Pop-Up Thingie

>>> Magnum BBS <<<
  • Home
  • Forum
  • Files
  • Log in

  1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE
  • Updated Debian 10: 10.9 released

    From Laura Arjona Reina@21:1/5 to All on Sat Mar 27 15:20:01 2021
    This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --lwQ4uq1jGZv2SVxUvTE6p4HVcF5V5qD5B
    Content-Type: text/plain; charset=utf-8
    Content-Language: en-GB
    Content-Transfer-Encoding: quoted-printable

    ------------------------------------------------------------------------
    The Debian Project https://www.debian.org/ Updated Debian 10: 10.9 released press@debian.org
    March 27th, 2021 https://www.debian.org/News/2021/20210327 ------------------------------------------------------------------------


    The Debian project is pleased to announce the ninth update of its stable distribution Debian 10 (codename "buster"). This point release mainly
    adds corrections for security issues, along with a few adjustments for
    serious problems. Security advisories have already been published
    separately and are referenced where available.

    Please note that the point release does not constitute a new version of
    Debian 10 but only updates some of the packages included. There is no
    need to throw away old "buster" media. After installation, packages can
    be upgraded to the current versions using an up-to-date Debian mirror.

    Those who frequently install updates from security.debian.org won't have
    to update many packages, and most such updates are included in the point release.

    New installation images will be available soon at the regular locations.

    Upgrading an existing installation to this revision can be achieved by
    pointing the package management system at one of Debian's many HTTP
    mirrors. A comprehensive list of mirrors is available at:

    https://www.debian.org/mirror/list



    Miscellaneous Bugfixes
    ----------------------

    This stable update adds a few important corrections to the following
    packages:

