• [Website] 22.07.2023: Debian 12.1 (1/2)

    From Erik Pfannenstein@21:1/5 to All on Fri Jul 21 23:10:01 2023
    This is a multi-part message in MIME format.

    Hallo zusammen,

    die erste Zwischenver÷ffentlichung fŘr Debian Bookworm kommt raus und ich hab die Nachricht dazu Řbersetzt. Vielleicht findet sich ja jemand, der die Zeit und Lust hat die gegenzulesen.

    Die Tabelle ist zwecks Lesbarkeit in eine Diff-Datei ausgegliedert und auch das
    Einzige, was sich gro▀ geńndert hat.

    Viele GrŘ▀e,
    Erik
    <define-tag pagetitle>Updated Debian 12: 12.1 released</define-tag>
    <define-tag pagetitle>Debian 12 aktualisiert: 12.1 ver├Âffentlicht</define-tag> <define-tag release_date>2023-07-22/define-tag>
    #use wml::debian::news
    # $Id:

    <define-tag release>12</define-tag>
    <define-tag codename>Bookworm</define-tag>
    <define-tag revision>12.1</define-tag>

    <define-tag dsa>
    <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td>
    <td align="center"><:
    my @p = ();
    for my $p (split (/,\s*/, "%2")) {
    push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p));
    }
    print join (", ", @p);
    </td></tr>
    </define-tag>

    <define-tag correction>
    <tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr>
    </define-tag>

    <define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag>

    <p>The Debian project is pleased to announce the first update of its
    stable distribution Debian <release> (codename <q><codename></q>).
    This point release mainly adds corrections for security issues,
    along with a few adjustments for serious problems. Security advisories
    have already been published separately and are referenced where available.</p>



    Das Debian-Projekt freut sich, die erste Aktualisierung seiner Stable-Distribution
    Debian <release> (Codename <q><codename></q>) ank├╝ndigen zu d├╝rfen. Diese Zwischenver├Âffentlichung behebt haupts├Ąchlich Sicherheitsl├╝cken der Stable-Ver├Âffentlichung
    sowie einige ernste Probleme. Es sind bereits separate Sicherheitsank├╝ndigungen
    ver├Âffentlicht worden, auf die, wenn m├Âglich, verwiesen wird.


    ------

    <p>Please note that the point release does not constitute a new version of Debian
    <release> but only updates some of the packages included. There is
    no need to throw away old <q><codename></q> media. After installation,
    packages can be upgraded to the current versions using an up-to-date Debian mirror.</p>


    Bitte beachten Sie, dass diese Zwischenver├Âffentlichung keine neue Version von Debian <release> darstellt, sondern nur einige der enthaltenen Pakete auffrischt.
    Es gibt keinen Grund, <q><codename></q>-Medien zu entsorgen, da deren Pakete auch nach der Installation durch einen aktualisierten Debian-Spiegelserver auf den neuesten Stand gebracht werden k├Ânnen.


    -----

    <p>Those who frequently install updates from security.debian.org won't have
    to update many packages, and most such updates are
    included in the point release.</p>

    <p>Wer h├Ąufig Aktualisierungen von security.debian.org herunterl├Ądt, wird nicht viele
    Pakete auf den neuesten Stand bringen m├╝ssen. Die meisten dieser Aktualisierungen sind
    in dieser Revision enthalten.</p>

    -----

    <p>New installation images will be available soon at the regular locations.</p> <p>Neue Installationsabbilder k├Ânnen bald von den gewohnten Orten bezogen werden.</p>

    -----

    <p>Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors.
    A comprehensive list of mirrors is available at:</p>


    <p>Vorhandene Installationen k├Ânnen auf diese Revision angehoben werden, indem das Paketverwaltungssystem auf einen der vielen HTTP-Spiegel von Debian verwiesen
    wird. Eine vollst├Ąndige Liste der Spiegelserver ist verf├╝gbar unter:</p>

    -----

    <div class="center">
    <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a>
    </div>

    <div class="center">
    <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a>
    </div>

