Debian 10979 Published by

Debian LTS issued advisories on July 3 and 4, 2026, delivering emergency security patches for the Linux kernel, Nginx, and OpenVPN across multiple Debian releases. Version 5.10.259-1 now ships for Debian 11 bullseye, while version 6.1.176-1 replaces the previous build for Debian 12 bookworm, both neutralizing more than 200 kernel flaws that previously allowed privilege escalation, service disruptions, and data exposure. System administrators running Debian 12 should upgrade Nginx to 1.22.1-9+deb12u9 to close two remote code execution and memory disclosure flaws tied to HTTP/2 proxying and character set handling. OpenVPN received parallel fixes for Debian 12 bookworm and the current stable trixie distribution, patching six vulnerabilities that exposed virtual private network services to denial of service attacks.

[DLA 4664-1] linux security update
[DLA 4665-1] linux security update
[DLA 4667-1] nginx security update
[DLA 4666-1] openvpn security update
[DSA 6376-1] openvpn security update




[SECURITY] [DLA 4664-1] linux security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-4664-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Ben Hutchings
July 03, 2026 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : linux
Version : 5.10.259-1
CVE ID : CVE-2021-47188 CVE-2021-47211 CVE-2022-48703 CVE-2022-49135
CVE-2022-49158 CVE-2022-49183 CVE-2022-49822 CVE-2022-50073
CVE-2022-50472 CVE-2022-50493 CVE-2022-50552 CVE-2023-53133
CVE-2023-53421 CVE-2023-53596 CVE-2023-54129 CVE-2024-43902
CVE-2025-10263 CVE-2025-21863 CVE-2025-22026 CVE-2025-22107
CVE-2025-38129 CVE-2025-38250 CVE-2025-38584 CVE-2025-38710
CVE-2025-39929 CVE-2025-40164 CVE-2025-68340 CVE-2026-23066
CVE-2026-23099 CVE-2026-23442 CVE-2026-23444 CVE-2026-31407
CVE-2026-31449 CVE-2026-31489 CVE-2026-31532 CVE-2026-31576
CVE-2026-31577 CVE-2026-31578 CVE-2026-31580 CVE-2026-31581
CVE-2026-31583 CVE-2026-31585 CVE-2026-31586 CVE-2026-31588
CVE-2026-31590 CVE-2026-31596 CVE-2026-31597 CVE-2026-31598
CVE-2026-31599 CVE-2026-31602 CVE-2026-31603 CVE-2026-31605
CVE-2026-31607 CVE-2026-31615 CVE-2026-31616 CVE-2026-31617
CVE-2026-31618 CVE-2026-31619 CVE-2026-31622 CVE-2026-31623
CVE-2026-31624 CVE-2026-31625 CVE-2026-31626 CVE-2026-31627
CVE-2026-31629 CVE-2026-31630 CVE-2026-31634 CVE-2026-31637
CVE-2026-31642 CVE-2026-31656 CVE-2026-31657 CVE-2026-31664
CVE-2026-31673 CVE-2026-31676 CVE-2026-31681 CVE-2026-31684
CVE-2026-31685 CVE-2026-31686 CVE-2026-31696 CVE-2026-31697
CVE-2026-31698 CVE-2026-31699 CVE-2026-31700 CVE-2026-31701
CVE-2026-31708 CVE-2026-31715 CVE-2026-43052 CVE-2026-43058
CVE-2026-43075 CVE-2026-43076 CVE-2026-43080 CVE-2026-43085
CVE-2026-43089 CVE-2026-43093 CVE-2026-43103 CVE-2026-43104
CVE-2026-43105 CVE-2026-43110 CVE-2026-43111 CVE-2026-43113
CVE-2026-43114 CVE-2026-43117 CVE-2026-43281 CVE-2026-43350
CVE-2026-43492 CVE-2026-43493 CVE-2026-43494 CVE-2026-43496
CVE-2026-43497 CVE-2026-43501 CVE-2026-43502 CVE-2026-45834
CVE-2026-45835 CVE-2026-45836 CVE-2026-45838 CVE-2026-45840
CVE-2026-45841 CVE-2026-45842 CVE-2026-45843 CVE-2026-45844
CVE-2026-45846 CVE-2026-45850 CVE-2026-45986 CVE-2026-45987
CVE-2026-45991 CVE-2026-45994 CVE-2026-46002 CVE-2026-46003
CVE-2026-46004 CVE-2026-46006 CVE-2026-46018 CVE-2026-46019
CVE-2026-46021 CVE-2026-46022 CVE-2026-46023 CVE-2026-46026
