Over two months after its previous 12.10 release, the Debian Project rolled out the eleventh update of its stable 12 “Bookworm” series, primarily focusing on improving security and addressing bugs across various packages.
If you’ve been keeping your system updated through security.debian.org, there’s not much to do with this release—most of the fixes were already included in earlier updates. 12.11 just brings them together in one place. However, if you’re doing a fresh install, this is the version to download and set up.
Among the notable changes is upgrading the Linux kernel to version 6.1.137. However, a caveat accompanies this kernel update—it currently has issues loading the “watchdog” and “w83977f_wdt” modules on AMD64 systems.
Debian has already flagged this regression and promises a fix in an upcoming update. Users dependent on these watchdog functionalities are advised to either temporarily disable them or hold off updating the kernel until the fix arrives.
Beyond the kernel adjustments, Debian 12.11 includes several significant security updates. Vulnerabilities across various packages have been patched, addressing concerns ranging from buffer overflow vulnerabilities in software like haproxy and nginx to critical security fixes in popular tools such as OpenSSH and OpenSSL.
Specific fixes include resolving an integer overflow vulnerability in glib2.0, a buffer overflow in ImageMagick, and several cross-site scripting (XSS) issues affecting popular web tools such as phpMyAdmin and Twitter Bootstrap.
Notably, the point release brings a batch of miscellaneous bug fixes and package updates. GCC, the GNU Compiler Collection, has seen improvements, particularly enhancing protections against stack overflow exploits on AArch64 architectures.
Graphics drivers from NVIDIA received substantial updates, dropping outdated support while reinforcing compatibility and security with newer kernel versions. Plus, the Debian installer has received minor updates to reflect the latest changes, ensuring a seamless experience for new installations.
Once again, Debian 12.11 doesn’t add any new features to the “Bookworm” release—it’s all about fixing bugs and addressing security issues in certain packages. So, if you’re already using it, simply run the command below to update your system to the latest stable version.
sudo apt update && sudo apt upgradeCode language: Bash (bash)The release announcement provides in-depth information on all changes. A comprehensive list of all packages that have received updates is available here.
The main Debian 12.11 netinst images are available for download here. They offer a base system perfect for servers or users who prefer to customize the installation to suit their needs. It supports nine architectures: amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, and s390x.
For a more ready-to-use experience, the new release also provides Live images featuring pre-installed desktop environments like GNOME, KDE, LXDE, Xfce, Cinnamon, and MATE. Please note that they are available only for the AMD64 architecture.
Lastly, consider enabling automatic security updates to receive future patches without delay if you haven’t already done so. If you’re unsure how to do it, our guide will have you up and running quickly.
