Debian 8.8 megjelenés, Debian GNU/Linux 8 “Jessie” frissítés

Debian 8.8 megjelenés, Debian GNU/Linux 8 “Jessie” frissítés

Megjelent az új GNU/Linux, a Debian 8.8-es verziója, A “Jessie” kódnévre keresztelt linux disztribúció megjelenésével az első debian, amelyik a systemd-s initet tartalmazza. Két új architektúra támogatottsága is bekerült a Debian 8-ba, így már arm64 és ppc64-el  architektúrákon is futtatható a az új stabil debian.

Nagyon sok verzióban tölthető le a Debian Jessie, a szokásos architektúrákban, 32bites és 64bites verzióban, teljes DVD set, CD image. live DVD, a leggyakoribb Desktop verziókban, és a szokásos minimális “net-install” verziót is ingyen használhatjuk.

A Debian 8.8 linux frissítései

+-------------------------+-------------------------------------------+
| Package                 | Reason                                    |
+-------------------------+-------------------------------------------+
| activemq [1]            | Fix DoS in activemq-core via shutdown     |
|                         | command [CVE-2015-7559]                   |
|                         |                                           |
| apf-firewall [2]        | Add compatibility with kernels >= 3.X     |
|                         |                                           |
| apt-xapian-index [3]    | Remove call to update-python-modules      |
|                         |                                           |
| base-files [4]          | Update for the point release              |
|                         |                                           |
| binutils [5]            | Apply patch from upstream to fix gold on  |
|                         | arm64                                     |
|                         |                                           |
| ca-certificates [6]     | Update-ca-certificates: update local      |
|                         | certificates directory when calling --    |
|                         | fresh; support running without hooks      |
|                         |                                           |
| commons-daemon [7]      | Fix ppc64el support                       |
|                         |                                           |
| crafty [8]              | Do not generate CPU specific code         |
|                         |                                           |
| debian-edu-doc [9]      | Update translations                       |
|                         |                                           |
| debian-installer [10]   | Rebuild for the point release             |
|                         |                                           |
| debian-installer-       | Rebuild for the point release             |
| netboot-images [11]     |                                           |
|                         |                                           |
| dropbear [12]           | Fix command restriction bypass in         |
|                         | authorized_keys [CVE-2016-3116], format   |
|                         | string injection [CVE-2016-7406] and      |
|                         | arbitrary code execution issues           |
|                         | [CVE-2016-7407 CVE-2016-7408]             |
|                         |                                           |
| erlang [13]             | Fix heap overflow vulnerability in        |
|                         | regular expression parsing [CVE-2016-     |
|                         | 10253]                                    |
|                         |                                           |
| glibc [14]              | Fix PowerPC sqrt inaccuracy               |
|                         |                                           |
| gnome-media [15]        | Add missing Breaks: gnome-media-common,   |
|                         | libgnome-media-dev, libgnome-media0 to    |
|                         | match Replaces                            |
|                         |                                           |
| gnome-screenshot [16]   | Use dash for time format separator        |
|                         |                                           |
| gnome-settings-         | Use dash for time format separator        |
| daemon [17]             |                                           |
|                         |                                           |
| gnutls28 [18]           | Fix truncation issue in PKCS#12 password  |
|                         | encoding; fix double free in certificate  |
|                         | information printing [CVE-2017-5334]; fix |
|                         | memory leak in server side error path;    |
|                         | fix memory leaks and an infinite loop in  |
|                         | OpenPGP certificate parsing [CVE-2017-    |
|                         | 5335 CVE-2017-5336 CVE-2017-5337]; fix    |
|                         | integer overflow in OpenPGP certificate   |
|                         | parsing [CVE-2017-7869]; fix read past    |
|                         | the end of buffer in OpenPGP certificate  |
|                         | parsing; fix crashes in OpenPGP           |
|                         | certificate parsing, related to private   |
|                         | key parsing [GNUTLS-SA-2017-3B]; fix      |
|                         | possible OOM in OpenPGP certificate       |
|                         | parsing [GNUTLS-SA-2017-3C]               |
|                         |                                           |
| groovy [19]             | Fix remote code execution vulnerability   |
|                         | via crafted serialized object [CVE-2016-  |
|                         | 6814]                                     |
|                         |                                           |
| groovy2 [20]            | Fix remote code execution vulnerability   |
|                         | via crafted serialized object [CVE-2016-  |
|                         | 6814]                                     |
|                         |                                           |
| guile-2.0 [21]          | Fix REPL server vulnerability [CVE-2016-  |
|                         | 8606], mkdir umask-related vulnerability  |
|                         | [CVE-2016-8605]                           |
|                         |                                           |
| initramfs-tools [22]    | Include drivers for all keyboards when    |
|                         | MODULES=dep; include most USB host        |
|                         | drivers and all bus driver modules;       |
|                         | remove code that prunes 'broken' symlinks |
|                         | and sometimes /etc/mtab; add all I2C bus  |
|                         | and mux drivers when MODULES=most; stop   |
|                         | force-loading drivers found through sysfs |
|                         | when MODULES=dep                          |
|                         |                                           |
| installation-guide [23] | Fix instructions for creating             |
|                         | syslinux.cfg to work with syslinux 5      |
|                         |                                           |
| irqbalance [24]         | Only warn once for affinity hint subset   |
|                         | empty irqs                                |
|                         |                                           |
| kup [25]                | Backport changes needed to work with      |
|                         | kernel.org in future                      |
|                         |                                           |
| libdatetime-timezone-   | Update included data to 2017b             |
| perl [26]               |                                           |
|                         |                                           |
| libindicate [27]        | libindicate-gtk3-dev: depend on           |
|                         | libindicate-gtk3-3 instead of             |
|                         | libindicate-gtk3                          |
