https://security-tracker.debian.org/tracker/CVE-2024-47176, archive
As of 10/1/24 3:52 UTC time, Trixie/Debian testing does not have a fix for the severe cupsd security vulnerability that was recently announced, despite Debian Stable and Unstable having a fix.
Debian Testing is intended for testing, and not really for production usage.
https://tracker.debian.org/pkg/cups-filters, archive
So the way Debian Unstable/Testing works is that packages go into unstable/ for a bit, and then are migrated into testing/trixie.
Issues preventing migration:
∙ ∙ Too young, only 3 of 5 days old
Basically, security vulnerabilities are not really a priority in testing, and everything waits for a bit before it updates.
I recently saw some people recommending Trixie for a "debian but not as unstable as sid and newer packages than stable", which is a pretty bad idea. Trixie/testing is not really intended for production use.
If you want newer, but still stable packages from the same repositories, then I recommend (not an exhaustive list, of course).:
- Opensuse Leap (Tumbleweed works too but secure boot was borked when I used it)
- Fedora
If you are willing to mix and match sources for packages:
- Flatpaks
- distrobox — run other distros in docker/podman containers and use apps through those
- Nix
Can get you newer packages on a more stable distros safely.
Linux mint debian edition is not based on testijg, but rather on stable*.
This misconception may be caused by the fact that the latest debian stable, has newer packages than many of the older-but-not-ancient ubuntu releases, which were originally based off of debian sid.
*I cannot find a first party source for this, only third party
https://www.theregister.com/2023/09/13/linux_mint_debian_edition_hands_on/
I fixed it, based on info that you and @[email protected] provided. Thanks you both for pointing this out!
(The misconception is actually outdated info. LMDE 1 lasted a really long time, and it was Testing-based.)
I found info in the Linux Mint forums about this. Not quite first party source as it's just user discussion, but still closer.