Debian GNU/Linux has released a series of crucial security updates for various packages, including the Linux Kernel, phpMyAdmin, LemonLDAP-NG, and Libnet-Easytcp-Perl, across its different versions.
For Debian 9 (Stretch) and 10 (Buster), the following security update has been issued:
- ELA-1382-1: A security update for the Linux Kernel version 6.1.
For Debian 11 (Bullseye), multiple updates have been made:
- DLA-4120-1: Libnet-Easytcp-Perl update addresses CVE-2024-56830. The module now uses Bytes::Random::Secure for secure random number generation instead of the insecure fallback to `rand()`.
- DLA-4121-1: phpMyAdmin update fixes multiple cross-site scripting (XSS) vulnerabilities, including CVE-2023-25727 and CVE-2025-24529.
- DLA-4119-1: LemonLDAP-NG update addresses a critical XSS vulnerability (CVE-2025-31510) related to input validation in the "Choice" module.
For Debian 12 (Bookworm):
- DSA-5897-1: Similar to Bullseye's LemonLDAP-NG update, this addresses the same XSS vulnerability with the version updated to 2.16.1+ds-deb12u6.
Users are strongly encouraged to upgrade their affected packages to ensure enhanced security. Detailed information about each update, including the CVEs addressed, can be found on the Debian security tracker pages.
In addition to these updates, it is essential for users to stay informed about ongoing security practices and regularly apply updates to protect their systems from vulnerabilities. Ongoing monitoring of the Debian security advisories and engaging with community discussions around security best practices can also enhance system resilience against potential threats
For Debian 9 (Stretch) and 10 (Buster), the following security update has been issued:
- ELA-1382-1: A security update for the Linux Kernel version 6.1.
For Debian 11 (Bullseye), multiple updates have been made:
- DLA-4120-1: Libnet-Easytcp-Perl update addresses CVE-2024-56830. The module now uses Bytes::Random::Secure for secure random number generation instead of the insecure fallback to `rand()`.
- DLA-4121-1: phpMyAdmin update fixes multiple cross-site scripting (XSS) vulnerabilities, including CVE-2023-25727 and CVE-2025-24529.
- DLA-4119-1: LemonLDAP-NG update addresses a critical XSS vulnerability (CVE-2025-31510) related to input validation in the "Choice" module.
For Debian 12 (Bookworm):
- DSA-5897-1: Similar to Bullseye's LemonLDAP-NG update, this addresses the same XSS vulnerability with the version updated to 2.16.1+ds-deb12u6.
Users are strongly encouraged to upgrade their affected packages to ensure enhanced security. Detailed information about each update, including the CVEs addressed, can be found on the Debian security tracker pages.
In addition to these updates, it is essential for users to stay informed about ongoing security practices and regularly apply updates to protect their systems from vulnerabilities. Ongoing monitoring of the Debian security advisories and engaging with community discussions around security best practices can also enhance system resilience against potential threats
Linux Kernel, phpMyAdmin, LemonLDAP-NG, Libnet-Easytcp-Perl updates for Debian
Debian GNU/Linux has implemented a series of security updates, including for Linux Kernel, phpMyAdmin, LemonLDAP-NG, and Libnet-Easytcp-Perl:
Debian GNU/Linux 9 (Stretch) and 10 (Buster) ELTS:
ELA-1382-1 linux-6.1 security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4120-1] libnet-easytcp-perl security update
[DLA 4121-1] phpmyadmin security update
[DLA 4119-1] lemonldap-ng security update
Debian GNU/Linux 12 (Bookworm):
[DSA 5897-1] lemonldap-ng security updateLinux Kernel, phpMyAdmin, LemonLDAP-NG, Libnet-Easytcp-Perl updates for Debian @ Linux Compatible
