Not a user yet?
Log in Register for free Suggest a product
Update

Miscellaneous Bugfixes

DebianDebian
Debian Project

Updated Debian 13: 13.2 released
November 15th, 2025

Miscellaneous Bugfixes
This stable update adds a few important corrections to the following packages:

Package: 7zip
Reason: New upstream release; security fixes [CVE-2025-55188 CVE-2025-11002 CVE-2025-11001]

Package: 7zip-rar
Reason: Add missing CRC table constructor

Package: aide
Reason: Fix bin/buildcache use by running it from a root timer; various updates and fixes to included rules

Package: allow-html-temp
Reason: New upstream version to support newer Thunderbird releases

Package: alsa-ucm-conf-asahi
Reason: Install missing aop_audio UCM configs

Package: ansible
Reason: Update collections to maintain compatibility with ansible-core 2.19

Package: ansible-core
Reason: New upstream stable release; fix regression from 2.18 regarding handlers and play tags

Package: asahi-scripts
Reason: Fix the macaudio default profile check; add the apple_nvmem_spmi module to the initramfs explicitly; make update-m1n1 idempotent

Package: base-files
Reason: Update for the point release

Package: brltty
Reason: atSpi2: do not manage widgets without text interface; avoid excessive verbose bluetooth/usbfs messages

Package: console-setup
Reason: Update keyboard layouts dz(la) into dz(azerty-oss) and use ca/multix variant instead of ca/multi; fix dz(azerty-oss/deadkeys) into dz; fix dz default layout

Package: cups
Reason: Fix operation of checkboxes in admin interface

Package: curl
Reason: Fix buffer over-read issue [CVE-2025-9086]; fix cache poisoning issue [CVE-2025-10148]; fix path traversal issue [CVE-2025-11563]; allow --output to be overridden by --curl-options; fix manpage example; fix path traversal issue [CVE-2025-11563]

Package: debian-edu-config
Reason: Use SERVER_ADDRESS in RewriteRule instead of hard-coded 'www'; drop desktop bundle from bundlesequence

Package: debian-installer
Reason: Increase Linux kernel ABI to 6.12.57+deb13; rebuild against proposed-updates

Package: debian-installer-netboot-images
Reason: Increase Linux kernel ABI to 6.12.57+deb13; rebuild against proposed-updates

Package: dhcpcd
Reason: Fix crash when an address is deleted; prevent failure to start if wpasupplicant is not installed

Package: distro-info-data
Reason: Update EoL date for bookworm; add Ubuntu 26.04 LTS Resolute Raccoon

Package: dkms
Reason: New upstream release; stop shipping dkms.service; emit a warning if no kernel headers were found

Package: dns-root-data
Reason: Update root-anchors.p7s with new expiration date

Package: dnsdist
Reason: Fix denial of service issues [CVE-2025-8671 CVE-2025-30187]

Package: dolphin-emu
Reason: Fix interaction with RetroAchievements; fix translations

Package: dovecot
Reason: Ensure default lmtpd auth_username_format matches global value; fix oauth config parsing; handle sieve errors; fix typos

Package: eas4tbsync
Reason: New upstream version to support newer Thunderbird releases

Package: eperl
Reason: Avoid passing a truncated environment on Perl 5.40

Package: epiphany-browser
Reason: New upstream stable release; fix crashes; fix PKCS#11 login for invalid pairs

Package: evolution
Reason: New upstream stable release

Package: evolution-data-server
Reason: New upstream stable release; fix busy loop with MH format mail archive

Package: fangfrisch
Reason: Update sanesecurity mirror

Package: fluidsynth
Reason: Set default samplerate and buffer size, fixing high CPU usage and distorted sound

Package: folder-account
Reason: New upstream version to support newer Thunderbird releases

Package: fonts-noto-color-emoji
Reason: New upstream release; add Unicode 17.0 support

Package: freeradius
Reason: Fix compatibility with OpenSSL 3.5.2

Package: gnome-maps
Reason: New upstream release; fix route planning regression; add address formats

Package: gnome-session
Reason: Fix default app priority for early adopters

Package: google-recaptcha
Reason: Fix PHP 8.4 deprecation warnings

Package: ikvswitch
Reason: Use Trixie as default distro; don't fail when taking down IPMI bridge; switch to sysctl.d

Package: imagemagick
Reason: Fix integer overflow issue [CVE-2025-62171]

Package: input-remapper
Reason: Add missing python3-psutil runtime dependency

Package: irqbalance
Reason: Enable write access to /proc/irq

Package: jdupes
Reason: Fix detection of unique files

Package: jing-trang
Reason: Re-import upstream release to remove incorrect files

Package: keepassxc-browser
Reason: Fix compatibility with Chromium

Package: kmail-account-wizard
Reason: Enable automatic QML dependency detection

Package: lemonldap-ng
Reason: Fix command injection issue [CVE-2025-59518]; avoid exposing session-id; fix Google authentication

Package: libcommons-lang-java
Reason: Fix uncontrolled recursion [CVE-2025-48924]

Package: libcommons-lang3-java
Reason: Fix uncontrolled recursion [CVE-2025-48924]

Package: libgpiod
Reason: Remove unnecessary Breaks/Replaces

Package: libhtp
Reason: Prevent memory leak with lzma [CVE-2025-53537]

Package: libsmb2
Reason: Fix buffer overflow [CVE-2025-57632]

Package: libssh
Reason: Fix NULL dereference [CVE-2025-8114]; fix denial of service [CVE-2025-8277]

Package: libvirt
Reason: Don’t require keyEncipherment; lower log spam; fix daemon crash probing QEMU

Package: libwebsockets
Reason: Fix DoS [CVE-2025-11677]; fix buffer overflow [CVE-2025-11678]

