Kernel programmers found security holes. They fixed them. You didn't apply the fixes.
Debian practices full disclosure. If there's an update that potentially affects security, it's pushed through a [link|http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html#s-security-update|separate channel]. Look at '/etc/apt/sources.list' on your Debian box. You should have a line like 'deb [link|http://security.debian.org/|http://security.debian.org/] stable/updates main contrib non-free'. It is possible to configure your system to automatically install all security updates, and each patch will be the mimimum change required to fix the security issue.
Unless someone closer to the process than I am wants to contradict or clarify, there
were no kernel exploits patched since May of this year that affected me.