    ----

    <h2>Miscellaneous Bugfixes</h2>

    <p>This stable update adds a few important corrections to the following packages:</p>

    <h2>Verschiedene Fehlerbehebungen</h2>

    <p>Diese Stable-Aktualisierung f├╝gt den folgenden Paketen einige wichtige Korrekturen hinzu:</p>

    -----

    <table border=0>
    <tr><th>Package</th> <th>Reason</th></tr>
    <correction aide "Properly handle creating the system user; fix child directory processing on equal match">
    <correction autofs "Fix hang when using Kerberos-authenticated LDAP"> <correction ayatana-indicator-datetime "Fix playing of custom alarm sounds"> <correction base-files "Update for the 12.1 point release">
    <correction bepasty "Fix rendering of text uploads">
    <correction boost1.81 "Add missing dependency on libboost-json1.81.0 to libboost-json1.81-dev">
    <correction bup "Correctly restore POSIX ACLs">
    <correction context "Enable socket in ConTeXt mtxrun">
    <correction cpdb-libs "Fix a buffer overflow vulnerability [CVE-2023-34095]"> <correction cpp-httplib "Fix CRLF injection issue [CVE-2023-26130]"> <correction crowdsec "Fix default acquis.yaml to also include the journalctl datasource, limited to the ssh.service unit, making sure acquisition works even without the traditional auth.log file; make sure an invalid datasource doesn't make the engine
    error out">
    <correction cups "Security fixes: use-after-free [CVE-2023-34241]; heap buffer overflow [CVE-2023-32324]">
    <correction cvs "Configure full path to ssh">
    <correction dbus "New upstream stable release; fix denial of service issue [CVE-2023-34969]; stop trying to take DPKG_ROOT into account, restoring copying of systemd's /etc/machine-id in preference to creating an entirely new machine ID">
    <correction debian-installer "Increase Linux kernel ABI to 6.1.0-10; rebuild against proposed-updates">
    <correction debian-installer-netboot-images "Rebuild against proposed-updates"> <correction desktop-base "Remove emerald alternatives on package uninstallation">
    <correction dh-python "Re-introduce Breaks+Replaces on python2 needed to help apt in some upgrade scenarios">
    <correction dkms "Add Breaks against obsolete, incompatible *-dkms packages"> <correction dnf "Fix default DNF const PYTHON_INSTALL_DIR">
    <correction dpdk "New upstream stable release">
    <correction exim4 "Fix argument parsing for ${run } expansion; fix ${srs_encode ..} returning incorrect result every 1024 days">
    <correction fai "Fix IP address lifetime">
    <correction glibc "Fix a buffer overflow in gmon; fix a deadlock in getaddrinfo (__check_pf) with deferred cancellation; fix y2038 support in strftime on 32-bit architectures; fix corner case parsing of /etc/gshadow which can return bad pointers, causing
    segfaults in applications; fix a deadlock in system() when called concurrently from multiple threads; cdefs: limit definition of fortification macros to __FORTIFY_LEVEL &gt; 0 to support old C90 compilers">
    <correction gnome-control-center "New upstream bugfix release">
    <correction gnome-maps "New upstream bugfix release">
    <correction gnome-shell "New upstream bugfix release">
    <correction gnome-software "New upstream release; memory leak fixes"> <correction gosa "Silence PHP 8.2 deprecation warnings; fix missing template in default theme; fix table styling; fix use of debugLevel &gt; 0">
    <correction groonga "Fix documentation links">
    <correction guestfs-tools "Security update [CVE-2022-2211]">
    <correction indent "Restore the ROUND_UP macro and adjust the initial buffer size">
    <correction installation-guide "Enable Indonesian translation">
    <correction kanboard "Fix malicious injection of HTML tags into DOM [CVE-2023-32685]; fix parameter-based indirect object referencing leading to private file exposure [CVE-2023-33956]; fix missing access controls [CVE-2023-33968, CVE-2023-33970]; fix
    stored XSS in Task External Link functionality [CVE-2023-33969]">
    <correction kf5-messagelib "Search also for subkeys">
    <correction libmatekbd "Fix memory leaks">
    <correction libnginx-mod-http-modsecurity "Binary rebuild with pcre2"> <correction libreoffice "New upstream bugfix release">
    <correction libreswan "Fix potential denial-of-service issue [CVE-2023-30570]"> <correction libxml2 "Fix NULL pointer dereference issue [CVE-2022-2309]"> <correction linux "New upstream stable release; netfilter: nf_tables: do not ignore genmask when looking up chain by id [CVE-2023-31248], prevent OOB access in nft_byteorder_eval [CVE-2023-35001]">
