There are 260 open security issues in trixie.
There are 102 open security issues in sid.
There are 1254 open security issues in bullseye.
There are 473 open security issues in bookworm.
You can find information about how to handle these issues in the security team's documentation.
There are 636 open security issues in buster.
commit 0b230216be7c53ebd6ab510ed987d6d6cb4aecd2
Merge: 6cac48381 ff88b7b8f
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat May 3 13:18:48 2025 +0000
Merge branch 'enable-uclamp-task' into 'debian/latest'
init: Enable UCLAMP_TASK and UCLAMP_TASK_GROUP (Utilization clamping)
See merge request kernel-team/linux!1492
commit ff88b7b8fb87fe2618926cf69f5ca066428b3456
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri May 2 23:34:24 2025 +0200
init: Enable UCLAMP_TASK and UCLAMP_TASK_GROUP (Utilization clamping)
Closes: #1036666
commit 6cac483810c5ea4504755f027b7ea3abc8761a76
Merge: 2e158f264 3cdb20cf9
Author: Ben Hutchings <benh@debian.org>
Date: Fri May 2 22:42:30 2025 +0200
Merge branch 'enable-ipv6-rpl-lwtunnel' into debian/latest
net/ipv6: Enable IPV6_RPL_LWTUNNEL
See merge request kernel-team/linux!1488
commit 2e158f26477b56ff16f44476f2bf418e9c13fcfa
Merge: 1cc75b331 fb9e9b441
Author: Ben Hutchings <benh@debian.org>
Date: Fri May 2 22:32:25 2025 +0200
Merge branch 'lintian-fixes' into debian/latest
Fix various lintian errors and warnings
See merge request kernel-team/linux!1466
commit 1cc75b331a54f108f3d724f6a1f32ab4d96083d3
Merge: dfcae3513 4d26a01f3
Author: Ben Hutchings <benh@debian.org>
Date: Fri May 2 22:24:47 2025 +0200
Merge branch 'udeb-mtk-cmdq-mailbox' into debian/latest
[arm64] udeb: Add mtk-cmdq-mailbox to kernel-image
See merge request kernel-team/linux!1471
commit 3cdb20cf91dae7d41cbabd66bc84b17577285994
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri May 2 17:50:44 2025 +0200
net/ipv6: Enable IPV6_RPL_LWTUNNEL
Closes: #1027861
commit fb9e9b44141a5e091c2d03a718945842583bd203
Author: Ben Hutchings <benh@debian.org>
Date: Sun Apr 20 16:08:09 2025 +0200
linux-doc: Use dh_sphinxdoc to replace embedded Javascript
Sphinx copies some static Javascript into the output directory, which
is against Debian policy. We also don't have a Built-Using reference
to the Sphinx packages.
Use dh_sphinxdoc to replace the copies with symlinks, and add the
required Depends and Built-Using fields to the linux-doc control
template.
Fixes lintian warnings:
W: linux-doc-6.13: embedded-javascript-library please use sphinx [usr/share/doc/linux-doc-6.13/html/_static/doctools.js]
W: linux-doc-6.13: embedded-javascript-library please use sphinx [usr/share/doc/linux-doc-6.13/html/_static/language_data.js]
W: linux-doc-6.13: embedded-javascript-library please use sphinx [usr/share/doc/linux-doc-6.13/html/_static/searchtools.js]
commit bcb3760467ba20c3bd76a171b8469448a3ec9405
Author: Ben Hutchings <benh@debian.org>
Date: Sat Apr 19 03:57:50 2025 +0200
d/rules.real: Exclude vDSOs from processing by dh_makeshlibs
On architectures where we install vDSOs in linux-image-dbg packages,
dh_makeshlibs is wrongly detecting these as shared libraries that
should trigger an ldconfig run. Exclude them by adding the option
-Xvdso.
Fixes lintian warnings like:
W: linux-image-6.13-amd64-dbg: package-has-unnecessary-activation-of-ldconfig-trigger
commit 3c5b464d53c22874275f17a95ecbfdf40dfbc66b
Author: Ben Hutchings <benh@debian.org>
Date: Sat Apr 19 03:14:35 2025 +0200
d/copyright: Replace old FSF addresses with current GNU license URL
We still refer to a snail mail address in the GPL-2 paragraph to get a
copy of the full license. Replace this with the current GNU licenses
URL.
