Debian 8.7 megjelenés, Debian GNU/Linux 8 “Jessie” frissítés

Debian 8.7 megjelenés, Debian GNU/Linux 8 “Jessie” frissítés

Megjelent az új GNU/Linux, a Debian 8.7-es verziója, A “Jessie” kódnévre keresztelt linux disztribúció megjelenésével az első debian, amelyik a systemd-s initet tartalmazza. Két új architektúra támogatottsága is bekerült a Debian 8-ba, így már arm64 és ppc64el  architektúrákon is futtatható a az új stabil debian.

Nagyon sok verzióban tölthető le a Debian Jessie, a szokásos architektúrákban, 32bites és 64bites verzióban, teljes DVD set, CD image. live DVD, a leggyakoribb Desktop verziókban, és a szokásos minimális “net-install” verziót is ingyen használhatjuk.

A Debian 8.7 linux frissítései

+--------------------------+------------------------------------------+
| Package                  | Reason                                   |
+--------------------------+------------------------------------------+
| ark [1]                  | Stop crashing on exit when being used    |
|                          | solely as a KPart                        |
|                          |                                          |
| asterisk [2]             | Fix security issue due to non-printable  |
|                          | ASCII chars treated as whitespace        |
|                          | [CVE-2016-9938]                          |
|                          |                                          |
| asused [3]               | Use created fields instead of changed,   |
|                          | in line with changes to source data      |
|                          |                                          |
| base-files [4]           | Change /etc/debian_version to 8.7        |
|                          |                                          |
| bash [5]                 | Fix arbitrary code execution via         |
|                          | malicious hostname [CVE-2016-0634] and   |
|                          | specially crafted SHELLOPTS+PS4          |
|                          | variables allows command substitution    |
|                          | [CVE-2016-7543]                          |
|                          |                                          |
| ca-certificates [6]      | Update Mozilla certificate authority     |
|                          | bundle to version 2.9; postinst: run     |
|                          | update-certificates without hooks to     |
|                          | initially populate /etc/ssl/certs        |
|                          |                                          |
| cairo [7]                | Fix DoS via using SVG to generate        |
|                          | invalid pointers [CVE-2016-9082]         |
|                          |                                          |
| ccache [8]               | [amd64] Rebuild in a clean environment   |
|                          |                                          |
| ceph [9]                 | Fix short CORS request issue [CVE-2016-  |
|                          | 9579], mon DoS [CVE-2016-5009],          |
|                          | anonymous read on ACL [CVE-2016-7031],   |
|                          | RGW DoS [CVE-2016-8626]                  |
|                          |                                          |
| chirp [10]               | Disable reporting of telemetry by        |
|                          | default                                  |
|                          |                                          |
| cyrus-imapd-2.4 [11]     | Fix LIST GROUP support                   |
|                          |                                          |
| darktable [12]           | Fix integer overflow in ljpeg_start()    |
|                          | [CVE-2015-3885]                          |
|                          |                                          |
| dbus [13]                | Fix potential format string              |
|                          | vulnerability; dbus.prerm: ensure that   |
|                          | dbus.socket is stopped before removal    |
|                          |                                          |
| debian-edu-doc [14]      | Update Debian Edu Jessie manual from the |
|                          | wiki; fix (da|nl) Jessie manual PO files |
|                          | to get the PDF manuals built;            |
|                          | translation updates                      |
|                          |                                          |
| debian-edu-install [15]  | Update version number to 8+edu1          |
|                          |                                          |
| debian-installer [16]    | Rebuild for the point release            |
|                          |                                          |
| debian-installer-        | Rebuild for the point release            |
| netboot-images [17]      |                                          |
|                          |                                          |
| duck [18]                | Fix loading of code from untrusted       |
|                          | location [CVE-2016-1239]                 |
|                          |                                          |
| e2fsprogs [19]           | Rebuild against dietlibc                 |
|                          | 0.33~cvs20120325-6+deb8u1, to pick up    |
|                          | included security fixes                  |
|                          |                                          |
