Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1638-1 phpunit security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4474-1] rlottie security updat
Debian GNU/Linux 12 (Bookworm):
[DSA 6127-1] linux security update
Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6125-1] usbmuxd security update
[DSA 6128-1] shaarli security update
Debian GNU/Linux 13 (Trixie):
[DSA 6126-1] linux security update
ELA-1638-1 phpunit security update
Package : phpunit
Version : 7.5.6-1+deb10u1 (buster)
Related CVEs :
CVE-2026-24765
PHPUnit is a testing framework for PHP. A vulnerability has been
discovered involving unsafe deserialization of code coverage data in
PHPT test execution. The vulnerability exists in the
cleanupForCoverage() method, which deserializes code coverage files
without validation, potentially allowing remote code execution if
malicious .coverage files are present prior to the execution of the
PHPT test.ELA-1638-1 phpunit security update
[SECURITY] [DSA 6125-1] usbmuxd security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-6125-1 security@debian.org
https://www.debian.org/security/ Yves-Alexis Perez
February 09, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : usbmuxd
CVE ID : CVE-2025-66004
Debian Bug : 1122507
A path traversal vulnerability was discovered in usbmuxd, a multiplexor daemon
used to coordinate USB connections from and to Apple devices (iPhone, iPad,
iPod).
Exploiting this vulnerability enables an unprivileged user to create and delete
files named `*.plist` (and, in some cases, arbitrarily named) as the user
running the daemon (`usbmux` by default).
For the oldstable distribution (bookworm), this problem has been fixed
in version 1.1.1-2+deb12u1.
For the stable distribution (trixie), this problem has been fixed in
version 1.1.1-6+deb13u1.
We recommend that you upgrade your usbmuxd packages.
For the detailed security status of usbmuxd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/usbmuxd
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
[SECURITY] [DLA 4474-1] rlottie security updat
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4474-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
February 09, 2026 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : rlottie
Version : 0.1+dfsg-2+deb11u1
CVE ID : CVE-2025-0634 CVE-2025-53074 CVE-2025-53075
Several issues have been found in rlottie, a library for rendering vector
based animations and art. Most of these CVEs have been already fixed by
Fix-crash-on-invalid-data.patch in a previous upload. The remaining
boundary check has now been fixed as well.
For Debian 11 bullseye, these problems have been fixed in version
0.1+dfsg-2+deb11u1.
We recommend that you upgrade your rlottie packages.
For the detailed security status of rlottie please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/rlottie
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
[SECURITY] [DSA 6128-1] shaarli security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-6128-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 09, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : shaarli
CVE ID : CVE-2026-24476
Moritz Woermann discovered that missing input sanitising in Shaarli, a
personal bookmarking service, could result in cross-site scripting.
For the oldstable distribution (bookworm), this problem has been fixed
in version 0.12.1+dfsg-8+deb12u2.
For the stable distribution (trixie), this problem has been fixed in
version 0.14.0+dfsg-2+deb13u1.
We recommend that you upgrade your shaarli packages.
