Firefox-ESR, Incus, Sysstat, and more updates for Debian

Debian 10694 Published by

Multiple Debian security advisories have been issued to address vulnerabilities in various packages, including Firefox ESR (CVE-2025-11708-CVE-2025-11714), Incus (CVE-2025-54286-CVE-2025-54293), sysstat (CVE-2022-39377 and CVE-2023-33204), svgpp (CVE-2021-44960), LXD (CVE-2025-54286-CVE-2025-54293), and the Linux kernel (multiple CVEs). The advisories recommend upgrading to fixed versions of these packages to address the vulnerabilities. The specific affected packages and their corresponding versions are firefox-esr 140.4.0esr-1deb11u1, incus 6.0.4-2+deb13u1, sysstat 12.5.2-2+deb11u1, svgpp 1.3.0+dfsg1-4+deb11u1, lxd 5.0.2-5+deb12u1 and 5.0.2+git20231211.1364ae4-9+deb13u1, and linux-5.10 5.10.244-1deb9u1 and 5.10.244-1~deb10u1.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1544-1 linux-5.10 security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4335-1] firefox-esr security update
[DLA 4336-1] sysstat security update
[DLA 4337-1] svgpp security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6028-1] lxd security update

Debian GNU/Linux 13 (Trixie):
[DSA 6027-1] incus security update




[SECURITY] [DLA 4335-1] firefox-esr security update


- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4335-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
October 17, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : firefox-esr
Version : 140.4.0esr-1~deb11u1
CVE ID : CVE-2025-11708 CVE-2025-11709 CVE-2025-11710 CVE-2025-11711
CVE-2025-11712 CVE-2025-11714 CVE-2025-11715

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, memory disclosure or cross-site scripting.

For Debian 11 bullseye, these problems have been fixed in version
140.4.0esr-1~deb11u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DSA 6027-1] incus security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6027-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 17, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : incus
CVE ID : CVE-2025-54286 CVE-2025-54287 CVE-2025-54288
CVE-2025-54289 CVE-2025-54290 CVE-2025-54291
CVE-2025-54293

Multiple security issues were discovered in Incus, a system container
and virtual machine manager, which could result in file disclosure,
information disclosure, privilege escalation or cross-site request
forgery.

For the stable distribution (trixie), these problems have been fixed in
version 6.0.4-2+deb13u1.

We recommend that you upgrade your incus packages.

For the detailed security status of incus please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/incus

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[SECURITY] [DLA 4336-1] sysstat security update


- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4336-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
October 17, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : sysstat
Version : 12.5.2-2+deb11u1
CVE ID : CVE-2022-39377 CVE-2023-33204

An issue has been found in sysstat, a system performance tools for Linux.

CVE-2022-39377

On 32 bit systems, allocate_structures contains a size_t overflow
in sa_common.c. The allocate_structures function insufficiently
checks bounds before arithmetic multiplication, allowing for an
overflow in the size allocated for the buffer representing system
activities. This issue may lead to Remote Code Execution (RCE).

CVE-2023-33204

sysstat allows a multiplication integer overflow in check_overflow
in common.c. NOTE: this issue exists because of an incomplete fix
for CVE-2022-39377 (see above).

For Debian 11 bullseye, these problems have been fixed in version
12.5.2-2+deb11u1.

We recommend that you upgrade your sysstat packages.

For the detailed security status of sysstat please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/sysstat

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DLA 4337-1] svgpp security update


- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4337-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
October 17, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : svgpp
Version : 1.3.0+dfsg1-4+deb11u1
CVE ID : CVE-2021-44960

An issues has been found in svgpp: a C++ library for parsing and rendering
Scalable Vector Graphics (SVG) files.

The XMLDocument::getRoot function in the renderDocument function handled
the XMLDocument object improperly.
Specifically, it returned a null pointer prematurely at the second if
statement, resulting in a null pointer reference behind the
renderDocument function.

For Debian 11 bullseye, this problem has been fixed in version
1.3.0+dfsg1-4+deb11u1.

We recommend that you upgrade your svgpp packages.

For the detailed security status of svgpp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/svgpp

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DSA 6028-1] lxd security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6028-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 17, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : lxd
CVE ID : CVE-2025-54286 CVE-2025-54287 CVE-2025-54288 CVE-2025-54293

Multiple security issues were discovered in LXD, a system container
and virtual machine manager, which could result in file disclosure,
information disclosure or or cross-site request forgery.

For the oldstable distribution (bookworm), these problems have been fixed
in version 5.0.2-5+deb12u1.