CVE-2026-46027 CVE-2026-46033 CVE-2026-46038 CVE-2026-46040
CVE-2026-46043 CVE-2026-46044 CVE-2026-46046 CVE-2026-46047
CVE-2026-46049 CVE-2026-46051 CVE-2026-46052 CVE-2026-46053
CVE-2026-46056 CVE-2026-46064 CVE-2026-46069 CVE-2026-46070
CVE-2026-46077 CVE-2026-46078 CVE-2026-46080 CVE-2026-46086
CVE-2026-46088 CVE-2026-46090 CVE-2026-46091 CVE-2026-46098
CVE-2026-46101 CVE-2026-46102 CVE-2026-46103 CVE-2026-46107
CVE-2026-46108 CVE-2026-46109 CVE-2026-46120 CVE-2026-46122
CVE-2026-46124 CVE-2026-46127 CVE-2026-46128 CVE-2026-46132
CVE-2026-46133 CVE-2026-46137 CVE-2026-46146 CVE-2026-46149
CVE-2026-46150 CVE-2026-46151 CVE-2026-46159 CVE-2026-46160
CVE-2026-46161 CVE-2026-46163 CVE-2026-46167 CVE-2026-46169
CVE-2026-46172 CVE-2026-46177 CVE-2026-46178 CVE-2026-46180
CVE-2026-46184 CVE-2026-46187 CVE-2026-46189 CVE-2026-46191
CVE-2026-46196 CVE-2026-46198 CVE-2026-46205 CVE-2026-46206
CVE-2026-46208 CVE-2026-46209 CVE-2026-46212 CVE-2026-46214
CVE-2026-46220 CVE-2026-46227 CVE-2026-46231 CVE-2026-46233
CVE-2026-46234 CVE-2026-46236 CVE-2026-46238 CVE-2026-46275
CVE-2026-46276 CVE-2026-46285 CVE-2026-46291 CVE-2026-46292
CVE-2026-46294 CVE-2026-46299 CVE-2026-46301 CVE-2026-46303
CVE-2026-46304 CVE-2026-46307 CVE-2026-46319 CVE-2026-46320
CVE-2026-46321 CVE-2026-46322 CVE-2026-52909 CVE-2026-52910
CVE-2026-52912 CVE-2026-52913 CVE-2026-52914 CVE-2026-52915
CVE-2026-52916 CVE-2026-52917 CVE-2026-52918 CVE-2026-52919
CVE-2026-52920 CVE-2026-52921 CVE-2026-52922 CVE-2026-52923
CVE-2026-52924 CVE-2026-52925 CVE-2026-52926 CVE-2026-52927
CVE-2026-52929 CVE-2026-52930 CVE-2026-52931 CVE-2026-52934
CVE-2026-52935 CVE-2026-52939 CVE-2026-52943 CVE-2026-52946
CVE-2026-52947 CVE-2026-52948 CVE-2026-52954 CVE-2026-52955
CVE-2026-52957 CVE-2026-52958 CVE-2026-52962 CVE-2026-52963
CVE-2026-52970 CVE-2026-52972 CVE-2026-52982 CVE-2026-52984
CVE-2026-52985 CVE-2026-52986 CVE-2026-52992 CVE-2026-52993
CVE-2026-52995 CVE-2026-52998 CVE-2026-52999 CVE-2026-53001
CVE-2026-53002 CVE-2026-53003 CVE-2026-53004 CVE-2026-53006
CVE-2026-53011 CVE-2026-53012 CVE-2026-53016 CVE-2026-53021
CVE-2026-53037 CVE-2026-53039 CVE-2026-53040 CVE-2026-53041
CVE-2026-53043 CVE-2026-53045 CVE-2026-53047 CVE-2026-53050
CVE-2026-53059 CVE-2026-53060 CVE-2026-53061 CVE-2026-53062
CVE-2026-53064 CVE-2026-53065 CVE-2026-53068 CVE-2026-53071
CVE-2026-53072 CVE-2026-53073 CVE-2026-53074 CVE-2026-53075
CVE-2026-53077 CVE-2026-53080 CVE-2026-53082 CVE-2026-53088
CVE-2026-53093 CVE-2026-53112 CVE-2026-53128 CVE-2026-53130
CVE-2026-53133 CVE-2026-53134 CVE-2026-53135 CVE-2026-53137
CVE-2026-53146 CVE-2026-53148 CVE-2026-53149 CVE-2026-53150
CVE-2026-53161 CVE-2026-53168 CVE-2026-53176 CVE-2026-53181
CVE-2026-53186 CVE-2026-53189 CVE-2026-53194 CVE-2026-53195
CVE-2026-53196 CVE-2026-53199 CVE-2026-53208 CVE-2026-53212
CVE-2026-53217 CVE-2026-53218 CVE-2026-53219 CVE-2026-53221
CVE-2026-53223 CVE-2026-53225 CVE-2026-53227 CVE-2026-53228
CVE-2026-53238 CVE-2026-53239 CVE-2026-53242 CVE-2026-53245
CVE-2026-53249 CVE-2026-53255 CVE-2026-53256 CVE-2026-53263
CVE-2026-53264 CVE-2026-53266 CVE-2026-53268 CVE-2026-53269
CVE-2026-53270 CVE-2026-53273 CVE-2026-53287 CVE-2026-53294
CVE-2026-53295 CVE-2026-53296 CVE-2026-53304 CVE-2026-53309
CVE-2026-53320 CVE-2026-53337 CVE-2026-53339 CVE-2026-53352
CVE-2026-53354 CVE-2026-53355 CVE-2026-53356 CVE-2026-53357
Debian Bug : 1130365 1119093

