Pop-Up Thingie

>>> Magnum BBS <<<
  • Home
  • Forum
  • Files
  • Log in

  1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE
  • Updated Debian 8: 8.9 released (1/2)

    From =?utf-8?Q?C=C3=A9dric?= Boutillier@21:1/5 to All on Sat Jul 22 18:50:01 2017
    ------------------------------------------------------------------------
    The Debian Project https://www.debian.org/ Updated Debian 8: 8.9 released press@debian.org
    July 22nd, 2017 https://www.debian.org/News/2017/2017072202 ------------------------------------------------------------------------


    The Debian project is pleased to announce the ninth update of its
    oldstable distribution Debian 8 (codename "jessie"). This point release
    mainly adds corrections for security issues, along with a few
    adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

    Please note that the point release does not constitute a new version of
    Debian 8 but only updates some of the packages included. There is no
    need to throw away old "jessie" media. After installation, packages can
    be upgraded to the current versions using an up-to-date Debian mirror.

    Those who frequently install updates from security.debian.org won't have
    to update many packages, and most such updates are included in the point release.

    New installation images will be available soon at the regular locations.

    Upgrading an existing installation to this revision can be achieved by
    pointing the package management system at one of Debian's many HTTP
    mirrors. A comprehensive list of mirrors is available at:

    https://www.debian.org/mirror/list



    Miscellaneous Bugfixes
    ----------------------

    This oldstable update adds a few important corrections to the following packages:

    +-----------------------------+---------------------------------------+
    | Package | Reason | +-----------------------------+---------------------------------------+
    | 3dchess [1] | Reduce wasteful CPU consumption |
    | | |
    | apt-cacher [2] | Prevent HTTP response splitting with |
    | | encoded newlines in request |
    | | [CVE-2017-7443]; make sure /var/run/ |
    | | apt-cacher exists |
    | | |
    | base-files [3] | Update for the 8.9 point release |
    | | |
    | boinc [4] | Improve adjusting OOM score; fix |
    | | security issue with xhost |
    | | |
    | c-ares [5] | Security fix [CVE-2017-1000381] |
    | | |
    | cfitsio [6] | Fix crashes related to improper |
    | | memory handling |
    | | |
    | chkrootkit [7] | Fix segmentation fault; fix missing |
    | | dependency on openssh-client; add |
    | | Built-Using field |
    | | |
    | cqrlog [8] | tools/cqrlog-apparmor-fix, debian/ |
    | | postrm: Check for /etc/init.d/ |
    | | apparmor before restarting apparmor |
    | | |
    | debconf [9] | Use File::Temp instead of the |
    | | deprecated POSIX::tmpnam() in |
    | | Debconf::TmpFile |
    | | |
    | debian-archive-keyring [10] | Add stretch keys, and move squeeze |
    | | keys to removed keyring |
    | | |
    | debian-installer [11] | Rebuild against proposed-updates |
    | | |
    | debian-installer-netboot- | Rebuild against proposed-updates |
    | images [12] | |
    | | |
    | debian-security- | Update support status of various |
    | support [13] | packages; update translations |
    | | |
    | debootstrap [14] | Add support for Buster and Bullseye |
    | | |
    | eterm [15] | Fix integer overflow preventing the |
    | | shell from starting/stopping properly |
    | | |
    | flightgear [16] | Prevent overriding arbitrary files |
    | | from the "save-flightplan" |
    | | FGCommand [CVE-2017-8921] |
    | | |
    | galternatives [17] | Fix blank properties page |
    | | |
    | gitolite3 [18] | Fix missing dependency on openssh- |
    | | client |
    | | |
    | gnats [19] | gnats-user: do not fail to purge if / |
    | | var/lib/gnats/gnats-db is not empty |
    | | |
    | gnutls28 [20] | Improve check for /dev/urandom |
    | | uniqueness |
    | | |
    | gtk+2.0 [21] | Backport patch from GTK+3 to fix |
    | | stuck grabs in some situations |
    | | |
    | init-select [22] | Check for /usr/lib/init-select/get- |
    | | init before calling it |
    | | |
    | intel-microcode [23] | Update included microcode |
    | | |
    | libapache2-mod-perl2 [24] | Fix test suite for compatibility with |
    | | latest Apache 2 updates |
    | | |
    | libcgi-application-plugin- | Fix missing dependency on one of |
    | anytemplate-perl [25] | libclone-perl and libclone-pp-perl |
    | | |
    | libclamunrar [26] | Fix arbitrary memory write [CVE-2012- |
    | | 6706] |
    | | |
    | libdata-faker-perl [27] | Run the test suite under a specific |
    | | locale |
    | | |
    | libdvdnav [28] | Use proper error handling when |
    | | position cannot be detected |
    | | |
    | libhtml-microformats- | Fix missing dependency on libmodule- |
    | perl [29] | pluggable-perl |
    | | |
    | libhttp-proxy-perl [30] | Fix broken 'via' handling |
    | | |
    | libonig [31] | Fix multiple invalid pointer |
    | | dereference, out-of-bounds write |
    | | memory corruption and stack buffer |
    | | overflow issues [CVE-2017-9224 |
    | | CVE-2017-9226 CVE-2017-9227 CVE-2017- |
    | | 9228 CVE-2017-9229] |
    | | |
    | libosinfo [32] | Add support for jessie and stretch |
    | | |
    | libsys-syscall-perl [33] | Add support for more architectures |
    | | |
    | libterralib [34] | Remove superfluous Conflicts/ |
    | | Replaces: libterralib3 since that |
    | | causes problems upgrading to stretch |
    | | which has that package |
    | | |
    | libx11-protocol-other- | Disable buggy test |
    | perl [35] | |
    | | |
    | lxterminal [36] | Security fix: improper use of /tmp |
    | | for a socket file |
    | | |
    | netcfg [37] | IPv6 autoconfiguration: fix NTP |
    | | server name handling; stop queueing |
    | | rdnssd's installation with IPv6 |
    | | setups |
    | | |
    | offlineimap [38] | Prevent the usage of maxage (broken |
    | | and may result in data loss) |
    | | |
    | os-prober [39] | EFI: fix check on |
    | | ID_PART_ENTRY_SCHEME, to look for |
    | | "dos" instead of "msdos" ; make |
    | | Windows Vista detection more robust; |
    | | add support for Windows 10 |
    | | |
    | pam [40] | Rebuild to fix multi-arch differences |
    | | |
    | partman-ext3 [41] | Force ext3|ext4 filesystem creation |
    | | with "-F" so that D-I doesn't |
    | | "hang" when re-using an existing |
    | | partition in some situations |
    | | |
    | perl [42] | Apply upstream base.pm no-dot-in-inc |
    | | fix |
    | | |
    | polarssl [43] | Fix freeing of memory allocated on |
    | | stack when validating a public key |
    | | with a secp224k1 curve [CVE-2017- |
    | | 2784] |
    | | |
    | proftpd-dfsg [44] | Fix "TLSDHParamFile directive |
    | | appears ignored because unexpected DH |
    | | is chosen" [CVE-2016-3125], |
    | | "AllowChrootSymlinks off does not |
    | | check entire DefaultRoot path for |
    | | symlinks" [CVE-2017-7418] |
    | | |
    | python-colorlog [45] | Fix python3 dependencies |
    | | |
    | python-plumbum [46] | Fix python3 dependencies |
    | | |
    | rkhunter [47] | Disable remote updates [CVE-2017- |
    | | 7480] |
    | | |
    | shutter [48] | Fix insecure use of perl exec() |
    | | [CVE-2016-10081] and system() |
    | | |
    | tcpdf [49] | Security fix: disallow tcpdf calls in |
    | | HTML [CVE-2017-6100] |
    | | |
    | unrar-nonfree [50] | Security fix: add bound checks for |
    | | VMSF_DELTA, VMSF_RGB and VMSF_AUDIO |
    | | paramters [CVE-2012-6706] |
    | | |
    | w3m [51] | Fix multiple buffer overflows, use |
    | | after free issues and an infinite |
    | | loop |
    | | |
    | xarchiver [52] | Fix possible data loss due to shell |
    | | metacharacters |
    | | |
    | xfce4-weather-plugin [53] | Adapt to new weather website APIs |
    | | | +-----------------------------+---------------------------------------+

