Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Software-update: Debian GNU/Linux 9.3 / 8.10

Debian logo (60 pix)Debian GNU/Linux is een opensource-besturingssysteem, dat voor zowel desktops als servers gebruikt kan worden en waarbij de nadruk op stabiliteit en veiligheid ligt. Het wordt dan ook gebruikt als basis voor diverse Linux-distributies, waaronder Ubuntu en Linux Mint. Versie 9.x, die als codenaam 'Stretch' meegekregen heeft, is een zogenaamde Long Term Support-uitgave en wordt de komende vijf jaar van updates voorzien. Versie 8.x heeft als codenaam Jessie. Het ontwikkelteam heeft enkele dagen geleden versies 9.3 en 8.10 uitgebracht om een aantal problemen aan te pakken.

Updated Debian 9: 9.3 released

The Debian project is pleased to announce the third update of its stable distribution Debian 9 (codename “stretch”). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

Miscellaneous Bugfixes
This stable update adds a few important corrections to the following packages:
  • abiword Fix flickering
  • base-files Update for the point release
  • berusky Fix startup crash with certain video card configurations
  • charmtimetracker Fix missing binary dependency on libqt5sql5-sqlite
  • corebird Increase maximum length of tweet to 280 characters
  • dbus When parsing dbus-daemon configuration, don't delay startup if high-quality entropy is not yet available; when using the Monitoring interface, match message filters that specify a destination correctly; increase listen() backlog of AF_UNIX sockets to the maximum possible, minimizing failed connections under heavy load
  • debian-edu-doc Merge stretch related documentation and translation updates from unstable and the wiki; documentation/common/edu.css.xml: improve HTML manual readability
  • debian-installer Rebuild for the point release
  • dehydrated Update subscriber license agreement URL
  • doit Add Breaks: nikola (<< 7.6.0-1~) to ensure its removal on upgrades from jessie
  • eclipse-titan Rebuild against current stretch GCC
  • fig2dev Add input sanitisation on FIG files [CVE-2017-16899]; sanitize input of fill patterns
  • flickcurl Fix oauth token fetching; prevent double free corruption during authentication
  • flightgear Prevent malicious add-ons from overriding arbitrary files [CVE-2017-13709]
  • ganeti Backport upstream support for non-DSA SSH keys; fix failover from dead nodes when using extstorage; fix instance import/export/move with current socat versions
  • gdm3 Backport several patches to fix XDMCP support
  • getmail4 Fix issue related to malformed fingerprints
  • grok Fix pointer aliasing bug; libgrok-dev: add missing dependencies on libgrok1 and libtokyocabinet-dev
  • gunicorn Drop unnecessary “Pre-Depends” on dpkg-dev which was causing gunicorn and python-gunicorn to bring in a compiler as a dependency
  • icu Fix double free in createMetazoneMappings() [CVE-2017-14952]
  • inn2 [i386] Rebuild to pick up correct path to gzip binary
  • iproute2 Fix segfault in “tc” with iptables 1.6
  • jdcal Fix Python3 dependencies
  • kde-gtk-config Fix preview buttons in KDE-GTK-config UI
  • lasi liblasi-dev: add missing dependencies on libpango1.0-dev and libfreetype6-dev
  • libdatetime-timezone-perl Update included data
  • libdbd-firebird-perl Fix fetching of decimal(x,y) values between -1 and 0
  • libdbi Re-enable error handler call in dbi_result_next_row()
  • liblog-log4perl-perl Work around Perl 5.24 no longer allowing syswrite and utf8 together
  • liblouis Fix buffer overflow and use-after-free issues [CVE-2017-13738 CVE-2017-13739 CVE-2017-13740 CVE-2017-13741 CVE-2017-13742 CVE-2017-13743 CVE-2017-13744]
  • libmpd libmpd-dev: Add the missing dependency on libglib2.0-dev
  • libofx Security fixes [CVE-2017-2816 CVE-2017-14731]
  • libxkbcommon libxkbcommon-x11-dev: add missing dependency on libxkbcommon-dev
  • libxsettings-client Add missing libxsettings-client-dev -> libxsettings-dev dependency
  • linux xen/time: do not decrease steal time after live migration on xen; new stable kernel version 4.9.65
  • live-config Configure autologin for KDE / Plasma live images
  • lxc Don't hardcode list of valid Debian releases, allowing the creation of containers for stable, buster, testing and unstable; don't insert C.* locales into /etc/locale.gen
  • mongodb Fix segfault/FTBFS on ARM64 with 48-bit virtual addresses, spidermonkey GC segfault when built with GCC 6; mongodb.service: start after network.target
