Pop-Up Thingie

>>> Magnum BBS <<<
  • Home
  • Forum
  • Files
  • Log in

  1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE
  • Updated Debian 9: 9.4 released (1/2)

    From Laura Arjona Reina@21:1/5 to All on Sat Mar 10 14:10:01 2018
    This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --q6ECcGzUsH2VxoLik1p2fEMzz7ELFHAwV
    Content-Type: text/plain; charset=utf-8
    Content-Language: en-US
    Content-Transfer-Encoding: quoted-printable

    ------------------------------------------------------------------------
    The Debian Project https://www.debian.org/ Updated Debian 9: 9.4 released press@debian.org
    March 10th, 2018 https://www.debian.org/News/2018/20180310 ------------------------------------------------------------------------


    The Debian project is pleased to announce the fourth update of its
    stable distribution Debian 9 (codename "stretch"). This point release
    mainly adds corrections for security issues, along with a few
    adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

    Please note that the point release does not constitute a new version of
    Debian 9 but only updates some of the packages included. There is no
    need to throw away old "stretch" media. After installation, packages can
    be upgraded to the current versions using an up-to-date Debian mirror.

    Those who frequently install updates from security.debian.org won't have
    to update many packages, and most such updates are included in the point release.

    New installation images will be available soon at the regular locations.

    Upgrading an existing installation to this revision can be achieved by
    pointing the package management system at one of Debian's many HTTP
    mirrors. A comprehensive list of mirrors is available at:

    https://www.debian.org/mirror/list



    Miscellaneous Bugfixes
    ----------------------

    This stable update adds a few important corrections to the following
    packages:

    +-------------------------+-------------------------------------------+
    | Package | Reason | +-------------------------+-------------------------------------------+
    | acme-tiny [1] | Fix outdated version of the subscriber |
    | | agreement |
    | | |
    | activity-log- | Add missing dependency on python- |
    | manager [2] | zeitgeist |
    | | |
    | agenda.app [3] | Fix creation of tasks and appointments |
    | | |
    | apparmor [4] | Move the features file to /usr/share/ |
    | | apparmor-features; pin the AppArmor |
    | | feature set to Stretch's kernel |
    | | |
    | auto-apt-proxy [5] | Move apt configuration away on removal, |
    | | and put it back on reinstalls |
    | | |
    | bareos [6] | Fix backups failing with "No Volume name |
    | | given" |
    | | |
    | base-files [7] | Update for the point release |
    | | |
    | cappuccino [8] | Add missing dependency on gir1.2-gtk-3.0 |
    | | |
    | cerealizer [9] | Fix Python3 dependencies |
    | | |
    | clamav [10] | New upstream release; security update |
    | | [CVE-2017-6418 CVE-2017-6420 CVE-2017- |
    | | 12374 CVE-2017-12375 CVE-2017-12376 |
    | | CVE-2017-12377 CVE-2017-12378 CVE-2017- |
    | | 12379 CVE-2017-12380] |
    | | |
    | cron [11] | Properly transition system jobs to |
    | | system_cronjob_t SELinux context and stop |
    | | relying on refpolicy specific identifiers |
    | | |
    | cups [12] | Fix execution of arbitrary IPP commands |
    | | by sending POST requests to the CUPS |
    | | daemon in conjunction with DNS rebinding |
    | | [CVE-2017-18190] |
    | | |
    | dbus [13] | New upstream release; raise file |
    | | descriptor limit sooner, fixing a |
    | | regression in local DoS fix |
    | | |
    | debian-edu-config [14] | Pre-configure Chromium Webbrowser system- |
    | | wide to auto-detect the http proxy |
    | | settings via WPAD; allow joining of |
    | | Windows 10 clients to the Samba NT4-style |
    | | domain |
    | | |
    | debian-installer [15] | Bump Linux kernel version from 4.9.0-4 to |
    | | 4.9.0-6 |
    | | |
    | debian-installer- | Update to 20170615+deb9u3 images, from |
    | netboot-images [16] | stretch-proposed-updates |
    | | |
    | directfb [17] | Fix architecture-based filter to actually |
    | | install drivers |
    | | |
    | dpdk [18] | Update to new stable point release |
    | | |
    | espeakup [19] | udeb: fix case where card 0 does not have |
    | | an id or where cards have non-contiguous |
    | | indexes; use English by default; use card |
    | | id in installed system to avoid issues |
    | | with card detection ordering |
    | | |
    | exam [20] | Fix Python3 dependencies |
    | | |
    | flatpak [21] | New upstream release; fix a D-Bus |
    | | filtering bypass in flatpak-dbus-proxy; |
    | | ignore unrecognised permission strings, |
    | | instead of failing; do not allow legacy |
    | | eavesdropping on the D-Bus session bus |
    | | |
    | fuse-zip [22] | Fix writeback fail with libzip 1.0 |
    | | |
    | glade [23] | Fix possible infinite loop |
    | | |
    | glibc [24] | Do not update /etc/nsswitch.conf when its |
    | | content already matches the default; |
    | | debian/script.in/nohwcap.sh: always check |
    | | for all optimized packages as multiarch |
    | | allows one to install foreign |
    | | architectures; avoid use-after-free read |
    | | access in clntudp_call [CVE-2017-12133]; |
    | | define collation for Malayalam chillu |
    | | characters and correct collation of U |
    | | +0D36 and U+0D37 Malayalam characters; |
    | | fix invalid cast in group merging |
    | | affecting ppc64 and s390x; fix |
    | | compatibility with Intel C++ __regcall |
    | | calling convention; install the libc- |
    | | otherbuild postinst and postrm in the |
    | | libc6-i686 transitional package, to make |
    | | sure /etc/ld.so.nohwcap is correctly |
    | | removed after an upgrade |
    | | |
    | global [25] | Gozilla: quote URLs before passing them |
    | | to BROWSER [CVE-2017-17531] |
    | | |
    | gnumail [26] | Stop linking to OpenSSL |
    | | |
    | golang-github-go-ldap- | Require explicit intention for empty |
    | ldap [27] | password |
    | | |
    | gosa-plugin- | Fix deprecated constructor call |
    | pwreset [28] | |
    | | |
    | grilo-plugins [29] | Fix Radio France source |
    | | |
    | hdf5 [30] | Fix javahelper invocation |
    | | |
    | inputlirc [31] | Include input-event-codes.h instead of |
    | | input.h, fixing build failure |
    | | |
    | intercal [32] | Recompile with PIE |
    | | |
    | java-atk-wrapper [33] | Fix iterator initialization; fix missing |
    | | reference for children |
    | | |
    | kildclient [34] | Drop support for user-defined browsers |
    | | [CVE-2017-17511] |
    | | |
    | libdate-holidays-de- | Mark Reformation Day as a holiday in |
    | perl [35] | Hamburg and Schleswig-Holstein from 2018 |
    | | onwards |
    | | |
    | libdatetime-timezone- | New upstream version |
    | perl [36] | |
    | | |
    | libhibernate-validator- | Fix potential privilege escalation by |
    | java [37] | circumventing security manager |
    | | permissions [CVE-2017-7536] |
    | | |
    | libperlx-assert- | Add missing dependencies on libkeyword- |
    | perl [38] | simple-perl, libdevel-declare-perl |
    | | |
    | libreoffice [39] | Let FunctionAccess execute WEBSERVICE; |
    | | use the right error code on WEBSERVICE() |
    | | failures |
    | | |
    | libvhdi [40] | Add missing Python3 dependency |
    | | |
    | libvirt [41] | QEMU: shared disks with cache=directsync |
    | | should be safe for migration; avoid |