| ebook-speaker [20]       | Fix hint about installing html2text to   |
|                          | read html files                          |
|                          |                                          |
| elog [21]                | Fix posting entry as arbitrary username  |
|                          | [CVE-2016-6342]                          |
|                          |                                          |
| evolution-data-          | Fix premature drop of connection with    |
| server [22]              | reduced TCP window sizes and resulting   |
|                          | loss of data                             |
|                          |                                          |
| exim4 [23]               | Fix GnuTLS memory leak                   |
|                          |                                          |
| file [24]                | Fix memory leak in magic loader          |
|                          |                                          |
| ganeti-instance-         | Fix losetup invocations by replacing -s  |
| debootstrap [25]         | with --show                              |
|                          |                                          |
| glibc [26]               | Do not unconditionally use the fsqrt     |
|                          | instruction on 64-bit PowerPC CPUs; fix  |
|                          | a regression introduced by cvs-resolv-   |
|                          | ipv6-nameservers.diff in hesiod; disable |
|                          | lock elision (aka Intel TSX) on x86      |
|                          | architectures                            |
|                          |                                          |
| glusterfs [27]           | Quota: Fix could not start auxiliary     |
|                          | mount issue                              |
|                          |                                          |
| gnutls28 [28]            | Fix incorrect certificate validation     |
|                          | when using OCSP responses [GNUTLS-       |
|                          | SA-2016-3 / CVE-2016-7444]; ensure       |
|                          | compatibility with CVE-2016-6489-patched |
|                          | nettle                                   |
|                          |                                          |
| hplip [29]               | Use full gpg key fingerprint when        |
|                          | fetching key from keyservers [CVE-2015-  |
|                          | 0839]                                    |
|                          |                                          |
| ieee-data [30]           | Disable monthly update cron job          |
|                          |                                          |
| intel-microcode [31]     | Update microcode                         |
|                          |                                          |
| irssi [32]               | Fix information exposure issue via       |
|                          | buf.pl and /upgrade [CVE-2016-7553]; fix |
|                          | NULL pointer dereference in the nickcmp  |
|                          | function [CVE-2017-5193], use-after-free |
|                          | when receiving invalid nick message      |
|                          | [CVE-2017-5194] and out-of-bounds read   |
|                          | in certain incomplete control codes      |
|                          | [CVE-2017-5195]                          |
|                          |                                          |
| isenkram [33]            | Download firmware using curl; use HTTPS  |
|                          | when downloading modaliases; change      |
|                          | mirror from http.debian.net to           |
|                          | httpredir.debian.org                     |
|                          |                                          |
| jq [34]                  | Fix heap buffer overflow [CVE-2015-8863] |
|                          | and stack exhaustion [CVE-2016-4074]     |
|                          |                                          |
| libclamunrar [35]        | Fix out-of-band access                   |
|                          |                                          |
| libdatetime-timezone-    | Update to 2016h; update included data to |
| perl [36]                | 2016i; update to 2016j; update to 2016g  |
|                          |                                          |
| libfcgi-perl [37]        | Fix  "numerous connections cause         |
|                          | segfault DoS"  [CVE-2012-6687]           |
|                          |                                          |
| libio-socket-ssl-        | Fix issue with incorrect  "unreadable    |
| perl [38]                | SSL_key_file"  error when using          |
|                          | filesystem ACLs                          |
|                          |                                          |
| libmateweather [39]      | Switch from discontinued                 |
|                          | weather.noaa.gov to aviationweather.gov  |
|                          |                                          |
| libphp-adodb [40]        | Fix XSS vulnerability [CVE-2016-4855]    |
|                          | and SQL injection issue [CVE-2016-7405]  |
|                          |                                          |
| libpng [41]              | Fix null pointer deference issue         |
|                          | [CVE-2016-10087]                         |
|                          |                                          |
| libwmf [42]              | Fix allocating huge block of memory      |
|                          | [CVE-2016-9011]                          |
|                          |                                          |
| linkchecker [43]         | Fix HTTPS checks                         |
|                          |                                          |
| linux [44]               | Update to stable 3.16.39; add chaoskey   |
|                          | driver, backported from 4.8, support for |
|                          | n25q256a11 SPI flash device;             |
|                          | security,perf: Allow unprivileged use of |
|                          | perf_event_open to be disabled; several  |
|                          | bug and security fixes                   |
|                          |                                          |
| lxc [45]                 | Attach: do not send procfd to attached   |
|                          | process [CVE-2016-8649]; remount bind    |
|                          | mounts if read-only flag is provided;    |
|                          | fix Alpine Linux container creation      |
|                          |                                          |
| mapserver [46]           | Fix FTBFS with php >= 5.6.25; fix        |
|                          | information leak via error messages      |
|                          | [CVE-2016-9839]                          |
|                          |                                          |
| mdadm [47]               | Allow '--grow --continue' to             |
|                          | successfully reshape an array when using |
|                          | backup space on a 'spare' device         |
|                          |                                          |
| metar [48]               | Update report URL                        |
|                          |                                          |
| minissdpd [49]           | Fix improper validation of array index   |
|                          | vulnerability [CVE-2016-3178 CVE-2016-   |
|                          | 3179]                                    |
|                          |                                          |
| monotone [50]            | Change the sigpipe test case to write 1M |
|                          | of test data to increase chances of      |
|                          | overflowing the pipe buffer              |
|                          |                                          |
| most [51]                | Fix shell injection attack when opening  |
|                          | lzma-compressed files [CVE-2016-1253]    |
|                          |                                          |
| mpg123 [52]              | Fix DoS with crafted ID3v2 tags          |
|                          |                                          |
| musl [53]                | Fix integer overflow [CVE-2016-8859]     |
|                          |                                          |
| nbd [54]                 | Stop mixing global flags into the flags  |
|                          | field that gets sent to the kernel, so   |
|                          | that connecting to nbd-server >= 3.9     |
|                          | does not cause every export to be        |
|                          | (incorrectly) marked as read-only        |
|                          |                                          |
| nettle [55]              | Protect against potential side-channel   |
|                          | attacks against exponentiation           |
|                          | operations [CVE-2016-6489]               |
|                          |                                          |
| nss-pam-ldapd [56]       | Have init script stop action only return |
|                          | when nslcd has actually stopped          |
|                          |                                          |
| nvidia-graphics-         | Update to new driver version, including  |
| drivers [57]             | security fixes [CVE-2016-8826 CVE-2016-  |
|                          | 7382 CVE-2016-7389]                      |
|                          |                                          |
| nvidia-graphics-drivers- | Update to new driver version, including  |
| legacy-304xx [58]        | security fixes [CVE-2016-8826 CVE-2016-  |
|                          | 7382 CVE-2016-7389]                      |
|                          |                                          |
| nvidia-graphics-         | Rebuild against nvidia-kernel-source     |
| modules [59]             | 340.101                                  |
|                          |                                          |
| openbox [60]             | Add libxcursor-dev build-dependency to   |
|                          | fix loading of startup notifications;    |
|                          | replace getgrent with getgroups so as    |
|                          | not to enumerate all groups at startup   |
|                          |                                          |
| opendkim [61]            | Fix relaxed canonicalization of folded   |
|                          | headers, which broke signatures          |
|                          |                                          |
