OpenJDK, Keystone, Swift, Chromium updates for Debian

Debian 10703 Published by

Debian has released security advisories for several packages, including Keystone, Swift, Chromium, and OpenJDK-8. The Keystone vulnerability allows an unauthenticated attacker to obtain Keystone authorization, while Swift needs to be updated to work with the fixed version of Keystone. Chromium has been patched to fix four security issues that could lead to arbitrary code execution, denial of service, or information disclosure. Additionally, a security update for openjdk-8 has been released to address two vulnerabilities related to XML external entity injection attacks and certificate validation.

Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1569-1 openjdk-8 security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4367-1] keystone security update
[DLA 4366-1] swift update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6050-1] chromium security update



[SECURITY] [DLA 4367-1] keystone security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-4367-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Carlos Henrique Lima Melara
November 07, 2025 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : keystone
Version : 2:18.1.0-1+deb11u2
CVE ID : not yet available
Debian Bug : 1120053

A vulnerability was found in keystone, the identity service used by OpenStack.
By sending ec2tokens and s3tokens endpoints a valid AWS Signature, an
unauthenticated attacker may obtain Keystone authorization, resulting in
unauthorized access and privilege escalation. Swift also needed to be patched
to work with the fixed version of keystone. One is advised to first update
swift and then keystone.

For Debian 11 bullseye, this problem has been fixed in version
2:18.1.0-1+deb11u2.

We recommend that you upgrade your keystone packages.

For the detailed security status of keystone please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/keystone

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DLA 4366-1] swift update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-4366-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Carlos Henrique Lima Melara
November 07, 2025 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : swift
Version : 2.26.0-10+deb11u2
CVE ID :
Debian Bug : 1120057

Swift, an object storage service, requires an update to work with keystone
2:18.1.0-1+deb11u2 which fixes a vulnerability in ec2tokens and s3tokens APIs.
This version is backward-compatible with older keystone versions, but older
versions of swift package will not work with the updated version of keystone.
Therefore one is advised to first update swift and then proceed with the
keystone update.

For Debian 11 bullseye, this problem has been fixed in version
2.26.0-10+deb11u2.

We recommend that you upgrade your swift packages.

For the detailed security status of swift please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/swift

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DSA 6050-1] chromium security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6050-1 security@debian.org
https://www.debian.org/security/ Andres Salomon
November 07, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2025-12725 CVE-2025-12726 CVE-2025-12727 CVE-2025-12728
CVE-2025-12729

Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.

For the oldstable distribution (bookworm), these problems have been fixed
in version 142.0.7444.134-1~deb12u1.

For the stable distribution (trixie), these problems have been fixed in
version 142.0.7444.134-1~deb13u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


ELA-1569-1 openjdk-8 security update


Package : openjdk-8
Version : 8u472-ga-1~deb9u1 (stretch)

Related CVEs :
CVE-2025-53057
CVE-2025-53066

Two vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in XML external entity injection attacks or incorrect
certificate validation.


ELA-1569-1 openjdk-8 security update


Linux Kernel updates for Ubuntu Linux

Zen Browser 1.17.6b released

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...