    1: https://packages.debian.org/src:3dchess
    2: https://packages.debian.org/src:apt-cacher
    3: https://packages.debian.org/src:base-files
    4: https://packages.debian.org/src:boinc
    5: https://packages.debian.org/src:c-ares
    6: https://packages.debian.org/src:cfitsio
    7: https://packages.debian.org/src:chkrootkit
    8: https://packages.debian.org/src:cqrlog
    9: https://packages.debian.org/src:debconf
    10: https://packages.debian.org/src:debian-archive-keyring
    11: https://packages.debian.org/src:debian-installer
    12: https://packages.debian.org/src:debian-installer-netboot-images
    13: https://packages.debian.org/src:debian-security-support
    14: https://packages.debian.org/src:debootstrap
    15: https://packages.debian.org/src:eterm
    16: https://packages.debian.org/src:flightgear
    17: https://packages.debian.org/src:galternatives
    18: https://packages.debian.org/src:gitolite3
    19: https://packages.debian.org/src:gnats
    20: https://packages.debian.org/src:gnutls28
    21: https://packages.debian.org/src:gtk+2.0
    22: https://packages.debian.org/src:init-select
    23: https://packages.debian.org/src:intel-microcode
    24: https://packages.debian.org/src:libapache2-mod-perl2
    25: https://packages.debian.org/src:libcgi-application-plugin-anytemplate-perl
    26: https://packages.debian.org/src:libclamunrar
    27: https://packages.debian.org/src:libdata-faker-perl
    28: https://packages.debian.org/src:libdvdnav
    29: https://packages.debian.org/src:libhtml-microformats-perl
    30: https://packages.debian.org/src:libhttp-proxy-perl
    31: https://packages.debian.org/src:libonig
    32: https://packages.debian.org/src:libosinfo
    33: https://packages.debian.org/src:libsys-syscall-perl
    34: https://packages.debian.org/src:libterralib
    35: https://packages.debian.org/src:libx11-protocol-other-perl
    36: https://packages.debian.org/src:lxterminal
    37: https://packages.debian.org/src:netcfg
    38: https://packages.debian.org/src:offlineimap
    39: https://packages.debian.org/src:os-prober
    40: https://packages.debian.org/src:pam
    41: https://packages.debian.org/src:partman-ext3
    42: https://packages.debian.org/src:perl
    43: https://packages.debian.org/src:polarssl
    44: https://packages.debian.org/src:proftpd-dfsg
    45: https://packages.debian.org/src:python-colorlog
    46: https://packages.debian.org/src:python-plumbum
    47: https://packages.debian.org/src:rkhunter
    48: https://packages.debian.org/src:shutter
    49: https://packages.debian.org/src:tcpdf
    50: https://packages.debian.org/src:unrar-nonfree
    51: https://packages.debian.org/src:w3m
    52: https://packages.debian.org/src:xarchiver
    53: https://packages.debian.org/src:xfce4-weather-plugin

    Security Updates
    ----------------

    This revision adds the following security updates to the oldstable
    release. The Security Team has already released an advisory for each of
    these updates:

    +----------------+------------------------------+
    | Advisory ID | Package | +----------------+------------------------------+
    | DSA-3742 [54] | flightgear [55] |
    | | |
    | DSA-3793 [56] | shadow [57] |
    | | |
    | DSA-3840 [58] | mysql-connector-java [59] |
    | | |
    | DSA-3841 [60] | libxstream-java [61] |
    | | |
    | DSA-3842 [62] | tomcat7 [63] |
    | | |
    | DSA-3843 [64] | tomcat8 [65] |
    | | |
    | DSA-3844 [66] | tiff [67] |
    | | |
    | DSA-3845 [68] | libtirpc [69] |
    | | |
    | DSA-3845 [70] | rpcbind [71] |
    | | |
    | DSA-3846 [72] | libytnef [73] |
    | | |
    | DSA-3847 [74] | xen [75] |
    | | |
    | DSA-3848 [76] | git [77] |
    | | |
    | DSA-3849 [78] | kde4libs [79] |
    | | |
    | DSA-3850 [80] | rtmpdump [81] |
    | | |
    | DSA-3851 [82] | postgresql-9.4 [83] |
    | | |
    | DSA-3852 [84] | squirrelmail [85] |
    | | |
    | DSA-3853 [86] | bitlbee [87] |
    | | |
    | DSA-3854 [88] | bind9 [89] |
    | | |
    | DSA-3855 [90] | jbig2dec [91] |
    | | |
    | DSA-3856 [92] | deluge [93] |
    | | |
    | DSA-3857 [94] | mysql-connector-java [95] |
    | | |
    | DSA-3859 [96] | dropbear [97] |
    | | |
    | DSA-3860 [98] | samba [99] |
    | | |
    | DSA-3861 [100] | libtasn1-6 [101] |
    | | |
    | DSA-3862 [102] | puppet [103] |
    | | |
    | DSA-3863 [104] | imagemagick [105] |
    | | |
    | DSA-3864 [106] | fop [107] |
    | | |
    | DSA-3865 [108] | mosquitto [109] |
    | | |
    | DSA-3866 [110] | strongswan [111] |
    | | |
    | DSA-3867 [112] | sudo [113] |
    | | |
    | DSA-3868 [114] | openldap [115] |
    | | |
    | DSA-3869 [116] | tnef [117] |
    | | |
    | DSA-3870 [118] | wordpress [119] |
    | | |
    | DSA-3871 [120] | zookeeper [121] |
    | | |
    | DSA-3872 [122] | nss [123] |
    | | |
    | DSA-3873 [124] | perl [125] |
    | | |
    | DSA-3874 [126] | ettercap [127] |
    | | |
    | DSA-3875 [128] | libmwaw [129] |
    | | |
    | DSA-3876 [130] | otrs2 [131] |
    | | |
    | DSA-3877 [132] | tor [133] |
    | | |
    | DSA-3878 [134] | zziplib [135] |
    | | |
    | DSA-3879 [136] | libosip2 [137] |
    | | |
    | DSA-3880 [138] | libgcrypt20 [139] |
    | | |
    | DSA-3882 [140] | request-tracker4 [141] |
    | | |
    | DSA-3883 [142] | rt-authen-externalauth [143] |
    | | |
    | DSA-3884 [144] | gnutls28 [145] |
    | | |
    | DSA-3885 [146] | irssi [147] |
    | | |
    | DSA-3886 [148] | linux [149] |
    | | |
    | DSA-3887 [150] | glibc [151] |
    | | |
    | DSA-3888 [152] | exim4 [153] |
    | | |
    | DSA-3889 [154] | libffi [155] |
    | | |
    | DSA-3891 [156] | tomcat8 [157] |
    | | |
    | DSA-3892 [158] | tomcat7 [159] |
    | | |
    | DSA-3893 [160] | jython [161] |
    | | |
    | DSA-3894 [162] | graphite2 [163] |
    | | |
    | DSA-3896 [164] | apache2 [165] |
    | | |
    | DSA-3897 [166] | drupal7 [167] |
    | | |
    | DSA-3898 [168] | expat [169] |
    | | |
    | DSA-3899 [170] | vlc [171] |
    | | |
    | DSA-3900 [172] | openvpn [173] |
    | | |
    | DSA-3901 [174] | libgcrypt20 [175] |
    | | |
    | DSA-3903 [176] | tiff [177] |
    | | |
    | DSA-3904 [178] | bind9 [179] |
    | | |
    | DSA-3905 [180] | xorg-server [181] |
    | | |
    | DSA-3907 [182] | spice [183] |
    | | |
    | DSA-3910 [184] | knot [185] |
    | | |
    | DSA-3911 [186] | evince [187] |
    | | |
    | DSA-3912 [188] | heimdal [189] |
    | | | +----------------+------------------------------+