Package: libxml2
Reason: Fix XPath recursion depth DoS [CVE-2025-9714]

Package: libyaml-syck-perl
Reason: Prevent memory corruption [CVE-2025-11683]

Package: linux
Reason: New upstream stable release

Package: linux-signed-amd64
Reason: New upstream stable release

Package: linux-signed-arm64
Reason: New upstream stable release

Package: lnav
Reason: Handle failure to set cregs from tmux

Package: log4cxx
Reason: Fix improper escaping [CVE-2025-54812 CVE-2025-54813]

Package: logcheck
Reason: Update ssh ignore rules

Package: lttng-modules
Reason: Fix potential kernel crash with syscall tracing

Package: luksmeta
Reason: Fix data corruption with LUKS1 [CVE-2025-11568]

Package: lxcfs
Reason: Add missing dependency on fuse3

Package: magit
Reason: Ship missing magit-dired.el

Package: mailfromd
Reason: Rebuild to fix symbol lookup error

Package: mailmindr
Reason: New upstream version to support newer Thunderbird releases

Package: malcontent
Reason: Fix snap filtering; fix flatpak listing; fix memory leak

Package: mapserver
Reason: Fix SQL injection [CVE-2025-59431]

Package: mc
Reason: Fix accidental use of >&10 causing delays

Package: modsecurity-apache
Reason: Fix Content-Type handling issues [CVE-2025-54571]

Package: monitoring-plugins
Reason: Fix check_users and check_mysql plugin issues

Package: mpv
Reason: Create missing watch-history folders

Package: mrtg
Reason: Fix duplicate WorkDir lines

Package: nextcloud-desktop
Reason: New upstream stable release

Package: nfdump
Reason: Honour subdir when using dynamic FlowSource

Package: nova
Reason: Fix information disclosure issue

Package: nvidia-graphics-drivers-tesla-535
Reason: Fix multiple security issues [CVE-2025-23280 CVE-2025-23282 CVE-2025-23300 CVE-2025-23330 CVE-2025-23332 CVE-2025-23345]

Package: onetbb
Reason: Fix test failures; skip flaky mutex tests

Package: open-vm-tools
Reason: Disable SDMP script execution [CVE-2025-41244]

Package: openssl
Reason: New upstream stable release

Package: openvpn-auth-radius
Reason: Fix packet authentication

Package: orphan-sysvinit-scripts
Reason: Add haveged init script

Package: patroni
Reason: New upstream stable release

Package: pdns-recursor
Reason: Switch to dpkg/default.mk; drop CARGO_REGISTRY override

Package: phpmyadmin
Reason: Address XSS in jquery.validate.js [CVE-2025-3573]

Package: poppler
Reason: Fix infinite recursion [CVE-2025-50420]

Package: postfix
Reason: New upstream stable release; fix typo causing excessive logging

Package: presage
Reason: Prevent crash with apostrophes

Package: privatebin-cli
Reason: Fix connections using GCM ciphers

Package: proftpd-dfsg
Reason: Don't remove /srv/ftp on purge

Package: puppet-module-puppetlabs-rabbitmq
Reason: Fix list_users; set all nodes as disk nodes

Package: puppet-module-tempest
Reason: Fix autoloading of openstack provider

Package: python-eventlet
Reason: Fix HTTP request smuggling [CVE-2025-58068]

Package: qemu
Reason: New upstream stable release; fix DoS [CVE-2024-8354]; fix ioctl emulation

Package: qt6-base
Reason: Fix high CPU usage on kwin_x11 lockscreen

Package: quicktext
Reason: New upstream version to support newer Thunderbird releases

Package: rabbitmq-server
Reason: Fix logging of sensitive data [CVE-2025-50200]

Package: riseup-vpn
Reason: Add dependency on qml6-module-qtcore

Package: rocm-hipamd
Reason: Fix linking for hip_bf16; fix manpage typo

Package: rsyslog-doc
Reason: Switch documentation theme

Package: ruby-sys-filesystem
Reason: Fix 64-bit OS detection

Package: rust-virtiofsd
Reason: Add missing dependency on uidmap

Package: sail
Reason: Fix memory corruption issues [multiple CVEs]

Package: samba
Reason: New upstream stable release; fix multiple security issues [CVE-2025-9640 CVE-2025-10230]

Package: samhain
Reason: Disable dnmalloc

Package: spip
Reason: Fix open redirect issue on AJAX login

Package: stardict
Reason: Split plugin; disable plugin

Package: suricata
Reason: Fix uncontrolled memory use and detection bypass [CVE-2025-53538 CVE-2025-59147]

Package: syslog-ng
Reason: Disable log statistics by default

Package: systemd
Reason: New upstream stable release; many fixes and updates

Package: systemd-boot-efi-amd64-signed
Reason: New upstream stable release; same improvements as systemd

Package: systemd-boot-efi-arm64-signed
Reason: New upstream stable release; same improvements as systemd

Package: tango
Reason: Fix communication between versions 9 and 10

Package: tbsync
Reason: New upstream version to support newer Thunderbird releases

Package: ublock-origin
Reason: New upstream release; improve UX and add filter capabilities

Package: virt-manager
Reason: Fix Browse local function

Package: watcher
Reason: Fix information disclosure issue

Package: wike
Reason: Set user agent to use mobile Wikipedia

Package: wtmpdb
Reason: Rotate and prune logs; store logs in system log directory

Package: xnote
Reason: New upstream version to support newer Thunderbird releases

Package: xorg
Reason: Fix login failure with multi-word sessions

Package: xssproxy
Reason: Fix compatibility with Chromium and xdg-desktop-portal-gtk

More updatesTo the product
The manufacturer Debian Project has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Debian Project updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad