-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4616-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz June 05, 2026 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : haveged Version : 1.9.14-1+deb11u1 CVE ID : CVE-2026-41054 Dirk Mueller discovered that a flaw in the function performing a credential check on the command socket of haveged, a userspace entropy daemon, may result in local privilege escalation. For Debian 11 bullseye, this problem has been fixed in version 1.9.14-1+deb11u1. We recommend that you upgrade your haveged packages. For the detailed security status of haveged please refer to its security tracker page at: https://security-tracker.debian.org/tracker/haveged Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmoipD1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEcinA/+KTcFIhfkO/Xo1WO7WfyIEYzXv2ty6JPmDUZ4TsvaZ9vhgMKJKqGXuS8E DfAqs0YC7mq2sBTJhpubCX3p6yd2uqWspAZmfJVbrxSzFIL2l8KyxxM28XMr8SMb sIqP0nS2dKIX87ewebIG5C2tUkQefIAyJKonG3iLLVQdls+tpjyuQVgEEsgcBpy8 8CdEIEYH/JQwvxOI90dfsEInfQ3zsCxNNeGmkw42+KQdu/OPEOwv7QrTG2Oc7f6W 8jgz84bAeImjE287FRbdAm72nZQUGHP1COcKUIkrHqidhz2k0E4x9Ybv6AIZvz5a kGzeccBV2ZiNRWZQv7X+8C9W+pMxJRMcKw1kJXfJ35BB3R7fu8yQurshY/R5MSAW IdnEhMzJrnMU81dlvW7/MnaOBWIpkwmp/Lg7LWarHsh7AmBm4oXV4Al+zSdyu8mB TZ7Th5P/KhCLFHWygYOmF3PxFuYRCtsoAIDPCPtVwykamgLabu+ov+YQ5hVG2c9Z 2mQJdNqTJyWN/UpcX3SE0LYdElUVsgAuGns81u8IqJwljNNz7uZj1aw1buCfQSBd Rx33zRoJ06IOizNdzCsKhIM6OEQVPTegcC1I1Zy6A2PGGcs6NknwdzrHTzgefmJf uHjZG9N7iYlmDTbq+BnSdpg6UeMUTtP1SDD/HxBNqbkbrSDYurM= =Pr/C -----END PGP SIGNATURE-----
