Yelp, PHP-Twig, and Extended Linux Kernels for Debian

Debian 10939 Published by

Debian and Freexian just rolled out urgent security advisories targeting several widely used software packages alongside older kernel releases. The Yelp help browser finally closes a dangerous loophole where malicious documents could silently exfiltrate user files or break through sandbox protections, while the PHP-Twig template engine gets patched against multiple code injection and cross-site scripting threats. Administrators running legacy Debian branches need to prioritize upgrading their Linux kernel installations because both version 6.1 and version 5.10 now resolve dozens of newly disclosed vulnerabilities that could easily lead to privilege escalation or unexpected system crashes. You should check the official security tracker pages for your specific distribution branch before running package updates on any affected machines.

[DSA 6319-1] yelp security update
[DSA 6320-1] php-twig security update
ELA-1739-1 linux-6.1 security update
ELA-1738-1 linux-5.10 security update




[SECURITY] [DSA 6319-1] yelp security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6319-1 security@debian.org
https://www.debian.org/security/ Aron Xu
June 02, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : yelp
CVE ID :
Debian Bug : 1136299

A vulnerability was discovered in yelp, the GNOME help browser, that
allows a crafted help document to read files accessible to the user and
exfiltrate them to a remote server through resources loaded by the
embedded web view. When yelp is launched from a sandboxed application
(for example via the Flatpak OpenURI portal), this also enables a
sandbox escape.

For the oldstable distribution (bookworm), this problem has been fixed
in version 42.2-1+deb12u2.

For the stable distribution (trixie), this problem has been fixed in
version 42.2-4+deb13u1.

We recommend that you upgrade your yelp packages.

For the detailed security status of yelp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/yelp

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[SECURITY] [DSA 6320-1] php-twig security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6320-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 02, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : php-twig
CVE ID : CVE-2024-51754 CVE-2026-46628 CVE-2026-46629
CVE-2026-46637 CVE-2026-47730 CVE-2026-46633

Multiple security vulnerabilities were discovered in Twig, a template
engine for PHP, which could result in PHP code injection, sandbox bypass
or cross-site scripting.

For the oldstable distribution (bookworm), these problems have been fixed
in version 3.5.1-1+deb12u3.

We recommend that you upgrade your php-twig packages.

For the detailed security status of php-twig please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php-twig

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


ELA-1739-1 linux-6.1 security update (by )


Package : linux-6.1

Version : 6.1.174-1~deb9u1 (stretch), 6.1.174-1~deb10u1 (buster)

Related CVEs :
CVE-2026-43503
CVE-2026-46174
CVE-2026-46300

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.


ELA-1739-1 linux-6.1 security update (by )



ELA-1738-1 linux-5.10 security update (by )


Package : linux-5.10

Version : 5.10.257-1~deb9u1 (stretch), 5.10.257-1~deb10u1 (buster)