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

For Debian 11 bullseye, these problems have been fixed in version
5.10.259-1. This version additionally includes many more bug fixes
from stable updates 5.10.258 and 5.10.259.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DLA 4665-1] linux security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-4665-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Ben Hutchings
July 03, 2026 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : linux
Version : 6.1.176-1
CVE ID : CVE-2023-53292 CVE-2023-53989 CVE-2023-54125 CVE-2023-54271
CVE-2023-54322 CVE-2024-27012 CVE-2024-36922 CVE-2024-53221
CVE-2024-56657 CVE-2025-10263 CVE-2025-21739 CVE-2025-21863
CVE-2025-22105 CVE-2025-37864 CVE-2025-38584 CVE-2025-38627
CVE-2025-38710 CVE-2025-39997 CVE-2025-40347 CVE-2025-68201
CVE-2025-68315 CVE-2025-68823 CVE-2026-23066 CVE-2026-23255
CVE-2026-23310 CVE-2026-23389 CVE-2026-23399 CVE-2026-23442
CVE-2026-23444 CVE-2026-23468 CVE-2026-31407 CVE-2026-31449
CVE-2026-31488 CVE-2026-31489 CVE-2026-31500 CVE-2026-31532
CVE-2026-31576 CVE-2026-31577 CVE-2026-31578 CVE-2026-31580
CVE-2026-31581 CVE-2026-31583 CVE-2026-31585 CVE-2026-31586
CVE-2026-31587 CVE-2026-31588 CVE-2026-31590 CVE-2026-31594
CVE-2026-31595 CVE-2026-31596 CVE-2026-31597 CVE-2026-31598
CVE-2026-31599 CVE-2026-31602 CVE-2026-31603 CVE-2026-31605
CVE-2026-31607 CVE-2026-31611 CVE-2026-31612 CVE-2026-31613
CVE-2026-31615 CVE-2026-31616 CVE-2026-31617 CVE-2026-31618
CVE-2026-31619 CVE-2026-31622 CVE-2026-31623 CVE-2026-31624
CVE-2026-31625 CVE-2026-31626 CVE-2026-31627 CVE-2026-31629
CVE-2026-31630 CVE-2026-31637 CVE-2026-31642 CVE-2026-31673
CVE-2026-31676 CVE-2026-31681 CVE-2026-31684 CVE-2026-31685
CVE-2026-31686 CVE-2026-31696 CVE-2026-31697 CVE-2026-31698
CVE-2026-31699 CVE-2026-31700 CVE-2026-31701 CVE-2026-31702
CVE-2026-31704 CVE-2026-31705 CVE-2026-31708 CVE-2026-31709
CVE-2026-31711 CVE-2026-31712 CVE-2026-31715 CVE-2026-31716
CVE-2026-43052 CVE-2026-43058 CVE-2026-43064 CVE-2026-43071
CVE-2026-43072 CVE-2026-43075 CVE-2026-43076 CVE-2026-43079
CVE-2026-43080 CVE-2026-43085 CVE-2026-43089 CVE-2026-43093
CVE-2026-43094 CVE-2026-43098 CVE-2026-43099 CVE-2026-43103
CVE-2026-43104 CVE-2026-43105 CVE-2026-43110 CVE-2026-43111
CVE-2026-43112 CVE-2026-43113 CVE-2026-43114 CVE-2026-43116
CVE-2026-43117 CVE-2026-43219 CVE-2026-43303 CVE-2026-43350
CVE-2026-43421 CVE-2026-43492 CVE-2026-43493 CVE-2026-43494
CVE-2026-43495 CVE-2026-43496 CVE-2026-43497 CVE-2026-43499
CVE-2026-43501 CVE-2026-43502 CVE-2026-45834 CVE-2026-45835
CVE-2026-45836 CVE-2026-45838 CVE-2026-45839 CVE-2026-45840
CVE-2026-45841 CVE-2026-45842 CVE-2026-45843 CVE-2026-45844