| pam [62]                 | Fix handling of loginuid in containers   |
|                          |                                          |
| pgpdump [63]             | Fix endless loop parsing specially       |
|                          | crafted input in read_binary [CVE-2016-  |
|                          | 4021] and buffer overrun in read_radix64 |
|                          |                                          |
| postgresql-9.4 [64]      | New upstream release                     |
|                          |                                          |
| postgresql-common [65]   | Pg_upgradecluster: Properly upgrade      |
|                          | databases with non-login role owners;    |
|                          | pg_ctlcluster: Protect against symlink   |
|                          | in /var/log/postgresql/ allowing the     |
|                          | creation of arbitrary files elsewhere    |
|                          | [CVE-2016-1255]                          |
|                          |                                          |
| potrace [66]             | Security fixes [CVE-2016-8694 CVE-2016-  |
|                          | 8695 CVE-2016-8696 CVE-2016-8697         |
|                          | CVE-2016-8698 CVE-2016-8699 CVE-2016-    |
|                          | 8700 CVE-2016-8701 CVE-2016-8702         |
|                          | CVE-2016-8703]                           |
|                          |                                          |
| python-crypto [67]       | Raise a warning when IV is used with ECB |
|                          | or CTR and ignore the IV [CVE-2013-7459] |
|                          |                                          |
| python-werkzeug [68]     | Fix XSS issue in debugger                |
|                          |                                          |
| qtbase-opensource-       | Prevent bad-ptrs deref in                |
| src [69]                 | QNetworkConfigurationManagerPrivate; fix |
|                          | X11 tray icons on some desktops          |
|                          |                                          |
| rawtherapee [70]         | Fix buffer overflow in dcraw [CVE-2015-  |
|                          | 8366]                                    |
|                          |                                          |
| redmine [71]             | Handle dependency check failure when     |
|                          | triggered, to avoid breaking in the      |
|                          | middle of dist-upgrades; avoid opening   |
|                          | database configuration that are not      |
|                          | readable                                 |
|                          |                                          |
| samba [72]               | Fix  "client side SMB2/3 required        |
|                          | signing can be downgraded"  [CVE-2016-   |
|                          | 2119], various regressions introduced by |
|                          | the 4.2.10 security fixes, segfault with |
|                          | clustering                               |
|                          |                                          |
| sed [73]                 | Ensure consistent permissions with       |
|                          | different umasks                         |
|                          |                                          |
| shutter [74]             | Fix insecure usage of system()           |
|                          | [CVE-2015-0854]                          |
|                          |                                          |
| sniffit [75]             | Security fix [CVE-2014-5439]             |
|                          |                                          |
| suckless-tools [76]      | Fix SEGV in slock when user's account    |
|                          | has been disabled [CVE-2016-6866]        |
|                          |                                          |
| sympa [77]               | Fix logrotate configuration so that      |
|                          | sympa is not left in a confused state    |
|                          | when systemd is used                     |
|                          |                                          |
| systemd [78]             | Don't return any error in                |
|                          | manager_dispatch_notify_fd() [CVE-2016-  |
|                          | 7796]; core: Rework logic to determine   |
|                          | when we decide to add automatic deps for |
|                          | mounts; various ordering fixes for       |
|                          | ifupdown; systemctl: Fix argument        |
|                          | handling when invoked as shutdown;       |
|                          | localed: tolerate absence of /etc/       |
|                          | default/keyboard; systemctl, loginctl,   |
|                          | etc.: Don't start polkit agent when      |
|                          | running as root                          |
|                          |                                          |
| tevent [79]              | New upstream version, required for samba |
|                          |                                          |
| tre [80]                 | Fix regex integer overflow in buffer     |
|                          | size computations [CVE-2016-8859]        |
|                          |                                          |
