The Liquorix Linux Kernel 7.0-7 update introduces a targeted scheduler optimization that skips unnecessary idle stack synchronization when cores remain identical, directly improving responsiveness for interactive workloads. Built on the standard 7.0.7 foundation, this release specifically targets Project-C latency reductions to deliver smoother frame pacing in games and more consistent audio processing in creative applications. Users can deploy the new kernel version across Debian, Ubuntu, or Arch distributions by running a single automated shell script that handles repository updates and bootloader configuration behind the scenes. Before applying the update on production machines, it is wise to verify driver compatibility and test the changes in a virtual environment to avoid potential boot or module loading issues.
Debian released a series of security advisories to patch critical flaws across several major software packages including Thunderbird, PostgreSQL versions fifteen and seventeen, Node.js, FFmpeg, Apache2, nghttp2, and gsasl. Attackers could exploit these weaknesses to execute arbitrary code, bypass authorization controls, trigger denial of service attacks, or leak sensitive information from vulnerable systems. The updates provide specific version numbers for Debian bookworm, trixie, and bullseye distributions while also correcting earlier release notes regarding certain Apache vulnerabilities. System administrators should upgrade their affected software immediately using the recommended package versions to maintain network security.
[DSA 6267-1] thunderbird security update
[DSA 6266-1] nghttp2 security update
[DSA 6271-1] gsasl security update
[DSA 6270-1] postgresql-17 security update
[DSA 6269-1] postgresql-15 security update
[DLA 4582-1] thunderbird security update
[DSA 6268-1] ffmpeg security update
[DSA 6272-1] nodejs security update
[ERRATUM] [DLA 4571-1] apache2 security update
[DSA 6267-1] thunderbird security update
[DSA 6266-1] nghttp2 security update
[DSA 6271-1] gsasl security update
[DSA 6270-1] postgresql-17 security update
[DSA 6269-1] postgresql-15 security update
[DLA 4582-1] thunderbird security update
[DSA 6268-1] ffmpeg security update
[DSA 6272-1] nodejs security update
[ERRATUM] [DLA 4571-1] apache2 security update
Debian LTS recently issued an advisory for the nghttp2 library to patch CVE-2026-27135, which resolves a missing state validation that previously triggered assertion failures. A separate update addresses CVE-2026-30922 in pyasn1, fixing a denial of service flaw caused by uncontrolled recursion when processing deeply nested ASN.1 data. Both issues threaten system stability and require administrators to upgrade their packages immediately. You can find complete installation guidance and ongoing threat details on the official Debian security trackers.
[DLA 4581-1] nghttp2 security update
ELA-1717-1 pyasn1 security update
[DLA 4581-1] nghttp2 security update
ELA-1717-1 pyasn1 security update
Debian issued two separate security advisories that address serious flaws within the exim4 mail transport agent. Attackers could exploit these weaknesses to run malicious code remotely, crash systems through denial of service attacks, or steal confidential information. Official patches are now available for Debian GNU/Linux 11 (Bullseye) LTS, 12 (Bookworm), and 13 (Trixie), with specific version numbers listed for each distribution. System owners must upgrade their packages immediately to close these dangerous security gaps before attackers can cause damage.
[DLA 4580-1] exim4 security update
[DSA 6265-1] exim4 security update
[DLA 4580-1] exim4 security update
[DSA 6265-1] exim4 security update
The latest XanMod kernel releases bring targeted performance tweaks to Debian and Ubuntu systems, focusing on sustained responsiveness during heavy workloads rather than raw benchmark scores. Users get optimized memory management through Google's multigenerational LRU framework, faster network stacks with BBRv3 congestion control, and dedicated drivers for AMD 3D V-Cache and Steam Deck hardware. The build also ships a real-time PREEMPT_RT variant alongside standard desktop optimizations, making it a solid drop-in replacement for power users who want smoother multitasking. Installation is straightforward through the official APT repository, though users should double-check compatibility with proprietary drivers like NVIDIA or VirtualBox before rebooting since those modules often lag behind new kernel versions.