    <correction linux-signed-amd64 "New upstream stable release; netfilter: nf_tables: do not ignore genmask when looking up chain by id [CVE-2023-31248], prevent OOB access in nft_byteorder_eval [CVE-2023-35001]">
    <correction linux-signed-arm64 "New upstream stable release; netfilter: nf_tables: do not ignore genmask when looking up chain by id [CVE-2023-31248], prevent OOB access in nft_byteorder_eval [CVE-2023-35001]">
    <correction linux-signed-i386 "New upstream stable release; netfilter: nf_tables: do not ignore genmask when looking up chain by id [CVE-2023-31248], prevent OOB access in nft_byteorder_eval [CVE-2023-35001]">
    <correction mailman3 "Drop redundant cron job; handle ordering of services when MariaDB is present">
    <correction marco "Show correct window title when owned by superuser"> <correction mate-control-center "Fix several memory leaks">
    <correction mate-power-manager "Fix several memory leaks">
    <correction mate-session-manager "Fix several memory leaks; allow clutter backends other than x11">
    <correction multipath-tools "Hide underlying paths from LVM; prevent initial service failure on new installations">
    <correction mutter "New upstream bugfix release">
    <correction network-manager-strongswan "Build editor component with GTK 4 support">
    <correction nfdump "Return success when starting; fix segfault in option parsing">
    <correction nftables "Fix regression in set listing format">
    <correction node-openpgp-seek-bzip "Correct installation of files in seek-bzip package">
    <correction node-tough-cookie "Fix prototype pollution issue [CVE-2023-26136]"> <correction node-undici "Security fixes: protect <q>Host</q> HTTP header from CLRF injection [CVE-2023-23936]; potential ReDoS on Headers.set and Headers.append [CVE-2023-24807]">
    <correction node-webpack "Security fix (cross-realm objects) [CVE-2023-28154]"> <correction nvidia-cuda-toolkit "Update bundled openjdk-8-jre">
    <correction nvidia-graphics-drivers "New upstream stable release; security fixes [CVE-2023-25515 CVE-2023-25516]">
    <correction nvidia-graphics-drivers-tesla "New upstream stable release; security fixes [CVE-2023-25515 CVE-2023-25516]">
    <correction nvidia-graphics-drivers-tesla-470 "New upstream stable release; security fixes [CVE-2023-25515 CVE-2023-25516]">
    <correction nvidia-modprobe "New upstream bugfix release">
    <correction nvidia-open-gpu-kernel-modules "New upstream stable release; security fixes [CVE-2023-25515 CVE-2023-25516]">
    <correction nvidia-support "Add Breaks against incompatible packages from bullseye">
    <correction onionshare "Fix installation of desktop furniture">
    <correction openvpn "Fix memory leak and dangling pointer (possible crash vector)">
    <correction pacemaker "Fix regression in the resource scheduler">
    <correction postfix "New upstream bugfix release; fix <q>postfix set-permissions</q>">
    <correction proftpd-dfsg "Do not enable inetd-style socket at installation"> <correction qemu "New upstream stable release; fix USB devices not being available to XEN HVM domUs; 9pfs: prevent opening special files [CVE-2023-2861]; fix reentrancy issues in the LSI controller [CVE-2023-0330]">
    <correction request-tracker5 "Fix links to documentation">
    <correction rime-cantonese "Sort words and characters by frequency"> <correction rime-luna-pinyin "Install missing pinyin schema data">
    <correction samba "New upstream stable release; ensure manpages are generated during build; enable ability to store kerberos tickets in kernel keyring; fix build issues on armel and mipsel; fix windows logon/trust issues with 2023-07 windows updates">
    <correction schleuder-cli "Security fix (value escaping)">
    <correction smarty4 "Fix arbitrary code execution issue [CVE-2023-28447]"> <correction spip "Various security issues; security fix (authentication data filtering)">
    <correction sra-sdk "Fix installation of files in libngs-java">
    <correction sudo "Fix event log format">
    <correction systemd "New upstream bugfix release">
    <correction tang "Fix race condition when creating/rotating keys [CVE-2023-1672]">
    <correction texlive-bin "Disable socket in luatex by default [CVE-2023-32668]; make installable on i386">
    <correction unixodbc "Add Breaks+Replaces against odbcinst1debian1"> <correction usb.ids "Update included data">
    <correction vm "Disable byte compilation">
    <correction vte2.91 "New upstream bugfix release">
    <correction xerial-sqlite-jdbc "Use a UUID for connection ID [CVE-2023-32697]"> <correction yajl "Memory leak security fix; fix denial of service issue [CVE-2017-16516], integer overflow issue [CVE-2022-24795]">
    </table>

