Debian LTS Linux Security is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals.
Stay Vigilant with Timely Linux Security Advisories LinuxSecurity.com is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the commu
- Debian 11: Git Critical Issues Fix DLA-4323-1 CVE-2025-27613
on October 6, 2025 at 12:15 pmCVE-2025-27613 With Gitk, the Git history browser, when a user clones an untrusted repository and runs gitk without additional command arguments,
- Debian 11: DLA-4322-1 log4cxx Critical HTML JSON Injection CVE-2025-54812on October 4, 2025 at 10:46 pm
Multiple vulnerabilities were discovered in log4cxx, a logging library for C++ that is compatible with the JAVA log4j framework. CVE-2025-54812
- Debian 11: DLA-4321-1 Addresses Critical Out of Bounds Decrypt Flawon October 3, 2025 at 3:51 pm
Stanislav Fort discovered an out of bounds read and write issue when decrypting CMS messages that were encrypted using password based encryption.
- Debian 11: open-vm-tools Security Flaw DLA-4316-1 CVE-2025-41244on October 1, 2025 at 5:47 am
An issue was found in open-vm-tools, a set of tools for VMs hosted on VMware. The issue is related to a local privilege escalation in combination with the get-versions.sh script, shipped with the service
- Debian 11: u-boot Critical DLA-4320-1 Update CVE-2021-27097on September 30, 2025 at 11:45 pm
Multiple vulnerabilties were discovered in u-boot, a boot loader for embedded systems. CVE-2021-27097
- Debian LTS: libcommons-lang-java Update DLA-4262-2 for CVE-2025-48924on September 30, 2025 at 9:57 pm
A regression has been discovered in the latest release 2.6-9+deb11u1 of libcommons-lang-java. The patch to fix CVE-2025-48924 had not been properly backported.
- Debian 11: libxml2 DLA-4319-1 CVE-2025-9714 DoS Threat Resolutionon September 30, 2025 at 9:55 pm
Two security issues were found in libxml2, the GNOME XML library, which could yield denial of service or heap corruption. CVE-2025-9714
- Debian LTS 11: libcpanel-json-xs-perl Critical DoS CVE-2025-40929on September 30, 2025 at 9:31 pm
A vulnerability has been fixed in libcpanel-json-xs-perl, a Perl module for serialising to JSON. CVE-2025-40929
- Debian 11: Critical Integer Overflow DoS in libjson-xs-perl CVE-2025-40928on September 30, 2025 at 9:24 pm
A vulnerability has been fixed in libjson-xs-perl, a Perl module which does C/XS-accelerated manipulation of JSON-formatted data. CVE-2025-40928
