XanMod has released new kernel versions targeting Debian-based distributions with aggressive performance tuning for heavy workloads and gaming scenarios. These builds include advanced schedulers and network optimizations like BBRv3 to reduce latency, though they demand specific hardware instruction set support to function correctly. Users must install external dependencies for DKMS modules before updating or risk breaking proprietary drivers like NVIDIA during the transition process. While the performance gains are noticeable, this path remains best suited for enthusiasts willing to troubleshoot potential compatibility issues rather than those needing guaranteed enterprise stability.
Debian released two security advisories on that address serious flaws in both Chromium on Debian GNU/Linux 12 (Bookworm) and 13 (Trixie) as well as the libpng1.6 library on Debian GNU/Linux 11 (Bullseye) LTS. The update for Chromium fixes over twenty vulnerabilities which could potentially lead to arbitrary code execution or denial of service attacks depending on how they are exploited.
[DSA 6192-1] chromium security update
[DLA 4521-1] libpng1.6 security update
[DSA 6192-1] chromium security update
[DLA 4521-1] libpng1.6 security update
Debian released security updates for python-tornado and the GStreamer media plugins used across multiple distributions. The tornado update blocks attacks involving cookie injection and denial of service via multipart bodies. Meanwhile the GStreamer plugins address serious flaws where opening a malformed file could lead to code execution on the host machine.
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1672-1 python-tornado security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4520-1] python-tornado security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6191-1] gst-plugins-ugly1.0 security update
[DSA 6190-1] gst-plugins-bad1.0 security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1672-1 python-tornado security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4520-1] python-tornado security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6191-1] gst-plugins-ugly1.0 security update
[DSA 6190-1] gst-plugins-bad1.0 security update
Debian released three security advisories targeting vulnerabilities found in libpng1.6, lxd, and netty. These flaws pose significant risks including privilege escalation or denial of service attacks against users running older distributions. The Netty advisory highlights distinct threats such as SMTP command injection which could allow attackers to forge emails from trusted servers. Users should upgrade their packages now using the specific version numbers provided for their respective Debian releases.
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4519-1] netty security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6189-1] libpng1.6 security update
[DSA 6188-1] lxd security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4519-1] netty security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6189-1] libpng1.6 security update
[DSA 6188-1] lxd security update
Debian released security advisories for asterisk, phpseclib, and roundcube to address critical flaws. The asterisk update addresses several severe flaws including XSS vulnerabilities in the status page and privilege escalation risks within core dumper files. Crucially, the phpseclib package receives essential updates for TLS certificate confusion and timing attacks while roundcube patches numerous flaws involving SSRF and HTML sanitization bypasses.
Debian GNU/Linux 10 (Buster) ELTS:
ELA-1671-1 phpseclib security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4515-1] asterisk security update
[DLA 4518-1] phpseclib security update
[DLA 4517-1] roundcube security update
Debian GNU/Linux 10 (Buster) ELTS:
ELA-1671-1 phpseclib security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4515-1] asterisk security update
[DLA 4518-1] phpseclib security update
[DLA 4517-1] roundcube security update
Debian released multiple security advisories addressing critical vulnerabilities within several key software packages on Linux systems. GStreamer plugins suffered from integer overflows that could lead to code execution if a user opens a malicious media file on their system. Other affected tools like Incus and nodejs face risks involving side channel attacks while PHP libraries are susceptible to timing attacks on their cryptographic functions. Users running Debian stable distributions should apply the recommended updates immediately to prevent potential system compromise or data loss from these exploits.
Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended:
ELA-1669-1 gst-plugins-base1.0 security update
ELA-1670-1 gst-plugins-ugly1.0 security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4514-1] gst-plugins-base1.0 security update
[DLA 4516-1] gst-plugins-ugly1.0 security update
Debian GNU/Linux 12 (Stretch) and 13 (Trixie):
[DSA 6187-1] php-phpseclib3 security update
[DSA 6186-1] php-phpseclib security update
[DSA 6185-1] phpseclib security update
Debian GNU/Linux 13 (Trixie):
[DSA 6184-1] incus security update
[DSA 6183-1] nodejs security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended:
ELA-1669-1 gst-plugins-base1.0 security update
ELA-1670-1 gst-plugins-ugly1.0 security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4514-1] gst-plugins-base1.0 security update
[DLA 4516-1] gst-plugins-ugly1.0 security update
Debian GNU/Linux 12 (Stretch) and 13 (Trixie):
[DSA 6187-1] php-phpseclib3 security update
[DSA 6186-1] php-phpseclib security update
[DSA 6185-1] phpseclib security update
Debian GNU/Linux 13 (Trixie):
[DSA 6184-1] incus security update
[DSA 6183-1] nodejs security update
The new Liquorix Kernel 6.19 release is built for gamers and audio pros who need low latency instead of maximum power efficiency. Technical tweaks reduce the PDS scheduling timeslice to 2 ms while turning off split lock detection to prevent unnecessary slowdowns on specific setups. Expect a hit to battery life because the system will aggressively preempt tasks to keep frame times consistent under load. Installing this kernel means using a curl command instead of your usual package manager, which makes creating a backup of your current boot setup a mandatory step.
Security advisories for Debian have identified serious vulnerabilities affecting both the gvfs virtual filesystem and the libxml-parser-perl module used in older distributions. Researchers at Codean Labs found that attackers could exploit FTP bounce mechanisms to probe client networks or inject commands via flawed CRLF validation within gvfs. A separate risk involves a heap-based buffer overflow in the Perl parser when handling deeply nested XML elements which impacts bookworm and trixie versions.
Debian GNU/Linux 9 (Stretch) ELTS:
ELA-1668-1 gvfs security update
Debian GNU/Linux 10 (Buster) ELTS:
ELA-1667-1 gvfs security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4513-1] gvfs security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6182-1] libxml-parser-perl security update
Debian GNU/Linux 9 (Stretch) ELTS:
ELA-1668-1 gvfs security update
Debian GNU/Linux 10 (Buster) ELTS:
ELA-1667-1 gvfs security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4513-1] gvfs security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6182-1] libxml-parser-perl security update
Recent security bulletins highlight critical vulnerabilities affecting several core Debian packages including strongswan and bind9. An integer underflow in the strongswan EAP-TTLS plugin allows attackers to crash services or launch denial of service campaigns via crafted messages. Libvpx also features a buffer overflow vulnerability that allows code execution while bind9 users must patch several bugs related to access control restrictions.
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1666-1 libvpx security update
Debian GNU/Linux 10 (Buster) ELTS:
ELA-1665-1 strongswan security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4512-1] strongswan security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6181-1] bind9 security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1666-1 libvpx security update
Debian GNU/Linux 10 (Buster) ELTS:
ELA-1665-1 strongswan security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4512-1] strongswan security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6181-1] bind9 security update
The Debian Project has released four separate security advisories regarding vulnerabilities in Thunderbird and Firefox ESR. These patches address issues that could potentially allow arbitrary code execution or information disclosure depending on the specific software affected. Users running older distributions like bullseye need to update immediately while those on bookworm and trixie should also apply the recommended upgrades for the affected packages.
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4511-1] thunderbird security update
[DLA 4510-1] firefox-esr security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6180-1] ruby-rack security update
[DSA 6179-1] thunderbird security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4511-1] thunderbird security update
[DLA 4510-1] firefox-esr security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6180-1] ruby-rack security update
[DSA 6179-1] thunderbird security update
Security advisories were released by the Debian Project regarding critical updates for popular software packages including Chromium and Firefox ESR. Attackers might exploit these flaws to execute arbitrary code or escape sandbox protections within systems easily. The NSS library contains a specific integer overflow issue while Awstats suffers from command injection vulnerabilities that impact web analytics services significantly and require urgent patching across various older distributions like bullseye.
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1663-1 linux-6.1 security update
ELA-1664-1 linux-5.10 security update
Debian GNU/Linux 10 (Buster) ELTS:
ELA-1662-1 awstats security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4508-1] nss security update
[DLA 4509-1] awstats security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6177-1] chromium security update
[DSA 6178-1] firefox-esr security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1663-1 linux-6.1 security update
ELA-1664-1 linux-5.10 security update
Debian GNU/Linux 10 (Buster) ELTS:
ELA-1662-1 awstats security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4508-1] nss security update
[DLA 4509-1] awstats security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6177-1] chromium security update
[DSA 6178-1] firefox-esr security update
XanMod delivers a snappier desktop experience by defaulting to optimizations like LLVM ThinLTO and Google's BBRv3 TCP control. Setting up the system requires adding the official repository or manually installing .deb files from SourceForge for those avoiding third-party sources. NVIDIA owners need to select specific driver versions based on their GPU architecture or face a black screen upon rebooting into the new kernel. Power users willing to troubleshoot module conflicts will find the performance gains worth the extra setup time.