For the detailed security status of shaarli please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/shaarli
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
[SECURITY] [DSA 6127-1] linux security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-6127-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 09, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : linux
CVE ID : CVE-2023-52658 CVE-2023-53421 CVE-2023-54285 CVE-2024-42079
CVE-2024-46786 CVE-2024-49968 CVE-2025-21946 CVE-2025-22022
CVE-2025-22083 CVE-2025-22090 CVE-2025-22107 CVE-2025-22111
CVE-2025-22121 CVE-2025-37926 CVE-2025-38022 CVE-2025-38104
CVE-2025-38125 CVE-2025-38129 CVE-2025-38232 CVE-2025-38361
CVE-2025-38408 CVE-2025-38591 CVE-2025-38718 CVE-2025-39721
CVE-2025-39871 CVE-2025-40039 CVE-2025-40110 CVE-2025-40149
CVE-2025-40164 CVE-2025-40215 CVE-2025-68211 CVE-2025-68223
CVE-2025-68254 CVE-2025-68255 CVE-2025-68256 CVE-2025-68257
CVE-2025-68258 CVE-2025-68259 CVE-2025-68261 CVE-2025-68263
CVE-2025-68264 CVE-2025-68266 CVE-2025-68291 CVE-2025-68325
CVE-2025-68332 CVE-2025-68335 CVE-2025-68336 CVE-2025-68337
CVE-2025-68340 CVE-2025-68344 CVE-2025-68345 CVE-2025-68346
CVE-2025-68347 CVE-2025-68349 CVE-2025-68354 CVE-2025-68362
CVE-2025-68363 CVE-2025-68364 CVE-2025-68365 CVE-2025-68366
CVE-2025-68367 CVE-2025-68369 CVE-2025-68371 CVE-2025-68372
CVE-2025-68380 CVE-2025-68724 CVE-2025-68725 CVE-2025-68727
CVE-2025-68728 CVE-2025-68732 CVE-2025-68733 CVE-2025-68740
CVE-2025-68742 CVE-2025-68746 CVE-2025-68753 CVE-2025-68757
CVE-2025-68758 CVE-2025-68759 CVE-2025-68764 CVE-2025-68765
CVE-2025-68766 CVE-2025-68767 CVE-2025-68769 CVE-2025-68771
CVE-2025-68772 CVE-2025-68773 CVE-2025-68774 CVE-2025-68776
CVE-2025-68777 CVE-2025-68778 CVE-2025-68780 CVE-2025-68781
CVE-2025-68782 CVE-2025-68783 CVE-2025-68785 CVE-2025-68786
CVE-2025-68787 CVE-2025-68788 CVE-2025-68789 CVE-2025-68795
CVE-2025-68796 CVE-2025-68797 CVE-2025-68798 CVE-2025-68799
CVE-2025-68800 CVE-2025-68801 CVE-2025-68803 CVE-2025-68804
CVE-2025-68806 CVE-2025-68808 CVE-2025-68813 CVE-2025-68814
CVE-2025-68815 CVE-2025-68816 CVE-2025-68817 CVE-2025-68818
CVE-2025-68819 CVE-2025-68820 CVE-2025-68821 CVE-2025-71064
CVE-2025-71066 CVE-2025-71069 CVE-2025-71071 CVE-2025-71075
CVE-2025-71077 CVE-2025-71078 CVE-2025-71079 CVE-2025-71081
CVE-2025-71082 CVE-2025-71083 CVE-2025-71084 CVE-2025-71085
CVE-2025-71086 CVE-2025-71087 CVE-2025-71088 CVE-2025-71091
CVE-2025-71093 CVE-2025-71094 CVE-2025-71095 CVE-2025-71096
CVE-2025-71097 CVE-2025-71098 CVE-2025-71102 CVE-2025-71104
CVE-2025-71105 CVE-2025-71108 CVE-2025-71111 CVE-2025-71112
CVE-2025-71113 CVE-2025-71114 CVE-2025-71116 CVE-2025-71118
CVE-2025-71119 CVE-2025-71120 CVE-2025-71121 CVE-2025-71123
CVE-2025-71125 CVE-2025-71126 CVE-2025-71127 CVE-2025-71130
CVE-2025-71131 CVE-2025-71132 CVE-2025-71133 CVE-2025-71136
CVE-2025-71137 CVE-2025-71147 CVE-2025-71149 CVE-2025-71150