Liquorix Linux Kernel 7.0-6 trades standard power-saving compromises for aggressive desktop tuning that keeps gaming and audio workflows noticeably snappier. The build shrinks the CPU scheduler timeslice to two milliseconds and lowers frequency scaling thresholds so the processor actually ramps clocks when an application demands it. Disk I/O now defaults to kyber or bfq schedulers while split lock mitigation shuts off by default, since those features usually just throttle performance without offering real security benefits on modern hardware. Debian and Ubuntu users can grab the update through a single official script that drops straight into their package manager with easy rollback options if the new tuning causes hiccups.
Debian issued multiple security advisories that target serious vulnerabilities in popular packages including dnsmasq, python-authlib, rails, and p7zip. Attackers could exploit these flaws to bypass authentication mechanisms, trigger remote code execution, or crash systems via memory corruption and denial of service attacks. System administrators should upgrade their affected software immediately since the patched versions are already available for various Debian releases. You can find exact version numbers and detailed tracking information on the official Debian security pages.
[DSA 6264-1] dnsmasq security update
[DLA 4579-1] python-authlib security update
[DLA 4578-1] rails security update
[DLA 4577-1] p7zip-rar security update
[DLA 4576-1] p7zip security update
ELA-1716-1 rails security update
[DSA 6264-1] dnsmasq security update
[DLA 4579-1] python-authlib security update
[DLA 4578-1] rails security update
[DLA 4577-1] p7zip-rar security update
[DLA 4576-1] p7zip security update
ELA-1716-1 rails security update
Debian administrators should patch corosync immediately since two cluster engine flaws could leak memory or crash services on both oldstable and stable releases. Tor also demands an urgent upgrade because six separate bugs might allow attackers to disrupt its anonymous routing capabilities across all supported distributions. Meanwhile developers resolved a dangerous memory corruption error in libpng that compromises PNG file processing, so users must apply the new package versions without delay. System administrators should also update lcms2 right away since two integer overflows in its color management library could destabilize graphics applications, and delaying this patch leaves networks exposed.
[DSA 6261-1] corosync security update
[DSA 6260-1] tor security update
[DSA 6263-1] libpng1.6 security update
[DSA 6262-1] lcms2 security update
[DSA 6261-1] corosync security update
[DSA 6260-1] tor security update
[DSA 6263-1] libpng1.6 security update
[DSA 6262-1] lcms2 security update
Ondřej Surý has pushed a comprehensive set of PHP security updates to the Sury repository, patching critical vulnerabilities across every supported branch from version 5.6 through 8.5.6. These releases specifically target Debian GNU/Linux 11 (Bullseye) LTS, 12 (Bookworm), and 13 (Trixie), ensuring both modern stacks and legacy applications receive essential fixes for issues like cross-site scripting, memory corruption, and SQL injection. Administrators can quickly apply the patches by adding the official repository key, updating their package index, and running a standard system upgrade without risking version mismatches across different Debian releases. Keeping these backported updates current is the most reliable way to protect production servers until legacy frameworks are fully migrated to actively supported branches.
Debian issued a series of security patches on May 9 that address critical flaws across several widely used software packages including the Linux kernel, OpenJDK, Firefox ESR, PyJWT, and libpng1.6. These updates fix vulnerabilities that could allow attackers to escalate privileges locally, execute arbitrary code, leak sensitive information, or bypass authentication mechanisms. System administrators should apply these upgrades right away since unpatched systems remain exposed to serious exploitation risks. The fixes cover both current stable releases and older support branches to keep a wide range of Debian environments secure.
ELA-1715-1 linux-6.1 security update
ELA-1714-1 openjdk-8 security update
[DLA 4575-1] firefox-esr security update
[DLA 4574-1] linux-6.1 security update
[DSA 6259-1] pyjwt security update
[DLA 4573-1] libpng1.6 security update
[DSA 6258-1] linux security update
ELA-1715-1 linux-6.1 security update
ELA-1714-1 openjdk-8 security update
[DLA 4575-1] firefox-esr security update
[DLA 4574-1] linux-6.1 security update
[DSA 6259-1] pyjwt security update
[DLA 4573-1] libpng1.6 security update
[DSA 6258-1] linux security update
Liquorix Kernel 7.0-5 trades raw throughput and battery efficiency for snappier desktop interactions by tightening scheduler timeslices and adjusting CPU frequency scaling thresholds. The update swaps disk I/O schedulers to kyber or bfq depending on your drive type, which helps random read performance during everyday tasks like launching apps or switching windows. Installing it on Debian or Ubuntu is as simple as running a single curl command, though keeping a fallback live USB handy remains smart since aggressive tuning can occasionally break proprietary driver compatibility. Desktop creators and gamers will likely appreciate the reduced input lag, but servers and battery-powered laptops should probably stick with their distribution stock kernels instead.