  • openssh Test configuration before starting or reloading sshd under systemd; adjust compatibility patterns for WinSCP to correctly identify versions that implement only the legacy DH group exchange scheme; make “--” before the hostname terminate argument processing after the hostname too
  • pdns Fix incorrect qname casing in NSEC3 generation; add missing check on API operations [CVE-2017-15091]
  • pdns-recursor Security fixes: insufficient validation of DNSSEC signatures [CVE-2017-15090]; Cross-Site Scripting in the web interface [CVE-2017-15092]; configuration file injection in the API [CVE-2017-15093]; memory leak in DNSSEC parsing [CVE-2017-15094]
  • postgresql-9.6 Upstream bugfix release
  • publicsuffix Update included data
  • pyosmium Upstream bugfix release: handler functions not called when using replication service or when using Reader instead of file
  • python-diff-match-patch Add missing python3 dependency on Python 3 package
  • python-inflect Fix Python 3 dependencies
  • python-tablib Safely load YAML [CVE-2017-2810]
  • python2.7 Fix integer overflow in PyString_DecodeEscape [CVE-2017-1000158]; support all groups in TLS communication
  • qtcurve Fix crashes by using strncmp() instead of memcmp()
  • ruby-httparty Relax dependency version in gem dependency on json
  • ruby-ox Avoid crash with invalid XML passed to Oj.parse_obj() [CVE-2017-15928]
  • ruby-pygments.rb Avoid closing too many files when mentos starts, which can cause build failures in other packages on slower systems
  • schroot Fix bash completion file; add systemd service file with Type=oneshot to avoid timeout issues with too many open sessions
  • simutrans Enable sound for simutrans again. Switch from SDL to mixer_sdl backend
  • sitesummary Adjust nagios kernel version checking module to work with 4.x kernels
  • slic3r Fix missing dependency on perlapi-*
  • spamassassin Disable bb.barracudacentral.org; update the systemd unit file to use the same pid file as was used in the sysvinit script; update systemd unit dependencies to include network and syslog; fix inappropriate invocation of invoke-rc.d in cron script
  • sqldeveloper-package Fix build failure
  • sqlite3 Fix heap-based buffer over-read via undersized RTree blobs [CVE-2017-10989]
  • syslinux Fix btrfs logical to physical block address mapping; fix boot problem for old BIOS firmware by correct C/H/S order; support ext4 64bit feature
  • tdbcodbc Fix bug in ODBC library search
  • tor Add “Bastet” directory authority; fix a timing-based assertion failure; update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 country database
  • tzdata New upstream release
  • udftools Fix path to pktsetup in udftools init script
  • weechat “logger: call strftime before replacing buffer local variables” [CVE-2017-14727]
  • xml2 Fix corruption when dealing with UTF-8 files, usage string for 2csv tool
  • xrdp Fix high CPU load on SSL shutdown
  • zsh Rebuild to pull in updated libraries for zsh-static
Security Updates
This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates:
  • DSA-3989 dnsmasq
  • DSA-3990 asterisk
  • DSA-3991 qemu
  • DSA-3992 curl
  • DSA-3993 tor
  • DSA-3994 nautilus
  • DSA-3995 libxfont
  • DSA-3996 ffmpeg
  • DSA-3997 wordpress
  • DSA-3998 nss
  • DSA-3999 wpa
  • DSA-4000 xorg-server
  • DSA-4001 yadifa
  • DSA-4003 libvirt
  • DSA-4004 jackson-databind
  • DSA-4006 mupdf
  • DSA-4007 curl
  • DSA-4008 wget
  • DSA-4009 shadowsocks-libev
  • DSA-4011 quagga
  • DSA-4013 openjpeg2
  • DSA-4014 thunderbird
  • DSA-4015 openjdk-8
  • DSA-4016 irssi
  • DSA-4017 openssl1.0
  • DSA-4018 openssl
  • DSA-4019 imagemagick
  • DSA-4020 chromium-browser
  • DSA-4021 otrs2
  • DSA-4023 slurm-llnl
  • DSA-4024 chromium-browser
  • DSA-4025 libpam4j
  • DSA-4026 bchunk
  • DSA-4028 postgresql-9.6
  • DSA-4029 postgresql-common
  • DSA-4030 roundcube
  • DSA-4031 ruby2.3
  • DSA-4032 imagemagick
  • DSA-4033 konversation
  • DSA-4034 varnish
  • DSA-4035 firefox-esr
  • DSA-4036 mediawiki
  • DSA-4037 jackson-databind
  • DSA-4038 shibboleth-sp2
  • DSA-4039 opensaml2
  • DSA-4041 procmail
  • DSA-4042 libxml-libxml-perl
  • DSA-4043 samba
  • DSA-4044 swauth
  • DSA-4045 vlc
  • DSA-4047 otrs2
  • DSA-4049 ffmpeg
  • DSA-4050 xen
  • DSA-4051 curl
  • DSA-4052 bzr
  • DSA-4053 exim4
Removed packages
The following packages were removed due to circumstances beyond our control:
  • libnet-ping-external-perl Unmaintained, security issues