    54: https://www.debian.org/security/2016/dsa-3742
    55: https://packages.debian.org/src:flightgear
    56: https://www.debian.org/security/2017/dsa-3793
    57: https://packages.debian.org/src:shadow
    58: https://www.debian.org/security/2017/dsa-3840
    59: https://packages.debian.org/src:mysql-connector-java
    60: https://www.debian.org/security/2017/dsa-3841
    61: https://packages.debian.org/src:libxstream-java
    62: https://www.debian.org/security/2017/dsa-3842
    63: https://packages.debian.org/src:tomcat7
    64: https://www.debian.org/security/2017/dsa-3843
    65: https://packages.debian.org/src:tomcat8
    66: https://www.debian.org/security/2017/dsa-3844
    67: https://packages.debian.org/src:tiff
    68: https://www.debian.org/security/2017/dsa-3845
    69: https://packages.debian.org/src:libtirpc
    70: https://www.debian.org/security/2017/dsa-3845
    71: https://packages.debian.org/src:rpcbind
    72: https://www.debian.org/security/2017/dsa-3846
    73: https://packages.debian.org/src:libytnef
    74: https://www.debian.org/security/2017/dsa-3847
    75: https://packages.debian.org/src:xen
    76: https://www.debian.org/security/2017/dsa-3848
    77: https://packages.debian.org/src:git
    78: https://www.debian.org/security/2017/dsa-3849
    79: https://packages.debian.org/src:kde4libs
    80: https://www.debian.org/security/2017/dsa-3850
    81: https://packages.debian.org/src:rtmpdump
    82: https://www.debian.org/security/2017/dsa-3851
    83: https://packages.debian.org/src:postgresql-9.4
    84: https://www.debian.org/security/2017/dsa-3852
    85: https://packages.debian.org/src:squirrelmail
    86: https://www.debian.org/security/2017/dsa-3853
    87: https://packages.debian.org/src:bitlbee
    88: https://www.debian.org/security/2017/dsa-3854
    89: https://packages.debian.org/src:bind9
    90: https://www.debian.org/security/2017/dsa-3855
    91: https://packages.debian.org/src:jbig2dec
    92: https://www.debian.org/security/2017/dsa-3856
    93: https://packages.debian.org/src:deluge
    94: https://www.debian.org/security/2017/dsa-3857
    95: https://packages.debian.org/src:mysql-connector-java
    96: https://www.debian.org/security/2017/dsa-3859
    97: https://packages.debian.org/src:dropbear
    98: https://www.debian.org/security/2017/dsa-3860
    99: https://packages.debian.org/src:samba
    100: https://www.debian.org/security/2017/dsa-3861
    101: https://packages.debian.org/src:libtasn1-6
    102: https://www.debian.org/security/2017/dsa-3862
    103: https://packages.debian.org/src:puppet
    104: https://www.debian.org/security/2017/dsa-3863
    105: https://packages.debian.org/src:imagemagick
    106: https://www.debian.org/security/2017/dsa-3864
    107: https://packages.debian.org/src:fop
    108: https://www.debian.org/security/2017/dsa-3865
    109: https://packages.debian.org/src:mosquitto
    110: https://www.debian.org/security/2017/dsa-3866
    111: https://packages.debian.org/src:strongswan
    112: https://www.debian.org/security/2017/dsa-3867
    113: https://packages.debian.org/src:sudo
    114: https://www.debian.org/security/2017/dsa-3868
    115: https://packages.debian.org/src:openldap
    116: https://www.debian.org/security/2017/dsa-3869
    117: https://packages.debian.org/src:tnef
    118: https://www.debian.org/security/2017/dsa-3870
    119: https://packages.debian.org/src:wordpress
    120: https://www.debian.org/security/2017/dsa-3871
    121: https://packages.debian.org/src:zookeeper
    122: https://www.debian.org/security/2017/dsa-3872
    123: https://packages.debian.org/src:nss
    124: https://www.debian.org/security/2017/dsa-3873
    125: https://packages.debian.org/src:perl
    126: https://www.debian.org/security/2017/dsa-3874
    127: https://packages.debian.org/src:ettercap
    128: https://www.debian.org/security/2017/dsa-3875
    129: https://packages.debian.org/src:libmwaw
    130: https://www.debian.org/security/2017/dsa-3876
    131: https://packages.debian.org/src:otrs2
    132: https://www.debian.org/security/2017/dsa-3877
