This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --hT9t3TE0YVj3lRNfe4WSCUTKpIm2wH3mS
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
------------------------------------------------------------------------
The Debian Project
https://www.debian.org/ Updated Debian 8: 8.11 released
press@debian.org
June 23rd, 2018
https://www.debian.org/News/2018/20180623 ------------------------------------------------------------------------
The Debian project is pleased to announce the eleventh (and final)
update of its oldstable distribution Debian 8 (codename "jessie"). This
point release mainly adds corrections for security issues, along with a
few adjustments for serious problems. Security advisories have already
been published separately and are referenced where available.
After this point release, Debian's Security and Release Teams will no
longer be producing updates for Debian 8. Users wishing to continue to
receive security support should upgrade to Debian 9, or see
https://wiki.debian.org/LTS for details about the subset of
architectures and packages covered by the Long Term Support project.
The packages for some architectures for DSA 3746, DSA 3944, DSA 3968,
DSA 4010, DSA 4014, DSA 4061, DSA 4075, DSA 4102, DSA 4155, DSA 4209 and
DSA 4218 are not included in this point release for technical reasons.
All other security updates released during the lifetime of "jessie" that
have not previously been part of a point release are included in this
update.
Please note that the point release does not constitute a new version of
Debian 8 but only updates some of the packages included. There is no
need to throw away old "jessie" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.
Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point release.
New installation images will be available soon at the regular locations.
Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:
https://www.debian.org/mirror/list
Miscellaneous Bugfixes
----------------------
This oldstable update adds a few important corrections to the following packages:
+----------------------------+----------------------------------------+
| Package | Reason | +----------------------------+----------------------------------------+
| adminer [1] | Don't allow connections to privileged |
| | ports [CVE-2018-7667] |
| | |
| base-files [2] | Update for the point release |
| | |
| blktrace [3] | Fix buffer overflow in btt [CVE-2018- |
| | 10689] |
| | |
| bwm-ng [4] | Explicitly build without libstatgrab |
| | support |
| | |
| clamav [5] | Security update [CVE-2017-6418 |
| | CVE-2017-6420 CVE-2017-12374 CVE-2017- |
| | 12375 CVE-2017-12376 CVE-2017-12377 |
| | CVE-2017-12378 CVE-2017-12379 |
| | CVE-2017-12380]; fix temporary file |
| | cleanup issue; new upstream release; |
| | new upstream version |
| | |
| debian-installer [6] | Rebuild for the point release |
| | |
| debian-installer-netboot- | Rebuild for the point release |
| images [7] | |
| | |
| debian-security- | Update package data |
| support [8] | |
| | |
| dh-make-perl [9] | Support Contents file without header |
| | |
| dns-root-data [10] | Update IANA DNSSEC files to 2017-02-02 |
| | versions |
| | |
| faad2 [11] | Fix several DoS issues via crafted MP4 |
| | files [CVE-2017-9218 CVE-2017-9219 |
| | CVE-2017-9220 CVE-2017-9221 CVE-2017- |
