Debian 13 Trixie Emails from the Debian Security Team

[Alexzee]

Hope everyone's weekend is off to a good start.

Rairly do I receive 5 or more emails from the Debian Security Team.

Salvatore Bonaccorso <snip>
3:11 PM (8 hours ago)
  
  
to debian-security-announce
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6243-1                   <snip>
https://www.debian.org/security/                     Salvatore Bonaccorso
May 01, 2026                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2023-53228 CVE-2023-53510 CVE-2023-53545 CVE-2024-47736
                 CVE-2024-47809 CVE-2024-49998 CVE-2024-50298 CVE-2024-56719
                 CVE-2025-21676 CVE-2025-21682 CVE-2025-37945 CVE-2025-37980
                 CVE-2025-38105 CVE-2025-38162 CVE-2025-38192 CVE-2025-38250
                 CVE-2025-38303 CVE-2025-38436 CVE-2025-38626 CVE-2025-38659
                 CVE-2025-38704 CVE-2025-39748 CVE-2025-39764 CVE-2025-39863
                 CVE-2025-40005 CVE-2025-40016 CVE-2025-40135 CVE-2025-40219
                 CVE-2025-40242 CVE-2025-40261 CVE-2025-40358 CVE-2025-68206
                 CVE-2025-68239 CVE-2025-68265 CVE-2025-71067 CVE-2025-71161
                 CVE-2025-71221 CVE-2025-71265 CVE-2025-71266 CVE-2025-71267
                 CVE-2025-71269 CVE-2026-23100 CVE-2026-23113 CVE-2026-23141
                 CVE-2026-23154 CVE-2026-23157 CVE-2026-23204 CVE-2026-23227
                 CVE-2026-23231 CVE-2026-23242 CVE-2026-23243 CVE-2026-23245
                 CVE-2026-23253 CVE-2026-23270 CVE-2026-23271 CVE-2026-23273
                 CVE-2026-23274 CVE-2026-23277 CVE-2026-23279 CVE-2026-23281
                 CVE-2026-23284 CVE-2026-23286 CVE-2026-23287 CVE-2026-23289
                 CVE-2026-23290 CVE-2026-23291 CVE-2026-23292 CVE-2026-23293
                 CVE-2026-23296 CVE-2026-23298 CVE-2026-23300 CVE-2026-23303
                 CVE-2026-23304 CVE-2026-23306 CVE-2026-23307 CVE-2026-23312
                 CVE-2026-23315 CVE-2026-23317 CVE-2026-23318 CVE-2026-23319
                 CVE-2026-23321 CVE-2026-23324 CVE-2026-23335 CVE-2026-23336
                 CVE-2026-23339 CVE-2026-23340 CVE-2026-23343 CVE-2026-23351
                 CVE-2026-23352 CVE-2026-23356 CVE-2026-23357 CVE-2026-23359
                 CVE-2026-23362 CVE-2026-23364 CVE-2026-23365 CVE-2026-23367
                 CVE-2026-23368 CVE-2026-23370 CVE-2026-23372 CVE-2026-23378
                 CVE-2026-23379 CVE-2026-23381 CVE-2026-23382 CVE-2026-23388
                 CVE-2026-23391 CVE-2026-23392 CVE-2026-23395 CVE-2026-23396
                 CVE-2026-23397 CVE-2026-23398 CVE-2026-23401 CVE-2026-23414
                 CVE-2026-23420 CVE-2026-23422 CVE-2026-23426 CVE-2026-23428
                 CVE-2026-23434 CVE-2026-23438 CVE-2026-23439 CVE-2026-23446
                 CVE-2026-23449 CVE-2026-23450 CVE-2026-23452 CVE-2026-23454
                 CVE-2026-23455 CVE-2026-23456 CVE-2026-23457 CVE-2026-23458
                 CVE-2026-23460 CVE-2026-23462 CVE-2026-23463 CVE-2026-23474
                 CVE-2026-23475 CVE-2026-31389 CVE-2026-31391 CVE-2026-31392
                 CVE-2026-31393 CVE-2026-31396 CVE-2026-31399 CVE-2026-31400
                 CVE-2026-31402 CVE-2026-31403 CVE-2026-31405 CVE-2026-31408
                 CVE-2026-31409 CVE-2026-31411 CVE-2026-31412 CVE-2026-31414
                 CVE-2026-31415 CVE-2026-31416 CVE-2026-31417 CVE-2026-31418
                 CVE-2026-31421 CVE-2026-31422 CVE-2026-31423 CVE-2026-31424
                 CVE-2026-31425 CVE-2026-31426 CVE-2026-31427 CVE-2026-31428
                 CVE-2026-31431 CVE-2026-31433 CVE-2026-31434 CVE-2026-31441
                 CVE-2026-31446 CVE-2026-31447 CVE-2026-31448 CVE-2026-31450
                 CVE-2026-31452 CVE-2026-31453 CVE-2026-31454 CVE-2026-31455
                 CVE-2026-31464 CVE-2026-31466 CVE-2026-31467 CVE-2026-31469
                 CVE-2026-31473 CVE-2026-31476 CVE-2026-31477 CVE-2026-31478
                 CVE-2026-31480 CVE-2026-31483 CVE-2026-31485 CVE-2026-31492
                 CVE-2026-31494 CVE-2026-31495 CVE-2026-31496 CVE-2026-31497
                 CVE-2026-31498 CVE-2026-31503 CVE-2026-31504 CVE-2026-31507
                 CVE-2026-31508 CVE-2026-31509 CVE-2026-31510 CVE-2026-31512
                 CVE-2026-31515 CVE-2026-31518 CVE-2026-31519 CVE-2026-31520
                 CVE-2026-31521 CVE-2026-31522 CVE-2026-31523 CVE-2026-31524
                 CVE-2026-31533 CVE-2026-31540 CVE-2026-31545 CVE-2026-31546
                 CVE-2026-31548 CVE-2026-31549 CVE-2026-31550 CVE-2026-31551
                 CVE-2026-31552 CVE-2026-31555 CVE-2026-31563 CVE-2026-31565
                 CVE-2026-31566 CVE-2026-31570 CVE-2026-31628 CVE-2026-31634
                 CVE-2026-31649 CVE-2026-31651 CVE-2026-31656 CVE-2026-31657
                 CVE-2026-31658 CVE-2026-31659 CVE-2026-31660 CVE-2026-31661
                 CVE-2026-31662 CVE-2026-31664 CVE-2026-31665 CVE-2026-31667
                 CVE-2026-31668 CVE-2026-31669 CVE-2026-31670 CVE-2026-31671
                 CVE-2026-31672 CVE-2026-31674 CVE-2026-31678 CVE-2026-31679
                 CVE-2026-31680 CVE-2026-31682 CVE-2026-31683 CVE-2026-31689
                 CVE-2026-31695 CVE-2026-31720 CVE-2026-31721 CVE-2026-31726
                 CVE-2026-31728 CVE-2026-31737 CVE-2026-31738 CVE-2026-31747
                 CVE-2026-31748 CVE-2026-31749 CVE-2026-31751 CVE-2026-31752
                 CVE-2026-31754 CVE-2026-31755 CVE-2026-31756 CVE-2026-31758
                 CVE-2026-31759 CVE-2026-31761 CVE-2026-31762 CVE-2026-31763
                 CVE-2026-31768 CVE-2026-31770 CVE-2026-31773 CVE-2026-31776
                 CVE-2026-31778 CVE-2026-31779 CVE-2026-31780 CVE-2026-31781
                 CVE-2026-31786 CVE-2026-31787 CVE-2026-31788 CVE-2026-43011
                 CVE-2026-43013 CVE-2026-43014 CVE-2026-43015 CVE-2026-43017
                 CVE-2026-43018 CVE-2026-43020 CVE-2026-43023 CVE-2026-43024
                 CVE-2026-43025 CVE-2026-43026 CVE-2026-43027 CVE-2026-43028
                 CVE-2026-43030 CVE-2026-43032 CVE-2026-43033 CVE-2026-43035
                 CVE-2026-43037 CVE-2026-43038 CVE-2026-43040 CVE-2026-43041
                 CVE-2026-43043 CVE-2026-43046 CVE-2026-43047 CVE-2026-43050
                 CVE-2026-43051 CVE-2026-43054 CVE-2026-43057

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

Package        : thunderbird
CVE ID         : CVE-2026-7320 CVE-2026-7321 CVE-2026-7322 CVE-2026-7323

Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code.

Package        : python-aiohttp
CVE ID         : CVE-2025-69223 CVE-2025-69224 CVE-2025-69225
                 CVE-2025-69226 CVE-2025-69227 CVE-2025-69228
                 CVE-2025-69229

Multiple security vulnerabilities were discovered in Python aiohttp, an
asynchronous HTTP client/server for asyncio, which could result in
denial of service, HTTP request smuggling or information disclosure.

Package        : imagemagick
CVE ID         : CVE-2026-32636 CVE-2026-33535 CVE-2026-33536 CVE-2026-33899
                 CVE-2026-33900 CVE-2026-33901 CVE-2026-33902 CVE-2026-33905
                 CVE-2026-33908 CVE-2026-34238 CVE-2026-40169 CVE-2026-40183
                 CVE-2026-40310 CVE-2026-40311 CVE-2026-40312

Multiple security vulnerabilities were discovered in imagemagick, a
software suite used for editing and manipulating digital images, which
could lead to denial of service, information disclosure or potentially
arbitrary code execution if malformed images are processed.

Package        : dovecot
Debian Bug     : 1134464

The oldstable (bookworm) backport of the security fix for CVE-2026-0394
introduced a regression in the passwd-file path normalization. Updated
packages are now available to correct this issue.

I'm really grateful for the Debian Security Team and their devs!

Debian -- Security Information

www.debian.org

@CaffeineAddict and @osprey, @Brickwizard and @wizardfromoz have you seen any regression (ie: with the kernel) in Testing or Sid?

 

[osprey]

have you seen any regression (ie: with the kernel) in Testing or Sid?

No regressions seen here in forky or sid. Checking here: https://security-tracker.debian.org/tracker/source-package/linux, lots of cves have been "fixed" in forky and sid, but not in the other suites yet.

I wonder whether the application of AI, possibly "Mythos", mentioned in this thread here: https://www.linux.org/threads/development-of-advanced-ai.65589, has thrown up a number of hitherto unknown vulnerabilities which has added to the total. Just speculation. In any case, we users, (and "feedback agents"), are in the hands of the developers and maintainers.

Edit: It's clear now that AI code reviews have accelerated the bug exposures, but still no regressions apparent here where upgrading is very frequent. See here: https://www.phoronix.com/news/Linux-7.1-AI-Sched-Ext-Fixes

 

[Alexzee]

I looked at the information on src pkg Linux last night thanks for confirming that you haven't seen any regression in forky or sid so far.

I suspect and I'm sure you'll agree, there will always be security holes. However, I do wonder if AI should be trusted for complete accuracy.