Debian Security Advisories DSA-6225-1 to DSA-6228-1
Posted: Wed Apr 22, 2026 5:27 pm
Multiple Debian Security Advisories have been released, affecting critical components across desktop, server, and networking environments. These updates address vulnerabilities in **Firefox ESR**, **PackageKit**, **strongSwan**, and **cpp-httplib**.
Immediate updates are strongly recommended.
---
DSA-6225-1 – firefox-esr
A large number of vulnerabilities (CVE-2026-6746 → CVE-2026-6786) were identified.
###
Impact
* Remote code execution
* Spoofing
* Information disclosure
* Privilege escalation
###
Fixed Versions
* Debian 12 (bookworm): `140.10.0esr-1~deb12u1`
* Debian 13 (trixie): `140.10.0esr-1~deb13u1`
---
DSA-6226-1 – packagekit
A **TOCTOU race condition** was discovered in PackageKit.
### Impact
* Local privilege escalation
### Fixed Versions
* Debian 12: `1.2.6-5+deb12u1`
* Debian 13: `1.3.1-1+deb13u1`
---
DSA-6227-1 – strongSwan
Multiple vulnerabilities were fixed in **strongSwan**, an IKE/IPsec VPN suite.
### Impact
* Infinite loops (DoS conditions)…login to view the rest of this post
Immediate updates are strongly recommended.
---
DSA-6225-1 – firefox-esrA large number of vulnerabilities (CVE-2026-6746 → CVE-2026-6786) were identified.
###
Impact* Remote code execution
* Spoofing
* Information disclosure
* Privilege escalation
###
Fixed Versions* Debian 12 (bookworm): `140.10.0esr-1~deb12u1`
* Debian 13 (trixie): `140.10.0esr-1~deb13u1`
---
DSA-6226-1 – packagekitA **TOCTOU race condition** was discovered in PackageKit.
###
Impact* Local privilege escalation
###
Fixed Versions* Debian 12: `1.2.6-5+deb12u1`
* Debian 13: `1.3.1-1+deb13u1`
---
DSA-6227-1 – strongSwanMultiple vulnerabilities were fixed in **strongSwan**, an IKE/IPsec VPN suite.
###
Impact* Infinite loops (DoS conditions)…login to view the rest of this post