Debian GNU/Linux has been updated with important security enhancements, including the Linux kernel for Debian 12, and Ark for both Debian 11 LTS and Debian 10 ELTS:

[DSA 5860-1] linux security update
[DLA 4046-1] ark security update
ELA-1317-1 ark security update

[SECURITY] [DSA 5860-1] linux security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5860-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 08, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2024-36899 CVE-2024-49994 CVE-2024-50014 CVE-2024-50047
CVE-2024-50164 CVE-2024-50304 CVE-2024-53124 CVE-2024-53128
CVE-2024-53170 CVE-2024-53229 CVE-2024-53234 CVE-2024-53685
CVE-2024-56551 CVE-2024-56599 CVE-2024-56608 CVE-2024-56631
CVE-2024-56664 CVE-2024-56703 CVE-2024-57887 CVE-2024-57892
CVE-2024-57904 CVE-2024-57906 CVE-2024-57907 CVE-2024-57908
CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913
CVE-2024-57915 CVE-2024-57916 CVE-2024-57917 CVE-2024-57922
CVE-2024-57925 CVE-2024-57929 CVE-2024-57939 CVE-2024-57940
CVE-2024-57948 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637
CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21646
CVE-2025-21647 CVE-2025-21648 CVE-2025-21653 CVE-2025-21655
CVE-2025-21660 CVE-2025-21662 CVE-2025-21664 CVE-2025-21665
CVE-2025-21666 CVE-2025-21667 CVE-2025-21668 CVE-2025-21669
CVE-2025-21671 CVE-2025-21675 CVE-2025-21678 CVE-2025-21680
CVE-2025-21681 CVE-2025-21683

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

For the stable distribution (bookworm), these problems have been fixed in
version 6.1.128-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

[SECURITY] [DLA 4046-1] ark security update

-------------------------------------------------------------------------
Debian LTS Advisory DLA-4046-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Markus Koschany
February 08, 2025 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : ark
Version : 4:20.12.2-1+deb11u1
CVE ID : CVE-2024-57966

A flaw was discovered in ark, an archive utility for the KDE platform. Ark
extracted archives with absolute paths to the corresponding location on
the user's file system. Absolute paths are now treated as relative paths to
prevent overwriting of sensitive information.

For Debian 11 bullseye, this problem has been fixed in version
4:20.12.2-1+deb11u1.

We recommend that you upgrade your ark packages.

For the detailed security status of ark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ark

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

ELA-1317-1 ark security update

Package : ark
Version : 4:18.08.3-1+deb10u3 (buster)

Related CVEs :
CVE-2024-57966

A flaw was discovered in ark, an archive utility for the KDE platform. Ark
extracted archives with absolute paths to the corresponding location on
the user’s file system. Absolute paths are now treated as relative paths to
prevent overwriting of sensitive information.

ELA-1317-1 ark security update