For the stable distribution (trixie), these problems have been fixed in
version 5.0.2+git20231211.1364ae4-9+deb13u1.

We recommend that you upgrade your lxd packages.

For the detailed security status of lxd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/lxd

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


ELA-1544-1 linux-5.10 security update


Package : linux-5.10
Version : 5.10.244-1~deb9u1 (stretch), 5.10.244-1~deb10u1 (buster)

Related CVEs :
CVE-2021-46987
CVE-2021-47037
CVE-2021-47070
CVE-2021-47076
CVE-2021-47183
CVE-2021-47193
CVE-2021-47412
CVE-2021-47421
CVE-2021-47455
CVE-2021-47498
CVE-2022-21546
CVE-2022-49063
CVE-2022-50327
CVE-2023-52935
CVE-2023-53259
CVE-2024-26739
CVE-2024-28956
CVE-2024-35790
CVE-2024-36350
CVE-2024-36357
CVE-2024-38541
CVE-2024-43863
CVE-2024-46751
CVE-2024-46855
CVE-2024-49935
CVE-2024-53203
CVE-2024-57883
CVE-2024-57996
CVE-2025-21912
CVE-2025-37798
CVE-2025-37819
CVE-2025-37890
CVE-2025-37909
CVE-2025-37913
CVE-2025-37914
CVE-2025-37915
CVE-2025-37923
CVE-2025-37927
CVE-2025-37930
CVE-2025-37932
CVE-2025-37948
CVE-2025-37949
CVE-2025-37958
CVE-2025-37963
CVE-2025-37968
CVE-2025-37969
CVE-2025-37970
CVE-2025-37990
CVE-2025-37992
CVE-2025-37994
CVE-2025-37995
CVE-2025-37997
CVE-2025-37998
CVE-2025-38000
CVE-2025-38001
CVE-2025-38003
CVE-2025-38004
CVE-2025-38005
CVE-2025-38009
CVE-2025-38023
CVE-2025-38024
CVE-2025-38031
CVE-2025-38034
CVE-2025-38035
CVE-2025-38037
CVE-2025-38044
CVE-2025-38051
CVE-2025-38052
CVE-2025-38058
CVE-2025-38061
CVE-2025-38065
CVE-2025-38066
CVE-2025-38067
CVE-2025-38072
CVE-2025-38074
CVE-2025-38075
CVE-2025-38078
CVE-2025-38079
CVE-2025-38083
CVE-2025-38084
CVE-2025-38085
CVE-2025-38086
CVE-2025-38090
CVE-2025-38094
CVE-2025-38095
CVE-2025-38100
CVE-2025-38102
CVE-2025-38103
CVE-2025-38107
CVE-2025-38108
CVE-2025-38111
CVE-2025-38112
CVE-2025-38115
CVE-2025-38135
CVE-2025-38136
CVE-2025-38138
CVE-2025-38143
CVE-2025-38145
CVE-2025-38146
CVE-2025-38147
CVE-2025-38153
CVE-2025-38157
CVE-2025-38160
CVE-2025-38161
CVE-2025-38163
CVE-2025-38173
CVE-2025-38174
CVE-2025-38177
CVE-2025-38180
CVE-2025-38181
CVE-2025-38184
CVE-2025-38185
CVE-2025-38190
CVE-2025-38193
CVE-2025-38194
CVE-2025-38197
CVE-2025-38200
CVE-2025-38203
CVE-2025-38204
CVE-2025-38206
CVE-2025-38211
CVE-2025-38212
CVE-2025-38214
CVE-2025-38218
CVE-2025-38219
CVE-2025-38222
CVE-2025-38226
CVE-2025-38227
CVE-2025-38229
CVE-2025-38230
CVE-2025-38231
CVE-2025-38237
CVE-2025-38245
CVE-2025-38249
CVE-2025-38251
CVE-2025-38263
CVE-2025-38273
CVE-2025-38285
CVE-2025-38286
CVE-2025-38293
CVE-2025-38298
CVE-2025-38312
CVE-2025-38313
CVE-2025-38320
CVE-2025-38323
CVE-2025-38324
CVE-2025-38326
CVE-2025-38328
CVE-2025-38332
CVE-2025-38336
CVE-2025-38337
CVE-2025-38342
CVE-2025-38344
CVE-2025-38345
CVE-2025-38346
CVE-2025-38347
CVE-2025-38348
CVE-2025-38350
CVE-2025-38352
CVE-2025-38363
CVE-2025-38371
CVE-2025-38375
CVE-2025-38377
CVE-2025-38386
CVE-2025-38387