    +---------------------------+-----------------------------------------+
    | Package | Reason | +---------------------------+-----------------------------------------+
    | avahi [1] | Remove avahi-daemon-check-dns
    |
    | | mechanism, which is no longer needed |
    | | |
    | base-files [2] | Update /etc/debian_version for the 10.9 |
    | | point release |
    | | |
    | cloud-init [3] | Avoid logging generated passwords to
    |
    | | world-readable log files [CVE-2021- |
    | | 3429] |
    | | |
    | debian-archive- | Add bullseye keys; retire jessie keys |
    | keyring [4] |
    |
    | | |
    | debian-installer [5] | Use 4.19.0-16 Linux kernel ABI
    |
    | | |
    | debian-installer-netboot- | Rebuild against proposed-updates |
    | images [6] |
    |
    | | |
    | exim4 [7] | Fix use of concurrent TLS connections
    |
    | | under GnuTLS; fix TLS certificate |
    | | verification with CNAMEs; |
    | | README.Debian: document the limitation/ |
    | | extent of server certificate |
    | | verification in the default |
    | | configuration |
    | | |
    | fetchmail [8] | No longer report "System error during
    |
    | | SSL_connect(): Success" ; remove |
    | | OpenSSL version check |
    | | |
    | fwupd [9] | Add SBAT support
    |
    | | |
    | fwupd-amd64-signed [10] | Add SBAT support
    |
    | | |
    | fwupd-arm64-signed [11] | Add SBAT support
    |
    | | |
    | fwupd-armhf-signed [12] | Add SBAT support
    |
    | | |
    | fwupd-i386-signed [13] | Add SBAT support
    |
    | | |
    | fwupdate [14] | Add SBAT support
    |
    | | |
    | fwupdate-amd64- | Add SBAT support |
    | signed [15] |
    |
    | | |
    | fwupdate-arm64- | Add SBAT support |
    | signed [16] |
    |
    | | |
    | fwupdate-armhf- | Add SBAT support |
    | signed [17] |
    |
    | | |
    | fwupdate-i386-signed [18] | Add SBAT support
    |
    | | |
    | gdnsd [19] | Fix stack overflow with overly-large
    |
    | | IPv6 addresses [CVE-2019-13952] |
    | | |
    | groff [20] | Rebuild against ghostscript 9.27
    |
    | | |
    | hwloc-contrib [21] | Enable support for the ppc64el
    |
    | | architecture |
    | | |
    | intel-microcode [22] | Update various microcode
    |
    | | |
    | iputils [23] | Fix ping rounding errors; fix tracepath |
    | | target corruption |
    | | |
    | jquery [24] | Fix untrusted code execution
    |
    | | vulnerabilities [CVE-2020-11022 |
    | | CVE-2020-11023] |
    | | |
    | libbsd [25] | Fix out-of-bounds read issue [CVE-2019- |
    | | 20367] |
    | | |
    | libpano13 [26] | Fix format string vulnerability
    |
    | | |
    | libreoffice [27] | Do not load encodings.py from current
    |
    | | directoy |
    | | |
    | linux [28] | New upstream stable release; update ABI |
    | | to -16; rotate secure boot signing |
    | | keys; rt: update to 4.19.173-rt72 |
    | | |
    | linux-latest [29] | Update to -15 kernel ABI; update for
    |
    | | -16 kernel ABI |
    | | |
    | linux-signed-amd64 [30] | New upstream stable release; update ABI |
    | | to -16; rotate secure boot signing |
    | | keys; rt: update to 4.19.173-rt72 |
    | | |
    | linux-signed-arm64 [31] | New upstream stable release; update ABI |
    | | to -16; rotate secure boot signing |
    | | keys; rt: update to 4.19.173-rt72 |
    | | |
    | linux-signed-i386 [32] | New upstream stable release; update ABI |
    | | to -16; rotate secure boot signing |
    | | keys; rt: update to 4.19.173-rt72 |
    | | |
    | lirc [33] | Normalize embedded $
    |
    | | {DEB_HOST_MULTIARCH} value in /etc/ |
    | | lirc/lirc_options.conf to find |
    | | unmodified configuration files on all |
    | | architectures; recommend gir1.2- |
    | | vte-2.91 instead of non-existent |
    | | gir1.2-vte |
    | | |
    | m2crypto [34] | Fix test failure with recent OpenSSL
    |
    | | versions |
    | | |
    | openafs [35] | Fix outgoing connections after unix
    |
    | | epoch time 0x60000000 (14 January 2021) |
    | | |
    | portaudio19 [36] | Handle EPIPE from
    |
    | | alsa_snd_pcm_poll_descriptors, fixing |
    | | crash |
    | | |
    | postgresql-11 [37] | New upstream stable release; fix
    |
    | | information leakage in constraint- |
    | | violation error messages [CVE-2021- |
    | | 3393]; fix CREATE INDEX CONCURRENTLY to |
    | | wait for concurrent prepared |
    | | transactions |
    | | |
    | privoxy [38] | Security issues [CVE-2020-35502
    |
    | | CVE-2021-20209 CVE-2021-20210 CVE-2021- |
    | | 20211 CVE-2021-20212 CVE-2021-20213 |
    | | CVE-2021-20214 CVE-2021-20215 CVE-2021- |
    | | 20216 CVE-2021-20217 CVE-2021-20272 |
    | | CVE-2021-20273 CVE-2021-20275 CVE-2021- |
    | | 20276] |
    | | |
    | python3.7 [39] | Fix CRLF injection in http.client
    |
    | | [CVE-2020-26116]; fix buffer overflow |
    | | in PyCArg_repr in _ctypes/callproc.c |
    | | [CVE-2021-3177] |
    | | |
    | redis [40] | Fix a series of integer overflow issues |
    | | on 32-bit systems [CVE-2021-21309] |
    | | |
    | ruby-mechanize [41] | Fix command injection issue [CVE-2021-
    |
    | | 21289] |
    | | |
    | systemd [42] | core: make sure to restore the control
    |
    | | command id, too, fixing a segfault; |
    | | seccomp: allow turning off of seccomp |
    | | filtering via an environment variable |
    | | |
    | uim [43] | libuim-data: Perform symlink_to_dir
    |
    | | conversion of /usr/share/doc/libuim- |
    | | data in the resurrected package for |
    | | clean upgrades from stretch |
    | | |
    | xcftools [44] | Fix integer overflow vulnerability
    |
    | | [CVE-2019-5086 CVE-2019-5087] |
    | | |
    | xterm [45] | Correct upper-limit for selection
    |
    | | buffer, accounting for combining |
    | | characters [CVE-2021-27135] |
    | | | +---------------------------+-----------------------------------------+