| tzdata [81]              | Update included data to 2016h; update to |
|                          | 2016g; update to 2016j; update included  |
|                          | data to 2016i                            |
|                          |                                          |
| unrtf [82]               | Fix buffer overflow in various cmd_      |
|                          | functions [CVE-2016-10091]               |
|                          |                                          |
| w3m [83]                 | Several security fixes [CVE-2016-9430    |
|                          | CVE-2016-9434 CVE-2016-9438 CVE-2016-    |
|                          | 9440 CVE-2016-9441 CVE-2016-9423         |
|                          | CVE-2016-9431 CVE-2016-9424 CVE-2016-    |
|                          | 9432 CVE-2016-9433 CVE-2016-9437         |
|                          | CVE-2016-9422 CVE-2016-9435 CVE-2016-    |
|                          | 9436 CVE-2016-9426 CVE-2016-9425         |
|                          | CVE-2016-9428 CVE-2016-9442 CVE-2016-    |
|                          | 9443 CVE-2016-9429 CVE-2016-9621         |
|                          | CVE-2016-9439 CVE-2016-9622 CVE-2016-    |
|                          | 9623 CVE-2016-9624 CVE-2016-9625         |
|                          | CVE-2016-9626 CVE-2016-9627 CVE-2016-    |
|                          | 9628 CVE-2016-9629 CVE-2016-9631         |
|                          | CVE-2016-9630 CVE-2016-9632 CVE-2016-    |
|                          | 9633]                                    |
|                          |                                          |
| wireless-regdb [84]      | Update included data                     |
|                          |                                          |
| wot [85]                 | Remove plugin due to privacy issues      |
|                          |                                          |
| xwax [86]                | Replace ffmpeg with avconv from libav-   |
|                          | tools                                    |
|                          |                                          |
| zookeeper [87]           | Fix buffer overflow via the input        |
|                          | command when using the  "cmd:"  batch    |
|                          | mode syntax [CVE-2016-5017]              |
|                          |                                          |
+--------------------------+------------------------------------------+

A Debian 8.7 linux biztonsági frissítései

+----------------+----------------------------+
| Advisory ID    | Package                    |
+----------------+----------------------------+
| DSA-3636 [88]  | collectd [89]              |
|                |                            |
| DSA-3665 [90]  | openjpeg2 [91]             |
|                |                            |
| DSA-3666 [92]  | mysql-5.5 [93]             |
|                |                            |
| DSA-3667 [94]  | chromium-browser [95]      |
|                |                            |
| DSA-3668 [96]  | mailman [97]               |
|                |                            |
| DSA-3669 [98]  | tomcat7 [99]               |
|                |                            |
| DSA-3670 [100] | tomcat8 [101]              |
|                |                            |
| DSA-3671 [102] | wireshark [103]            |
|                |                            |
| DSA-3672 [104] | irssi [105]                |
|                |                            |
| DSA-3673 [106] | openssl [107]              |
|                |                            |
| DSA-3674 [108] | firefox-esr [109]          |
|                |                            |
| DSA-3675 [110] | imagemagick [111]          |
|                |                            |
| DSA-3676 [112] | unadf [113]                |
|                |                            |
| DSA-3677 [114] | libarchive [115]           |
|                |                            |
| DSA-3678 [116] | python-django [117]        |
|                |                            |
| DSA-3679 [118] | jackrabbit [119]           |
|                |                            |
| DSA-3680 [120] | bind9 [121]                |
|                |                            |
| DSA-3681 [122] | wordpress [123]            |
|                |                            |
| DSA-3682 [124] | c-ares [125]               |
|                |                            |
| DSA-3683 [126] | chromium-browser [127]     |
|                |                            |
| DSA-3684 [128] | libdbd-mysql-perl [129]    |
|                |                            |
| DSA-3685 [130] | libav [131]                |
|                |                            |
| DSA-3686 [132] | icedove [133]              |
|                |                            |
| DSA-3687 [134] | nspr [135]                 |
|                |                            |
| DSA-3688 [136] | nss [137]                  |
|                |                            |
| DSA-3689 [138] | php5 [139]                 |
|                |                            |
| DSA-3691 [140] | ghostscript [141]          |
|                |                            |
| DSA-3692 [142] | freeimage [143]            |
|                |                            |
| DSA-3693 [144] | libgd2 [145]               |
|                |                            |
| DSA-3694 [146] | tor [147]                  |