| | 9222 CVE-2017-9223 CVE-2017-9253 |
| | CVE-2017-9254 CVE-2017-9255 CVE-2017- |
| | 9256 CVE-2017-9257] |
| | |
| file [12] | Avoid reading past the end of a buffer |
| | [CVE-2018-10360]] |
| | |
| ghostscript [13] | Fix segfault with fuzzing file in |
| | gxht_thresh_image_init[); fix buffer |
| | overflow in fill_threshold_buffer |
| | [CVE-2016-10317]; pdfwrite - Guard |
| | against trying to output an infinite |
| | number [CVE-2018-10194] |
| | |
| intel-microcode [14] | Update included microcode, including |
| | fixes for Spectre v2 [CVE-2017-5715] |
| | |
| lame [15] | Fix security issues by switching to |
| | use I/O routines from sndfile |
| | [CVE-2017-15018 CVE-2017-15045 |
| | CVE-2017-15046 CVE-2017-9869 CVE-2017- |
| | 9870 CVE-2017-9871 CVE-2017-9872] |
| | |
| libdatetime-timezone- | Update included data |
| perl [16] | |
| | |
| libextractor [17] | Various security fixes [CVE-2017-15266 |
| | CVE-2017-15267 CVE-2017-15600 |
| | CVE-2017-15601 CVE-2017-15602 |
| | CVE-2017-15922 CVE-2017-17440] |
| | |
| libipc-run-perl [18] | Fix memory leak |
| | |
| linux [19] | New upstream stable release |
| | |
| mactelnet [20] | Security fix [CVE-2016-7115] |
| | |
| ncurses [21] | Fix buffer overflow in the |
| | _nc_write_entry function [CVE-2017- |
| | 16879] |
| | |
| nvidia-graphics- | New upstream version |
| drivers [22] | |
| | |
| nvidia-graphics-drivers- | Update to latest driver |
| legacy-304xx [23] | |
| | |
| openafs [24] | Fix kernel module build against linux |
| | 3.16.51-3+deb8u1 kernels after |
| | security update-induced ABI changes |
| | |
| openldap [25] | Fix upgrade failure when olcSuffix |
| | contains a backslash; fix memory |
| | corruption caused by calling |
| | sasl_client_init() multiple times |
| | |
| patch [26] | Fix arbitrary command execution in ed- |
| | style patches [CVE-2018-1000156] |
| | |
| postgresql-9.4 [27] | New upstream release |
| | |
| psensor [28] | Fix directory traversal issue |
| | [CVE-2014-10073] |
| | |
| python-mimeparse [29] | Fix python3-mimeparse's dependencies |
| | |
| rar [30] | Strip statically linked rar and |
| | install the dynamically linked version |
| | instead |
| | |
| reportbug [31] | Stop CCing secure-testing- |
| |
team@lists.alioth.debian.org |
| | |
| sam2p [32] | Fix multiple invalid frees and buffer- |
| | overflow vulnerabilities [CVE-2018- |
| | 7487 CVE-2018-7551 CVE-2018-7552 |
| | CVE-2018-7553 CVE-2018-7554] |
| | |
| slurm-llnl [33] | Fix upgrade issue from wheezy |
| | |
| soundtouch [34] | Security fixes [CVE-2017-9258 |
| | CVE-2017-9259 CVE-2017-9260] |
| | |
| subversion [35] | Fix crashes with Perl bindings, |
| | commonly seen when using git-svn |
| | |
| tzdata [36] | Update included data |
| | |
| user-mode-linux [37] | Rebuild against current jessie kernel |
| | |
| virtualbox-guest- | Fix multiple security issues |
| additions-iso [38] | [CVE-2016-0592 CVE-2016-0495 CVE-2015- |
| | 8104 CVE-2015-7183 CVE-2015-5307 |
| | CVE-2015-7183 CVE-2015-4813 CVE-2015- |
| | 4896 CVE-2015-3456] |
| | |
| xerces-c [39] | Fix Denial of Service via external DTD |
| | reference [CVE-2017-12627] |
| | |
| zsh [40] | Rebuild against libraries currently in |
| | jessie |
| | | +----------------------------+----------------------------------------+
1:
https://packages.debian.org/src:adminer
2:
https://packages.debian.org/src:base-files
3:
https://packages.debian.org/src:blktrace
4:
https://packages.debian.org/src:bwm-ng
5:
https://packages.debian.org/src:clamav
6:
https://packages.debian.org/src:debian-installer
7:
https://packages.debian.org/src:debian-installer-netboot-images
8:
https://packages.debian.org/src:debian-security-support
9:
https://packages.debian.org/src:dh-make-perl
10:
https://packages.debian.org/src:dns-root-data
11:
https://packages.debian.org/src:faad2
12:
https://packages.debian.org/src:file
13:
https://packages.debian.org/src:ghostscript
14:
https://packages.debian.org/src:intel-microcode
15:
https://packages.debian.org/src:lame
16:
https://packages.debian.org/src:libdatetime-timezone-perl
17:
https://packages.debian.org/src:libextractor
18:
https://packages.debian.org/src:libipc-run-perl
19:
https://packages.debian.org/src:linux
20:
https://packages.debian.org/src:mactelnet
21:
https://packages.debian.org/src:ncurses
22:
https://packages.debian.org/src:nvidia-graphics-drivers
23:
https://packages.debian.org/src:nvidia-graphics-drivers-legacy-304xx
24:
https://packages.debian.org/src:openafs
25:
https://packages.debian.org/src:openldap
26:
https://packages.debian.org/src:patch
27:
https://packages.debian.org/src:postgresql-9.4
28:
https://packages.debian.org/src:psensor
29:
https://packages.debian.org/src:python-mimeparse
30:
https://packages.debian.org/src:rar
31:
https://packages.debian.org/src:reportbug
32:
https://packages.debian.org/src:sam2p
33:
https://packages.debian.org/src:slurm-llnl
34:
https://packages.debian.org/src:soundtouch
35:
https://packages.debian.org/src:subversion
36:
https://packages.debian.org/src:tzdata
37:
https://packages.debian.org/src:user-mode-linux
38:
https://packages.debian.org/src:virtualbox-guest-additions-iso
39:
https://packages.debian.org/src:xerces-c
40:
https://packages.debian.org/src:zsh
Security Updates
----------------
This revision adds the following security updates to the oldstable
release. The Security Team has already released an advisory for each of
these updates:
+----------------+----------------------------------+
| Advisory ID | Package | +----------------+----------------------------------+
| DSA-3707 [41] | openjdk-7 [42] |
| | |
| DSA-3708 [43] | mat [44] |
| | |
| DSA-3746 [45] | graphicsmagick [46] |
| | |
| DSA-3782 [47] | openjdk-7 [48] |
| | |
| DSA-3832 [49] | openoffice.org-dictionaries [50] |
| | |
| DSA-3858 [51] | openjdk-7 [52] |
| | |
| DSA-3923 [53] | freerdp [54] |
| | |
| DSA-3944 [55] | mariadb-10.0 [56] |
| | |
| DSA-3954 [57] | openjdk-7 [58] |
| | |
| DSA-3968 [59] | icedove [60] |
| | |
| DSA-4010 [61] | git-annex [62] |
| | |
| DSA-4014 [63] | thunderbird [64] |
| | |
| DSA-4048 [65] | openjdk-7 [66] |
| | |
| DSA-4054 [67] | tor [68] |
| | |
| DSA-4057 [69] | erlang [70] |
| | |
| DSA-4058 [71] | optipng [72] |
| | |
| DSA-4059 [73] | libxcursor [74] |
| | |
| DSA-4060 [75] | wireshark [76] |
| | |
| DSA-4061 [77] | thunderbird [78] |
| | |
| DSA-4062 [79] | firefox-esr [80] |
| | |
| DSA-4066 [81] | otrs2 [82] |
| | |
| DSA-4067 [83] | openafs [84] |
| | |
| DSA-4068 [85] | rsync [86] |
| | |
| DSA-4069 [87] | otrs2 [88] |
| | |
| DSA-4070 [89] | enigmail [90] |
| | |
| DSA-4071 [91] | sensible-utils [92] |
