A fresh wave of Debian security advisories dropped and demands immediate attention from system operators who want to keep their networks safe. Critical vulnerabilities in apache2 librabbitmq and jpeg xl could allow malicious users to execute arbitrary code or trigger severe service crashes if left unpatched. The release also includes necessary updates for linux base and kernel wedge so they can properly support the upcoming Linux 6.12 backport on Debian 12 systems. Administrators should verify their current package versions right away since delayed upgrades leave infrastructure wide open to exploitation.

[DLA 4628-1] linux-base update
[DLA 4627-1] kernel-wedge update
[DLA 4629-1] apache2 security update
[DSA 6343-1] librabbitmq security update
{DSA 6342-1] jpeg-xl security update

[SECURITY] [DLA 4628-1] linux-base update

-------------------------------------------------------------------------
Debian LTS Advisory DLA-4628-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Ben Hutchings
June 12, 2026 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : linux-base
Version : 4.12.1~deb12u1

The linux-base package has been updated to support installation of a
backport of Linux 6.12.

For Debian 12 bookworm, the new version is 4.12.1~deb12u1.

For the detailed security status of linux-base please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/linux-base

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[SECURITY] [DLA 4627-1] kernel-wedge update

-------------------------------------------------------------------------
Debian LTS Advisory DLA-4627-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Ben Hutchings
June 12, 2026 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : kernel-wedge
Version : 2.106~deb12u1

The kernel-wedge package has been updated to support building a
backport of Linux 6.12.

For Debian 12 bookworm, the new version is 2.106~deb12u1.

For the detailed security status of kernel-wedge please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/kernel-wedge

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[SECURITY] [DLA 4629-1] apache2 security update

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4629-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Bastien Roucari??s
June 12, 2026 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : apache2
Version : 2.4.67-1~deb11u3
CVE ID : CVE-2026-29167 CVE-2026-29170 CVE-2026-34355 CVE-2026-34356
CVE-2026-42535 CVE-2026-42536 CVE-2026-43951 CVE-2026-44119
CVE-2026-44185 CVE-2026-44186 CVE-2026-44631 CVE-2026-48913
Debian Bug : 1139340

Multiple vulnerabilities have been discovered in the Apache HTTP server,
which may result in remote code execution, privilege escalation, denial
of service or information disclosure.

For Debian 11 bullseye, these problems have been fixed in version
2.4.67-1~deb11u3.

We recommend that you upgrade your apache2 packages.

For the detailed security status of apache2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/apache2

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[SECURITY] [DSA 6343-1] librabbitmq security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6343-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 12, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : librabbitmq
CVE ID : CVE-2026-44235 CVE-2026-44236

Two security vulnberabilities were discovered in librabbitmq, an AMQP
client library, which could result in denial of service or potentially
the execution of arbitrary code.

For the stable distribution (trixie), these problems have been fixed in
version 0.15.0-1+deb13u1.

We recommend that you upgrade your librabbitmq packages.

For the detailed security status of librabbitmq please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/librabbitmq

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

[SECURITY] [DSA 6342-1] jpeg-xl security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6342-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 12, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : jpeg-xl
CVE ID : CVE-2025-70103

It was discovered that missing input sanitising in the PNM/PBM parser of
the reference code implementation of the JPEG XL format could result
in denial of service or potentially the execution of arbitrary code if
malformed images are processed.

For the stable distribution (trixie), this problem has been fixed in
version 0.11.2-0.1~deb13u2.

We recommend that you upgrade your jpeg-xl packages.

For the detailed security status of jpeg-xl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/jpeg-xl

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/