Related CVEs :
CVE-2024-56584
CVE-2025-39748
CVE-2025-39764
CVE-2025-40219
CVE-2025-40261
CVE-2025-68206
CVE-2025-71274
CVE-2025-71292
CVE-2025-71304
CVE-2026-23100
CVE-2026-23112
CVE-2026-23227
CVE-2026-23242
CVE-2026-23243
CVE-2026-23245
CVE-2026-23253
CVE-2026-23273
CVE-2026-23274
CVE-2026-23277
CVE-2026-23279
CVE-2026-23281
CVE-2026-23286
CVE-2026-23289
CVE-2026-23290
CVE-2026-23291
CVE-2026-23293
CVE-2026-23298
CVE-2026-23300
CVE-2026-23303
CVE-2026-23304
CVE-2026-23307
CVE-2026-23312
CVE-2026-23318
CVE-2026-23336
CVE-2026-23339
CVE-2026-23351
CVE-2026-23352
CVE-2026-23356
CVE-2026-23357
CVE-2026-23362
CVE-2026-23365
CVE-2026-23367
CVE-2026-23368
CVE-2026-23372
CVE-2026-23379
CVE-2026-23381
CVE-2026-23382
CVE-2026-23388
CVE-2026-23391
CVE-2026-23395
CVE-2026-23396
CVE-2026-23397
CVE-2026-23398
CVE-2026-23420
CVE-2026-23434
CVE-2026-23439
CVE-2026-23446
CVE-2026-23452
CVE-2026-23455
CVE-2026-23456
CVE-2026-23457
CVE-2026-23458
CVE-2026-23460
CVE-2026-23462
CVE-2026-23463
CVE-2026-23474
CVE-2026-31391
CVE-2026-31393
CVE-2026-31396
CVE-2026-31399
CVE-2026-31400
CVE-2026-31402
CVE-2026-31403
CVE-2026-31405
CVE-2026-31411
CVE-2026-31415
CVE-2026-31416
CVE-2026-31417
CVE-2026-31418
CVE-2026-31421
CVE-2026-31422
CVE-2026-31423
CVE-2026-31424
CVE-2026-31425
CVE-2026-31427
CVE-2026-31428
CVE-2026-31447
CVE-2026-31450
CVE-2026-31452
CVE-2026-31454
CVE-2026-31455
CVE-2026-31466
CVE-2026-31469
CVE-2026-31473
CVE-2026-31485
CVE-2026-31494
CVE-2026-31495
CVE-2026-31497
CVE-2026-31498
CVE-2026-31504
CVE-2026-31507
CVE-2026-31508
CVE-2026-31509
CVE-2026-31510
CVE-2026-31512
CVE-2026-31515
CVE-2026-31518
CVE-2026-31523
CVE-2026-31524
CVE-2026-31545
CVE-2026-31546
CVE-2026-31550
CVE-2026-31552
CVE-2026-31555
CVE-2026-31570
CVE-2026-31628
CVE-2026-31649
CVE-2026-31651
CVE-2026-31658
CVE-2026-31659
CVE-2026-31660
CVE-2026-31661
CVE-2026-31662
CVE-2026-31665
CVE-2026-31667
CVE-2026-31668
CVE-2026-31670
CVE-2026-31671
CVE-2026-31672
CVE-2026-31674
CVE-2026-31679
CVE-2026-31680
CVE-2026-31682
CVE-2026-31683
CVE-2026-31720
CVE-2026-31721
CVE-2026-31726
CVE-2026-31728
CVE-2026-31737
CVE-2026-31738
CVE-2026-31747
CVE-2026-31748
CVE-2026-31749
CVE-2026-31751
CVE-2026-31752
CVE-2026-31758
CVE-2026-31759
CVE-2026-31761
CVE-2026-31762
CVE-2026-31763
CVE-2026-31770
CVE-2026-31773
CVE-2026-31778
CVE-2026-31780
CVE-2026-31781
CVE-2026-31786
CVE-2026-31787
CVE-2026-31788
CVE-2026-43011
CVE-2026-43014
CVE-2026-43015
CVE-2026-43020
CVE-2026-43024
CVE-2026-43026
CVE-2026-43027
CVE-2026-43028
CVE-2026-43030
CVE-2026-43032
CVE-2026-43035
CVE-2026-43037
CVE-2026-43038
CVE-2026-43040
CVE-2026-43041
CVE-2026-43043
CVE-2026-43047
CVE-2026-43050
CVE-2026-43051
CVE-2026-43060
CVE-2026-43061
CVE-2026-43062
CVE-2026-43066
