Debian 12 (Bookworm) reaches end of life on June 10, 2026 — 21 days away.
If you're running Debian 12 in production, your migration window is closing fast. Debian 11 (Bullseye) LTS ends June 30, 2026 — the same month. Two major Debian versions transitioning support status in the same 20-day window.
Understanding Debian's Three Support Phases
Debian provides up to 10 years of total coverage per release across three distinct phases:
| Phase | Duration | Who maintains it | What you get |
|---|---|---|---|
| Regular Support | Years 1–3 | Debian Security Team | Full security patches and bug fixes |
| LTS Support | Years 3–5 | Debian LTS team (volunteers + sponsors) | Security patches for a subset of packages |
| ELTS (Paid) | Years 5–10 | Freexian (commercial) | Patches for sponsored packages only. No kernel support. |
LTS ≠ Full Support. Debian LTS coverage is narrower than regular support. Not every package is maintained during LTS — the LTS team focuses on packages that have active sponsors. Before relying on LTS coverage for a specific package, check the Debian LTS tracker to confirm it is actively maintained.
Complete Debian EOL Schedule
| Version | Codename | Regular EOL | LTS EOL | ELTS EOL | Status | EOL Risk Score™ |
|---|---|---|---|---|---|---|
| Debian 9 | Stretch | Jun 2020 | Jun 2022 | Jun 2027 | EOL | 93 Critical |
| Debian 10 | Buster | Aug 2022 | Jun 30, 2024 | Jun 30, 2029 | EOL | 86 Critical |
| Debian 11 | Bullseye | Aug 14, 2024 | Jun 30, 2026 | Jun 30, 2031 | LTS ending Jun 2026 | 64 High |
| Debian 12 | Bookworm | Jun 10, 2026 | Jun 30, 2028 | Jun 30, 2033 | EOL in 21 days | 55 High |
| Debian 13 | Trixie | Aug 2028 | Jun 2030 | Jun 2035 | ✅ Current Stable | 12 Low |
Debian 12 (Bookworm) — Regular Support EOL June 10, 2026
EOL Risk Score™: 55 High
Debian 12 (Bookworm) was released on June 10, 2023. It ships with Linux Kernel 6.1 LTS, Python 3.11, OpenSSL 3.0. It has been the default deployment target for most Debian-based production infrastructure during 2023–2025.
On June 10, 2026, Debian 12 transitions from regular security support to LTS support. The security team that maintains it changes, the patch cadence slows, and the package scope narrows.
Debian 12 will continue to receive LTS patches until June 30, 2028 — two more years. For most organizations this is manageable — but it needs to be documented. If you're running Debian 12 in a compliance-sensitive environment, this transition needs to be in your risk register by June 10.
What to do: Confirm LTS coverage for your packages, document the transition, and set a migration target to Debian 13 within the next 6–12 months. If you cannot migrate and need continued full coverage, commercial extended support from vendors like TuxCare provides security patches for Debian past the LTS period.
Debian 11 (Bullseye) — LTS Ending June 30, 2026
EOL Risk Score™: 64 High
Debian 11 regular support ended August 14, 2024. It has been in LTS maintenance since then. That LTS period ends June 30, 2026.
If you're running Debian 11, you have until June 30, 2026 before you lose all community security patch coverage. After that, your only option for continued patches is commercial ELTS from Freexian — or migration.
Target version: Debian 13 (Trixie) — supported until 2030. Migrate before June 30, 2026.
Debian 10 (Buster) — Fully End of Life
EOL Risk Score™: 86 Critical
Debian 10 (Buster) LTS ended on June 30, 2024. Running Debian 10 in 2026 without a commercial ELTS subscription means nearly two years of unpatched CVEs.
If you're still on Buster, migration to Debian 13 is urgent.
Debian 13 (Trixie) — Current Stable
EOL Risk Score™: 12 Low
Debian 13 launched August 9, 2025. Latest point release: 13.5 on May 16, 2026. Uses Linux Kernel 6.12 LTS. Regular support runs through August 2028.
Note: Debian 13 dropped the i386 installer and armel architecture support. If you're running 32-bit x86 systems, Debian recommends staying on Debian 12 or planning hardware migration.
ELTS — Extended Long-Term Support Explained
Debian's Extended Long-Term Support (ELTS) is a commercial service provided by Freexian, not an official Debian project. It extends security patch coverage beyond the LTS period for up to 5 additional years.
What ELTS covers: Security patches for sponsored packages only. No kernel support. Coverage varies by release and changes as sponsors change.
For organizations that need broader, more predictable coverage, third-party vendors like TuxCare provide extended lifecycle support for Debian with wider package coverage and a more defined SLA.
How to Upgrade Safely
01 — Check your current version
Run cat /etc/debian_version or lsb_release -a.
02 — Check LTS package coverage for your critical packages
Check the Debian LTS tracker at tracker.debian.org for each of your critical packages. Not all packages are maintained during LTS.
03 — Use the official upgrade path — do not skip major versions
To upgrade Debian 11 → 13, you must go through Debian 12 first. Update /etc/apt/sources.list to point to the next release, then run apt update && apt full-upgrade.
04 — Read the release notes before upgrading
The Debian 13 release notes cover architecture changes, dropped packages, and modified default configurations.
05 — Test in a non-production environment first
Test your application stack against Debian 13's updated package versions — particularly changes to OpenSSL, Python, and glibc.
06 — Document your transition for compliance purposes
If you're transitioning from regular support to LTS on June 10, document this in your security risk register. Include the packages covered by LTS, any that are not covered, and your migration timeline. This documentation is what separates a compliance finding from a managed risk.
Check your full infrastructure stack for EOL exposure at endoflife.ai — free EOL checker, stack scanner, and EOL Risk Score™ for 455+ products. No signup required.
Top comments (0)