|                |                            |
| DSA-3695 [148] | quagga [149]               |
|                |                            |
| DSA-3696 [150] | linux [151]                |
|                |                            |
| DSA-3697 [152] | kdepimlibs [153]           |
|                |                            |
| DSA-3698 [154] | php5 [155]                 |
|                |                            |
| DSA-3700 [156] | asterisk [157]             |
|                |                            |
| DSA-3701 [158] | nginx [159]                |
|                |                            |
| DSA-3702 [160] | tar [161]                  |
|                |                            |
| DSA-3703 [162] | bind9 [163]                |
|                |                            |
| DSA-3704 [164] | memcached [165]            |
|                |                            |
| DSA-3705 [166] | curl [167]                 |
|                |                            |
| DSA-3706 [168] | mysql-5.5 [169]            |
|                |                            |
| DSA-3709 [170] | libxslt [171]              |
|                |                            |
| DSA-3710 [172] | pillow [173]               |
|                |                            |
| DSA-3712 [174] | terminology [175]          |
|                |                            |
| DSA-3713 [176] | gst-plugins-bad0.10 [177]  |
|                |                            |
| DSA-3714 [178] | akonadi [179]              |
|                |                            |
| DSA-3715 [180] | moin [181]                 |
|                |                            |
| DSA-3716 [182] | firefox-esr [183]          |
|                |                            |
| DSA-3717 [184] | gst-plugins-bad0.10 [185]  |
|                |                            |
| DSA-3717 [186] | gst-plugins-bad1.0 [187]   |
|                |                            |
| DSA-3718 [188] | drupal7 [189]              |
|                |                            |
| DSA-3719 [190] | wireshark [191]            |
|                |                            |
| DSA-3720 [192] | tomcat8 [193]              |
|                |                            |
| DSA-3721 [194] | tomcat7 [195]              |
|                |                            |
| DSA-3722 [196] | vim [197]                  |
|                |                            |
| DSA-3723 [198] | gst-plugins-good1.0 [199]  |
|                |                            |
| DSA-3724 [200] | gst-plugins-good0.10 [201] |
|                |                            |
| DSA-3725 [202] | icu [203]                  |
|                |                            |
| DSA-3726 [204] | imagemagick [205]          |
|                |                            |
| DSA-3727 [206] | hdf5 [207]                 |
|                |                            |
| DSA-3728 [208] | firefox-esr [209]          |
|                |                            |
| DSA-3729 [210] | xen [211]                  |
|                |                            |
| DSA-3731 [212] | chromium-browser [213]     |
|                |                            |
| DSA-3732 [214] | php-ssh2 [215]             |
|                |                            |
| DSA-3732 [216] | php5 [217]                 |
|                |                            |
| DSA-3733 [218] | apt [219]                  |
|                |                            |
| DSA-3734 [220] | firefox-esr [221]          |
|                |                            |
| DSA-3735 [222] | game-music-emu [223]       |
|                |                            |
| DSA-3736 [224] | libupnp [225]              |
|                |                            |
| DSA-3737 [226] | php5 [227]                 |
|                |                            |
| DSA-3738 [228] | tomcat7 [229]              |
|                |                            |
| DSA-3739 [230] | tomcat8 [231]              |
|                |                            |
| DSA-3740 [232] | samba [233]                |
|                |                            |
| DSA-3741 [234] | tor [235]                  |
|                |                            |
| DSA-3743 [236] | python-bottle [237]        |
|                |                            |
| DSA-3744 [238] | libxml2 [239]              |
|                |                            |
| DSA-3745 [240] | squid3 [241]               |
|                |                            |
| DSA-3747 [242] | exim4 [243]                |
|                |                            |
| DSA-3748 [244] | libcrypto++ [245]          |
|                |                            |
| DSA-3749 [246] | dcmtk [247]                |
|                |                            |
| DSA-3750 [248] | libphp-phpmailer [249]     |
|                |                            |
| DSA-3751 [250] | libgd2 [251]               |
|                |                            |
| DSA-3752 [252] | pcsc-lite [253]            |
|                |                            |
| DSA-3753 [254] | libvncserver [255]         |
|                |                            |
| DSA-3754 [256] | tomcat7 [257]              |
|                |                            |
| DSA-3755 [258] | tomcat8 [259]              |
|                |                            |
+----------------+----------------------------+

Hasonló IT bejegyzések, oldalak

No Comments.

Leave a Reply