    | | denial of service reading from QEMU |
    | | monitor [CVE-2018-5748] |
    | | |
    | linux [42] | New upstream version |
    | | |
    | lxc [43] | Fix the creation of testing and unstable |
    | | containers by including "iproute2" |
    | | rather than "iproute" |
    | | |
    | mapproxy [44] | Fix Cross Site Scripting (XSS) issue in |
    | | demo service [CVE-2017-1000426] |
    | | |
    | mosquitto [45] | Fix persistence file being world-readable |
    | | [CVE-2017-9868] |
    | | |
    | mpi4py [46] | Support current version of libmpi |
    | | |
    | ncurses [47] | Fix buffer overflow in the |
    | | _nc_write_entry function [CVE-2017-16879] |
    | | |
    | needrestart [48] | Fix switching to list mode if debconf is |
    | | run non-interactively |
    | | |
    | ntp [49] | Increase stack size to at least 32kB |
    | | |
    | nvidia-graphics- | New upstream release |
    | drivers- | |
    | legacy-304xx [50] | |
    | | |
    | nvidia-graphics- | New upstream release |
    | drivers- | |
    | legacy-340xx [51] | |
    | | |
    | nvidia-modprobe [52] | New upstream release; run setuid(0) |
    | | before forking modprobe to preserve |
    | | privileges through shell invocations and |
    | | recursive modprobe calls |
    | | |
    | nvidia- | New upstream release |
    | persistenced [53] | |
    | | |
    | nvidia-settings [54] | New upstream release; fix a bug that |
    | | prevented changes to stereo eye |
    | | assignment from getting applied from the |
    | | nvidia-settings control panel |
    | | |
    | nvidia-xconfig [55] | New upstream release; fix a regression |
    | | that prevented nvidia-xconfig from |
    | | querying some GPUs, e.g. when running |
    | | `nvidia-xconfig -a` |
    | | |
    | ocfs2-tools [56] | Migrate from using rcS to standard |
    | | runlevels |
    | | |
    | opendmarc [57] | Update opendmarc service file so changes |
    | | in opendmarc.conf are used |
    | | |
    | openssh [58] | Fix "in read-only mode, sftp-server was |
    | | incorrectly permitting creation of zero- |
    | | length files" [CVE-2017-15906] |
    | | |
    | osinfo-db [59] | Update included data |
    | | |
    | pdns-recursor [60] | Rebuild against publicsuffix |
    | | 20171028.2055-0+deb9u1 |
    | | |
    | postfix [61] | New upstream bugfix release; don't log |
    | | warnings that some restriction returns |
    | | OK, when the access map DISCARD feature |
    | | is in effect; add missing dynamicmaps |
    | | support in the Postfix sendmail command; |
    | | fix sending to some sites with "TLSA 2 X |
    | | X" records |
    | | |
    | postgresql-9.6 [62] | New upstream version |
    | | |
    | publicsuffix [63] | Update included data |
    | | |
    | python-evtx [64] | Fix missing Python3 dependency |
    | | |
    | python-hacking [65] | Fix Python3 dependencies |
    | | |
    | python-hkdf [66] | Fix Python3 dependencies |
    | | |
    | python-mimeparse [67] | Fix Python3 dependencies |
    | | |
    | python-pyperclip [68] | Fix Python3 dependencies |
    | | |
    | python-spake2 [69] | Fix Python3 dependencies |
    | | |
    | qtpass [70] | Fix insecure built-in password generator |
    | | [CVE-2017-18021] |
    | | |
    | quota [71] | Prevent quotacheck from running into an |
    | | endless loop |
    | | |
    | reportbug [72] | Don't send mail to secure-testing- |
    | | team@lists.alioth.debian.org any more |
    | | |
    | rpy [73] | Rebuild against r-base 3.3 |
    | | |
    | ruby-redis-store [74] | Allow unsafe objects to be loaded from |
    | | redis [CVE-2017-1000248] |
    | | |
    | salt [75] | Fix directory traversal vulnerability on |
    | | salt-master via crafted minion IDs |
    | | [CVE-2017-12791], directory traversal |
    | | vulnerability in minion id validation in |
    | | SaltStack [CVE-2017-14695], remote Denial |
    | | of Service with a specially crafted |
    | | authentication request [CVE-2017-14696]; |
    | | check if data[return] is dict type |
    | | |
    | slic3r [76] | Patch "use lib" line in all installed |
    | | binaries; workaround missing |
    | | GL_MULTISAMPLE macro; fix importing |
    | | binary STLs on big-endian architectures |
    | | |
    | soundtouch [77] | Security fixes [CVE-2017-9258 CVE-2017- |
    | | 9259 CVE-2017-9260] |
    | | |
    | systemd [78] | networkd: Handle MTU field in IPv6 RA; |
    | | add a linker script to help prevent |
    | | symbol collisions, particularly with PAM |
    | | modules; resolved: Fix loop on packets |
    | | with pseudo dns types [CVE-2017-15908]; |
    | | machinectl: Don't output "No machines." |
    | | with --no-legend option |
    | | |
    | tzdata [79] | New upstream version |
    | | |
    | ust [80] | Fix loading of Python agent library |
    | | |
    | uwsgi [81] | Fix stack-based buffer overflow in |
    | | uwsgi_expand_path function [CVE-2018- |
    | | 6758] |
    | | |
    | vagrant [82] | Download boxes from app.vagrantcloud.com |
    | | instead of the deprecated |
    | | atlas.hashicorp.com |
    | | |
    | vdirsyncer [83] | Fix discovery of Google contacts |
    | | |
    | virt-what [84] | Unbreak virt detection on arm/aarch64 |
    | | |
    | w3m [85] | Fix stack overflow [CVE-2018-6196], null |
    | | deref [CVE-2018-6197], /tmp file races |
    | | [CVE-2018-6198] |
    | | |
    | waagent [86] | New upstream version |
    | | |
    | webkit2gtk [87] | New upstream stable release |
    | | |
    | xchain [88] | Fix dependency on "wish" |
    | | |
    | xrdp [89] | Fix security issue [CVE-2017-16927]; fix |
    | | high CPU load on ssl_tls_accept |
    | | | +-------------------------+-------------------------------------------+

