-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6188-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 31, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : lxd CVE ID : CVE-2026-28384 CVE-2026-33542 CVE-2026-33897 Multiple security issues were discovered in LXD, a system container and virtual machine manager, which could result in privilege escalation or the execution of arbitrary commands. For the oldstable distribution (bookworm), these problems have been fixed in version 5.0.2-5+deb12u4. For the stable distribution (trixie), these problems have been fixed in version 5.0.2+git20231211.1364ae4-9+deb13u4. We recommend that you upgrade your lxd packages. For the detailed security status of lxd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/lxd Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmnMNAcACgkQEMKTtsN8 TjYDxA//Q2nv2zwxez9Q+ymzzD8sWA/4Q9hDUHDu54/BLaVkVHUeUwfdYipv22hB /I5g8qCCRHTGFR9DoWnXfIhzLZL5rjxi7U84fVecDCAF96l/vfQ5sdossKAiO7yK QR65SnyySw3/s05N63T0zo9PygvGEHivF/0uVY1c+YZYAQ5CXGMHeWgds0eYa39v ZNYjg8FXNv9NSQOIAlp/9RNR/yMB78A//JTTm3NlmslojDn16dvAPCCbx0d/bAgx eEXfwgUpiIcchhkybdjSgvLd/hCxJiJrOpVQuoVosX5K/4RpABuc1XLgSUrpLTWA yQgkHVeGHmIqKIeJCr56rrL/y/vbCnpZJ/oiH5Gbqabd0/aw1yPHyDHQ3dlRdJA9 +bQaV8EVxYAkd3Ooi6KR36cBK/WWTtn1YhF7aL2Wmu8vFTPj2uxtxhj1VOF5pVL4 APqczyGN+wnBovdF3/a6h7j3F2j2ETibXzen1XOz4ITiKBEjW6fxTnZA2jnfy8iT bc8vXuzudRjsJ43DFrJIRLwUbo/ITzH4+fjbGSlUnn9CvXeoyGn7xmpAlzZIhute JDVhvMDJciJWaM6uvXHdIdIWL85ssaPHGWnAN3n3dT8VZBj1UqUQzGIuYKG+sdpN zXDnu23mh+x8yS91TVO32o2EbbSIMNbPLIX3YhsdhmQ+PP8nR70= =8O84 -----END PGP SIGNATURE-----
