Pop-Up Thingie

>>> Magnum BBS <<<
  • Home
  • Forum
  • Files
  • Log in

  1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE
  • Updated Debian 9: 9.3 released (1/2)

    From =?utf-8?Q?C=C3=A9dric?= Boutillier@21:1/5 to All on Sat Dec 9 15:20:02 2017
    ------------------------------------------------------------------------
    The Debian Project https://www.debian.org/ Updated Debian 9: 9.3 released press@debian.org December 9th, 2017 https://www.debian.org/News/2017/2017120902 ------------------------------------------------------------------------


    The Debian project is pleased to announce the third update of its stable distribution Debian 9 (codename "stretch"). This point release mainly
    adds corrections for security issues, along with a few adjustments for
    serious problems. Security advisories have already been published
    separately and are referenced where available.

    Please note that the point release does not constitute a new version of
    Debian 9 but only updates some of the packages included. There is no
    need to throw away old "stretch" media. After installation, packages can
    be upgraded to the current versions using an up-to-date Debian mirror.

    Those who frequently install updates from security.debian.org won't have
    to update many packages, and most such updates are included in the point release.

    New installation images will be available soon at the regular locations.

    Upgrading an existing installation to this revision can be achieved by
    pointing the package management system at one of Debian's many HTTP
    mirrors. A comprehensive list of mirrors is available at:

    https://www.debian.org/mirror/list



    Miscellaneous Bugfixes
    ----------------------

    This stable update adds a few important corrections to the following
    packages:

    +--------------------------+------------------------------------------+
    | Package | Reason | +--------------------------+------------------------------------------+
    | abiword [1] | Fix flickering |
    | | |
    | base-files [2] | Update for the point release |
    | | |
    | berusky [3] | Fix startup crash with certain video |
    | | card configurations |
    | | |
    | charmtimetracker [4] | Fix missing binary dependency on |
    | | libqt5sql5-sqlite |
    | | |
    | corebird [5] | Increase maximum length of tweet to 280 |
    | | characters |
    | | |
    | dbus [6] | When parsing dbus-daemon configuration, |
    | | don't delay startup if high-quality |
    | | entropy is not yet available; when using |
    | | the Monitoring interface, match message |
    | | filters that specify a destination |
    | | correctly; increase listen() backlog of |
    | | AF_UNIX sockets to the maximum possible, |
    | | minimizing failed connections under |
    | | heavy load |
    | | |
    | debian-edu-doc [7] | Merge stretch related documentation and |
    | | translation updates from unstable and |
    | | the wiki; documentation/common/ |
    | | edu.css.xml: improve HTML manual |
    | | readability |
    | | |
    | debian-installer [8] | Rebuild for the point release |
    | | |
    | dehydrated [9] | Update subscriber license agreement URL |
    | | |
    | doit [10] | Add Breaks: nikola (<< 7.6.0-1~) to |
    | | ensure its removal on upgrades from |
    | | jessie |
    | | |
    | eclipse-titan [11] | Rebuild against current stretch GCC |
    | | |
    | fig2dev [12] | Add input sanitisation on FIG files |
    | | [CVE-2017-16899]; sanitize input of fill |
    | | patterns |
    | | |
    | flickcurl [13] | Fix fix oauth token fetching; prevent |
    | | double free corruption during |
    | | authentication |
    | | |
    | flightgear [14] | Prevent malicious add-ons from |
    | | overriding arbitrary files [CVE-2017- |
    | | 13709] |
    | | |
    | ganeti [15] | Backport upstream support for non-DSA |
    | | SSH keys; fix failover from dead nodes |
    | | when using extstorage; fix instance |
    | | import/export/move with current socat |
    | | versions |
    | | |
    | gdm3 [16] | Backport several patches to fix XDMCP |
    | | support |
    | | |
    | getmail4 [17] | Fix issue related to malformed |
    | | fingerprints |
    | | |
    | grok [18] | Fix pointer aliasing bug; libgrok-dev: |
    | | add missing dependencies on libgrok1 and |
    | | libtokyocabinet-dev |
    | | |
    | gunicorn [19] | Drop unnecessary "Pre-Depends" on |
    | | dpkg-dev which was causing gunicorn and |
    | | python-gunicorn to bring in a compiler |
    | | as a dependency |
    | | |
    | icu [20] | Fix double free in |
    | | createMetazoneMappings() [CVE-2017- |
    | | 14952] |
    | | |
    | inn2 [21] | [i386] Rebuild to pick up correct path |
    | | to gzip binary |
    | | |
    | iproute2 [22] | Fix segfault in "tc" with iptables 1.6 |
    | | |
    | jdcal [23] | Fix Python3 dependencies |
    | | |
    | kde-gtk-config [24] | Fix preview buttons in KDE-GTK-config UI |
    | | |
    | lasi [25] | liblasi-dev: add missing dependencies on |
    | | libpango1.0-dev and libfreetype6-dev |
    | | |
    | libdatetime-timezone- | Update included data |
    | perl [26] | |
    | | |
    | libdbd-firebird- | Fix fetching of decimal(x,y) values |
    | perl [27] | between -1 and 0 |
    | | |
    | libdbi [28] | Re-enable error handler call in |
    | | dbi_result_next_row() |
    | | |
    | liblog-log4perl- | Work around Perl 5.24 no longer allowing |
    | perl [29] | syswrite and utf8 together |
    | | |
    | liblouis [30] | Fix buffer overflow and use-after-free |
    | | issues [CVE-2017-13738 CVE-2017-13739 |
    | | CVE-2017-13740 CVE-2017-13741 CVE-2017- |
    | | 13742 CVE-2017-13743 CVE-2017-13744] |
    | | |
    | libmpd [31] | libmpd-dev: Add the missing dependency |
    | | on libglib2.0-dev |
    | | |
    | libofx [32] | Security fixes [CVE-2017-2816 CVE-2017- |
    | | 14731] |
    | | |
    | libxkbcommon [33] | libxkbcommon-x11-dev: add missing |
    | | dependency on libxkbcommon-dev |
    | | |
    | libxsettings-client [34] | Add missing libxsettings-client-dev -> |
    | | libxsettings-dev dependency |
    | | |
    | linux [35] | xen/time: do not decrease steal time |
    | | after live migration on xen; new stable |
    | | kernel version 4.9.65 |
    | | |
    | live-config [36] | Configure autologin for KDE / Plasma |
    | | live images |
    | | |
    | lxc [37] | Don't hardcode list of valid Debian |