CVE-2025-38389
CVE-2025-38391
CVE-2025-38393
CVE-2025-38395
CVE-2025-38399
CVE-2025-38400
CVE-2025-38401
CVE-2025-38403
CVE-2025-38404
CVE-2025-38406
CVE-2025-38415
CVE-2025-38416
CVE-2025-38420
CVE-2025-38424
CVE-2025-38428
CVE-2025-38430
CVE-2025-38439
CVE-2025-38445
CVE-2025-38448
CVE-2025-38457
CVE-2025-38458
CVE-2025-38459
CVE-2025-38460
CVE-2025-38461
CVE-2025-38462
CVE-2025-38464
CVE-2025-38465
CVE-2025-38466
CVE-2025-38467
CVE-2025-38468
CVE-2025-38470
CVE-2025-38473
CVE-2025-38474
CVE-2025-38476
CVE-2025-38477
CVE-2025-38478
CVE-2025-38480
CVE-2025-38481
CVE-2025-38482
CVE-2025-38483
CVE-2025-38487
CVE-2025-38488
CVE-2025-38494
CVE-2025-38495
CVE-2025-38497
CVE-2025-38498
CVE-2025-38513
CVE-2025-38514
CVE-2025-38515
CVE-2025-38516
CVE-2025-38529
CVE-2025-38530
CVE-2025-38535
CVE-2025-38538
CVE-2025-38539
CVE-2025-38540
CVE-2025-38542
CVE-2025-38546
CVE-2025-38548
CVE-2025-38553
CVE-2025-38555
CVE-2025-38563
CVE-2025-38565
CVE-2025-38569
CVE-2025-38572
CVE-2025-38574
CVE-2025-38577
CVE-2025-38578
CVE-2025-38581
CVE-2025-38601
CVE-2025-38602
CVE-2025-38604
CVE-2025-38608
CVE-2025-38612
CVE-2025-38617
CVE-2025-38618
CVE-2025-38622
CVE-2025-38635
CVE-2025-38639
CVE-2025-38650
CVE-2025-38652
CVE-2025-38663
CVE-2025-38664
CVE-2025-38666
CVE-2025-38668
CVE-2025-38671
CVE-2025-38676
CVE-2025-38677
CVE-2025-38680
CVE-2025-38681
CVE-2025-38683
CVE-2025-38684
CVE-2025-38687
CVE-2025-38691
CVE-2025-38693
CVE-2025-38694
CVE-2025-38695
CVE-2025-38697
CVE-2025-38698
CVE-2025-38699
CVE-2025-38700
CVE-2025-38701
CVE-2025-38706
CVE-2025-38708
CVE-2025-38712
CVE-2025-38713
CVE-2025-38714
CVE-2025-38715
CVE-2025-38718
CVE-2025-38721
CVE-2025-38724
CVE-2025-38727
CVE-2025-38729
CVE-2025-38732
CVE-2025-39676
CVE-2025-39681
CVE-2025-39683
CVE-2025-39687
CVE-2025-39689
CVE-2025-39691
CVE-2025-39697
CVE-2025-39703
CVE-2025-39709
CVE-2025-39710
CVE-2025-39713
CVE-2025-39714
CVE-2025-39724
CVE-2025-39730
CVE-2025-39736
CVE-2025-39737
CVE-2025-39742
CVE-2025-39743
CVE-2025-39749
CVE-2025-39752
CVE-2025-39756
CVE-2025-39757
CVE-2025-39760
CVE-2025-39766
CVE-2025-39782
CVE-2025-39783
CVE-2025-39787
CVE-2025-39788
CVE-2025-39794
CVE-2025-39795
CVE-2025-39798
CVE-2025-39808
CVE-2025-39812
CVE-2025-39813
CVE-2025-39817
CVE-2025-39823
CVE-2025-39824
CVE-2025-39828
CVE-2025-39835
CVE-2025-39839
CVE-2025-39841
CVE-2025-39846
CVE-2025-39847
CVE-2025-39848
CVE-2025-39853
CVE-2025-39860
CVE-2025-39864
CVE-2025-39865
CVE-2025-39891
CVE-2025-39898
CVE-2025-39902
CVE-2025-39920
CVE-2025-40300

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
Starting with this version, modules are signed with an ephemeral key
on all architectures. This version additionally includes many more
bug fixes from stable updates 5.10.238 through 5.10.244.


ELA-1544-1 linux-5.10 security update


Expat, PgAdmin4, Kernel, and more updates for SUSE Linux

Fractal 13.RC released

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...