CVE-2025-71154 CVE-2025-71162 CVE-2025-71163 CVE-2025-71180
CVE-2025-71182 CVE-2025-71183 CVE-2025-71185 CVE-2025-71186
CVE-2025-71189 CVE-2025-71190 CVE-2025-71191 CVE-2025-71192
CVE-2025-71194 CVE-2025-71196 CVE-2025-71197 CVE-2025-71199
CVE-2026-22976 CVE-2026-22977 CVE-2026-22978 CVE-2026-22979
CVE-2026-22980 CVE-2026-22982 CVE-2026-22984 CVE-2026-22990
CVE-2026-22991 CVE-2026-22992 CVE-2026-22994 CVE-2026-22997
CVE-2026-22998 CVE-2026-22999 CVE-2026-23001 CVE-2026-23003
CVE-2026-23005 CVE-2026-23006 CVE-2026-23010 CVE-2026-23011
CVE-2026-23019 CVE-2026-23020 CVE-2026-23021 CVE-2026-23025
CVE-2026-23026 CVE-2026-23030 CVE-2026-23031 CVE-2026-23033
CVE-2026-23037 CVE-2026-23038 CVE-2026-23047 CVE-2026-23049
CVE-2026-23054 CVE-2026-23056 CVE-2026-23058 CVE-2026-23060
CVE-2026-23061 CVE-2026-23063 CVE-2026-23064 CVE-2026-23068
CVE-2026-23069 CVE-2026-23071 CVE-2026-23073 CVE-2026-23074
CVE-2026-23075 CVE-2026-23076 CVE-2026-23078 CVE-2026-23080
CVE-2026-23083 CVE-2026-23084 CVE-2026-23085 CVE-2026-23086
CVE-2026-23087 CVE-2026-23089 CVE-2026-23090 CVE-2026-23091
CVE-2026-23093 CVE-2026-23095 CVE-2026-23096 CVE-2026-23097
CVE-2026-23098 CVE-2026-23099 CVE-2026-23101 CVE-2026-23102
CVE-2026-23103 CVE-2026-23105 CVE-2026-23107 CVE-2026-23108
CVE-2026-23110
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
For the oldstable distribution (bookworm), these problems have been fixed
in version 6.1.162-1.
We recommend that you upgrade your linux packages.
For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
[SECURITY] [DSA 6126-1] linux security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-6126-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 09, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : linux
CVE ID : CVE-2024-58096 CVE-2024-58097 CVE-2025-22111 CVE-2025-38234
CVE-2025-38248 CVE-2025-38591 CVE-2025-39872 CVE-2025-40149
CVE-2025-40164 CVE-2025-40170 CVE-2025-40276 CVE-2025-40325
CVE-2025-68206 CVE-2025-68333 CVE-2025-68345 CVE-2025-68351
CVE-2025-68357 CVE-2025-68358 CVE-2025-68365 CVE-2025-68725
CVE-2025-68749 CVE-2025-68767 CVE-2025-68769 CVE-2025-68770
CVE-2025-68771 CVE-2025-68772 CVE-2025-68773 CVE-2025-68774
CVE-2025-68775 CVE-2025-68776 CVE-2025-68777 CVE-2025-68778
CVE-2025-68780 CVE-2025-68781 CVE-2025-68782 CVE-2025-68783
CVE-2025-68784 CVE-2025-68785 CVE-2025-68786 CVE-2025-68787
CVE-2025-68788 CVE-2025-68789 CVE-2025-68792 CVE-2025-68794
CVE-2025-68795 CVE-2025-68796 CVE-2025-68797 CVE-2025-68798
CVE-2025-68799 CVE-2025-68800 CVE-2025-68801 CVE-2025-68802
CVE-2025-68803 CVE-2025-68804 CVE-2025-68806 CVE-2025-68808
CVE-2025-68809 CVE-2025-68810 CVE-2025-68811 CVE-2025-68813
CVE-2025-68814 CVE-2025-68815 CVE-2025-68816 CVE-2025-68817
CVE-2025-68818 CVE-2025-68819 CVE-2025-68820 CVE-2025-68821
CVE-2025-68822 CVE-2025-71064 CVE-2025-71065 CVE-2025-71066
CVE-2025-71067 CVE-2025-71068 CVE-2025-71069 CVE-2025-71071