Several Debian security bulletins released address critical flaws in widely deployed software including Apache HTTP Server, PHP versions 8.2 and 8.4, Firefox ESR, the Linux kernel, Postorius, and Little CMS. These vulnerabilities could allow malicious actors to execute arbitrary code, escalate system privileges, crash services, or expose sensitive information. Each advisory lists exact version numbers for various Debian releases alongside older stable distributions that require immediate patching. Administrators ought to prioritize these installations right away since the combined threat landscape remains quite active across multiple platforms.
[DLA 4571-1] apache2 security update
[DSA 6257-1] postorius security update
[DSA 6256-1] php8.4 security update
[DSA 6255-1] php8.2 security update
[DLA 4572-1] linux security update
[DSA 6254-1] firefox-esr security update
[DSA 6253-1] linux security update
ELA-1713-1 linux-5.10 security update
ELA-1709-1 lcms2 security update
[DLA 4571-1] apache2 security update
[DSA 6257-1] postorius security update
[DSA 6256-1] php8.4 security update
[DSA 6255-1] php8.2 security update
[DLA 4572-1] linux security update
[DSA 6254-1] firefox-esr security update
[DSA 6253-1] linux security update
ELA-1713-1 linux-5.10 security update
ELA-1709-1 lcms2 security update
XanMod just dropped kernels 6.18.17 LTS and 7.0.4 to give Debian and Ubuntu users a noticeably snappier desktop experience without waiting on upstream updates. The build ships with Google multigenerational LRU memory management, Cloudflare TCP collapse, BBRv3 networking tweaks, and dedicated drivers for AMD 3D V-Cache and Steam Deck hardware. Proprietary modules like NVIDIA graphics or VirtualBox often break during compilation, so checking DKMS compatibility before swapping kernels is a must. The installation takes just three APT commands plus a few build dependencies, but running the update on a spare machine first will save you from a boot loop when a driver refuses to compile.
Debian issued a batch of security advisories and timezone updates for its LTS distributions. The tzdata package now incorporates the 2026b database, which shifts British Columbia to permanent standard time and refreshes its leap second records. Critical patches also addressed multiple vulnerabilities across several applications, ranging from buffer overflows in LibreOffice and integer overflow flaws in lcms2 to severe access control weaknesses in Prosody. Administrators should prioritize upgrading Chromium alongside these other tools since the browser update resolves dozens of critical issues that could allow arbitrary code execution or data leaks.
ELA-1712-1 libdatetime-timezone-perl new timezone database
ELA-1711-1 tzdata new timezone database
[DLA 4570-1] libdatetime-timezone-perl new timezone database
[DLA 4569-1] tzdata new timezone database
[DSA 6252-1] prosody security update
[DSA 6251-1] libreoffice security update
[DSA 6250-1] chromium security update
[DLA 4568-1] lcms2 security update
ELA-1712-1 libdatetime-timezone-perl new timezone database
ELA-1711-1 tzdata new timezone database
[DLA 4570-1] libdatetime-timezone-perl new timezone database
[DLA 4569-1] tzdata new timezone database
[DSA 6252-1] prosody security update
[DSA 6251-1] libreoffice security update
[DSA 6250-1] chromium security update
[DLA 4568-1] lcms2 security update
The first Liquorix kernel built around the Linux 7 series swaps standard power saving defaults for aggressive interactivity tweaks that keep desktops feeling snappy under heavy loads. It forces a two millisecond scheduling timeslice, switches to kyber or bfq disk schedulers, and rewrites CPU frequency scaling to stop idling during short bursts of activity. Installing it on Debian or Ubuntu systems takes just one curl command that handles dependencies and drops the new binaries straight into your package manager. Desktop users chasing smoother frame pacing or tighter audio latency will notice the difference immediately, though you should expect slightly higher power draw when the processor refuses to idle.