    133: https://packages.debian.org/src:tor
    134: https://www.debian.org/security/2017/dsa-3878
    135: https://packages.debian.org/src:zziplib
    136: https://www.debian.org/security/2017/dsa-3879
    137: https://packages.debian.org/src:libosip2
    138: https://www.debian.org/security/2017/dsa-3880
    139: https://packages.debian.org/src:libgcrypt20
    140: https://www.debian.org/security/2017/dsa-3882
    141: https://packages.debian.org/src:request-tracker4
    142: https://www.debian.org/security/2017/dsa-3883
    143: https://packages.debian.org/src:rt-authen-externalauth
    144: https://www.debian.org/security/2017/dsa-3884
    145: https://packages.debian.org/src:gnutls28
    146: https://www.debian.org/security/2017/dsa-3885
    147: https://packages.debian.org/src:irssi
    148: https://www.debian.org/security/2017/dsa-3886
    149: https://packages.debian.org/src:linux
    150: https://www.debian.org/security/2017/dsa-3887
    151: https://packages.debian.org/src:glibc
    152: https://www.debian.org/security/2017/dsa-3888
    153: https://packages.debian.org/src:exim4
    154: https://www.debian.org/security/2017/dsa-3889
    155: https://packages.debian.org/src:libffi
    156: https://www.debian.org/security/2017/dsa-3891
    157: https://packages.debian.org/src:tomcat8
    158: https://www.debian.org/security/2017/dsa-3892
    159: https://packages.debian.org/src:tomcat7
    160: https://www.debian.org/security/2017/dsa-3893
    161: https://packages.debian.org/src:jython
    162: https://www.debian.org/security/2017/dsa-3894
    163: https://packages.debian.org/src:graphite2
    164: https://www.debian.org/security/2017/dsa-3896
    165: https://packages.debian.org/src:apache2
    166: https://www.debian.org/security/2017/dsa-3897
    167: https://packages.debian.org/src:drupal7
    168: https://www.debian.org/security/2017/dsa-3898
    169: https://packages.debian.org/src:expat
    170: https://www.debian.org/security/2017/dsa-3899
    171: https://packages.debian.org/src:vlc
    172: https://www.debian.org/security/2017/dsa-3900
    173: https://packages.debian.org/src:openvpn
    174: https://www.debian.org/security/2017/dsa-3901
    175: https://packages.debian.org/src:libgcrypt20
    176: https://www.debian.org/security/2017/dsa-3903
    177: https://packages.debian.org/src:tiff
    178: https://www.debian.org/security/2017/dsa-3904
    179: https://packages.debian.org/src:bind9
    180: https://www.debian.org/security/2017/dsa-3905
    181: https://packages.debian.org/src:xorg-server
    182: https://www.debian.org/security/2017/dsa-3907
    183: https://packages.debian.org/src:spice
    184: https://www.debian.org/security/2017/dsa-3910
    185: https://packages.debian.org/src:knot
    186: https://www.debian.org/security/2017/dsa-3911
    187: https://packages.debian.org/src:evince
    188: https://www.debian.org/security/2017/dsa-3912
    189: https://packages.debian.org/src:heimdal

    Removed packages
    ----------------

    The following packages were removed due to circumstances beyond our
    control:

    +-------------------------------+--------------------------------------+
    | Package | Reason | +-------------------------------+--------------------------------------+
    | ears [190] | Requires unavailable python- |
    | | musicbrainz |
    | | |
    | gnuvd [191] | Broken by upstream site changes |
    | | |

    [continued in next message]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • Who's Online

  • Recent Visitors

    • Michal Wronka
      Sat Jun 3 23:51:01 2023
      from Wroclaw, Poland via Telnet
    • Michal Wronka
      Sat Jun 3 21:03:37 2023
      from Wroclaw, Poland via Telnet
    • Michal Wronka
      Sun Jun 4 00:04:46 2023
      from Wroclaw, Poland via Telnet
    • Michal Wronka
      Sun Jun 4 00:00:13 2023
      from Wroclaw, Poland via Telnet
  • System Info

    Sysop: Keyop
    Location: Huddersfield, West Yorkshire, UK
    Users: 185
    Nodes: 16 (2 / 14)
    Uptime: 10:08:40
    Calls: 3,718
    Calls today: 1
    Files: 11,157
    Messages: 3,451,777

© >>> Magnum BBS <<<, 2023