA 4493-1] libstb security update
[DSA 6149-1] nss security update
[DSA 6150-1] python-django security update
[DSA 6151-1] chromium security update
Two security updates have been released for Debian GNU/Linux 11 (Bullseye) LTS. The first update addresses vulnerabilities in the GnuTLS library, which may lead to Denial of Service. These issues were fixed in version 3.7.1-5+deb11u9 and users are recommended to upgrade their gnutls28 packages. A second security update has also been released for Firefox ESR, fixing multiple security issues that could potentially result in code execution or other security risks.
[DLA 4492-1] gnutls28 security update
[DSA 6148-1] firefox-esr security update
[DLA 4492-1] gnutls28 security update
[DSA 6148-1] firefox-esr security update
The Debian Security team has released an update to address multiple vulnerabilities in the OpenSSL library, including out-of-bounds writes and NULL pointer dereferences that can lead to Denial of Service (DoS) attacks. The vulnerabilities were discovered by Aisle Research and involve issues with BIO chains, AES-NI code paths, PKCS#12 files, and timestamp response verification code. The update addresses five CVEs: CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2026-22795, and CVE-2026-22796. Users are advised to upgrade their OpenSSL packages to version 1.1.1w-0+deb11u5 to address these issues.
[DLA 4490-1] openssl security update
[DLA 4490-1] openssl security update
A security update has been released for the glib2.0 package in Debian 11 bullseye, addressing four vulnerabilities that could lead to denial of service, memory corruption, or arbitrary code execution. The issues were found in various functions within GLib, including buffer underflows and integer overflows that can result in out-of-bounds memory access. The updated version, glib2.0 2.66.8-1+deb11u8, fixes these problems and is recommended for installation. Users are advised to upgrade their glib2.0 packages to the latest version for improved security.
[DLA 4491-1] glib2.0 security update
[DLA 4491-1] glib2.0 security update
Several security updates have been released for Debian GNU/Linux, including a fix for modsecurity-crs for Debian 10 and 11 to prevent attackers from bypassing web application firewalls. The issue, known as "Content-Type confusion," occurs when multiple Content-Type request headers are not properly detected on some platforms. Additionally, a buffer overflow was discovered in the libvpx library for Debian 11, which could result in denial of service or potentially allow arbitrary code execution. Users are recommended to upgrade their modsecurity-crs and libvpx packages to the latest versions to address these security issues.
[DLA 4488-1] modsecurity-crs security update
ELA-1651-1 modsecurity-crs security update
[DLA 4489-1] libvpx security update
[DLA 4488-1] modsecurity-crs security update
ELA-1651-1 modsecurity-crs security update
[DLA 4489-1] libvpx security update
Debian has issued security updates for the GEGL image processing library due to two vulnerabilities: CVE-2026-2049 and CVE-2026-2050. These bugs could allow an attacker to crash the system or execute arbitrary code if they process malformed files using the RGBE/HDR parser in GEGL. The affected versions include 1:0.4.26-2+deb11u2 for Debian GNU/Linux 11 (Bullseye) LTS and 0.3.8-4+deb9u2 for Debian GNU/Linux 9 (Stretch) ELTS and 0.4.12-2+deb10u2 for Debian GNU/Linux 10 (Buster) ELTS.
[DLA 4487-1] gegl security update
ELA-1650-1 gegl security update
[DLA 4487-1] gegl security update
ELA-1650-1 gegl security update
Three packages have been affected by newly discovered vulnerabilities: nova, ca-certificates, and chromium. The nova vulnerability allows for data destruction on the host system due to unsafe image resize operations, while the chromium security issues result in potential code execution or information disclosure. Additionally, the ca-certificates package has been updated with new certificate authorities and removed expired ones to ensure secure SSL connections. Other packages, such as pillow, also have vulnerabilities that need to be addressed through upgrades.
Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1649-1 gimp security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4486-1] nova security update
[DLA 4485-1] ca-certificates CA certificates update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6146-1] chromium security update
Debian GNU/Linux 13 (Trixie):
[DSA 6147-1] pillow security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1649-1 gimp security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4486-1] nova security update
[DLA 4485-1] ca-certificates CA certificates update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6146-1] chromium security update
Debian GNU/Linux 13 (Trixie):
[DSA 6147-1] pillow security update
The newest XanMod kernels (6.19.3, 6.18.13, 6.18.13-rt, and LTS 6.12.74) have been released for 64-bit Debian-based systems, offering several performance tweaks, including LLVM's ThinLTO and polyhedral optimizations in the 6.19 series. However, users may experience issues with certain drivers, such as NVIDIA's proprietary driver version 560.28, which can cause the system to panic after booting into XanMod 6.19.3. To install the new kernel on Debian/Ubuntu systems, you need to trust the XanMod signing key and add a repository line to your sources.list file. If you rely on external modules like NVIDIA or OpenZFS with ZFS DKMS package, make sure to update their source trees before rebooting and reinstall any necessary packages after the kernel upgrade from version 6.18.x or earlier.
The Liquorix 6.18-14 kernel has been released for Linux users, promising lower latency, a snappier desktop feel, and better frame-time consistency in games. This new kernel is designed to improve "interactive" performance by swapping the default scheduler, reducing CPU timeslice, and enabling background hugepage reclaim among other changes. If you regularly engage in gaming, video production, or run virtual machines that require low latency, installing Liquorix may be worth it as it can provide extra responsiveness and improved playback.