CVE-2026-45846 CVE-2026-45850 CVE-2026-45930 CVE-2026-45986
CVE-2026-45987 CVE-2026-45991 CVE-2026-45994 CVE-2026-45996
CVE-2026-45997 CVE-2026-45999 CVE-2026-46002 CVE-2026-46003
CVE-2026-46004 CVE-2026-46005 CVE-2026-46006 CVE-2026-46009
CVE-2026-46015 CVE-2026-46018 CVE-2026-46019 CVE-2026-46021
CVE-2026-46022 CVE-2026-46023 CVE-2026-46024 CVE-2026-46026
CVE-2026-46027 CVE-2026-46031 CVE-2026-46033 CVE-2026-46037
CVE-2026-46038 CVE-2026-46040 CVE-2026-46043 CVE-2026-46044
CVE-2026-46046 CVE-2026-46047 CVE-2026-46049 CVE-2026-46050
CVE-2026-46051 CVE-2026-46052 CVE-2026-46053 CVE-2026-46056
CVE-2026-46058 CVE-2026-46062 CVE-2026-46064 CVE-2026-46065
CVE-2026-46069 CVE-2026-46070 CVE-2026-46072 CVE-2026-46075
CVE-2026-46077 CVE-2026-46078 CVE-2026-46079 CVE-2026-46080
CVE-2026-46082 CVE-2026-46083 CVE-2026-46086 CVE-2026-46088
CVE-2026-46091 CVE-2026-46098 CVE-2026-46099 CVE-2026-46101
CVE-2026-46102 CVE-2026-46103 CVE-2026-46107 CVE-2026-46108
CVE-2026-46109 CVE-2026-46110 CVE-2026-46112 CVE-2026-46113
CVE-2026-46116 CVE-2026-46119 CVE-2026-46120 CVE-2026-46122
CVE-2026-46123 CVE-2026-46124 CVE-2026-46125 CVE-2026-46127
CVE-2026-46128 CVE-2026-46129 CVE-2026-46132 CVE-2026-46133
CVE-2026-46136 CVE-2026-46137 CVE-2026-46143 CVE-2026-46146
CVE-2026-46149 CVE-2026-46150 CVE-2026-46151 CVE-2026-46159
CVE-2026-46160 CVE-2026-46161 CVE-2026-46163 CVE-2026-46164
CVE-2026-46165 CVE-2026-46167 CVE-2026-46168 CVE-2026-46169
CVE-2026-46172 CVE-2026-46173 CVE-2026-46177 CVE-2026-46178
CVE-2026-46179 CVE-2026-46180 CVE-2026-46184 CVE-2026-46185
CVE-2026-46186 CVE-2026-46187 CVE-2026-46189 CVE-2026-46190
CVE-2026-46191 CVE-2026-46193 CVE-2026-46195 CVE-2026-46196
CVE-2026-46197 CVE-2026-46198 CVE-2026-46199 CVE-2026-46205
CVE-2026-46206 CVE-2026-46208 CVE-2026-46209 CVE-2026-46212
CVE-2026-46214 CVE-2026-46218 CVE-2026-46220 CVE-2026-46227
CVE-2026-46230 CVE-2026-46231 CVE-2026-46233 CVE-2026-46234
CVE-2026-46235 CVE-2026-46236 CVE-2026-46238 CVE-2026-46273
CVE-2026-46275 CVE-2026-46276 CVE-2026-46280 CVE-2026-46285
CVE-2026-46291 CVE-2026-46292 CVE-2026-46294 CVE-2026-46296
CVE-2026-46299 CVE-2026-46301 CVE-2026-46303 CVE-2026-46304
CVE-2026-46306 CVE-2026-46307 CVE-2026-46314 CVE-2026-46319
CVE-2026-46320 CVE-2026-46321 CVE-2026-46322 CVE-2026-46323
CVE-2026-46331 CVE-2026-52909 CVE-2026-52910 CVE-2026-52911
CVE-2026-52912 CVE-2026-52913 CVE-2026-52914 CVE-2026-52915
CVE-2026-52916 CVE-2026-52917 CVE-2026-52918 CVE-2026-52919
CVE-2026-52920 CVE-2026-52921 CVE-2026-52922 CVE-2026-52923
CVE-2026-52924 CVE-2026-52925 CVE-2026-52926 CVE-2026-52927
CVE-2026-52929 CVE-2026-52930 CVE-2026-52931 CVE-2026-52933