In the LGPL-2.1 paragraph we already made this change but using the
insecure http URL scheme. Change it to https.
Fixes lintian warnings like:
W: bpftool: old-fsf-address-in-copyright-file
commit 693916b11cdf7ae84ba52f320ba333ca01bcdb2a
Author: Ben Hutchings <benh@debian.org>
Date: Sat Apr 19 00:57:01 2025 +0200
[amd64] linux-image-cloud-amd64-dbg: lintian: Drop overrides for vdsox32.so
CONFIG_X86_X32_ABI is not enabled in the cloud-amd64 flavour so we
don't build vdsox32.so. Change the condition for the lintian
overrides on vdsox32.ko to exclude this flavour.
commit 68848a0cb4d4fba8d342d86e7a027d9216278084
Author: Ben Hutchings <benh@debian.org>
Date: Fri Apr 18 23:31:50 2025 +0200
linux-image-dbg: lintian: Drop mismatched override for ...
... wrong-section-according-to-package-name. This was downgraded from
warning to informational in lintian 2.5.69, and at some point the
context generated for it changed format so our override doesn't match,
producing warnings.
I don't think it's worth overriding informational tags, so just remove
the overide.
commit 608d24d6c2272422abed70dafc027dfc5d6f5447
Author: Ben Hutchings <benh@debian.org>
Date: Fri Apr 18 23:21:31 2025 +0200
linux-source: Suggest pkgconf, not the obsolete pkg-config
Fixes lintian warning:
W: linux-source-6.13 depends-on-obsolete-package Suggests: pkg-config => pkgconf
commit beda9cda045179ffa7a3d8aee967fdc613982318
Author: Ben Hutchings <benh@debian.org>
Date: Fri Apr 18 23:12:31 2025 +0200
[ppc64*] linux-image: Fix version in NEWS entry
There was no version 6.10-1~exp2, as specified in the NEWS entry for
these architectures. The changes documented here were released in
version 6.10.1-1~exp1, so specify that version instead.
Fixes lintian warnings like:
W: linux-image-6.13-powerpc64le: debian-news-entry-has-unknown-version 6.10-1~exp2 [usr/share/doc/linux-image-6.13-powerpc64le/NEWS.Debian.gz:1]
commit 107adf8c1a47c2dc8078821c0adaa27cd8f5edbd
Author: Ben Hutchings <benh@debian.org>
Date: Fri Apr 18 23:07:53 2025 +0200
[arm64] linux-perf: Override statically-linked-binary for asm_pure_loop
This is a test program that does not link any libraries, either
statically or dynamically.
commit 44ac5fa729678beba9ccb6e3f44b7a0bb6cee4c3
Author: Ben Hutchings <benh@debian.org>
Date: Fri Apr 18 23:06:14 2025 +0200
[riscv64] linux-image-dbg: lintian: Override shared-library-lacks-stack-section
... for vdso.so, the same as we do for several other architectures.
commit 4f8ecdbb2d8b06f5b8458d95666c270c9553e7aa
Author: Ben Hutchings <benh@debian.org>
Date: Fri Apr 18 23:05:20 2025 +0200
linux-headers: lintian: Override another error and warning for vmlinux
This 'executable' file intentionally contains only BTF sections.
Override the shared-library-lacks-prerequisites warning and
unstripped-binary-or-object error, and add a comment about why this
file is special.
commit 4d26a01f33f3d10cc37a0ada673e2c97b2394acc
Author: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Date: Wed Apr 23 10:46:36 2025 +0300
[arm64] udeb: Add mtk-cmdq-mailbox to kernel-image
The mtk-cmdq-helper driver included in the kernel-image udeb as an SoC
driver used to explicitly depend on mtk-cmdq-mailbox which means the
latter was also included in kernel-image. This dependency is somehow
missing in v6.14, so the latter module ends up being dropped from the
udeb. However, missing this module either breaks or at least degrades
display initialization, so there is an implicit dependency.
Since the mtk-cmdq-mailbox module is already in kernel-image on v6.12
builds, explicitly list it in that module list to fix display on the
installer.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
Among the 77 debian patches available in version 6.12.25-1 of the package, we noticed the following issues:
![[bug history graph]](https://qa.debian.org/data/bts/graphs/l/linux.png){kind=link}