    -----

    <h2>Security Updates</h2>


    <p>This revision adds the following security updates to the stable release.
    The Security Team has already released an advisory for each of these updates:</p>

    <h2>Sicherheitsaktualisierungen</h2>

    <p>Diese Revision f├╝gt der Stable-Ver├Âffentlichung die folgenden Sicherheitsaktualisierungen hinzu. Das Sicherheitsteam hat bereits f├╝r
    jede davon eine Ank├╝ndigung ver├Âffentlicht:</p>

    -----

    <table border=0>
    <tr><th>Ank├╝ndigungs-ID</th> <th>Paket</th></tr>
    <dsa 2023 5423 thunderbird>
    <dsa 2023 5425 php8.2>
    <dsa 2023 5427 webkit2gtk>
    <dsa 2023 5428 chromium>
    <dsa 2023 5429 wireshark>
    <dsa 2023 5430 openjdk-17>
    <dsa 2023 5432 xmltooling>
    <dsa 2023 5433 libx11>
    <dsa 2023 5434 minidlna>
    <dsa 2023 5435 trafficserver>
    <dsa 2023 5436 hsqldb1.8.0>
    <dsa 2023 5437 hsqldb>
    <dsa 2023 5439 bind9>
    <dsa 2023 5440 chromium>
    <dsa 2023 5443 gst-plugins-base1.0>
    <dsa 2023 5444 gst-plugins-bad1.0>
    <dsa 2023 5445 gst-plugins-good1.0>
    <dsa 2023 5446 ghostscript>
    <dsa 2023 5447 mediawiki>
    <dsa 2023 5448 linux-signed-amd64>
    <dsa 2023 5448 linux-signed-arm64>
    <dsa 2023 5448 linux-signed-i386>
    <dsa 2023 5448 linux>
    <dsa 2023 5449 webkit2gtk>
    <dsa 2023 5450 firefox-esr>
    <dsa 2023 5451 thunderbird>
    </table>

    -----

    <h2>Debian Installer</h2>
    <p>The installer has been updated to include the fixes incorporated
    into stable by the point release.</p>

    <h2>Debian-Installer</h2>

    <p>Der Installer wurde aktualisiert, damit er die Korrekturen enth├Ąlt,
    die mit dieser Zwischenver├Âffentlichung in Stable eingeflossen sind.</p>

    -----

    <h2>URLs</h2>

    <p>The complete lists of packages that have changed with this revision:</p>

    <h2>URLs</h2>

    <p>Die vollst├Ąndige Liste von Paketen, die sich mit dieser Revision ge├Ąndert haben:</p>

    -----

    <div class="center">
    <url "https://deb.debian.org/debian/dists/<downcase <codename>>/ChangeLog"> </div>