    | | releases, allowing the creation of |
    | | containers for stable, buster, testing |
    | | and unstable; don't insert C.* locales |
    | | into /etc/locale.gen |
    | | |
    | mongodb [38] | Fix segfault/FTBFS on ARM64 with 48-bit |
    | | virtual addresses, spidermonkey GC |
    | | segfault when built with GCC 6; |
    | | mongodb.service: start after |
    | | network.target |
    | | |
    | openssh [39] | Test configuration before starting or |
    | | reloading sshd under systemd; adjust |
    | | compatibility patterns for WinSCP to |
    | | correctly identify versions that |
    | | implement only the legacy DH group |
    | | exchange scheme; make "--" before the |
    | | hostname terminate argument processing |
    | | after the hostname too |
    | | |
    | pdns [40] | Fix incorrect qname casing in NSEC3 |
    | | generation; add missing check on API |
    | | operations [CVE-2017-15091] |
    | | |
    | pdns-recursor [41] | Security fixes: insufficient validation |
    | | of DNSSEC signatures [CVE-2017-15090]; |
    | | Cross-Site Scripting in the web |
    | | interface [CVE-2017-15092]; |
    | | configuration file injection in the API |
    | | [CVE-2017-15093]; memory leak in DNSSEC |
    | | parsing [CVE-2017-15094] |
    | | |
    | postgresql-9.6 [42] | Upstream bugfix release |
    | | |
    | publicsuffix [43] | Update included data |
    | | |
    | pyosmium [44] | Upstream bugfix release: handler |
    | | functions not called when using |
    | | replication service or when using Reader |
    | | instead of file |
    | | |
    | python-diff-match- | Add missing python3 dependency on Python |
    | patch [45] | 3 package |
    | | |
    | python-inflect [46] | Fix Python 3 dependencies |
    | | |
    | python-tablib [47] | Safely load YAML [CVE-2017-2810] |
    | | |
    | python2.7 [48] | Fix integer overflow in |
    | | PyString_DecodeEscape [CVE-2017- |
    | | 1000158]; support all groups in TLS |
    | | communication |
    | | |
    | qtcurve [49] | Fix crashes by using strncmp() instead |
    | | of memcmp() |
    | | |
    | ruby-httparty [50] | Relax dependency version in gem |
    | | dependency on json |
    | | |
    | ruby-ox [51] | Avoid crash with invalid XML passed to |
    | | Oj.parse_obj() [CVE-2017-15928] |
    | | |
    | ruby-pygments.rb [52] | Avoid closing too many files when mentos |
    | | starts, which can cause build failures |
    | | in other packages on slower systems |
    | | |
    | schroot [53] | Fix bash completion file; add systemd |
    | | service file with Type=oneshot to avoid |
    | | timeout issues with too many open |
    | | sessions |
    | | |
    | simutrans [54] | Enable sound for simutrans again. Switch |
    | | from SDL to mixer_sdl backend |
    | | |
    | sitesummary [55] | Adjust nagios kernel version checking |
    | | module to work with 4.x kernels |
    | | |
    | slic3r [56] | Fix missing dependency on perlapi-* |
    | | |
    | spamassassin [57] | Disable bb.barracudacentral.org; update |
    | | the systemd unit file to use the same |
    | | pid file as was used in the sysvinit |
    | | script; update systemd unit dependencies |
    | | to include network and syslog; fix |
    | | inappropriate invocation of invoke-rc.d |
    | | in cron script |
    | | |
    | sqldeveloper- | Fix build failure |
    | package [58] | |
    | | |
    | sqlite3 [59] | Fix heap-based buffer over-read via |
    | | undersized RTree blobs [CVE-2017-10989] |
    | | |
    | syslinux [60] | Fix btrfs logical to physical block |
    | | address mapping; fix boot problem for |
    | | old BIOS firmware by correct C/H/S |
    | | order; support ext4 64bit feature |
    | | |
    | tdbcodbc [61] | Fix bug in ODBC library search |
    | | |
    | tor [62] | Add "Bastet" directory authority; fix |
    | | a timing-based assertion failure; update |
    | | geoip and geoip6 to the October 4 2017 |
    | | Maxmind GeoLite2 country database |
    | | |
    | tzdata [63] | New upstream release |
    | | |
    | udftools [64] | Fix path to pktsetup in udftools init |
    | | script |
    | | |
    | weechat [65] | "logger: call strftime before replacing |
    | | buffer local variables" [CVE-2017- |
    | | 14727] |
    | | |
    | xml2 [66] | Fix corruption when dealing with UTF-8 |
    | | files, usage string for 2csv tool |
    | | |
    | xrdp [67] | Fix high CPU load on SSL shutdown |
    | | |
    | zsh [68] | Rebuild to pull in updated libraries for |
    | | zsh-static |
    | | | +--------------------------+------------------------------------------+

    1: https://packages.debian.org/src:abiword
    2: https://packages.debian.org/src:base-files
    3: https://packages.debian.org/src:berusky
    4: https://packages.debian.org/src:charmtimetracker
    5: https://packages.debian.org/src:corebird
    6: https://packages.debian.org/src:dbus
    7: https://packages.debian.org/src:debian-edu-doc
    8: https://packages.debian.org/src:debian-installer
    9: https://packages.debian.org/src:dehydrated
    10: https://packages.debian.org/src:doit
    11: https://packages.debian.org/src:eclipse-titan
    12: https://packages.debian.org/src:fig2dev
    13: https://packages.debian.org/src:flickcurl
    14: https://packages.debian.org/src:flightgear
    15: https://packages.debian.org/src:ganeti
    16: https://packages.debian.org/src:gdm3
    17: https://packages.debian.org/src:getmail4
    18: https://packages.debian.org/src:grok
    19: https://packages.debian.org/src:gunicorn
    20: https://packages.debian.org/src:icu
    21: https://packages.debian.org/src:inn2
    22: https://packages.debian.org/src:iproute2
    23: https://packages.debian.org/src:jdcal
    24: https://packages.debian.org/src:kde-gtk-config
    25: https://packages.debian.org/src:lasi
    26: https://packages.debian.org/src:libdatetime-timezone-perl
    27: https://packages.debian.org/src:libdbd-firebird-perl
    28: https://packages.debian.org/src:libdbi
    29: https://packages.debian.org/src:liblog-log4perl-perl
    30: https://packages.debian.org/src:liblouis
    31: https://packages.debian.org/src:libmpd
    32: https://packages.debian.org/src:libofx
    33: https://packages.debian.org/src:libxkbcommon
    34: https://packages.debian.org/src:libxsettings-client
    35: https://packages.debian.org/src:linux
    36: https://packages.debian.org/src:live-config
    37: https://packages.debian.org/src:lxc
    38: https://packages.debian.org/src:mongodb
    39: https://packages.debian.org/src:openssh
    40: https://packages.debian.org/src:pdns
    41: https://packages.debian.org/src:pdns-recursor
    42: https://packages.debian.org/src:postgresql-9.6
    43: https://packages.debian.org/src:publicsuffix
    44: https://packages.debian.org/src:pyosmium
    45: https://packages.debian.org/src:python-diff-match-patch
    46: https://packages.debian.org/src:python-inflect
    47: https://packages.debian.org/src:python-tablib
    48: https://packages.debian.org/src:python2.7
    49: https://packages.debian.org/src:qtcurve
    50: https://packages.debian.org/src:ruby-httparty
    51: https://packages.debian.org/src:ruby-ox
    52: https://packages.debian.org/src:ruby-pygments.rb
    53: https://packages.debian.org/src:schroot
    54: https://packages.debian.org/src:simutrans
    55: https://packages.debian.org/src:sitesummary
    56: https://packages.debian.org/src:slic3r
    57: https://packages.debian.org/src:spamassassin
    58: https://packages.debian.org/src:sqldeveloper-package
    59: https://packages.debian.org/src:sqlite3
    60: https://packages.debian.org/src:syslinux
    61: https://packages.debian.org/src:tdbcodbc
    62: https://packages.debian.org/src:tor
    63: https://packages.debian.org/src:tzdata
    64: https://packages.debian.org/src:udftools
    65: https://packages.debian.org/src:weechat
    66: https://packages.debian.org/src:xml2
    67: https://packages.debian.org/src:xrdp
    68: https://packages.debian.org/src:zsh

    Security Updates
    ----------------

    This revision adds the following security updates to the stable release.
    The Security Team has already released an advisory for each of these
    updates:

    +----------------+--------------------------+
    | Advisory ID | Package | +----------------+--------------------------+
    | DSA-3989 [69] | dnsmasq [70] |
    | | |
    | DSA-3990 [71] | asterisk [72] |
    | | |
    | DSA-3991 [73] | qemu [74] |
    | | |
    | DSA-3992 [75] | curl [76] |
    | | |
    | DSA-3993 [77] | tor [78] |
    | | |
    | DSA-3994 [79] | nautilus [80] |
    | | |
    | DSA-3995 [81] | libxfont [82] |
    | | |
    | DSA-3996 [83] | ffmpeg [84] |
    | | |
    | DSA-3997 [85] | wordpress [86] |
    | | |
    | DSA-3998 [87] | nss [88] |
    | | |
    | DSA-3999 [89] | wpa [90] |
    | | |
    | DSA-4000 [91] | xorg-server [92] |
    | | |
    | DSA-4001 [93] | yadifa [94] |
    | | |
    | DSA-4003 [95] | libvirt [96] |
    | | |
    | DSA-4004 [97] | jackson-databind [98] |
    | | |
    | DSA-4006 [99] | mupdf [100] |
    | | |
    | DSA-4007 [101] | curl [102] |
    | | |
    | DSA-4008 [103] | wget [104] |
    | | |
    | DSA-4009 [105] | shadowsocks-libev [106] |
    | | |
    | DSA-4011 [107] | quagga [108] |
    | | |
    | DSA-4013 [109] | openjpeg2 [110] |
    | | |
    | DSA-4014 [111] | thunderbird [112] |
    | | |
    | DSA-4015 [113] | openjdk-8 [114] |
    | | |
    | DSA-4016 [115] | irssi [116] |
    | | |
    | DSA-4017 [117] | openssl1.0 [118] |
    | | |
    | DSA-4018 [119] | openssl [120] |
    | | |
    | DSA-4019 [121] | imagemagick [122] |
    | | |
    | DSA-4020 [123] | chromium-browser [124] |
    | | |
    | DSA-4021 [125] | otrs2 [126] |
    | | |
    | DSA-4023 [127] | slurm-llnl [128] |
    | | |
    | DSA-4024 [129] | chromium-browser [130] |
    | | |
    | DSA-4025 [131] | libpam4j [132] |
    | | |
    | DSA-4026 [133] | bchunk [134] |
    | | |
    | DSA-4028 [135] | postgresql-9.6 [136] |
    | | |
    | DSA-4029 [137] | postgresql-common [138] |
    | | |
    | DSA-4030 [139] | roundcube [140] |
    | | |
    | DSA-4031 [141] | ruby2.3 [142] |
    | | |
    | DSA-4032 [143] | imagemagick [144] |
    | | |
    | DSA-4033 [145] | konversation [146] |
    | | |
    | DSA-4034 [147] | varnish [148] |
    | | |
    | DSA-4035 [149] | firefox-esr [150] |
    | | |
    | DSA-4036 [151] | mediawiki [152] |
    | | |
    | DSA-4037 [153] | jackson-databind [154] |
    | | |
    | DSA-4038 [155] | shibboleth-sp2 [156] |
    | | |
    | DSA-4039 [157] | opensaml2 [158] |
    | | |
    | DSA-4041 [159] | procmail [160] |
    | | |
    | DSA-4042 [161] | libxml-libxml-perl [162] |
    | | |
    | DSA-4043 [163] | samba [164] |
    | | |
    | DSA-4044 [165] | swauth [166] |
    | | |
    | DSA-4045 [167] | vlc [168] |
    | | |
    | DSA-4047 [169] | otrs2 [170] |
    | | |
    | DSA-4049 [171] | ffmpeg [172] |
    | | |
    | DSA-4050 [173] | xen [174] |
    | | |
    | DSA-4051 [175] | curl [176] |
    | | |
    | DSA-4052 [177] | bzr [178] |
    | | |
    | DSA-4053 [179] | exim4 [180] |
    | | | +----------------+--------------------------+