A batch of urgent security updates rolled out covers several widely used tools including OpenJDK Java runtimes, Apache HTTP Server, Wireshark, lrzip, and ImageMagick. These patches fix serious flaws that could let attackers execute arbitrary code, leak private data, crash systems through denial of service attacks, or bypass Kerberos authentication checks. You should upgrade your affected packages right away since Debian has already released stable versions for all supported distributions. Detailed tracking pages and official documentation provide straightforward instructions for applying these critical fixes to your environment.
[DLA 4566-1] openjdk-11 security update
[DLA 4565-1] openjdk-17 security update
ELA-1708-1 openjdk-11 security update
[DSA 6248-1] apache2 security update
[DSA 6249-1] wireshark security update
[DLA 4567-1] lrzip security update
ELA-1710-1 imagemagick security update
[DLA 4566-1] openjdk-11 security update
[DLA 4565-1] openjdk-17 security update
ELA-1708-1 openjdk-11 security update
[DSA 6248-1] apache2 security update
[DSA 6249-1] wireshark security update
[DLA 4567-1] lrzip security update
ELA-1710-1 imagemagick security update
Debian LTS has released security patches for libarchive and pyjwt to address multiple critical flaws across several supported distributions. The libarchive update fixes four separate vulnerabilities that could trigger infinite loops, leak sensitive memory data, crash applications, or allow arbitrary code execution on older architectures. A separate advisory corrects a pyjwt specification violation where the library improperly accepted JSON Web Tokens containing unrecognized critical header parameters. Administrators managing Debian 11 or older extended support releases should upgrade these packages immediately to close these security gaps.
[DLA 4563-1] libarchive security update
[DLA 4564-1] pyjwt security update
ELA-1707-1 pyjwt security update
[DLA 4563-1] libarchive security update
[DLA 4564-1] pyjwt security update
ELA-1707-1 pyjwt security update
Debian issued two security advisories to address critical flaws in Thunderbird and LXD. The Thunderbird patch for Debian GNU/Linux 11 (Bullseye) LTS resolves several vulnerabilities that could allow attackers to run arbitrary code on affected systems. A separate update for the LXD container platform for both Debian GNU/Linux 12 (Bookworm) and 13 (Trixie) fixes multiple issues that might otherwise trigger denial of service attacks. System administrators should apply these package upgrades immediately to keep their networks secure.
[DLA 4562-1] thunderbird security update
[DSA 6247-1] lxd security update
[DLA 4562-1] thunderbird security update
[DSA 6247-1] lxd security update
Recent security advisories address critical vulnerabilities across several widely used software packages including OpenJDK, ImageMagick, and multiple Linux kernel releases. Attackers could exploit these flaws to trigger arbitrary code execution, escalate privileges, or leak sensitive information through malformed inputs or cryptographic weaknesses. The patched versions are now available for both stable Debian distributions and extended long term support environments. System administrators should apply these updates without delay to protect their infrastructure from potential compromise.
[DSA 6246-1] openjdk-25 security update
[DSA 6245-1] imagemagick security update
ELA-1706-1 imagemagick security update
ELA-1705-1 linux-6.1 security update
ELA-1704-1 linux-5.10 security update
[DSA 6246-1] openjdk-25 security update
[DSA 6245-1] imagemagick security update
ELA-1706-1 imagemagick security update
ELA-1705-1 linux-6.1 security update
ELA-1704-1 linux-5.10 security update
Debian released three separate security bulletins that address critical flaws in the linux kernel and Incus container manager. Each advisory lists dozens of CVE identifiers that could allow unauthorized users to escalate privileges or cause denial of service attacks. The linux-6.1 package requires a major update while the standard linux distribution and Incus also received targeted patches for their respective vulnerabilities. Administrators need to install these fixes immediately before attackers can exploit the open security gaps.
[DLA 4561-1] linux-6.1 security update
[DLA 4560-1] linux security update
[DSA 6244-1] incus security update
[DLA 4561-1] linux-6.1 security update
[DLA 4560-1] linux security update
[DSA 6244-1] incus security update