    ------

    <p>The current stable distribution:</p>
    <p>Die derzeitige Stable-Distribution:</p>

    -----

    <div class="center">
    <url "https://deb.debian.org/debian/dists/stable/">
    </div>

    -----

    <p>Proposed updates to the stable distribution:</p>
    <p>Vorgeschlagene Aktualisierungen f├╝r die Stable-Distribution:</p>

    -----

    <div class="center">
    <url "https://deb.debian.org/debian/dists/proposed-updates">
    </div>

    -----

    <p>stable distribution information (release notes, errata etc.):</p> <p>Informationen zur Stable-Distribution (Ver├Âffentlichungshinweise, Errata usw.):</p>

    -----

    <div class="center">
    <a
    href="$(HOME)/releases/stable/">https://www.debian.org/releases/stable/</a> </div>

    -----

    <p>Security announcements and information:</p>
    <p>Sicherheitsank├╝ndigungen und -informationen:</p>

    -----

    <div class="center">
    <a href="$(HOME)/security/">https://www.debian.org/security/</a>
    </div>

    -----

    <h2>About Debian</h2>

    <p>The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely
    free operating system Debian.</p>

    <h2>Contact Information</h2>

    <p>For further information, please visit the Debian web pages at
    <a href="$(HOME)/">https://www.debian.org/</a>, send mail to &lt;press@debian.org&gt;, or contact the stable release team at &lt;debian-release@lists.debian.org&gt;.</p>

    <h2>├ťber Debian</h2>

    <p>Das Debian-Projekt ist ein Zusammenschluss von Entwicklern
    Freier Software, die ihre Zeit und M├╝hen einbringen, um das
    vollst├Ąndig freie Betriebssystem Debian zu erschaffen.</p>

    <h2>Kontaktinformationen</h2>

    <p>F├╝r weitere Informationen besuchen Sie bitte die Debian-Website unter
    <a href="$(HOME)/">https://www.debian.org/</a>, schicken Sie eine Mail
    (auf Englisch) an &lt;press@debian.org&gt; oder kontaktieren Sie das Stable-Ver├Âffentlichungs-Team (auf Englisch)
    unter &lt;debian-release@lists.debian.org&gt;.</p>




    0a1

    3c4
    < <tr><th>Package</th> <th>Reason</th></tr>
    ---
    <tr><th>Paket</th> <th>Grund</th></tr>
    5c6
    < <correction aide "Properly handle creating the system user; fix child directory processing on equal match">
    ---
    <correction aide "Systembenutzer ordentlich anlegen; Unterverzeichnis-Handhabung bei Equal-Treffer ├╝berarbeitet">
    7c8
    < <correction autofs "Fix hang when using Kerberos-authenticated LDAP">
    ---
    <correction autofs "H├Ąnger bei Verwendung von Kerberos-authentifiziertem LDAP behoben">
    9c10
    < <correction ayatana-indicator-datetime "Fix playing of custom alarm sounds"> ---
    <correction ayatana-indicator-datetime "Wiedergabe eigener Alarmt├Âne ├╝berarbeitet">
    11c12
    < <correction base-files "Update for the 12.1 point release">
    ---
    <correction base-files "Aktualisierung auf die Zwischenver├Âffentlichung 12.1">
    13c14
    < <correction bepasty "Fix rendering of text uploads">
    ---
    <correction bepasty "Darstellung von Text-Hochlads ├╝berarbeitet">
    15c16
    < <correction boost1.81 "Add missing dependency on libboost-json1.
  • From hermann-Josef Beckers@21:1/5 to All on Fri Jul 21 23:30:02 2023
    Am 21.07.23 um 21:07 schrieb Erik Pfannenstein:
    Hallo zusammen,

    die erste Zwischenver├Âffentlichung f├╝r Debian Bookworm kommt raus und ich hab
    die Nachricht dazu ├╝bersetzt. Vielleicht findet sich ja jemand, der die Zeit und Lust hat die gegenzulesen.