    69: https://www.debian.org/security/2017/dsa-3989
    70: https://packages.debian.org/src:dnsmasq
    71: https://www.debian.org/security/2017/dsa-3990
    72: https://packages.debian.org/src:asterisk
    73: https://www.debian.org/security/2017/dsa-3991
    74: https://packages.debian.org/src:qemu
    75: https://www.debian.org/security/2017/dsa-3992
    76: https://packages.debian.org/src:curl
    77: https://www.debian.org/security/2017/dsa-3993
    78: https://packages.debian.org/src:tor
    79: https://www.debian.org/security/2017/dsa-3994
    80: https://packages.debian.org/src:nautilus
    81: https://www.debian.org/security/2017/dsa-3995
    82: https://packages.debian.org/src:libxfont
    83: https://www.debian.org/security/2017/dsa-3996
    84: https://packages.debian.org/src:ffmpeg
    85: https://www.debian.org/security/2017/dsa-3997
    86: https://packages.debian.org/src:wordpress
    87: https://www.debian.org/security/2017/dsa-3998
    88: https://packages.debian.org/src:nss
    89: https://www.debian.org/security/2017/dsa-3999
    90: https://packages.debian.org/src:wpa
    91: https://www.debian.org/security/2017/dsa-4000
    92: https://packages.debian.org/src:xorg-server
    93: https://www.debian.org/security/2017/dsa-4001
    94: https://packages.debian.org/src:yadifa
    95: https://www.debian.org/security/2017/dsa-4003
    96: https://packages.debian.org/src:libvirt
    97: https://www.debian.org/security/2017/dsa-4004
    98: https://packages.debian.org/src:jackson-databind
    99: https://www.debian.org/security/2017/dsa-4006
    100: https://packages.debian.org/src:mupdf
    101: https://www.debian.org/security/2017/dsa-4007
    102: https://packages.debian.org/src:curl
    103: https://www.debian.org/security/2017/dsa-4008
    104: https://packages.debian.org/src:wget
    105: https://www.debian.org/security/2017/dsa-4009
    106: https://packages.debian.org/src:shadowsocks-libev
    107: https://www.debian.org/security/2017/dsa-4011
    108: https://packages.debian.org/src:quagga
    109: https://www.debian.org/security/2017/dsa-4013
    110: https://packages.debian.org/src:openjpeg2
    111: https://www.debian.org/security/2017/dsa-4014
    112: https://packages.debian.org/src:thunderbird
    113: https://www.debian.org/security/2017/dsa-4015
    114: https://packages.debian.org/src:openjdk-8
    115: https://www.debian.org/security/2017/dsa-4016
    116: https://packages.debian.org/src:irssi
    117: https://www.debian.org/security/2017/dsa-4017
    118: https://packages.debian.org/src:openssl1.0
    119: https://www.debian.org/security/2017/dsa-4018
    120: https://packages.debian.org/src:openssl
    121: https://www.debian.org/security/2017/dsa-4019
    122: https://packages.debian.org/src:imagemagick
    123: https://www.debian.org/security/2017/dsa-4020
    124: https://packages.debian.org/src:chromium-browser
    125: https://www.debian.org/security/2017/dsa-4021
    126: https://packages.debian.org/src:otrs2
    127: https://www.debian.org/security/2017/dsa-4023
    128: https://packages.debian.org/src:slurm-llnl
    129: https://www.debian.org/security/2017/dsa-4024
    130: https://packages.debian.org/src:chromium-browser
    131: https://www.debian.org/security/2017/dsa-4025
    132: https://packages.debian.org/src:libpam4j
    133: https://www.debian.org/security/2017/dsa-4026

    [continued in next message]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • Who's Online

  • Recent Visitors

    • Michal Wronka
      Thu Jun 1 20:46:25 2023
      from Wroclaw, Poland via Telnet
    • Michal Wronka
      Thu Jun 1 20:11:34 2023
      from Wroclaw, Poland via Telnet
    • Keyop
      Fri Jun 2 01:43:04 2023
      from Huddersfield, West Yorkshire via Telnet
    • Keyop
      Fri Jun 2 00:15:00 2023
      from Huddersfield, West Yorkshire via Telnet
  • System Info

    Sysop: Keyop
    Location: Huddersfield, West Yorkshire, UK
    Users: 185
    Nodes: 16 (1 / 15)
    Uptime: 03:43:10
    Calls: 3,676
    Calls today: 2
    Files: 11,149
    Messages: 3,447,262

© >>> Magnum BBS <<<, 2023