Chromium, Kernel, Multipart updates for Debian

Debian 10817 Published by

Debian has released several security advisories to address vulnerabilities in various packages. These advisories include DSA-6164-1, which updates the chromium package to fix multiple security issues that could lead to code execution or information disclosure. The update is available for Debian GNU/Linux 12 (Bookworm) and 13 (Trixie). In addition to the chromium advisory, there are also three other advisories: DSA-6162-1, which updates the linux package to address multiple vulnerabilities in the Linux kernel; DSA-6163-1, another update to the linux package that fixes several more vulnerabilities; and DSA-6161-1, which updates the multipart package to fix a vulnerability that could lead to a denial of service.

[DSA 6164-1] chromium security update
[DSA 6162-1] linux security update
[DSA 6163-1] linux security update
[DSA 6161-1] multipart security update




[SECURITY] [DSA 6164-1] chromium security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6164-1 security@debian.org
https://www.debian.org/security/ Andres Salomon
March 12, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2026-3913 CVE-2026-3914 CVE-2026-3915 CVE-2026-3916
CVE-2026-3917 CVE-2026-3918 CVE-2026-3919 CVE-2026-3920
CVE-2026-3921 CVE-2026-3922 CVE-2026-3923 CVE-2026-3924
CVE-2026-3925 CVE-2026-3926 CVE-2026-3927 CVE-2026-3928
CVE-2026-3929 CVE-2026-3930 CVE-2026-3931 CVE-2026-3932
CVE-2026-3934 CVE-2026-3935 CVE-2026-3936 CVE-2026-3937
CVE-2026-3938 CVE-2026-3939 CVE-2026-3940 CVE-2026-3941
CVE-2026-3942

Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.

For the oldstable distribution (bookworm), these problems have been fixed
in version 146.0.7680.71-1~deb12u1.

For the stable distribution (trixie), these problems have been fixed in
version 146.0.7680.71-1~deb13u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[SECURITY] [DSA 6162-1] linux security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6162-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
March 12, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2025-71238 CVE-2026-23100 CVE-2026-23221 CVE-2026-23233
CVE-2026-23234 CVE-2026-23235 CVE-2026-23236 CVE-2026-23237
CVE-2026-23238

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

The Qualys Threat Research Unit (TRU) discovered several vulnerabilities
in Apparmor. Details can be found in the Qualys advisory at
https://www.qualys.com/2026/03/10/crack-armor.txt

For the stable distribution (trixie), these problems have been fixed in
version 6.12.74-2.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[SECURITY] [DSA 6163-1] linux security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6163-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
March 12, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2023-53424 CVE-2024-26822 CVE-2024-57895 CVE-2025-22026
CVE-2025-23155 CVE-2025-37786 CVE-2025-37822 CVE-2025-37920
CVE-2025-38201 CVE-2025-38643 CVE-2025-39763 CVE-2025-40082
CVE-2025-40251 CVE-2025-68358 CVE-2025-71089 CVE-2025-71144
CVE-2025-71220 CVE-2025-71222 CVE-2025-71224 CVE-2025-71232
CVE-2025-71233 CVE-2025-71235 CVE-2025-71236 CVE-2025-71237
CVE-2025-71238 CVE-2026-23111 CVE-2026-23112 CVE-2026-23169
CVE-2026-23176 CVE-2026-23178 CVE-2026-23180 CVE-2026-23182
CVE-2026-23187 CVE-2026-23190 CVE-2026-23193 CVE-2026-23198
CVE-2026-23202 CVE-2026-23205 CVE-2026-23206 CVE-2026-23209
CVE-2026-23216 CVE-2026-23220 CVE-2026-23221 CVE-2026-23222
CVE-2026-23228 CVE-2026-23229 CVE-2026-23230 CVE-2026-23234
CVE-2026-23235 CVE-2026-23236 CVE-2026-23237 CVE-2026-23238

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

The Qualys Threat Research Unit (TRU) discovered several vulnerabilities
in Apparmor. Details can be found in the Qualys advisory at
https://www.qualys.com/2026/03/10/crack-armor.txt

For the oldstable distribution (bookworm), these problems have been fixed
in version 6.1.164-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[SECURITY] [DSA 6161-1] multipart security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6161-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
March 12, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : multipart
CVE ID : CVE-2026-28356

It was discovered that the parse_options_header() function of multipart,
a Python multipart/form-data parser was susceptible to denial of service
via malformed request headers or multipart/form-data streams.

For the stable distribution (trixie), this problem has been fixed in
version 1.2.1-2+deb13u1.

We recommend that you upgrade your multipart packages.

For the detailed security status of multipart please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/multipart

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

XanMod Kernel 6.19.6 and 6.18.17: How to Install, What Drivers Need Updating, and When the Default Debian Kernel Still Wins

Python, Task, Strongswan, and more updates for Fedora

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...