    1: https://packages.debian.org/src:avahi
    2: https://packages.debian.org/src:base-files
    3: https://packages.debian.org/src:cloud-init
    4: https://packages.debian.org/src:debian-archive-keyring
    5: https://packages.debian.org/src:debian-installer
    6: https://packages.debian.org/src:debian-installer-netboot-images
    7: https://packages.debian.org/src:exim4
    8: https://packages.debian.org/src:fetchmail
    9: https://packages.debian.org/src:fwupd
    10: https://packages.debian.org/src:fwupd-amd64-signed
    11: https://packages.debian.org/src:fwupd-arm64-signed
    12: https://packages.debian.org/src:fwupd-armhf-signed
    13: https://packages.debian.org/src:fwupd-i386-signed
    14: https://packages.debian.org/src:fwupdate
    15: https://packages.debian.org/src:fwupdate-amd64-signed
    16: https://packages.debian.org/src:fwupdate-arm64-signed
    17: https://packages.debian.org/src:fwupdate-armhf-signed
    18: https://packages.debian.org/src:fwupdate-i386-signed
    19: https://packages.debian.org/src:gdnsd
    20: https://packages.debian.org/src:groff
    21: https://packages.debian.org/src:hwloc-contrib
    22: https://packages.debian.org/src:intel-microcode
    23: https://packages.debian.org/src:iputils
    24: https://packages.debian.org/src:jquery
    25: https://packages.debian.org/src:libbsd
    26: https://packages.debian.org/src:libpano13
    27: https://packages.debian.org/src:libreoffice
    28: https://packages.debian.org/src:linux
    29: https://packages.debian.org/src:linux-latest
    30: https://packages.debian.org/src:linux-signed-amd64
    31: https://packages.debian.org/src:linux-signed-arm64
    32: https://packages.debian.org/src:linux-signed-i386
    33: https://packages.debian.org/src:lirc
    34: https://packages.debian.org/src:m2crypto
    35: https://packages.debian.org/src:openafs
    36: https://packages.debian.org/src:portaudio19
    37: https://packages.debian.org/src:postgresql-11
    38: https://packages.debian.org/src:privoxy
    39: https://packages.debian.org/src:python3.7
    40: https://packages.debian.org/src:redis
    41: https://packages.debian.org/src:ruby-mechanize
    42: https://packages.debian.org/src:systemd
    43: https://packages.debian.org/src:uim
    44: https://packages.debian.org/src:xcftools
    45: https://packages.debian.org/src:xterm

    Security Updates
    ----------------

    This revision adds the following security updates to the stable release.
    The Security Team has already released an advisory for each of these
    updates:

    +----------------+----------------------------+
    | Advisory ID | Package | +----------------+----------------------------+
    | DSA-4826 [46] | nodejs [47] |
    | | |
    | DSA-4844 [48] | dnsmasq [49] |
    | | |
    | DSA-4845 [50] | openldap [51] |
    | | |
    | DSA-4846 [52] | chromium [53] |
    | | |
    | DSA-4847 [54] | connman [55] |
    | | |
    | DSA-4849 [56] | firejail [57] |
    | | |
    | DSA-4850 [58] | libzstd [59] |
    | | |
    | DSA-4851 [60] | subversion [61] |
    | | |
    | DSA-4853 [62] | spip [63] |
    | | |
    | DSA-4854 [64] | webkit2gtk [65] |
    | | |
    | DSA-4855 [66] | openssl [67] |
    | | |
    | DSA-4856 [68] | php7.3 [69] |
    | | |
    | DSA-4857 [70] | bind9 [71] |
    | | |
    | DSA-4858 [72] | chromium [73] |
    | | |
    | DSA-4859 [74] | libzstd [75] |
    | | |
    | DSA-4860 [76] | openldap [77] |
    | | |
    | DSA-4861 [78] | screen [79] |
    | | |
    | DSA-4862 [80] | firefox-esr [81] |
    | | |
    | DSA-4863 [82] | nodejs [83] |
    | | |
    | DSA-4864 [84] | python-aiohttp [85] |
    | | |
    | DSA-4865 [86] | docker.io [87] |
    | | |
    | DSA-4867 [88] | grub-efi-amd64-signed [89] |
    | | |
    | DSA-4867 [90] | grub-efi-arm64-signed [91] |
    | | |
    | DSA-4867 [92] | grub-efi-ia32-signed [93] |
    | | |
    | DSA-4867 [94] | grub2 [95] |
    | | |
    | DSA-4868 [96] | flatpak [97] |
    | | |
    | DSA-4869 [98] | tiff [99] |
    | | |
    | DSA-4870 [100] | pygments [101] |
    | | |
    | DSA-4871 [102] | tor [103] |
    | | |
    | DSA-4872 [104] | shibboleth-sp [105] |
    | | | +----------------+----------------------------+

    46: https://www.debian.org/security/2021/dsa-4826
    47: https://packages.debian.org/src:nodejs
    48: https://www.debian.org/security/2021/dsa-4844
    49: https://packages.debian.org/src:dnsmasq
    50: https://www.debian.org/security/2021/dsa-4845
    51: https://packages.debian.org/src:openldap
    52: https://www.debian.org/security/2021/dsa-4846
    53: https://packages.debian.org/src:chromium
    54: https://www.debian.org/security/2021/dsa-4847
    55: https://packages.debian.org/src:connman
    56: https://www.debian.org/security/2021/dsa-4849
    57: https://packages.debian.org/src:firejail
    58: https://www.debian.org/security/2021/dsa-4850
    59: https://packages.debian.org/src:libzstd
    60: https://www.debian.org/security/2021/dsa-4851
    61: https://packages.debian.org/src:subversion
    62: https://www.debian.org/security/2021/dsa-4853
    63: https://packages.debian.org/src:spip
    64: https://www.debian.org/security/2021/dsa-4854
    65: https://packages.debian.org/src:webkit2gtk
    66: https://www.debian.org/security/2021/dsa-4855
    67: https://packages.debian.org/src:openssl
    68: https://www.debian.org/security/2021/dsa-4856
    69: https://packages.debian.org/src:php7.3
    70: https://www.debian.org/security/2021/dsa-4857
    71: https://packages.debian.org/src:bind9
    72: https://www.debian.org/security/2021/dsa-4858
    73: https://packages.debian.org/src:chromium
    74: https://www.debian.org/security/2021/dsa-4859
    75: https://packages.debian.org/src:libzstd
    76: https://www.debian.org/security/2021/dsa-4860
    77: https://packages.debian.org/src:openldap
    78: https://www.debian.org/security/2021/dsa-4861
    79: https://packages.debian.org/src:screen
    80: https://www.debian.org/security/2021/dsa-4862
    81: https://packages.debian.org/src:firefox-esr
    82: https://www.debian.org/security/2021/dsa-4863
    83: https://packages.debian.org/src:nodejs
    84: https://www.debian.org/security/2021/dsa-4864
    85: https://packages.debian.org/src:python-aiohttp
    86: https://www.debian.org/security/2021/dsa-4865
    87: https://packages.debian.org/src:docker.io
    88: https://www.debian.org/security/2021/dsa-4867
    89: https://packages.debian.org/src:grub-efi-amd64-signed
    90: https://www.debian.org/security/2021/dsa-4867
    91: https://packages.debian.org/src:grub-efi-arm64-signed
    92: https://www.debian.org/security/2021/dsa-4867
    93: https://packages.debian.org/src:grub-efi-ia32-signed
    94: https://www.debian.org/security/2021/dsa-4867
    95: https://packages.debian.org/src:grub2
    96: https://www.debian.org/security/2021/dsa-4868
    97: https://packages.debian.org/src:flatpak
    98: https://www.debian.org/security/2021/dsa-4869
    99: https://packages.debian.org/src:tiff
    100: https://www.debian.org/security/2021/dsa-4870
    101: https://packages.debian.org/src:pygments
    102: https://www.debian.org/security/2021/dsa-4871
    103: https://packages.debian.org/src:tor
    104: https://www.debian.org/security/2021/dsa-4872
    105: https://packages.debian.org/src:shibboleth-sp

