Debian 13.6 Update Addresses Expired Secure Boot Certificate and Security Vulnerabilities

Debian 13.6 Update Addresses Expired Secure Boot Certificate and Security Vulnerabilities

First seen 13 Jul 2026, 00:12 UTC DebianFeeds2.FeedburnerFeeds.4SysopsGbhackers 80% similarity 57.8

Article Content

Browse articles
ThreatCluster

On July 11, 2026, Debian released version 13.6 of its stable distribution 'trixie,' addressing over a hundred security advisories, including critical vulnerabilities. A significant focus of this update is the expiration of a UEFI Secure Boot certificate authority from 2013, which could lead to boot failures on affected systems. To mitigate this, fwupd has been updated to version 2.0.20, allowing the refresh of the Key Exchange Key and revocation databases. Users are advised to apply updates to ensure continued system bootability with Secure Boot enabled. The update also includes security fixes for various packages, including Linux, Apache, Curl, and QEMU. Debian recommends that users upgrade their installations to the latest versions available from official mirrors. The update does not constitute a new version of Debian but is crucial for maintaining system security and functionality.

Key Points: • Debian 13.6 addresses the expiration of a UEFI Secure Boot certificate authority. • The update includes security fixes for over a hundred vulnerabilities across multiple packages. • Users are urged to apply updates to prevent potential boot failures with Secure Boot enabled.

ThreatCluster AI

Timeline

2026-07-11
Debian 13.6 released
The Debian Project released version 13.6, addressing critical vulnerabilities and an expired Secure Boot certificate.
Debian
2026-07-11
fwupd updated to version 2.0.20
The update allows users to refresh the Key Exchange Key and revocation databases to maintain Secure Boot functionality.
Debian
2026-07-12
Security advisories published
Debian's security team released advisories for over a hundred vulnerabilities addressed in the 13.6 update.
Feeds2.Feedburner
2026-07-13
Critical vulnerabilities reported
The update includes security fixes for critical vulnerabilities in packages like Linux, Apache, Curl, and QEMU.
Gbhackers

Community

Browse all →