-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6339-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 11, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : libinput CVE ID : CVE-2026-50292 It was discovered that a udev helper provided by libinput, a input device management and event handling library, performed insufficient sanitising of device properties, which can result in local privilege escalation in some setups. For the oldstable distribution (bookworm), this problem has been fixed in version 1.22.1-1+deb12u1. For the stable distribution (trixie), this problem has been fixed in version 1.28.1-1+deb13u1. We recommend that you upgrade your libinput packages. For the detailed security status of libinput please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libinput Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmoqSRJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0S4Uw//TL0a4QcSV56cMfiSdh8Oqopdx+SxdqiuVi8RUm39GacJX3l0mALYYf+H QOs9x66r7xh33vn7Hs0X1SseLVxjj+GDbyMylUbi2tvHoriTDm/RNXNLm8GTcVTx 61SSw29+Y8Ai4rSVn+I4uUIwTHyYhcX/ZWQOGQW2V/MONtdtDMaTr83hKOCKmj1g k6JItWxopxpXhWLfHLEdEhZWK/rxSArxwKsarzaXN4duMo+lQyUGPvQdkZ5s38tW shxUXhDCctmGTwujz84N2pytIf+sHAr1RJZNryOvwGzO/FKrcvb4ptVp1CgULv0R Swuw7ss06LJSo5qUfT7jaw6+3Ti4h07/nz8JS5hJ4Lf84nFyRvA2zX5cPOYnT7ky cRFgFBFMNosDFpg1iQHKjZQwXLe880+0FLD+SLc38vwkHc7zeGiy5y9HW8mf+ztS Rpyew/uyjU+fwEHDN+lRdaPKcCxypUv6EISwQAsaoVprtx66E8ZLZriFt7FrSrjO IR5lk9Q8WWmykh8C61ELEmf8wfiAomeU3qmC1knI3lKXgDXkPpuCblSob8WT2v2S HUiagj1qNmmWGiZuIJBzMRF5xdVMY9PULlAMMs9T72C7+p8eiM3xa68Uy6D3CEei RqcCcKFsBk7iOje/t5WUiq5FmRlxoXovyI23penzvdHICCYZd3g= =DmoM -----END PGP SIGNATURE-----