| | |
| DSA-4075 [93] | thunderbird [94] |
| | |
| DSA-4076 [95] | asterisk [96] |
| | |
| DSA-4077 [97] | gimp [98] |
| | |
| DSA-4079 [99] | poppler [100] |
| | |
| DSA-4081 [101] | php5 [102] |
| | |
| DSA-4082 [103] | linux [104] |
| | |
| DSA-4082 [105] | linux-latest [106] |
| | |
| DSA-4083 [107] | poco [108] |
| | |
| DSA-4084 [109] | gifsicle [110] |
| | |
| DSA-4085 [111] | xmltooling [112] |
| | |
| DSA-4086 [113] | libxml2 [114] |
| | |
| DSA-4087 [115] | transmission [116] |
| | |
| DSA-4088 [117] | gdk-pixbuf [118] |
| | |
| DSA-4089 [119] | bind9 [120] |
| | |
| DSA-4090 [121] | wordpress [122] |
| | |
| DSA-4091 [123] | mysql-5.5 [124] |
| | |
| DSA-4092 [125] | awstats [126] |
| | |
| DSA-4093 [127] | openocd [128] |
| | |
| DSA-4094 [129] | smarty3 [130] |
| | |
| DSA-4096 [131] | firefox-esr [132] |
| | |
| DSA-4097 [133] | poppler [134] |
| | |
| DSA-4098 [135] | curl [136] |
| | |
| DSA-4100 [137] | tiff [138] |
| | |
| DSA-4101 [139] | wireshark [140] |
| | |
| DSA-4102 [141] | thunderbird [142] |
| | |
| DSA-4104 [143] | p7zip [144] |
| | |
| DSA-4108 [145] | mailman [146] |
| | |
| DSA-4109 [147] | ruby-omniauth [148] |
| | |
| DSA-4110 [149] | exim4 [150] |
| | |
| DSA-4111 [151] | libreoffice [152] |
| | |
| DSA-4114 [153] | jackson-databind [154] |
| | |
| DSA-4115 [155] | quagga [156] |
| | |
| DSA-4117 [157] | gcc-4.9 [158] |
| | |
| DSA-4118 [159] | tomcat-native [160] |
| | |
| DSA-4119 [161] | libav [162] |
| | |
| DSA-4122 [163] | squid3 [164] |
| | |
| DSA-4123 [165] | drupal7 [166] |
| | |
| DSA-4124 [167] | lucene-solr [168] |
| | |
| DSA-4126 [169] | xmltooling [170] |
| | |
| DSA-4127 [171] | simplesamlphp [172] |
| | |
| DSA-4129 [173] | freexl [174] |
| | |
| DSA-4130 [175] | dovecot [176] |
| | |
| DSA-4132 [177] | libvpx [178] |
| | |
| DSA-4133 [179] | isc-dhcp [180] |
| | |
| DSA-4136 [181] | curl [182] |
| | |
| DSA-4137 [183] | libvirt [184] |
| | |
| DSA-4139 [185] | firefox-esr [186] |
| | |
| DSA-4140 [187] | libvorbis [188] |
| | |
| DSA-4141 [189] | libvorbisidec [190] |
| | |
| DSA-4142 [191] | uwsgi [192] |
| | |
| DSA-4143 [193] | firefox-esr [194] |
| | |
| DSA-4146 [195] | plexus-utils [196] |
| | |
| DSA-4147 [197] | polarssl [198] |
| | |
| DSA-4148 [199] | kamailio [200] |
| | |
| DSA-4149 [201] | plexus-utils2 [202] |
| | |
| DSA-4150 [203] | icu [204] |
| | |
| DSA-4151 [205] | librelp [206] |
| | |
| DSA-4152 [207] | mupdf [208] |
| | |
| DSA-4153 [209] | firefox-esr [210] |
| | |
| DSA-4154 [211] | net-snmp [212] |
| | |
| DSA-4155 [213] | thunderbird [214] |
| | |
| DSA-4156 [215] | drupal7 [216] |
| | |
| DSA-4157 [217] | openssl [218] |
| | |
| DSA-4161 [219] | python-django [220] |
| | |
| DSA-4163 [221] | beep [222] |
| | |
| DSA-4164 [223] | apache2 [224] |
| | |
| DSA-4165 [225] | ldap-account-manager [226] |
| | |
| DSA-4167 [227] | sharutils [228] |
| | |
| DSA-4168 [229] | squirrelmail [230] |
| | |
| DSA-4172 [231] | perl [232] |
| | |
| DSA-4175 [233] | freeplane [234] |
| | |
| DSA-4176 [235] | mysql-5.5 [236] |
| | |
| DSA-4177 [237] | libsdl2-image [238] |
| | |
| DSA-4178 [239] | libreoffice [240] |
| | |
| DSA-4179 [241] | linux-tools [242] |
| | |
| DSA-4180 [243] | drupal7 [244] |
| | |
| DSA-4184 [245] | sdl-image1.2 [246] |
| | |
| DSA-4186 [247] | gunicorn [248] |
