Debian GNU/Linux 11 (Bullseye) LTS has recently received security updates for two critical components: libraw and glibc. The updates, identified as Debian LTS Advisories DLA-4142-1 and DLA-4143-1, address vulnerabilities that could potentially compromise system security.
- CVE-2025-43961: An out-of-bounds read in the Fujifilm 0xf00c tag parser.
- CVE-2025-43962: Out-of-bounds reads for tag 0x412 processing in the phase_one_correct function.
- CVE-2025-43963: Unchecked values leading to out-of-buffer access in tag 0x041f processing.
- CVE-2025-43964: Lack of enforcement for minimum value checks in tag 0x412 processing.
Users are encouraged to upgrade their libraw packages to the latest version to mitigate these vulnerabilities. Additional information can be found on the [libraw security tracker page](https://security-tracker.debian.org/tracker/libraw).
Libraw Security Update (DLA-4142-1)
Libraw, a library used for reading RAW files from digital cameras, has been updated to version 0.20.2-1+deb11u2. The update addresses several vulnerabilities identified by the following CVE IDs:- CVE-2025-43961: An out-of-bounds read in the Fujifilm 0xf00c tag parser.
- CVE-2025-43962: Out-of-bounds reads for tag 0x412 processing in the phase_one_correct function.
- CVE-2025-43963: Unchecked values leading to out-of-buffer access in tag 0x041f processing.
- CVE-2025-43964: Lack of enforcement for minimum value checks in tag 0x412 processing.
Users are encouraged to upgrade their libraw packages to the latest version to mitigate these vulnerabilities. Additional information can be found on the [libraw security tracker page](https://security-tracker.debian.org/tracker/libraw).
Glibc Security Update (DLA-4143-1)
The GNU C Library (glibc), a core component of Debian systems, has also been updated to version 2.31-13+deb11u12. This update addresses a vulnerability (CVE-2025-0395) related to the `assert()` function. The flaw could lead to a buffer overflow when an assertion fails, due to insufficient space allocation for the failure message. Users should upgrade their glibc packages to the latest version to resolve this issue, with further details available on the [glibc security tracker page](https://security-tracker.debian.org/tracker/glibc).Conclusion
Both updates are crucial for maintaining system security and integrity in Debian 11. Users are strongly advised to apply these updates promptly. For comprehensive details on how to implement these updates and to access frequently asked questions, users can refer to the [Debian LTS wiki](https://wiki.debian.org/LTS).Extended Information
In addition to these updates, it is essential for users to regularly monitor and apply security patches to ensure their systems remain protected against emerging threats. Keeping software up to date is a fundamental practice for maintaining overall system health, and users should consider implementing automated updates where possible. Furthermore, engaging with the Debian community through mailing lists or forums can provide additional support and insights into best practices for system management and securityLibraw and Glibc updates for Debian 11 LTS
Debian GNU/Linux 11 (Bullseye) LTS has been updated with two security patches for libraw and glibc:
[DLA 4142-1] libraw security update
[DLA 4143-1] glibc security updateLibraw and Glibc updates for Debian 11 LTS @ Linux Compatible