Updated Debian 8: 8.10 released

The Debian project is pleased to announce the tenth update of its oldstable distribution Debian 8 (codename “jessie”). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

Miscellaneous Bugfixes
This oldstable update adds a few important corrections to the following packages:
  • bareos Fix permissions of bareos-dir logrotate config; fix file corruption when using SHA1 signature
  • base-files Update for the point release
  • bind9 Import upcoming DNSSEC KSK-2017
  • cups Disable SSLv3 and RC4 by default to address POODLE vulnerability
  • db Do not access DB_CONFIG when db_home is not set [CVE-2017-10140]
  • db5.3 Do not access DB_CONFIG when db_home is not set [CVE-2017-10140]
  • debian-installer Rebuild for the point release
  • debian-installer-netboot-images Rebuild for the point release
  • debmirror Tolerate unknown lines in *.diff/Index; mirror DEP-11 metadata files; prefer xz over gz, and cope with either being missing; mirror and validate InRelease files
  • dns-root-data Update root.hints to 2017072601 version; add KSK-2017 to root.key file
  • dput dput.cf: replace security-master.debian.org with ftp.upload.security.debian.org
  • dwww Fix “Last-Modified” header name
  • elog Update patch 0005_elogd_CVE-2016-6342_fix to grant access as normal user
  • flightgear Fix arbitrary file overwrite vulnerability [CVE-2017-13709]
  • gsoap Fix integer overflow via large XML document [CVE-2017-9765]
  • hexchat Fix segmentation fault following /server command
  • icu Fix double free in createMetazoneMappings() [CVE-2017-14952]
  • kdepim Fix “send Later with Delay bypasses OpenPGP” [CVE-2017-9604]
  • kedpm Fix information leak via command history file [CVE-2017-8296]
  • keyringer Handle subkeys without expiration date and public keys listed multiple times
  • krb5 Security fixes - remote authenticated attackers can crash the KDC [CVE-2017-11368]; kdc crash on restrict_anon_to_tgt [CVE-2016-3120]; remote DOS with ldap for authenticated attackers [CVE-2016-3119]; prevent requires_preauth bypass [CVE-2015-2694]
  • libdatetime-timezone-perl Update included data
  • libdbi Re-enable error handler call in dbi_result_next_row()
  • libembperl-perl Change hard dependency on mod_perl in zembperl.load to Recommends, fixing an installation failure when libapache2-mod-perl2 is not installed
  • libio-socket-ssl-perl Fix segfault using malformed client certificates
  • liblouis Fix multiple stack-based buffer overflows [CVE-2014-8184]
  • libofx Security fixes [CVE-2017-2816 CVE-2017-14731]
  • libwnckmm Tighten dependencies between packages; use jquery.js from libjs-jquery
  • libwpd Security fix [CVE-2017-14226]
  • libx11 Fix “insufficient validation of data from the X server can cause out of boundary memory read (XGetImage()) or write (XListFonts())” [CVE-2016-7942 CVE-2016-7943]
