There are 147 open security issues in trixie.
There are 22 open security issues in sid.
There are 22 open security issues in forky.
There are 1651 open security issues in bullseye.
There are 607 open security issues in bookworm.
You can find information about how to handle these issues in the security team's documentation.
There are 636 open security issues in buster.
commit 048dab3fb1ae10fe971046f709072eafb23ba698 Merge: 6279b9760 1c0e8d36d Author: Bastian Blank <waldi@debian.org> Date: Tue Sep 30 10:45:24 2025 +0000 Merge branch 'linux-6.17' into 'debian/latest' Update to 6.17 See merge request kernel-team/linux!1630 commit 1c0e8d36d03aa7fa38dfc2520e0044dda77871db Author: Bastian Blank <waldi@debian.org> Date: Sun Aug 31 20:19:33 2025 +0200 Update to 6.17 commit 6279b97607e4b181e6e98173628022a16fbf807a Merge: f8ac83649 fdba03744 Author: Salvatore Bonaccorso <carnil@debian.org> Date: Fri Sep 19 06:14:46 2025 +0200 Merge branch 'gcc-15' into 'debian/latest' Compile with gcc-15 on all architectures See merge request kernel-team/linux!1632 commit fdba0374430064d3fd64363877ab9f97da549b6e Author: Salvatore Bonaccorso <carnil@debian.org> Date: Thu Sep 4 22:10:39 2025 +0200 Compile with gcc-15 on all architectures commit f8ac836495c4de327bf02cba15ac7faa289cc09d Merge: e1e7a8ec8 113fc9a29 Author: Salvatore Bonaccorso <carnil@debian.org> Date: Thu Sep 18 20:28:02 2025 +0200 Merge branch 'salsa-ci/early-cache-orig' into 'debian/latest' d/salsa-ci.yml: Early move orig tarballs back where they can be cached See merge request kernel-team/linux!1645 commit e1e7a8ec8080a8d933123f3f1ec3e2965b96bcdd Merge: 167b300f2 f287a9302 Author: Salvatore Bonaccorso <carnil@debian.org> Date: Wed Sep 17 18:12:16 2025 +0200 Merge branch 'bug-1114898-nfsv42-getxattr-regression' into 'debian/latest' Fix regression: NFS 4.2 reports "Operation Not Supported" on getxattr calls See merge request kernel-team/linux!1646 commit 113fc9a29d6cc8b49a6b27bbc9914c36b3490070 Author: Santiago Ruano Rincón <santiagorr@riseup.net> Date: Tue Sep 16 14:37:24 2025 -0300 d/salsa-ci.yml: Early move orig tarballs back where they can be cached This change is more consistent with the behaviour previous to the move to the sbuild-based build (25142ca41756b6fd4b40e6440c720b201d13b79f). In case of failure or timeouts during the build script, the orig tarballs can still be cached. commit f287a9302e4c1cc9017effe75612857ac3260461 Author: Salvatore Bonaccorso <carnil@debian.org> Date: Tue Sep 16 22:05:27 2025 +0200 NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server commit 6b4497355dca1c9773f213e115d6c9ed9099f11c Author: Salvatore Bonaccorso <carnil@debian.org> Date: Tue Sep 16 22:04:20 2025 +0200 NFSv4: Clear NFS_CAP_OPEN_XOR and NFS_CAP_DELEGTIME if not supported commit 974f229ab3520570900ca7881aa7e737a4a088cb Author: Salvatore Bonaccorso <carnil@debian.org> Date: Tue Sep 16 22:03:08 2025 +0200 NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set commit 062c7dcccc718c0f7228c0191e5ee495a0e916e8 Author: Salvatore Bonaccorso <carnil@debian.org> Date: Tue Sep 16 22:00:25 2025 +0200 NFSv4: Don't clear capabilities that won't be reset Closes: #1114898 commit 167b300f2f9f95426b0d86670ceec15ce84405a6 Merge: 42f02e1af 25142ca41 Author: Salvatore Bonaccorso <carnil@debian.org> Date: Mon Sep 15 04:17:31 2025 +0200 Merge branch 'salsa-ci/sbuild+unshare' into 'debian/latest' Merge the extract-source job into the build's job script See merge request kernel-team/linux!1548 commit 25142ca41756b6fd4b40e6440c720b201d13b79f Author: Santiago Ruano Rincón <santiagorr@riseup.net> Date: Sun Sep 14 12:38:29 2025 -0300 d/salsa-ci.yml: Suppress unreleased changes and mismatching distribution lintian tags This follows c705dcbe9e8c098c5b84536b92151246f6ddf659 commit from the salsa CI team's pipeline. The UNRELEASED target distribution is common while preparing an update, so it should not be triggered by the pipeline. Also, when the target release is UNRELEASED, the pipeline builds the package for unstable, and the values between d/changelog and the Distribution: in .changes mismatch. commit 5f3f69a579d61d4c4f1eadc4419c88babfc3c859 Author: Santiago Ruano Rincón <santiagorr@riseup.net> Date: Mon May 26 23:35:12 2025 -0300 d/salsa-ci.yml: Merge the extract-source job into the build's job script To follow salsa-ci-team!569, that switches the pipeline to use sbuild and the unshare backend. This completely removes the provisioning stage. The