CVE-2025-71072 CVE-2025-71073 CVE-2025-71075 CVE-2025-71076
CVE-2025-71077 CVE-2025-71078 CVE-2025-71079 CVE-2025-71080
CVE-2025-71081 CVE-2025-71082 CVE-2025-71083 CVE-2025-71084
CVE-2025-71085 CVE-2025-71086 CVE-2025-71087 CVE-2025-71088
CVE-2025-71089 CVE-2025-71091 CVE-2025-71093 CVE-2025-71094
CVE-2025-71095 CVE-2025-71096 CVE-2025-71097 CVE-2025-71098
CVE-2025-71099 CVE-2025-71100 CVE-2025-71101 CVE-2025-71102
CVE-2025-71104 CVE-2025-71105 CVE-2025-71107 CVE-2025-71108
CVE-2025-71109 CVE-2025-71111 CVE-2025-71112 CVE-2025-71113
CVE-2025-71114 CVE-2025-71116 CVE-2025-71118 CVE-2025-71119
CVE-2025-71120 CVE-2025-71121 CVE-2025-71122 CVE-2025-71123
CVE-2025-71125 CVE-2025-71126 CVE-2025-71127 CVE-2025-71129
CVE-2025-71130 CVE-2025-71131 CVE-2025-71132 CVE-2025-71133
CVE-2025-71134 CVE-2025-71135 CVE-2025-71136 CVE-2025-71137
CVE-2025-71138 CVE-2025-71140 CVE-2025-71143 CVE-2025-71144
CVE-2025-71146 CVE-2025-71147 CVE-2025-71148 CVE-2025-71149
CVE-2025-71150 CVE-2025-71151 CVE-2025-71153 CVE-2025-71154
CVE-2025-71156 CVE-2025-71157 CVE-2025-71160 CVE-2025-71162
CVE-2025-71163 CVE-2025-71180 CVE-2025-71182 CVE-2025-71183
CVE-2025-71184 CVE-2025-71185 CVE-2025-71186 CVE-2025-71189
CVE-2025-71190 CVE-2025-71191 CVE-2025-71192 CVE-2025-71193
CVE-2025-71194 CVE-2025-71195 CVE-2025-71196 CVE-2025-71197
CVE-2025-71198 CVE-2025-71199 CVE-2026-22976 CVE-2026-22977
CVE-2026-22978 CVE-2026-22979 CVE-2026-22980 CVE-2026-22982
CVE-2026-22984 CVE-2026-22989 CVE-2026-22990 CVE-2026-22991
CVE-2026-22992 CVE-2026-22994 CVE-2026-22996 CVE-2026-22997
CVE-2026-22998 CVE-2026-22999 CVE-2026-23000 CVE-2026-23001
CVE-2026-23002 CVE-2026-23003 CVE-2026-23005 CVE-2026-23006
CVE-2026-23010 CVE-2026-23011 CVE-2026-23013 CVE-2026-23019
CVE-2026-23020 CVE-2026-23021 CVE-2026-23023 CVE-2026-23025
CVE-2026-23026 CVE-2026-23030 CVE-2026-23031 CVE-2026-23032
CVE-2026-23033 CVE-2026-23035 CVE-2026-23037 CVE-2026-23038
CVE-2026-23047 CVE-2026-23049 CVE-2026-23050 CVE-2026-23053
CVE-2026-23054 CVE-2026-23055 CVE-2026-23056 CVE-2026-23057
CVE-2026-23058 CVE-2026-23059 CVE-2026-23060 CVE-2026-23061
CVE-2026-23062 CVE-2026-23063 CVE-2026-23064 CVE-2026-23065
CVE-2026-23068 CVE-2026-23069 CVE-2026-23071 CVE-2026-23072
CVE-2026-23073 CVE-2026-23074 CVE-2026-23075 CVE-2026-23076
CVE-2026-23078 CVE-2026-23080 CVE-2026-23083 CVE-2026-23084
CVE-2026-23085 CVE-2026-23086 CVE-2026-23087 CVE-2026-23088
CVE-2026-23089 CVE-2026-23090 CVE-2026-23091 CVE-2026-23093
CVE-2026-23094 CVE-2026-23095 CVE-2026-23096 CVE-2026-23097
CVE-2026-23098 CVE-2026-23099 CVE-2026-23101 CVE-2026-23103
CVE-2026-23105 CVE-2026-23107 CVE-2026-23108 CVE-2026-23110
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
For the stable distribution (trixie), these problems have been fixed in
version 6.12.69-1.
We recommend that you upgrade your linux packages.
For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