CVE-2026-43068
CVE-2026-43069
CVE-2026-43077
CVE-2026-43078
CVE-2026-43124
CVE-2026-43130
CVE-2026-43132
CVE-2026-43134
CVE-2026-43135
CVE-2026-43136
CVE-2026-43139
CVE-2026-43140
CVE-2026-43141
CVE-2026-43147
CVE-2026-43149
CVE-2026-43152
CVE-2026-43156
CVE-2026-43158
CVE-2026-43159
CVE-2026-43163
CVE-2026-43168
CVE-2026-43171
CVE-2026-43180
CVE-2026-43183
CVE-2026-43184
CVE-2026-43187
CVE-2026-43190
CVE-2026-43194
CVE-2026-43196
CVE-2026-43202
CVE-2026-43203
CVE-2026-43206
CVE-2026-43207
CVE-2026-43209
CVE-2026-43211
CVE-2026-43218
CVE-2026-43223
CVE-2026-43226
CVE-2026-43227
CVE-2026-43230
CVE-2026-43231
CVE-2026-43232
CVE-2026-43233
CVE-2026-43236
CVE-2026-43241
CVE-2026-43242
CVE-2026-43246
CVE-2026-43251
CVE-2026-43255
CVE-2026-43257
CVE-2026-43261
CVE-2026-43264
CVE-2026-43266
CVE-2026-43268
CVE-2026-43269
CVE-2026-43270
CVE-2026-43273
CVE-2026-43277
CVE-2026-43283
CVE-2026-43287
CVE-2026-43289
CVE-2026-43295
CVE-2026-43296
CVE-2026-43314
CVE-2026-43316
CVE-2026-43327
CVE-2026-43328
CVE-2026-43334
CVE-2026-43336
CVE-2026-43339
CVE-2026-43340
CVE-2026-43342
CVE-2026-43343
CVE-2026-43355
CVE-2026-43357
CVE-2026-43363
CVE-2026-43370
CVE-2026-43373
CVE-2026-43381
CVE-2026-43382
CVE-2026-43383
CVE-2026-43386
CVE-2026-43387
CVE-2026-43407
CVE-2026-43411
CVE-2026-43420
CVE-2026-43424
CVE-2026-43425
CVE-2026-43426
CVE-2026-43427
CVE-2026-43428
CVE-2026-43429
CVE-2026-43430
CVE-2026-43432
CVE-2026-43437
CVE-2026-43439
CVE-2026-43445
CVE-2026-43449
CVE-2026-43450
CVE-2026-43451
CVE-2026-43452
CVE-2026-43453
CVE-2026-43458
CVE-2026-43459
CVE-2026-43466
CVE-2026-43472
CVE-2026-43475
CVE-2026-43480
CVE-2026-43503
CVE-2026-45848
CVE-2026-45852
CVE-2026-45856
CVE-2026-45857
CVE-2026-45860
CVE-2026-45862
CVE-2026-45866
CVE-2026-45867
CVE-2026-45868
CVE-2026-45869
CVE-2026-45870
CVE-2026-45871
CVE-2026-45873
CVE-2026-45875
CVE-2026-45879
CVE-2026-45883
CVE-2026-45885
CVE-2026-45890
CVE-2026-45899
CVE-2026-45904
CVE-2026-45912
CVE-2026-45914
CVE-2026-45915
CVE-2026-45916
CVE-2026-45919
CVE-2026-45920
CVE-2026-45923
CVE-2026-45936
CVE-2026-45941
CVE-2026-45948
CVE-2026-45954
CVE-2026-45956
CVE-2026-45958
CVE-2026-45960
CVE-2026-45964
CVE-2026-45965
CVE-2026-45968
CVE-2026-45970
CVE-2026-45974
CVE-2026-45978
CVE-2026-45981
CVE-2026-45983
CVE-2026-45984
CVE-2026-45985
CVE-2026-46028
CVE-2026-46174
CVE-2026-46300

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
This version additionally includes many more bug fixes from stable
updates 5.10.252-5.10.257.


ELA-1738-1 linux-5.10 security update (by )


CIFSwitch (CVE-2026-46243) Patches for AlmaLinux

Hplip, Python-Wsgidav, Xorg-x11-Server, and Roundcubemail updates for Fedora

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...