    1: https://packages.debian.org/src:acme-tiny
    2: https://packages.debian.org/src:activity-log-manager
    3: https://packages.debian.org/src:agenda.app
    4: https://packages.debian.org/src:apparmor
    5: https://packages.debian.org/src:auto-apt-proxy
    6: https://packages.debian.org/src:bareos
    7: https://packages.debian.org/src:base-files
    8: https://packages.debian.org/src:cappuccino
    9: https://packages.debian.org/src:cerealizer
    10: https://packages.debian.org/src:clamav
    11: https://packages.debian.org/src:cron
    12: https://packages.debian.org/src:cups
    13: https://packages.debian.org/src:dbus
    14: https://packages.debian.org/src:debian-edu-config
    15: https://packages.debian.org/src:debian-installer
    16: https://packages.debian.org/src:debian-installer-netboot-images
    17: https://packages.debian.org/src:directfb
    18: https://packages.debian.org/src:dpdk
    19: https://packages.debian.org/src:espeakup
    20: https://packages.debian.org/src:exam
    21: https://packages.debian.org/src:flatpak
    22: https://packages.debian.org/src:fuse-zip
    23: https://packages.debian.org/src:glade
    24: https://packages.debian.org/src:glibc
    25: https://packages.debian.org/src:global
    26: https://packages.debian.org/src:gnumail
    27: https://packages.debian.org/src:golang-github-go-ldap-ldap
    28: https://packages.debian.org/src:gosa-plugin-pwreset
    29: https://packages.debian.org/src:grilo-plugins
    30: https://packages.debian.org/src:hdf5
    31: https://packages.debian.org/src:inputlirc
    32: https://packages.debian.org/src:intercal
    33: https://packages.debian.org/src:java-atk-wrapper
    34: https://packages.debian.org/src:kildclient
    35: https://packages.debian.org/src:libdate-holidays-de-perl
    36: https://packages.debian.org/src:libdatetime-timezone-perl
    37: https://packages.debian.org/src:libhibernate-validator-java
    38: https://packages.debian.org/src:libperlx-assert-perl
    39: https://packages.debian.org/src:libreoffice
    40: https://packages.debian.org/src:libvhdi
    41: https://packages.debian.org/src:libvirt
    42: https://packages.debian.org/src:linux
    43: https://packages.debian.org/src:lxc
    44: https://packages.debian.org/src:mapproxy
    45: https://packages.debian.org/src:mosquitto
    46: https://packages.debian.org/src:mpi4py
    47: https://packages.debian.org/src:ncurses
    48: https://packages.debian.org/src:needrestart
    49: https://packages.debian.org/src:ntp
    50: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-304xx
    51: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-340xx
    52: https://packages.debian.org/src:nvidia-modprobe
    53: https://packages.debian.org/src:nvidia-persistenced
    54: https://packages.debian.org/src:nvidia-settings
    55: https://packages.debian.org/src:nvidia-xconfig
    56: https://packages.debian.org/src:ocfs2-tools
    57: https://packages.debian.org/src:opendmarc
    58: https://packages.debian.org/src:openssh
    59: https://packages.debian.org/src:osinfo-db
    60: https://packages.debian.org/src:pdns-recursor
    61: https://packages.debian.org/src:postfix
    62: https://packages.debian.org/src:postgresql-9.6
    63: https://packages.debian.org/src:publicsuffix
    64: https://packages.debian.org/src:python-evtx
    65: https://packages.debian.org/src:python-hacking
    66: https://packages.debian.org/src:python-hkdf
    67: https://packages.debian.org/src:python-mimeparse
    68: https://packages.debian.org/src:python-pyperclip
    69: https://packages.debian.org/src:python-spake2
    70: https://packages.debian.org/src:qtpass
    71: https://packages.debian.org/src:quota
    72: https://packages.debian.org/src:reportbug
    73: https://packages.debian.org/src:rpy
    74: https://packages.debian.org/src:ruby-redis-store
    75: https://packages.debian.org/src:salt
    76: https://packages.debian.org/src:slic3r
    77: https://packages.debian.org/src:soundtouch
    78: https://packages.debian.org/src:systemd
    79: https://packages.debian.org/src:tzdata
    80: https://packages.debian.org/src:ust
    81: https://packages.debian.org/src:uwsgi
    82: https://packages.debian.org/src:vagrant
    83: https://packages.debian.org/src:vdirsyncer
    84: https://packages.debian.org/src:virt-what
    85: https://packages.debian.org/src:w3m
    86: https://packages.debian.org/src:waagent
    87: https://packages.debian.org/src:webkit2gtk
    88: https://packages.debian.org/src:xchain
    89: https://packages.debian.org/src:xrdp

