Debian administrators need to apply a fresh security patch that tackles multiple critical flaws across the bird2 routing daemon, LibreOffice suite, and libgd-perl module right now. Attackers could exploit these weaknesses to crash systems through denial of service attacks or run arbitrary code by opening malicious documents. The stable Debian GNU/Linux 13 (Trixie) distribution already receives updated package versions designed to completely remove these dangerous vulnerabilities from your network. You should upgrade every affected system immediately before threat actors can take advantage of the unpatched software.

[DSA 6347-1] bird2 security update
[DSA 6346-1] libreoffice security update
[DSA 6345-1] libgd-perl security update

[SECURITY] [DSA 6347-1] bird2 security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6347-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 15, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : bird2
CVE ID : not yet available

Multiple security vulnerabilities were discovered in the BIRD internet
routing daemon, which could result in denial of service.

For the stable distribution (trixie), this problem has been fixed in
version 2.17.5-0+deb13u1.

We recommend that you upgrade your bird2 packages.

For the detailed security status of bird2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/bird2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

[SECURITY] [DSA 6346-1] libreoffice security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6346-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 15, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : libreoffice
CVE ID : CVE-2026-6039 CVE-2026-6040 CVE-2026-6045 CVE-2026-8356
CVE-2026-8357 CVE-2026-8358

Multiple security vulnerabilities were discovered in LibreOffice, which
could result in denial of service or potentially the execution of
arbitrary code if malformed files are opened.

For the stable distribution (trixie), these problems have been fixed in
version 4:25.2.3-2+deb13u5.

We recommend that you upgrade your libreoffice packages.

For the detailed security status of libreoffice please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libreoffice

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

[SECURITY] [DSA 6345-1] libgd-perl security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6345-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
June 15, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : libgd-perl
CVE ID : CVE-2026-11526

A flaw was discovered in libgd-perl, a Perl module wrapper for libgd,
which may result in the execution of arbitrary shell commands or file
overwrite when processing specially crafted file names.

For the stable distribution (trixie), this problem has been fixed in
version 2.78-1+deb13u1.

We recommend that you upgrade your libgd-perl packages.

For the detailed security status of libgd-perl please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/libgd-perl

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/