Debian Linux Security LinuxSecurity Advisories is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals.
Stay Vigilant with Timely Linux Security Advisories LinuxSecurity.com is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the commu
- Debian Trixie Wireshark Key Denial of Service Vulnerabilities DSA-6124-1
on February 8, 2026 at 7:52 pmMultiple vulnerabilities have been discocvered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code. For the stable distribution (trixie), these problems have been fixed in version 4.4.13-0+deb13u1.
- Debian xrdp Important Buffer Overflow Remote Exec CVE-2025-68670 DSA-6123-1on February 7, 2026 at 6:25 am
Denis Skvortsov discovered that xrdp, a Remote Desktop Protocol (RDP) server, was susceptible to an unauthenticated stack-based buffer overflow vulnerability, which may result in remote execution of arbitrary code. For the oldstable distribution (bookworm), this problem has been fixed
- Debian Chromium Critical Code Exec DoS Info Disclosure DSA-6122-1on February 5, 2026 at 9:16 pm
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 144.0.7559.109-2~deb12u1.
- Debian DSA-6121-1 Tomcat11 Important Denial of Service Vulnerabilitieson February 5, 2026 at 8:56 pm
Several security vulnerabilities have been found in Tomcat 11, a Java web server and servlet engine. This update improves the handling of HTTP/2 connections and corrects various flaws which can lead to uncontrolled resource consumption and a denial of service. For the stable distribution (trixie), these problems have been fixed in
- Debian DSA-6120-1 Tomcat10 Serious Vulnerabilities Resource Depletion DoSon February 5, 2026 at 8:48 pm
Several security vulnerabilities have been found in Tomcat 10, a Java web server and servlet engine. This update improves the handling of HTTP/2 connections and corrects various flaws which can lead to uncontrolled resource consumption and a denial of service. For the oldstable distribution (bookworm), these problems have been fixed
- Debian Trixie OpenJDK Important Man-in-the-Middle Attacks DSA-6119-1on February 5, 2026 at 7:43 pm
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in incorrect certificate validation, CRLF injection or man-in-the-middle attacks. For the stable distribution (trixie), these problems have been fixed in version 25.0.2+10-1~deb13u2. This version of OpenJDK now also requires
- Debian thunderbird Important Info Disclosure Vuln DSA-6118-1 CVE-2026-0818on February 3, 2026 at 7:26 pm
A security issue was discovered in Thunderbird, which could result in information disclosure For the oldstable distribution (bookworm), this problem has been fixed in version 1:140.7.1esr-1~deb12u1. For the stable distribution (trixie), this problem has been fixed in
- Debian DSA-6117-1 python-django Important SQL Injection DoS CVE-2025-13372on January 31, 2026 at 12:32 pm
Multiple security issues were found in Django, a Python web development framework, which could result in SQL injection, directory traversal or denial of service. For the stable distribution (trixie), these problems have been fixed in version 3:4.2.27-0+deb13u1.
- Debian Bookworm Chromium Important Security Risk DSA-6116-1 CVE-2026-1504on January 30, 2026 at 10:55 am
A security issue was discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), this problem has been fixed in version 144.0.7559.109-1~deb12u1.