CVE-2026-52934 CVE-2026-52935 CVE-2026-52939 CVE-2026-52941
CVE-2026-52942 CVE-2026-52943 CVE-2026-52946 CVE-2026-52947
CVE-2026-52948 CVE-2026-52954 CVE-2026-52955 CVE-2026-52957
CVE-2026-52958 CVE-2026-52962 CVE-2026-52963 CVE-2026-52967
CVE-2026-52968 CVE-2026-52969 CVE-2026-52970 CVE-2026-52972
CVE-2026-52974 CVE-2026-52975 CVE-2026-52977 CVE-2026-52981
CVE-2026-52982 CVE-2026-52984 CVE-2026-52985 CVE-2026-52986
CVE-2026-52989 CVE-2026-52992 CVE-2026-52993 CVE-2026-52995
CVE-2026-52998 CVE-2026-52999 CVE-2026-53001 CVE-2026-53002
CVE-2026-53003 CVE-2026-53004 CVE-2026-53006 CVE-2026-53011
CVE-2026-53012 CVE-2026-53016 CVE-2026-53021 CVE-2026-53022
CVE-2026-53023 CVE-2026-53033 CVE-2026-53034 CVE-2026-53035
CVE-2026-53036 CVE-2026-53037 CVE-2026-53039 CVE-2026-53040
CVE-2026-53041 CVE-2026-53043 CVE-2026-53045 CVE-2026-53046
CVE-2026-53047 CVE-2026-53048 CVE-2026-53049 CVE-2026-53050
CVE-2026-53052 CVE-2026-53056 CVE-2026-53059 CVE-2026-53060
CVE-2026-53061 CVE-2026-53062 CVE-2026-53063 CVE-2026-53064
CVE-2026-53065 CVE-2026-53066 CVE-2026-53068 CVE-2026-53069
CVE-2026-53071 CVE-2026-53072 CVE-2026-53073 CVE-2026-53074
CVE-2026-53075 CVE-2026-53077 CVE-2026-53080 CVE-2026-53082
CVE-2026-53086 CVE-2026-53088 CVE-2026-53093 CVE-2026-53096
CVE-2026-53111 CVE-2026-53112 CVE-2026-53128 CVE-2026-53130
CVE-2026-53131 CVE-2026-53133 CVE-2026-53134 CVE-2026-53135
CVE-2026-53136 CVE-2026-53137 CVE-2026-53146 CVE-2026-53147
CVE-2026-53148 CVE-2026-53149 CVE-2026-53150 CVE-2026-53159
CVE-2026-53160 CVE-2026-53161 CVE-2026-53168 CVE-2026-53176
CVE-2026-53177 CVE-2026-53181 CVE-2026-53182 CVE-2026-53183
CVE-2026-53184 CVE-2026-53186 CVE-2026-53189 CVE-2026-53194
CVE-2026-53195 CVE-2026-53196 CVE-2026-53198 CVE-2026-53199
CVE-2026-53207 CVE-2026-53208 CVE-2026-53209 CVE-2026-53212
CVE-2026-53213 CVE-2026-53215 CVE-2026-53216 CVE-2026-53217
CVE-2026-53218 CVE-2026-53219 CVE-2026-53221 CVE-2026-53223
CVE-2026-53225 CVE-2026-53227 CVE-2026-53228 CVE-2026-53236
CVE-2026-53238 CVE-2026-53239 CVE-2026-53242 CVE-2026-53245
CVE-2026-53249 CVE-2026-53252 CVE-2026-53253 CVE-2026-53254
CVE-2026-53255 CVE-2026-53256 CVE-2026-53263 CVE-2026-53264
CVE-2026-53266 CVE-2026-53268 CVE-2026-53269 CVE-2026-53270
CVE-2026-53273 CVE-2026-53274 CVE-2026-53275 CVE-2026-53279
CVE-2026-53287 CVE-2026-53289 CVE-2026-53291 CVE-2026-53294
CVE-2026-53295 CVE-2026-53296 CVE-2026-53303 CVE-2026-53304
CVE-2026-53306 CVE-2026-53309 CVE-2026-53314 CVE-2026-53320
CVE-2026-53329 CVE-2026-53331 CVE-2026-53337 CVE-2026-53339
CVE-2026-53343 CVE-2026-53349 CVE-2026-53350 CVE-2026-53352
CVE-2026-53354 CVE-2026-53355 CVE-2026-53356 CVE-2026-53357
Debian Bug : 1130365 1119093