| | |
| DSA-4187 [249] | linux-latest [250] |
| | |
| DSA-4187 [251] | linux [252] |
| | |
| DSA-4189 [253] | quassel [254] |
| | |
| DSA-4190 [255] | jackson-databind [256] |
| | |
| DSA-4192 [257] | libmad [258] |
| | |
| DSA-4193 [259] | wordpress [260] |
| | |
| DSA-4194 [261] | lucene-solr [262] |
| | |
| DSA-4195 [263] | wget [264] |
| | |
| DSA-4196 [265] | linux [266] |
| | |
| DSA-4199 [267] | firefox-esr [268] |
| | |
| DSA-4202 [269] | curl [270] |
| | |
| DSA-4204 [271] | imagemagick [272] |
| | |
| DSA-4208 [273] | procps [274] |
| | |
| DSA-4209 [275] | thunderbird [276] |
| | |
| DSA-4211 [277] | xdg-utils [278] |
| | |
| DSA-4212 [279] | git [280] |
| | |
| DSA-4214 [281] | zookeeper [282] |
| | |
| DSA-4215 [283] | batik [284] |
| | |
| DSA-4216 [285] | prosody [286] |
| | |
| DSA-4217 [287] | wireshark [288] |
| | |
| DSA-4218 [289] | memcached [290] |
| | |
| DSA-4220 [291] | firefox-esr [292] |
| | |
| DSA-4221 [293] | libvncserver [294] |
| | |
| DSA-4222 [295] | gnupg2 [296] |
| | |
| DSA-4224 [297] | gnupg [298] |
| | |
| DSA-4225 [299] | openjdk-7 [300] |
| | |
| DSA-4226 [301] | perl [302] |
| | |
| DSA-4227 [303] | plexus-archiver [304] |
| | |
| DSA-4228 [305] | spip [306] |
| | |
| DSA-4229 [307] | strongswan [308] |
| | | +----------------+----------------------------------+
41:
https://www.debian.org/security/2016/dsa-3707
42:
https://packages.debian.org/src:openjdk-7
43:
https://www.debian.org/security/2016/dsa-3708
44:
https://packages.debian.org/src:mat
45:
https://www.debian.org/security/2016/dsa-3746
46:
https://packages.debian.org/src:graphicsmagick
47:
https://www.debian.org/security/2017/dsa-3782
48:
https://packages.debian.org/src:openjdk-7
49:
https://www.debian.org/security/2017/dsa-3832
50:
https://packages.debian.org/src:openoffice.org-dictionaries
51:
https://www.debian.org/security/2017/dsa-3858
52:
https://packages.debian.org/src:openjdk-7
53:
https://www.debian.org/security/2017/dsa-3923
54:
https://packages.debian.org/src:freerdp
55:
https://www.debian.org/security/2017/dsa-3944
56:
https://packages.debian.org/src:mariadb-10.0
57:
https://www.debian.org/security/2017/dsa-3954
58:
https://packages.debian.org/src:openjdk-7
59:
https://www.debian.org/security/2017/dsa-3968
60:
https://packages.debian.org/src:icedove
61:
https://www.debian.org/security/2017/dsa-4010
62:
https://packages.debian.org/src:git-annex
63:
https://www.debian.org/security/2017/dsa-4014
64:
https://packages.debian.org/src:thunderbird
65:
https://www.debian.org/security/2017/dsa-4048
66:
https://packages.debian.org/src:openjdk-7
67:
https://www.debian.org/security/2017/dsa-4054
68:
https://packages.debian.org/src:tor
69:
https://www.debian.org/security/2017/dsa-4057
70:
https://packages.debian.org/src:erlang
71:
https://www.debian.org/security/2017/dsa-4058
72:
https://packages.debian.org/src:optipng
73:
https://www.debian.org/security/2017/dsa-4059
74:
https://packages.debian.org/src:libxcursor
75:
https://www.debian.org/security/2017/dsa-4060
76:
https://packages.debian.org/src:wireshark
77:
https://www.debian.org/security/2017/dsa-4061
78:
https://packages.debian.org/src:thunderbird
79:
https://www.debian.org/security/2017/dsa-4062
80:
https://packages.debian.org/src:firefox-esr
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)