    Debian Installer
    ----------------

    The installer has been updated to include the fixes incorporated into
    stable by the point release.


    URLs
    ----

    The complete lists of packages that have changed with this revision:

    http://ftp.debian.org/debian/dists/buster/ChangeLog


    The current stable distribution:

    http://ftp.debian.org/debian/dists/stable/


    Proposed updates to the stable distribution:

    http://ftp.debian.org/debian/dists/proposed-updates


    stable distribution information (release notes, errata etc.):

    https://www.debian.org/releases/stable/


    Security announcements and information:

    https://www.debian.org/security/



    About Debian
    ------------

    The Debian Project is an association of Free Software developers who
    volunteer their time and effort in order to produce the completely free operating system Debian.


    Contact Information
    -------------------

    For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the
    stable release team at <debian-release@lists.debian.org>.


    --lwQ4uq1jGZv2SVxUvTE6p4HVcF5V5qD5B--

    -----BEGIN PGP SIGNATURE-----

    iQGzBAEBCgAdFiEEZin0RNRxg3W3fj8cTDhhvcxwa3QFAmBfPS0ACgkQTDhhvcxw a3SSyQv/RxfWvIc1XUPuUQO40F3r1jYSjz3MKqqGwJCsPkWpTTiLM+DCV6pjtCKG ZtLG8PQnYmcYoIGok70GYU0rMYA+cGE4ywrsT74i37gZCdlfsE0z389zcnepe+yw WlWO1OTrD8eQQ3O8FyI6lM6zQStvqG9ZxGZ9Orezv0TQayZOlgTOai++ZFFvaTX9 AtaM+iwWh9+xbE4Ki2vL9tNfsEiXYGuBdovJkotMsh/K9EEZHFJg0lzWqjlwkmXp 3gDghmgb2ptXbYfUlHlxm2ZCfDI/Bz7qc9fc9okIOeoUTsemxadAKm7xyAYb/Mlk xtT5Gkr98f/zlVpSNFwa+C+devKlvs0qpoP3ABmXZRWIUTSvxzuMadwIHIhyQ1x7 WppV3KYd5CM3dq0NnQY6uWwblqR5UhZoTTq1TqHduhArTKLEUgps1/X28/OYBbEa qcsqn2uT4LNYQCdSnhTyqVDHaP8z49i5xcPgzZwolqK3FZzTuZHZ+V+Zr8fwS5q5
    I3aZhF8k
    =HxQH
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • Who's Online

  • System Info

    Sysop: Keyop
    Location: Huddersfield, West Yorkshire, UK
    Users: 113
    Nodes: 8 (1 / 7)
    Uptime: 115:49:08
    Calls: 2,501
    Files: 8,689
    Messages: 1,922,435

© >>> Magnum BBS <<<, 2022