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

For Debian 12 bookworm, these problems have been fixed in version
6.1.176-1. This version additionally includes many more bug fixes
from stable updates 6.1.175 and 6.1.176.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DLA 4667-1] nginx security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-4667-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Carlos Henrique Lima Melara
July 03, 2026 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : nginx
Version : 1.22.1-9+deb12u9
CVE ID : CVE-2026-42055 CVE-2026-48142
Debian Bug : 1140359 1140361

Multiple vulnerabilities were discoverd in Nginx, a high-performance web
and reverse proxy server, which could result in remote code execution,
denial of service or memory disclosure.

CVE-2026-42055

NGINX Open Source has a vulnerability in the ngx_http_proxy_v2_module and
ngx_http_grpc_module modules. This vulnerability exists when the
proxy_http_version to 2 or grpc_pass directives are used to proxy HTTP/2
traffic, the ignore_invalid_headers directive is set to off, and the
large_client_header_buffers directive size is larger than 2 megabytes. A
remote, unauthenticated attacker, along with conditions beyond their
control, could send large headers while creating an upstream request. This
may cause a heap-based buffer overflow in the NGINX worker process leading
to a restart. Additionally, attackers can execute code on systems with
Address Space Layout Randomization (ASLR) disabled or when the attacker can
bypass ASLR.

CVE-2026-48142

NGINX Open Source has a vulnerability in the ngx_http_charset_module module.
When content is served or proxied through a location block with both
source_charset utf-8; and a charset directive (for example, charset koi8-r;)
configured, remote, unauthenticated attackers can send requests (in
conjunction with conditions beyond their control) to cause a heap buffer
over-read in the NGINX worker process, leading to limited disclosure of
memory or a restart.

For Debian 12 bookworm, these problems have been fixed in version
1.22.1-9+deb12u9.

We recommend that you upgrade your nginx packages.

For the detailed security status of nginx please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nginx

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DLA 4666-1] openvpn security update


- -----------------------------------------------------------------------
Debian LTS Advisory DLA-4666-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Utkarsh Gupta
July 04, 2026 https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package : openvpn
Version : 2.6.14-0+deb12u2
CVE ID : CVE-2026-11771 CVE-2026-12932 CVE-2026-12996 CVE-2026-13117
CVE-2026-13122 CVE-2026-13698

Multiple security vulnerabilities were discovered in OpenVPN, which
could result in denial of service.

For Debian 12 bookworm, these problems have been fixed in version
2.6.14-0+deb12u2.

We recommend that you upgrade your openvpn packages.

For the detailed security status of openvpn please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openvpn

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DSA 6376-1] openvpn security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6376-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
July 03, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : openvpn
CVE ID : CVE-2026-11771 CVE-2026-12932 CVE-2026-12996
CVE-2026-13117 CVE-2026-13122 CVE-2026-13698

Multiple security vulnerabilities were discovered in OpenVPN, which
could result in denial of service.

For the stable distribution (trixie), these problems have been fixed in
version 2.6.14-1+deb13u3.

We recommend that you upgrade your openvpn packages.

For the detailed security status of openvpn please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openvpn

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/