Debian GNU/Linux has received significant security updates across several versions, focusing on vulnerabilities in key packages such as Chromium, Libapache2-Mod-Auth-OpenIDC, Libmodbus, and Graphicsmagick.
For users of Debian versions 8 (Jessie), 9 (Stretch), and 10 (Buster), a critical security update for libmodbus (ELA-1397-1) has been issued, addressing a stack-based buffer overflow vulnerability (CVE-2024-10918).
In Debian 11 (Bullseye), a security update for libapache2-mod-auth-openidc (DLA 4129-1) has been released to fix a flaw (CVE-2025-31492) that could lead to unauthorized content disclosure. The patch addresses specific conditions that could expose protected resources.
Debian 12 (Bookworm) has received updates for several packages. A crucial security update for Chromium (DSA 5903-1) addresses multiple vulnerabilities (CVE-2025-3619, CVE-2025-3620) that could allow arbitrary code execution, denial of service, or information leaks. Users are urged to upgrade to version 135.0.7049.95-1~deb12u1. Similarly, Graphicsmagick (DSA 5905-1) has been updated to resolve two vulnerabilities (CVE-2025-27795, CVE-2025-32460) that risk denial of service or code execution when processing malformed image files.
Overall, it is highly recommended for users across all Debian versions to ensure they have the latest security updates installed to protect against these vulnerabilities. For more detailed information, users can refer to the respective security tracker pages for each package and follow guidelines on applying updates from the Debian security advisories.
In addition to these updates, it is essential for system administrators and users to regularly monitor for new security advisories and employ best practices for security, such as maintaining updated backups, employing firewalls, and applying security patches promptly to mitigate risks associated with potential vulnerabilities
For users of Debian versions 8 (Jessie), 9 (Stretch), and 10 (Buster), a critical security update for libmodbus (ELA-1397-1) has been issued, addressing a stack-based buffer overflow vulnerability (CVE-2024-10918).
In Debian 11 (Bullseye), a security update for libapache2-mod-auth-openidc (DLA 4129-1) has been released to fix a flaw (CVE-2025-31492) that could lead to unauthorized content disclosure. The patch addresses specific conditions that could expose protected resources.
Debian 12 (Bookworm) has received updates for several packages. A crucial security update for Chromium (DSA 5903-1) addresses multiple vulnerabilities (CVE-2025-3619, CVE-2025-3620) that could allow arbitrary code execution, denial of service, or information leaks. Users are urged to upgrade to version 135.0.7049.95-1~deb12u1. Similarly, Graphicsmagick (DSA 5905-1) has been updated to resolve two vulnerabilities (CVE-2025-27795, CVE-2025-32460) that risk denial of service or code execution when processing malformed image files.
Overall, it is highly recommended for users across all Debian versions to ensure they have the latest security updates installed to protect against these vulnerabilities. For more detailed information, users can refer to the respective security tracker pages for each package and follow guidelines on applying updates from the Debian security advisories.
In addition to these updates, it is essential for system administrators and users to regularly monitor for new security advisories and employ best practices for security, such as maintaining updated backups, employing firewalls, and applying security patches promptly to mitigate risks associated with potential vulnerabilities
Chromium, Libapache2-Mod-Auth-OpenIDC, Libmodbus, Graphicsmagick updates for Debian
Debian GNU/Linux has been updated with multiple security enhancements, including updates for Chromium, Libapache2-Mod-Auth-OpenIDC, Libmodbus, and Graphicsmagick:
Debian GNU/Linux 8 (Jessie), 9 (Stretch), and 10 (Buster) Extended LTS:
ELA-1397-1 libmodbus security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4129-1] libapache2-mod-auth-openidc security update
Debian GNU/Linux 12 (Bookworm):
[DSA 5903-1] chromium security update
[DSA 5905-1] graphicsmagick security update
[DSA 5904-1] libapache2-mod-auth-openidc security update
