The Debian project has issued several security advisories to update various packages. The first advisory, DLA-4403-1, updates the tzdata package to version 2025b-0+deb11u2, which includes the latest changes to the leap second list. Other advisories, including ELA-1594-1 for Debian 9 and 10 and DSA-6080-1 for Chromium, also address security issues in various packages. Additionally, updates for the Linux kernel (DLA-4404-1) and Thunderbird (DLA-4405-1) have been released to fix multiple vulnerabilities.

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1594-1 tzdata new timezone database

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4403-1] tzdata new timezone database
[DLA 4404-1] linux security update
[DLA 4405-1] thunderbird security update

Debian GNU/Linux 12 (Bookworm) and 13 (Trixie):
[DSA 6080-1] chromium security update

[SECURITY] [DLA 4403-1] tzdata new timezone database

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4403-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
December 12, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : tzdata
Version : 2025b-0+deb11u2

This update includes the latest changes to the leap second list,
including an update to its expiry date, which was set for the end of
December.

For Debian 11 bullseye, this problem has been fixed in version
2025b-0+deb11u2.

We recommend that you upgrade your tzdata packages.

For the detailed security status of tzdata please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tzdata

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

ELA-1594-1 tzdata new timezone database

Package : tzdata
Version : 2025b-0+deb9u2 (stretch), 2025b-0+deb10u2 (buster)

This update includes the latest changes to the leap second list,
including an update to its expiry date, which was set for the end of
December.

ELA-1594-1 tzdata new timezone database

[SECURITY] [DSA 6080-1] chromium security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6080-1 security@debian.org
https://www.debian.org/security/ Andres Salomon
December 12, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2025-14372 CVE-2025-14373

Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure. An additional CVE (that has yet to be assigned) is fixed in
this release; Google is aware of an expoit in the wild for that issue.

For the oldstable distribution (bookworm), these problems have been fixed
in version 143.0.7499.109-1~deb12u1.

For the stable distribution (trixie), these problems have been fixed in
version 143.0.7499.109-1~deb13u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

[SECURITY] [DLA 4404-1] linux security update

-------------------------------------------------------------------------
Debian LTS Advisory DLA-4404-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Ben Hutchings
December 12, 2025 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : linux
Version : 5.10.247-1
CVE ID : CVE-2023-53498 CVE-2024-47666 CVE-2024-50143 CVE-2024-57947
CVE-2025-21861 CVE-2025-21887 CVE-2025-22058 CVE-2025-23143
CVE-2025-38678 CVE-2025-39866 CVE-2025-39869 CVE-2025-39876
CVE-2025-39883 CVE-2025-39885 CVE-2025-39907 CVE-2025-39911
CVE-2025-39913 CVE-2025-39923 CVE-2025-39937 CVE-2025-39945
CVE-2025-39949 CVE-2025-39951 CVE-2025-39953 CVE-2025-39955
CVE-2025-39964 CVE-2025-39967 CVE-2025-39968 CVE-2025-39969
CVE-2025-39970 CVE-2025-39971 CVE-2025-39972 CVE-2025-39973
CVE-2025-39980 CVE-2025-39985 CVE-2025-39986 CVE-2025-39987
CVE-2025-39993 CVE-2025-39994 CVE-2025-39995 CVE-2025-39996
CVE-2025-39998 CVE-2025-40001 CVE-2025-40006 CVE-2025-40011
CVE-2025-40018 CVE-2025-40019 CVE-2025-40020 CVE-2025-40021
CVE-2025-40022 CVE-2025-40026 CVE-2025-40027 CVE-2025-40029
CVE-2025-40030 CVE-2025-40035 CVE-2025-40042 CVE-2025-40044
CVE-2025-40048 CVE-2025-40049 CVE-2025-40053 CVE-2025-40055
CVE-2025-40070 CVE-2025-40078 CVE-2025-40081 CVE-2025-40083
CVE-2025-40087 CVE-2025-40088 CVE-2025-40105 CVE-2025-40106
CVE-2025-40109 CVE-2025-40111 CVE-2025-40115 CVE-2025-40116
CVE-2025-40118 CVE-2025-40121 CVE-2025-40125 CVE-2025-40127
CVE-2025-40134 CVE-2025-40140 CVE-2025-40153 CVE-2025-40154
CVE-2025-40167 CVE-2025-40173 CVE-2025-40178 CVE-2025-40183
CVE-2025-40186 CVE-2025-40187 CVE-2025-40188 CVE-2025-40190
CVE-2025-40194 CVE-2025-40197 CVE-2025-40198 CVE-2025-40200
CVE-2025-40204 CVE-2025-40205 CVE-2025-40211 CVE-2025-40219
CVE-2025-40220 CVE-2025-40223 CVE-2025-40231 CVE-2025-40233
CVE-2025-40240 CVE-2025-40243 CVE-2025-40244 CVE-2025-40248
CVE-2025-40254 CVE-2025-40257 CVE-2025-40258 CVE-2025-40259
CVE-2025-40261 CVE-2025-40262 CVE-2025-40263 CVE-2025-40264
CVE-2025-40269 CVE-2025-40271 CVE-2025-40273 CVE-2025-40275
CVE-2025-40277 CVE-2025-40278 CVE-2025-40280 CVE-2025-40281
CVE-2025-40282 CVE-2025-40283 CVE-2025-40304 CVE-2025-40306
CVE-2025-40308 CVE-2025-40309 CVE-2025-40312 CVE-2025-40315
CVE-2025-40317 CVE-2025-40319 CVE-2025-40321 CVE-2025-40322
CVE-2025-40324 CVE-2025-40331 CVE-2025-40342
Debian Bug : 1107479 1114557

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

For Debian 11 bullseye, these problems have been fixed in version
5.10.247-1. This version additionally includes many more bug fixes
from stable updates 5.10.245-5.10.247. The broken pktcdvd driver has
also been disabled.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[SECURITY] [DLA 4405-1] thunderbird security update

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4405-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
December 13, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : thunderbird
Version : 1:140.6.0esr-1~deb11u1
CVE ID : CVE-2025-14321 CVE-2025-14322 CVE-2025-14323 CVE-2025-14324
CVE-2025-14325 CVE-2025-14328 CVE-2025-14329 CVE-2025-14330
CVE-2025-14331 CVE-2025-14333

Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code.

For Debian 11 bullseye, these problems have been fixed in version
1:140.6.0esr-1~deb11u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS