There are 233 open security issues in trixie.
There are 22 open security issues in sid.
There are 44 open security issues in forky.
There are 1557 open security issues in bullseye.
There are 713 open security issues in bookworm.
You can find information about how to handle these issues in the security team's documentation.
There are 636 open security issues in buster.
commit 24a57a5818b4a27d6e92eefa35b78062fec8c67e
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu Dec 11 05:08:39 2025 +0100
d/config: Update with the help of kconfigeditor2
Place the CONFIG_HID_UNIVERSAL_PIDFF in right order.
Fixes: 12f43585d8e1 ("drivers/hid: Enable HID_UNIVERSAL_PIDFF as module")
Gbp-Dch: Ignore
commit fe1ee6658c7c8898896c97b9debeaf66ef7e3a25
Merge: 46b8a58083 198a2297f7
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu Dec 11 05:03:08 2025 +0100
Merge branch 'bug1117959-ipv6-ra-flag-bugfix' into 'debian/latest'
ipv6: clear RA flags when adding a static route
See merge request kernel-team/linux!1743
commit 46b8a58083dcbed66351e252ba529cbb3fceba1a
Merge: f01c70dcdc 12f43585d8
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu Dec 11 04:54:32 2025 +0100
Merge branch 'debian/latest' into 'debian/latest'
drivers/hid: Enable HID_UNIVERSAL_PIDFF as module
See merge request kernel-team/linux!1740
commit 12f43585d8e14ce711ab1414723248f19ab7ed06
Author: Maxwell Pevner <max@pevner.com>
Date: Thu Dec 11 03:54:31 2025 +0000
drivers/hid: Enable HID_UNIVERSAL_PIDFF as module
commit 198a2297f74899f10b59330fbe3c9bdbb9fd14d7
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed Dec 10 15:11:34 2025 +0100
ipv6: clear RA flags when adding a static route
Closes: #1117959
commit f01c70dcdc6fa22f94aa56b375dc5640c1634a6e
Merge: 43679d0e80 78b620a923
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed Dec 10 22:03:55 2025 +0100
Merge branch 'enable-amdxdna-as-module' into 'debian/latest'
[amd64] drivers/accel/amdxdna: Enable DRM_ACCEL_AMDXDNA as module
See merge request kernel-team/linux!1737
commit 43679d0e802b87cbea0c92f1f1c12c8838cb3dec
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun Dec 7 08:53:13 2025 +0100
Add Debian bug closer for #1106411
commit 651f1127f368a96f625eadc742979739b1cad299
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun Dec 7 08:36:21 2025 +0100
Add Debian bug closer for #1118437
commit b1101d617cac46f986d5ce67302e645feed98c2c
Merge: a379695db5 6cdf596cf1
Author: Bastian Blank <waldi@debian.org>
Date: Sat Dec 6 18:28:45 2025 +0000
Merge branch 'cleanup-install-signed' into 'debian/latest'
Use dh_install for signed packages
See merge request kernel-team/linux!1731
commit a379695db5c030241d43a15a8c331eaf2316288f
Merge: 4b8bc238d4 8c0100a074
Author: Bastian Blank <waldi@debian.org>
Date: Sat Dec 6 18:17:48 2025 +0000
Merge branch 'libc-dev-cross-symlink' into 'debian/latest'
Convert doc to symlink in linux-libc-dev-*-cross
See merge request kernel-team/linux!1735
commit 78b620a9234478391fac64abf26981556be8ef63
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat Dec 6 13:19:42 2025 +0100
[amd64] drivers/accel/amdxdna: Enable DRM_ACCEL_AMDXDNA as module
While the userland software for the amdxdna driver is completely missing
at this point in Debian, the availability of this driver would lay the
foundation of forwarding the hardware device into podman containers that
would actually be able to make use o the functionality.
