The Debian project has released the sixth point release 13.6 of its stable distribution “Trixie”.
The update adds no new features, but fixes security issues and a number of serious bugs across more than 100 packages. Worth noting: fwupd was bumped to version 2.0.20 and can now update Secure Boot certificates (CA, KEK, revocation databases) for the 2026 Secure Boot transition, while geoip-database was reverted to a December 2019 build for licensing reasons. Anyone already running Debian 13 doesn’t need to reinstall - a regular update via the Debian mirrors is enough.
The Debian project is pleased to announce the sixth update of its stable distribution Debian 13 (codename trixie). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems.
Notable changes include: fwupd was updated to enable UEFI CA/KEK/DBX updates for the 2026 Secure Boot transition; geoip-database was reverted to a December 2019 version for licensing reasons; and security fixes landed in apache2, curl, qemu, samba, wireshark, python3.13, postfix and dozens of other packages, covering issues from buffer overflows and denial-of-service bugs to remote code execution.
Please note that this point release does not constitute a new version of Debian 13 but only updates some of the packages included. There is no need to throw away old media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.

Source: Debian