  • libxfixes Fix integer overflow on illegal server response [CVE-2016-7944]
  • libxi Fix “insufficient validation of data from the X server can cause out of boundary memory access or endless loops” [CVE-2016-7945 CVE-2016-7946]
  • libxrandr Avoid out of boundary accesses on illegal responses [CVE-2016-7947 CVE-2016-7948]
  • libxtst Fix “insufficient validation of data from the X server can cause out of boundary memory access or endless loops” [CVE-2016-7951 CVE-2016-7952]
  • libxv Fix protocol handling issues in libXv [CVE-2016-5407]
  • libxvmc Avoid buffer underflow on empty strings [CVE-2016-7953]
  • linux New stable kernel version 3.16.51
  • ncurses Fix various crash bugs in the tic library and the tic binary [CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-13728 CVE-2017-13729 CVE-2017-13730 CVE-2017-13731 CVE-2017-13732 CVE-2017-13734 CVE-2017-13733]
  • openssh Test configuration before starting or reloading sshd under systemd; make “--” before the hostname terminate argument processing after the hostname too
  • pdns Add missing check on API operations [CVE-2017-15091]
  • pdns-recursor Fix configuration file injection in the API [CVE-2017-15093]
  • postgresql-9.4 New upstream bugfix release
  • python-tablib Securely load YAML [CVE-2017-2810]
  • request-tracker4 Fix regression in previous security release where incorrect SHA256 passwords could trigger an error
  • ruby-ox Avoid crash with invalid XML passed to Oj.parse_obj() [CVE-2017-15928]
  • sam2p Fix several integer overflow or heap-based buffer overflow issues [CVE-2017-14628 CVE-2017-14629 CVE-2017-14630 CVE-2017-14631 CVE-2017-14636 CVE-2017-14637 CVE-2017-16663]
  • slurm-llnl Fix security issue caused by insecure file path handling triggered by the failure of a Prolog script [CVE-2016-10030]
  • sudo Fix arbitrary terminal access [CVE-2017-1000368]
  • syslinux Fix boot problem for old BIOS firmware by correcting C/H/S order
  • tor Add “Bastet” directory authority; update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 country database; fix a memset() off the end of an array when packing cells transfig Add input sanitisation on FIG files [CVE-2017-16899]; sanitize input of fill patterns
  • tzdata New upstream release
  • unbound Fix install of trust anchor when two anchors are present; include root trust anchor id 20326
  • weechat “logger: call strftime before replacing buffer local variables” [CVE-2017-14727]
Security Updates
This revision adds the following security updates to the oldstable release. The Security Team has already released an advisory for each of these updates:
  • DSA-3904 bind9
  • DSA-3908 nginx
  • DSA-3909 samba
  • DSA-3913 apache2
  • DSA-3914 imagemagick