customization made in the extract-source job is now adapted and handled directly in the build job. After creating the source package with dpkg-buildpackage, sbuild is told to build the binary packages using the .dsc (via BUILD_COMMAND). commit 42f02e1af163944e4661224037c6146a4994ba38 Merge: e7ac57b9c 1664c23fa Author: Ben Hutchings <benh@debian.org> Date: Wed Sep 10 21:59:10 2025 +0200 Merge branch 'enable-ledtrig-input-events-as-module' into 'debian/latest' drivers/leds/trigger: Enable LEDS_TRIGGER_INPUT_EVENTS as module See merge request kernel-team/linux!1633 commit 1664c23fa1be2dc1b713fe7b65c55dcd74ed1b91 Author: Salvatore Bonaccorso <carnil@debian.org> Date: Sat Sep 6 11:06:53 2025 +0200 drivers/leds/trigger: Enable LEDS_TRIGGER_INPUT_EVENTS as module Closes: #1113681 commit e7ac57b9cb4346196d9ca2db6e8dd1c513212fdb Merge: e2c8fb460 4fa12263c Author: Bastian Blank <waldi@debian.org> Date: Sat Aug 30 18:23:11 2025 +0000 Merge branch 'remove-patches-rt-support' into 'debian/latest' Remove all remaining things for rt patches See merge request kernel-team/linux!1626 commit 4fa12263cb157a9432897527063037d131760229 Author: Bastian Blank <waldi@debian.org> Date: Sat Aug 30 18:23:05 2025 +0000 Remove all remaining things for rt patches commit e2c8fb460896d8c0d82043a1c05b0fa1dc538fef Merge: a57bc708a a5feb3c5a Author: Bastian Blank <waldi@debian.org> Date: Sat Aug 30 09:05:21 2025 +0000 Merge branch 'enable-mhp' into 'debian/latest' Enable MHP_DEFAULT_ONLINE_TYPE_ONLINE_AUTO See merge request kernel-team/linux!1585 commit a5feb3c5a727999e0dc1b9a066314100cc1d604b Author: Bastian Blank <waldi@debian.org> Date: Sat Jul 12 14:36:30 2025 +0200 Enable MHP_DEFAULT_ONLINE_TYPE_ONLINE_AUTO commit a57bc708a782055e7074fed5a88435afff90183d Merge: 73023b9b4 1d87a1af6 Author: Bastian Blank <waldi@debian.org> Date: Fri Aug 29 17:59:57 2025 +0000 Merge branch 'cleanup-deps' into 'debian/latest' Move all package build-deps to specific templates See merge request kernel-team/linux!1591 commit 1d87a1af6a88b5582317cf542447f3e4b8a5a356 Author: Bastian Blank <waldi@debian.org> Date: Sat Jul 26 16:54:14 2025 +0200 Build-depend on kernel-wedge for gencontrol commit 60846dae055a4ec89a298863dcf1e362b45e979e Author: Bastian Blank <waldi@debian.org> Date: Sat Jul 26 16:31:17 2025 +0200 Move all package build-deps to specific templates We can generate build-deps from our per package entries, including correct architecture and build-profiles. Move all build-deps from our source entry into the package entries for easier maintenance. commit 73023b9b422f6f7a159a7d803cacf2b269b13c18 Merge: d67397b1a 194de383c Author: Salvatore Bonaccorso <carnil@debian.org> Date: Tue Aug 26 23:47:00 2025 +0200 Merge branch 'ipv4-regression-in-local-broadcast-routes' into 'debian/latest' net: ipv4: fix regression in local-broadcast routes See merge request kernel-team/linux!1623 commit 194de383c5cd5e8c22cadfc487b5f8e153a28b11 Author: Salvatore Bonaccorso <carnil@debian.org> Date: Tue Aug 26 21:59:43 2025 +0200 net: ipv4: fix regression in local-broadcast routes commit d67397b1a322f65ffa2c630798d24cd8946bacc2 Author: Salvatore Bonaccorso <carnil@debian.org> Date: Tue Aug 26 21:48:06 2025 +0200 Move "Drop rc from abiname" changes to new changelog entry commit b2a23e25783cc6225fec72db55e1e17d0dee11ac Merge: a2614ecf9 2f94a0a15 Author: Bastian Blank <waldi@debian.org> Date: Mon Aug 25 17:34:12 2025 +0000 Merge branch 'version-drop-rc' into 'debian/latest' Drop rc from abiname See merge request kernel-team/linux!1610 commit 2f94a0a150eed6620a9e10cbc981ac34ad974a54 Author: Bastian Blank <waldi@debian.org> Date: Fri Aug 15 08:55:07 2025 +0200 Drop rc from abiname We already publish all non-rc releases to experimental with the base version. Also do the same for rc releases. This means we only need to go through binary-NEW for experimental once. commit 419df8d9d78417996683463ef109614b9914d304 Author: Bastian Blank <waldi@debian.org> Date: Fri Aug 15 08:47:34 2025 +0200 Support version combinations of update and rc commit 943d1bc2714afff42cabc1b759e0bc848abd287c Author: Bastian Blank <waldi@debian.org> Date: Fri Aug 15 08:43:53 2025 +0200 Don't export linux version modifier commit 14317463a137c4b18354c9b16ac7cf155671b680 Author: Bastian Blank <waldi@debian.org> Date: Fri Aug 15 08:38:36 2025 +0200 Drop support for unused DFSG versions
Among the 76 debian patches available in version 6.16.9-1 of the package, we noticed the following issues: