There are 148 open security issues in trixie.
There are 117 open security issues in sid.
There are 1225 open security issues in bullseye.
There are 665 open security issues in bookworm.
You can find information about how to handle these issues in the security team's documentation.
There are 636 open security issues in buster.
commit 4000558054cdda91d83062b85b086f3890a6f8f5
Merge: 4e33e892a5 ed8f75402a
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu Jul 17 22:21:14 2025 +0200
Merge branch 'rv64-6.16' into 'debian/latest'
riscv64 config update for linux 6.16
See merge request kernel-team/linux!1582
commit ed8f75402a210662927c3606371242ff2d97f04a
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Thu Jul 17 18:00:54 2025 +0200
[riscv64] Enable TH1520_AON_PROTOCOL, TH1520_PM_DOMAINS and RESET_TH1520 as modules
commit 279cb16a5ae3857ab1739b8275da25126af6704f
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Thu Jul 17 17:57:09 2025 +0200
[riscv64] Enable CLK_SOPHGO_SG2044, SOPHGO_CV1800_RTCSYS and SOPHGO_SG2044_TOPSYS, enable CLK_SOPHGO_SG2044_PLL as a module
commit cd05a6b2cc7b57eee178c169df45899c78e89593
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Thu Jul 17 17:54:05 2025 +0200
[riscv64] Enable SPACEMIT_CCU, SPACEMIT_K1_CCU and GPIO_SPACEMIT_K1, enable I2C_K1, MMC_SDHCI_OF_K1 and PWM_PXA as modules
commit 4e33e892a52f7b8128b4e35e5a6f758a765ed936
Merge: 8e45fe7e37 cc1be002a6
Author: Uwe Kleine-König <ukleinek@debian.org>
Date: Thu Jul 17 04:01:17 2025 +0200
Merge branch 'ukleinek/arm64-udeb' into 'debian/latest'
Fix udeb module lists for v6.15 -> v6.16
See merge request kernel-team/linux!1581
commit cc1be002a6e5f365ebc614127ebf99cb0661ca0a
Author: Uwe Kleine-König <ukleinek@debian.org>
Date: Wed Jul 16 12:12:10 2025 +0200
[arm64] Follow module split mediatek-drm-hdmi -> mtk_hdmi + mtk_hdmi_ddc
Commit v6.16-rc1~144^2~8^2~18 ("drm/mediatek: mtk_hdmi_ddc: Switch to
register as module_platform_driver") split the mediatek-drm-hdmi module
into two separate modules. Replace mediatek-drm-hdmi in the udeb list
accordingly.
commit 91eaac1dd6e876581a78e36c7ede4bdfa5013eb4
Author: Uwe Kleine-König <ukleinek@debian.org>
Date: Wed Jul 16 11:03:52 2025 +0200
Follow rename of sha256_generic to sha256
In commit v6.16-rc1~206^2~122 ("crypto: sha256 - support arch-optimized
lib and expose through shash") sha256_generic was renamed to sha256.
Adapt the installer module list accordingly.
commit 96569a403403256a7cd0a1d474a5a9b83d431572
Author: Uwe Kleine-König <ukleinek@debian.org>
Date: Tue Jul 15 22:23:19 2025 +0200
Follow rename of crc32_generic and crc32c_generic
In commit v6.16-rc1~207^2~5 ("crypto: crc32 - remove "generic" from file
and module names") crc32_generic and crc32c_generic were renamed to
crc32-cryptoapi and crc32c-cryptoapi respectively. Adapt the installer
module list accordingly.
commit 8e45fe7e37d563626527e409c74af5822ffb599e
Merge: f95b9c1342 cc9347a93e
Author: Ben Hutchings <benh@debian.org>
Date: Tue Jul 15 12:44:16 2025 +0200
Merge branch '6.16-update' into 'debian/latest'
Update to 6.16-rc6
See merge request kernel-team/linux!1580
commit cc9347a93e22d89305bd29e47eeb287bbce951c3
Author: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon Jul 14 21:20:05 2025 +0200
Update to 6.16-rc6
Add Debian bug closer for #1108430
commit f95b9c13423e1902ccce6a4b39ebab4949b2dfed
Author: Uwe Kleine-König <ukleinek@debian.org>
Date: Tue Jul 15 08:43:18 2025 +0200
[arm64] Follow rename phy-qcom-snps-eusb2 -> phy-snps-eusb2 in upstream
The rename was done in commit v6.16-rc1~43^2~19 upstream. The kconfig
symbol name was already cared for in commit 4a5da1e64ae4 ("d/config:
Update with the help of kconfigeditor2:")
commit 6f0d13a185149c84a98b01c7fbb39de3542fea26
Merge: 211eda97a7 cb35148c6b
Author: Ben Hutchings <benh@debian.org>
Date: Sun Jul 13 13:57:25 2025 +0200
Merge branch 'update-6.16' into 'debian/latest'
Update to 6.16-rc5
See merge request kernel-team/linux!1569
commit cb35148c6bfc5436ca14778dab20d14cdc07666f
Author: Ben Hutchings <benh@debian.org>
Date: Tue Jul 8 17:50:42 2025 +0200
linux-kbuild: Update for rewrite of kernel-doc in Python
Linux 6.16 has a new version of kernel-doc written in Python
(previously it was a Perl script). I considered removing it from
linux-kbuild since it is not normally required for building modules.
