Debian GNU/Linux has issued important security updates for two software packages: Thunderbird and PHP 7.4, affecting both Debian 11 LTS (Bullseye) and Debian 12 (Bookworm).
- Advisory DLA-4253-1 for Debian 11 (Bullseye) addresses the same vulnerabilities. The recommended upgrade is to version 1:128.13.0esr-1~deb11u1.
For both advisories, users can find detailed information and the security tracker for Thunderbird at the provided links.
Users are encouraged to upgrade their PHP 7.4 packages and can access detailed information via the security tracker for PHP.
Thunderbird Security Updates
- Advisory DSA-5966-1 for Debian 12 (Bookworm) includes multiple vulnerabilities identified by CVE IDs ranging from CVE-2025-8027 to CVE-2025-8035. These issues could lead to arbitrary code execution. Users are advised to upgrade to version 1:128.13.0esr-1~deb12u1.- Advisory DLA-4253-1 for Debian 11 (Bullseye) addresses the same vulnerabilities. The recommended upgrade is to version 1:128.13.0esr-1~deb11u1.
For both advisories, users can find detailed information and the security tracker for Thunderbird at the provided links.
PHP 7.4 Security Update
- Advisory DLA-4254-1 pertains to PHP 7.4, identifying vulnerabilities with CVE IDs CVE-2025-1220, CVE-2025-1735, and CVE-2025-6491. These issues may result in server-side request forgery or denial of service. The fix for Debian 11 (Bullseye) is version 7.4.33-1+deb11u9.Users are encouraged to upgrade their PHP 7.4 packages and can access detailed information via the security tracker for PHP.
Conclusion
These updates underscore the importance of maintaining up-to-date software to protect against potential vulnerabilities. Users of Debian systems should prioritize applying these patches to ensure their systems remain secure. For further assistance, Debian's security advisory pages provide comprehensive guidelines on how to implement these updates effectively.Additional Context
As software evolves, security vulnerabilities can emerge, making it essential for users to stay informed about updates. Regular maintenance and prompt application of security patches not only protect individual systems but also enhance the overall security of the Debian community. For ongoing security news and updates, users can subscribe to Debian's security mailing list or follow their official announcementsPHP and Thunderbird updates for Debian
Debian GNU/Linux has received two security updates: A Thunderbird update for both Debian 11 LTS and 12 and a PHP 7.4 update for Debian 11 LTS
[DSA 5966-1] thunderbird security update
[DLA 4253-1] thunderbird security update
[DLA 4254-1] php7.4 security update