The Liquorix Kernel 6.19-5 drops a specialized Linux build focused on cutting latency for gaming and audio work instead of saving battery life. Running the installation script via terminal fetches the necessary packages and configures the system for low latency without manual compilation or extra setup steps. Expect snappier performance from aggressive CPU scheduling and disk I/O tweaks but be prepared for increased power consumption during heavy loads. A manual GRUB selection might be needed after rebooting to ensure the new kernel loads correctly since it replaces the standard distribution version.
Recent Debian security notices highlight critical vulnerabilities affecting popular software like mapserver, VLC, and strongswan. The updates for mapserver specifically target logic flaws that bypass control checks alongside SQL injection risks discovered in XML query directives. A separate issue affects the VLC media player where a remote attacker could exploit an out-of-bounds read through the MMS protocol handler.
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1661-1 mapserver security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4506-1] mapserver security update
[DLA 4507-1] vlc security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6176-1] strongswan security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1661-1 mapserver security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4506-1] mapserver security update
[DLA 4507-1] vlc security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6176-1] strongswan security update
Several Debian security advisories have been released to address critical flaws in SPIP and evolution-data-server among other packages. The website engine suffers from a privilege escalation vulnerability while the database backend allows Flatpak apps to delete arbitrary host files. Web developers must patch path traversal issues within Ruby interfaces alongside denial of service risks found in Perl modules like libyaml-syck-perl.
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1660-1 evolution-data-server security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4505-1] ruby-rack security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6175-1] libyaml-syck-perl security update
Debian GNU/Linux 13 (Trixie):
[DSA 6174-1] spip security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1660-1 evolution-data-server security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4505-1] ruby-rack security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6175-1] libyaml-syck-perl security update
Debian GNU/Linux 13 (Trixie):
[DSA 6174-1] spip security update
The latest Liquorix Kernel 6.19-4 update arrives with a focus on snappiness rather than raw server throughput for interactive systems. This build merges upstream Linux 6.19.9 changes while tweaking scheduler defaults to cut down on frame time deviations during heavy loads. Getting the kernel installed involves running a simple script that configures the repositories on supported Debian, Ubuntu, and Arch Linux systems without manual fuss. It is wise to check boot entries afterward since replacing kernel files can leave a system stuck in recovery mode if configurations fail.
Debian released two security advisories regarding vulnerabilities found in webkit2gtk and freeciv packages. The web engine update corrects eight flaws including unexpected crashes and a privacy issue where extensions could track users. A separate advisory addresses a packet processing error in the free strategy game server that could allow attackers to cause denial of service.
[DSA 6172-1] webkit2gtk security update
[DSA 6173-1] freeciv security update
[DSA 6172-1] webkit2gtk security update
[DSA 6173-1] freeciv security update
Three Debian security advisories were released regarding critical package vulnerabilities. Libvirt users running bullseye must upgrade because a recent Linux update caused valid netlink flags to be rejected incorrectly. Chromium requires immediate attention for both oldstable and stable systems since the discovered flaws enable attackers to execute arbitrary code or cause denial of service attacks on affected machines. Finally, imagemagick users on stretch need patches for over twenty flaws including potential security policy bypasses and information leaks.
Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1659-1 imagemagick security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4504-1] libvirt security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6171-1] chromium security update
Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1659-1 imagemagick security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4504-1] libvirt security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6171-1] chromium security update
The XanMod team has pushed out kernel versions 6.19.9 and 6.18.19 LTS for users who want to squeeze extra performance out of their Linux desktops without waiting for standard cycles. These builds ship with Google's BBRv3 congestion control enabled by default alongside specific tweaks for AMD 3D V-Cache processors that most distros ignore. Installation requires adding a new repository key and ensuring DKMS dependencies are present before attempting an update on Debian or Ubuntu systems. Anyone running NVIDIA drivers or VM software should proceed with caution because third-party modules often break until their maintainers catch up to the latest changes.
A batch of security updates for Debian has been released addressing vulnerabilities found in the OpenSSL toolkit used for secure communication over the Internet. Researchers identified multiple critical flaws in ImageMagick ranging from symlink races to potential arbitrary code execution within the graphics processing software. Administrators must prioritize upgrading snapd immediately since a local privilege escalation vulnerability allows attackers to gain unauthorized access without detection on the host system. Finally, a patch fixes evolution-data-server so Flatpak apps cannot delete arbitrary host files using D-Bus access.
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1658-1 openssl security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4503-1] evolution-data-server security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6170-1] snapd security update
Debian GNU/Linux 13 (Trixie):
[DSA 6169-1] imagemagick security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1658-1 openssl security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4503-1] evolution-data-server security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6170-1] snapd security update
Debian GNU/Linux 13 (Trixie):
[DSA 6169-1] imagemagick security update