However, if KBUILD_EXTRA_WARN is set then it is invoked to validate
kernel-doc comments, even for external modules.
Therefore:
- Install kernel-doc.py and lib/kdoc/*.py, not kernel-doc
- Run dh_python3 to compile these files to bytecode and generate the
python3:Depends control variable
- Add ${python3:Depends} to Depends in the control template
commit 4a5da1e64ae4b02282ed6d500056094c1d51f247
Author: Ben Hutchings <benh@debian.org>
Date: Tue Jul 8 14:48:10 2025 +0200
d/config: Update with the help of kconfigeditor2:
- crypto: Enable CRYPTO_BENCHMARK instead of CRYPTO_TEST
- crypto: Enable CRYPTO_SELFTESTS (except on hppa, m68k, sh4) instead of
disabling CRYPTO_MANAGER_DISABLE_TESTS
- drivers/net/mdio: Enable MDIO_BUS as module (except on cloud) instead of
MDIO_DEVICE
- [armhf] drivers/mfd: Enable MFD_SEC_I2C as built-in instead of
MFD_SEC_CORE
- [arm64] drivers/phy: Enable PHY_SNPS_EUSB2 as module instead of
PHY_QCOM_SNPS_EUSB2
- crypto: Remove CRYPTO_CHACHA_RISCV64, CRYPTO_MANAGER,
CRYPTO_SHA256_{ARM,OCTEON,RISCV64,S390,SPARC64,SSSE3},
CRYPTO_SHA2_ARM{,64}_CE which are now automatic symbols
- crypto: Remove CRYPTO_POLY1305
- net: Remove IP_DCCP etc.
- [alpha,m68k,x86] Remove USELIB
commit 1c8df73cbe0ab7639e04939524b7d3143553a0e3
Author: Ben Hutchings <benh@debian.org>
Date: Tue Jul 8 13:57:46 2025 +0200
Update to 6.16-rc5
Drop obsolete patches:
- "Revert "mmc: sdhci: Disable SD card clock before changing parameters""
(applied upstream)
- "dccp: Disable auto-loading as mitigation against local exploits"
(protocol was removed)
Refresh patches:
- "add sysctl to disallow unprivileged CLONE_NEWUSER by default"
- "Export symbols needed by binder"
- "Include package version along with kernel release in stack traces"
commit 7d1764653b4c673b56428a1b795964e4c4b8b553
Author: Ben Hutchings <benh@debian.org>
Date: Tue Jul 8 13:27:19 2025 +0200
d/patches: Clean up the Android binder patches
For "android: Enable building ashmem and binder as modules":
- Change the description and filename to remove mention of ashmem,
which was removed upstream
- Change the description to refer to the still-developed Waydroid
instead of Anbox
- Move the EXPORT_SYMBOL_GPLs that seem to be have been added here by
mistake to "Export symbols needed by binder"
For "Export symbols needed by binder":
- Rename it to match its current subject
For both:
- Refresh the diffstat
- Update the date header
commit 211eda97a742095dbb2192d4c18b876d36ab24d1
Merge: da588ed1f6 444ce5d843
Author: Ben Hutchings <benh@debian.org>
Date: Fri Jul 11 19:23:10 2025 +0200
Merge branch 'linux-misc-tools' into 'debian/latest'
Add linux-misc-tools package for bootconfig, ihex2fw, thermometer, and tmon
See merge request kernel-team/linux!1502
commit 444ce5d84366f9b7c8cda456836ae3380db88546
Author: Ben Hutchings <benh@debian.org>
Date: Thu May 8 03:03:55 2025 +0200
Add linux-misc-tools package for bootconfig, ihex2fw, thermometer, and tmon
The ihex2fw tool is need to fully build firmware-free from source.
As it's very a small program and maybe doesn't need a package of its
own, create a linux-misc-tools package and also include the
bootconfig, thermometer, and tmon programs.
Closes: #763547
Among the 78 debian patches available in version 6.12.38-1 of the package, we noticed the following issues:
![[bug history graph]](https://qa.debian.org/data/bts/graphs/l/linux.png){kind=link}