Link: https://wiki.debian.org/XDNA
Closes: #1114868
commit 8c0100a074bd9cf42ee2e5c4b13864ded6b7a96a
Author: Bastian Blank <waldi@debian.org>
Date: Fri Dec 5 21:35:35 2025 +0100
Convert doc to symlink in linux-libc-dev-*-cross
commit 6cdf596cf109b5c86c8363de6ed7f58e37d17a37
Author: Bastian Blank <waldi@debian.org>
Date: Fri Dec 5 20:00:35 2025 +0100
Use dh_install for signed packages
commit 4b8bc238d447d10ad09ef0501a831ae2629de884
Merge: 9628acb1b8 a7242ea0a8
Author: Bastian Blank <waldi@debian.org>
Date: Fri Dec 5 19:57:42 2025 +0000
Merge branch 'fix-dtb-signed' into 'debian/latest'
Fix dtb installation in signed packages
See merge request kernel-team/linux!1732
commit a7242ea0a89c502886c6800dc111cc196a04c3b9
Author: Bastian Blank <waldi@debian.org>
Date: Fri Dec 5 20:35:27 2025 +0100
Fix dtb installation in signed packages
commit 9628acb1b853eb7a077b9d855790e2d0cab91991
Merge: 84e3490125 85b86360b6
Author: Bastian Blank <waldi@debian.org>
Date: Fri Dec 5 18:36:41 2025 +0000
Merge branch 'cleanup-dtb' into 'debian/latest'
Move dtb into modules directory
See merge request kernel-team/linux!1730
commit 85b86360b6e4c1c63a698aa98edbdec963d72ebe
Author: Bastian Blank <waldi@debian.org>
Date: Fri Dec 5 15:03:59 2025 +0100
Move dtb into modules directory
The modules directory is now used for all files related to one kernel.
Move dtb files into this directory, like Fedora already does. The old
location is replaced with a compatibility symlink.
commit edf17157af11f40bcfa5db8e0795743d9730cf50
Author: Bastian Blank <waldi@debian.org>
Date: Fri Dec 5 15:44:40 2025 +0100
Provide config in templates
commit 7aa0b25e85e4186589ecff3bf193eeb268cc8b29
Author: Bastian Blank <waldi@debian.org>
Date: Thu Dec 4 19:58:52 2025 +0100
Make dtb installation configurable
commit 84e3490125dc2e3fc3cfcc9de40845f03524a096
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri Dec 5 06:26:49 2025 +0100
Add Debian bug closer for #1121937
Gbp-Dch: Ignore
commit 8ef850794a77df8a01f4e5fc489ddf8387b5b143
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue Dec 2 17:51:42 2025 +0100
d/config: Update with the help of kconfigeditor2
Gbp-Dch: Ignore
commit 73eb5edfa3167a19e8495361df47f5462c01a2d3
Merge: 4ab29f73b2 19d773eb1f
Author: Bastian Blank <waldi@debian.org>
Date: Mon Dec 1 21:08:11 2025 +0000
Merge branch 'drop-vdso-config' into 'debian/latest'
Install vdso files if available
See merge request kernel-team/linux!1728
commit 19d773eb1f3d51ef1ad2a04daf1c3eb01a7c69da
Author: Bastian Blank <waldi@debian.org>
Date: Mon Dec 1 18:08:05 2025 +0100
Install vdso files if available
We don't need to know from the config if vdso files might be available.
We can just call the make target and let the build figure out if
something should exist. This removes one full config entry that needs
to be maintained.
commit 4ab29f73b2a6d4e4a9ec627be0b9bbe2b5940b95
Merge: d0f79b412b 1d45bebca7
Author: Bastian Blank <waldi@debian.org>
Date: Mon Dec 1 17:06:08 2025 +0000
Merge branch 'drop-no-depmod' into 'debian/latest'
Don't run depmod at all
See merge request kernel-team/linux!1727
commit 1d45bebca74f71f9b3d8b3b0ba550b08da6b8b69
Author: Bastian Blank <waldi@debian.org>
Date: Mon Dec 1 16:07:44 2025 +0100
Don't run depmod at all
We override depmod with a script that mostly does nothing for a long
time. The kernel build does not longer do any of those special cased
calls. So remove the script and never run depmod at all.
commit d0f79b412b15580fb60b391fc73ecb2d1b7a0c08
Merge: 8c3f3a1311 1986bd82da
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon Dec 1 12:23:13 2025 +0100
Merge branch '6.18-stable-updates' into 'debian/latest'
Update to 6.18
See merge request kernel-team/linux!1724
commit 1986bd82da8de226210a67e79511e437142a7e9c
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon Dec 1 07:17:32 2025 +0100
Update to 6.18
commit 8c3f3a1311b84480fb910fb7e68dccbcfe861717
Author: Bastian Blank <waldi@debian.org>
Date: Thu Nov 27 13:46:08 2025 +0100
Fix changelog, again
commit 8822dc182c1d07274f27d94106547014d8564434
Merge: 57e49bf9a1 4c0e981c85
Author: Bastian Blank <waldi@debian.org>
Date: Thu Nov 27 12:27:54 2025 +0000
Merge branch 'rust' into 'debian/latest'
Support for drivers in Rust
See merge request kernel-team/linux!1615
commit 4c0e981c854445d7e7f7488eb28ce7f3c13e0b62
Author: Ben Hutchings <benh@debian.org>
Date: Sun Aug 24 22:50:37 2025 +0200
drm: Enable panic QR codes
- Enable DRM_PANIC and DRM_PANIC_SCREEN_QR_CODE
- Set DRM_PANIC_SCREEN="qr_code"
- Point DRM_PANIC_SCREEN_QR_CODE_URL at a Debian-hosted decoder
commit ec826adca16d9437c01dd161a97c0fb0f7acd351
Author: Ben Hutchings <benh@debian.org>
Date: Mon Sep 22 11:19:39 2025 +0100
net/phy: Enable drivers written in Rust
- Change PHYLIB from module to built-in
- Enable RUST_PHYLIB_ABSTRACTIONS
- Eable AMCC_QT2025_PHY as module, and AX88796B_RUST_PHY
commit e9b592e67e46f7079705fb56372a59e30febe347
Author: Ben Hutchings <benh@debian.org>
Date: Mon Sep 22 11:19:09 2025 +0100
firmware: Enable RUST_FW_LOADER_ABSTRACTIONS
This will be needed by various drivers.
commit 1f1fb8a738a664fd0f220d33e37866dc5e033198
Author: Ben Hutchings <benh@debian.org>
Date: Mon Aug 18 17:10:16 2025 +0200
[amd64,arm64,armhf,loong64,riscv64] Enable building Rust drivers and features
- Enable RUST, RUST_OVERFLOW_CHECKS
- Build-Depend on bindgen, rustc, and rust-src (with the minimum
versions as specified upstream)
commit 8b3c370a0967f2f5cf1dd1639d3de2aaffc4fa1d
Author: Ben Hutchings <benh@debian.org>
Date: Mon Aug 18 21:22:26 2025 +0200
d/rules.real: Set KRUSTFLAGS and HOSTRUSTFLAGS to make filenames relative
To avoid a regression of build reproducibility, add
--remap-path-prefix to the Rust compiler flags.
commit 58b7300f9ff6f1de5818ffe465a1e8d790700093
Author: Ben Hutchings <benh@debian.org>
Date: Mon Aug 18 17:08:38 2025 +0200
Implement configuration for Rust compiler and other build-dependencies
- Add build.rust_build_depends, and build.enable_rust configuration
fields. The enable_rust field is expected to be set
per-architecture while rust_build_depends can be global.
- Define a pkg.linux.norust build profile which disables use of Rust.
- For architectures where build.enable_rust is set, Build-Depend on
everything in build.rust_build_depends, with a restriction to
<!pkg.linux.nokernel !pkg.linux.norust>.
This doesn't support compiling OOT modules written in Rust, which is a
rather harder problem.
commit 531df6658df75c8b2397606e754b125faa4cce9e
Author: Ben Hutchings <benh@debian.org>
Date: Sun Nov 16 15:50:56 2025 +0100
d/l/p/debian_linux/debian.py: Allow adding restrictions to PackageRelationGroup
PackageRelationGroup already supports adding architecture
qualification to all its entries. Add support for adding restrictions
(i.e. build profiles) in a similar way.
commit 7bd1d0e7ad4a2d874ffbb37ffa5195033175450a
Author: Ben Hutchings <benh@debian.org>
Date: Mon Aug 18 20:37:01 2025 +0200
module: Disable MODVERSIONS and MODULE_ALLOW_BTF_MISMATCH
MODVERSIONS was useful when we used to build multiple versions with
the same release string and mostly compatible ABI. Now that we change
the release string with every upload, MODVERSIONS doesn't buy us
anything.
Similarly, MODULE_ALLOW_BTF_MISMATCH was useful then but not when we
change the release string with every upload.
Further, supporting MODVERSIONS together with Rust requires enabling
DEBUG_INFO and GENKDWARFSYMS. Currently we don't build debug info in
the pkg.linux.quick build profile used for CI, and changing that would
likely slow it down significantly.
So disable both of these.
commit a1e4fd68ccb8c24c4b50f88b6c4bf30ea8aa6146
Author: Ben Hutchings <benh@debian.org>
Date: Mon Aug 18 16:45:14 2025 +0200
Add 'c_' prefix to compiler configuration field and variables
In preparation for adding a Rust compiler, qualify the existing
settings for the C compiler.
Among the 72 debian patches available in version 6.17.11-1 of the package, we noticed the following issues:
![[bug history graph]](https://qa.debian.org/data/bts/graphs/l/linux.png){kind=link}