    Die Tabelle ist zwecks Lesbarkeit in eine Diff-Datei ausgegliedert und auch das
    Einzige, was sich gro├č ge├Ąndert hat.

    Viele Gr├╝├če,
    Erik

    Hallo Erik,

    bezogen auf die *wml-Datei:

    <p>The Debian project is pleased to announce the first update of its
    stable distribution Debian <release> (codename <q><codename></q>).
    This point release mainly adds corrections for security issues,
    along with a few adjustments for serious problems. Security advisories
    have already been published separately and are referenced where
    available.</p>



    Das Debian-Projekt freut sich, die erste Aktualisierung seiner Stable-Distribution
    Debian <release> (Codename <q><codename></q>) ank├╝ndigen zu d├╝rfen. Diese
    Zwischenver├Âffentlichung behebt haupts├Ąchlich Sicherheitsl├╝cken der Stable-Ver├Âffentlichung
    sowie einige ernste Probleme. Es sind bereits separate Sicherheitsank├╝ndigungen
    ver├Âffentlicht worden, auf die, wenn m├Âglich, verwiesen wird.


    s/ank├╝ndigen zu d├╝rfen/anzuk├╝ndigen/ (?)

    Freundliche Gr├╝├če
    Hermann-Josef

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Holger Wansing@21:1/5 to All on Sat Jul 22 11:10:01 2023
    < <correction aide "Properly handle creating the system user; fix child directory processing on equal match">
    ---
    <correction aide "Systembenutzer ordentlich anlegen; Unterverzeichnis-Handhabung bei Equal-Treffer ├╝berarbeitet">

    Unterverzeichnis-Verarbeitung bei ├ťbereinstimmung korrigiert




    < <correction bepasty "Fix rendering of text uploads">
    ---
    <correction bepasty "Darstellung von Text-Hochlads ├╝berarbeitet">

    Text-Uploads





    < <correction boost1.81 "Add missing dependency on libboost-json1.81.0 to libboost-json1.81-dev">
    ---
    <correction boost1.81 "Fehlende Abh├Ąngigkeit von libboost-json1.81.0 bis libboost-json1.81-dev nachgetragen">

    bis -> f├╝r






    < <correction marco "Show correct window title when owned by superuser">
    ---
    <correction marco "Wenn vom Superuser besessen, richtigen Fenstertitel anzeigen">

    Wenn Eigentum vom Superuser, ...





    < <correction unixodbc "Add Breaks+Replaces against odbcinst1debian1">
    ---
    <correction unixodbc "Besch├Ądigt+Ersetzt-Abh├Ąngigkeit f├╝r von odbcinst1debian1 hinzugef├╝gt">

    "von" l├Âschen




    G
  • From Erik Pfannenstein@21:1/5 to All on Sat Jul 22 16:29:54 2023
    Hallo Holger,

    hab alles Řbernommen, besten Dank dafŘr!

    Viele GrŘ▀e,
    Erik
    -----BEGIN PGP SIGNATURE-----

    iQEzBAABCgAdFiEEV0OxDh5dpbVrU7wFR+sGu0156zkFAmS75+IACgkQR+sGu015 6zlIlggAtZjkbAmW2/EO01Ulqx0jPS2blt7rRChBgbznvOJBamEjn895uDXCRk0f ZfZwvSv21u7GshaZAxVpLzHzvuXTLROWqAru1QPR0sE8h50H2dA7J6+EbmodAf9L qvM4NPbWzpIugqrDhiecwKnjBXwKZa/1hWfb1NY4G1PHPZEIKXmR4Z5u/OueIu7Y Y7M/84eYHzG2TLkWxfKI4MMtXbuM0MXOLstghP3z4BDvCo+zQ0pEyGFabGDTlO8S RkgCesZtV7n8mpXLRb1xs0tTw/+NOgt67gklFRJ5vqvuls+lAQDfMTreUT46nf1N /XqidiBUyD9fPZ803IfWjTMtEKEyvg==
    =G5z2
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)