    Security Updates
    ----------------

    This revision adds the following security updates to the stable release.
    The Security Team has already released an advisory for each of these
    updates:

    +----------------+------------------------+
    | Advisory ID | Package | +----------------+------------------------+
    | DSA-4054 [90] | tor [91] |
    | | |
    | DSA-4055 [92] | heimdal [93] |
    | | |
    | DSA-4056 [94] | nova [95] |
    | | |
    | DSA-4057 [96] | erlang [97] |
    | | |
    | DSA-4058 [98] | optipng [99] |
    | | |
    | DSA-4059 [100] | libxcursor [101] |
    | | |
    | DSA-4060 [102] | wireshark [103] |
    | | |
    | DSA-4061 [104] | thunderbird [105] |
    | | |
    | DSA-4062 [106] | firefox-esr [107] |
    | | |
    | DSA-4063 [108] | pdns-recursor [109] |
    | | |
    | DSA-4065 [110] | openssl1.0 [111] |
    | | |
    | DSA-4066 [112] | otrs2 [113] |
    | | |
    | DSA-4067 [114] | openafs [115] |
    | | |
    | DSA-4068 [116] | rsync [117] |
    | | |
    | DSA-4069 [118] | otrs2 [119] |
    | | |
    | DSA-4070 [120] | enigmail [121] |
    | | |
    | DSA-4071 [122] | sensible-utils [123] |
    | | |
    | DSA-4072 [124] | bouncycastle [125] |
    | | |
    | DSA-4073 [126] | linux [127] |
    | | |
    | DSA-4075 [128] | thunderbird [129] |
    | | |
    | DSA-4076 [130] | asterisk [131] |
    | | |
    | DSA-4077 [132] | gimp [133] |
    | | |
    | DSA-4078 [134] | linux [135] |
    | | |
    | DSA-4078 [136] | linux-latest [137] |
    | | |
    | DSA-4079 [138] | poppler [139] |
    | | |
    | DSA-4080 [140] | php7.0 [141] |
    | | |
    | DSA-4083 [142] | poco [143] |
    | | |
    | DSA-4084 [144] | gifsicle [145] |
    | | |
    | DSA-4086 [146] | libxml2 [147] |
    | | |
    | DSA-4087 [148] | transmission [149] |
    | | |
    | DSA-4088 [150] | gdk-pixbuf [151] |
    | | |
    | DSA-4089 [152] | bind9 [153] |
    | | |
    | DSA-4090 [154] | wordpress [155] |
    | | |
    | DSA-4092 [156] | awstats [157] |
    | | |
    | DSA-4093 [158] | openocd [159] |
    | | |
    | DSA-4094 [160] | smarty3 [161] |
    | | |
    | DSA-4095 [162] | gcab [163] |
    | | |

    [continued in next message]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • Who's Online

  • System Info

    Sysop: Keyop
    Location: Huddersfield, West Yorkshire, UK
    Users: 113
    Nodes: 8 (1 / 7)
    Uptime: 169:22:00
    Calls: 2,506
    Files: 8,706
    Messages: 1,932,655

© >>> Magnum BBS <<<, 2022