  • DSA-3916 atril
  • DSA-3917 catdoc
  • DSA-3921 enigmail
  • DSA-3922 mysql-5.5
  • DSA-3924 varnish
  • DSA-3928 firefox-esr
  • DSA-3929 libsoup2.4
  • DSA-3930 freeradius
  • DSA-3932 subversion
  • DSA-3933 pjproject
  • DSA-3934 git
  • DSA-3935 postgresql-9.4
  • DSA-3937 zabbix
  • DSA-3938 libgd2
  • DSA-3939 botan1.10
  • DSA-3940 cvs
  • DSA-3942 supervisor
  • DSA-3943 gajim
  • DSA-3945 linux
  • DSA-3946 libmspack
  • DSA-3947 newsbeuter
  • DSA-3948 ioquake3
  • DSA-3949 augeas
  • DSA-3950 libraw
  • DSA-3951 smb4k
  • DSA-3952 libxml2
  • DSA-3956 connman
  • DSA-3958 fontforge
  • DSA-3960 gnupg
  • DSA-3961 libgd2
  • DSA-3962 strongswan
  • DSA-3963 mercurial
  • DSA-3964 asterisk
  • DSA-3969 xen
  • DSA-3970 emacs24
  • DSA-3971 tcpdump
  • DSA-3972 bluez
  • DSA-3973 wordpress-shibboleth
  • DSA-3974 tomcat8
  • DSA-3976 freexl
  • DSA-3977 newsbeuter
  • DSA-3978 gdk-pixbuf
  • DSA-3979 pyjwt
  • DSA-3980 apache2
  • DSA-3981 linux
  • DSA-3982 perl
  • DSA-3983 samba
  • DSA-3984 git
  • DSA-3986 ghostscript
  • DSA-3987 firefox-esr
  • DSA-3988 libidn2-0
  • DSA-3989 dnsmasq
  • DSA-3990 asterisk
  • DSA-3992 curl
  • DSA-3995 libxfont
  • DSA-3997 wordpress
  • DSA-3998 nss
  • DSA-3999 wpa
  • DSA-4000 xorg-server
  • DSA-4002 mysql-5.5
  • DSA-4004 jackson-databind
  • DSA-4006 mupdf
  • DSA-4007 curl
  • DSA-4008 wget
  • DSA-4011 quagga
  • DSA-4012 libav
  • DSA-4013 openjpeg2
  • DSA-4016 irssi
  • DSA-4018 openssl
  • DSA-4021 otrs2
  • DSA-4022 libreoffice
  • DSA-4025 libpam4j
  • DSA-4026 bchunk
  • DSA-4027 postgresql-9.4
  • DSA-4029 postgresql-common
  • DSA-4033 konversation
  • DSA-4035 firefox-esr
  • DSA-4037 jackson-databind
  • DSA-4038 shibboleth-sp2
  • DSA-4039 opensaml2
  • DSA-4040 imagemagick
  • DSA-4041 procmail
  • DSA-4042 libxml-libxml-perl
  • DSA-4043 samba
  • DSA-4045 vlc
  • DSA-4046 libspring-ldap-java
  • DSA-4047 otrs2
  • DSA-4051 curl
  • DSA-4052 bzr
Removed packages
The following packages were removed due to circumstances beyond our control:
  • libnet-ping-external-perl Unmaintained, security issues
  • aiccu Useless since shutdown of SixXS
Versienummer 9.3 / 8.10
Releasestatus Final
Besturingssystemen Linux
Website Debian
Download https://www.debian.org/mirror/list
Licentietype Voorwaarden (GNU/BSD/etc.)

Door

Meukposter

0 Linkedin Google+

Bron: Debian

Reacties


Er zijn nog geen reacties geplaatst

Op dit item kan niet meer gereageerd worden.


Call of Duty: Black Ops 4 HTC U12+ dual sim LG W7 Google Pixel 3 XL OnePlus 6 Battlefield V Samsung Galaxy S9 Dual Sim Google Pixel 3

Tweakers vormt samen met Tweakers Elect, Hardware.Info, Autotrack, Nationale Vacaturebank en Intermediair de Persgroep Online Services B.V. © 1998 - 2018 Hosting door True

*