|                         |                                           |
| libmateweather [28]     | Rename Rangoon timezone to Yangon (follow |
|                         | tzdata 2016g change)                      |
|                         |                                           |
| libvirt [29]            | Improve qemu v2.6+ compatibility          |
|                         |                                           |
| libvorbisidec [30]      | Add libogg-dev dependency to              |
|                         | libvorbisidec-dev                         |
|                         |                                           |
| libxslt [31]            | Check for integer overflow in             |
|                         | xsltAddTextString [CVE-2017-5029]         |
|                         |                                           |
| linux [32]              | Update to new stable release 3.16.43; mm/ |
|                         | huge_memory.c: fix up  "mm/huge_memory.c: |
|                         | respect FOLL_FORCE/FOLL_COW for thp"      |
|                         | backort                                   |
|                         |                                           |
| logback [33]            | Don't deserialize data from untrusted     |
|                         | sockets [CVE-2017-5929]                   |
|                         |                                           |
| lxc [34]                | Ensure target netns is caller-owned       |
|                         | [CVE-2017-5985]                           |
|                         |                                           |
| minicom [35]            | Fix out of bounds write in vt100.c        |
|                         | [CVE-2017-7467]                           |
|                         |                                           |
| modsecurity-crs [36]    | Fix typo in                               |
|                         | modsecurity_crs_16_session_hijacking.conf |
|                         |                                           |
| mongodb [37]            | Fix permissions on .dbshell [CVE-2016-    |
|                         | 6494]; redact key and nonce from auth     |
|                         | attempt logs                              |
|                         |                                           |
| ndisc6 [38]             | Use upstream default merge hook when      |
|                         | resolvconf is not available               |
|                         |                                           |
| ndoutils [39]           | Postrm purge: Check for ucf before        |
|                         | calling it                                |
|                         |                                           |
| nvidia-graphics-        | New upstream version (340.102) containing |
| drivers [40]            | security fixes [CVE-2017-0309 CVE-2017-   |
|                         | 0310 CVE-2017-0311 CVE-2017-0318          |
|                         | CVE-2017-0321]; fix module build on Linux |
|                         | 4.10 and newer                            |
|                         |                                           |
| nvidia-graphics-        | New upstream version (304.135) containing |
| drivers-                | security fixes [CVE-2017-0309 CVE-2017-   |
| legacy-304xx [41]       | 0310 CVE-2017-0311 CVE-2017-0318          |
|                         | CVE-2017-0321]; fix module build on Linux |
|                         | 4.10 and newer                            |
|                         |                                           |
| nvidia-graphics-        | Rebuild using nvidia-kernel-source        |
| modules [42]            | 340.102                                   |
|                         |                                           |
| openchange [43]         | Fix build failure with samba 4.2          |
|                         |                                           |
| openmpi [44]            | libopenmpi1.6: Fix two incorrect soname   |
|                         | links, Use versioned Conflicts:           |
|                         | libopenmpi2 (<< 1.6) to not interfere     |
|                         | with upgrades to stretch                  |
|                         |                                           |
| plv8 [45]               | Check for permission to call functions    |
|                         |                                           |
| postfix [46]            | Fix build failure with Linux 4.x kernels; |
|                         | add delmap to .prerm for all packages     |
|                         | that contain map data types exposed       |
|                         | through external .so files so that        |
|                         | upgrades to stretch (where the associated |
|                         | files have moved) will be functional      |
|                         |                                           |
| postgresql-9.4 [47]     | New upstream release                      |
|                         |                                           |
| python-                 | Fix HKDF issue with small key sizes       |
| cryptography [48]       | [CVE-2016-9243]; fix build failure due to |
|                         | SSL2 method detection                     |
|                         |                                           |
| radare2 [49]            | Fix denial of service vulnerability       |
|                         | [CVE-2017-6197]                           |
|                         |                                           |
| sane-backends [50]      | Fix security issue [CVE-2017-6318]        |
|                         |                                           |
| sendmail [51]           | Only touch files as smmsp:smmsp in /var/  |
|                         | run/sendmail/stampdir to avoid possible   |
|                         | privilege escalation; use lockfile-create |
|                         | (from lockfile-progs) instead of touch to |
|                         | manage the cronjob lockfiles; sendmail-   |
|                         | base: Add Depends: netbase for /etc/      |
|                         | services                                  |
|                         |                                           |
| sitesummary [52]        | Fix package pre-removal script            |
|                         |                                           |
| smemstat [53]           | Fix null pointer dereference when UID     |
|                         | can't be read                             |
|                         |                                           |
| spip [54]               | Fix multiple cross-site scripting issues, |
|                         | server side request forgery attacks       |
|                         | [CVE-2016-7999], directory traversal      |
|                         | [CVE-2016-7982], arbitrary code execution |
|                         | [CVE-2016-7998], cross-site request       |
|                         | forgery [CVE-2016-7980], cross-site       |
|                         | scripting vulnerabilities [CVE-2016-7981  |
|                         | CVE-2016-9997 CVE-2016-9998 CVE-2016-     |
|                         | 9152]                                     |
|                         |                                           |
| sus [55]                | Update for SUSv4 TC2                      |
|                         |                                           |
| synergy [56]            | Fix a crash when synergyc starts          |
|                         |                                           |
| systemd [57]            | Fix boolean properties retrieved via sd-  |
|                         | bus on big-endian architectures;          |
|                         | systemctl: Add is-enabled support for     |
|                         | SysV init scripts; if the start command   |
|                         | vanishes during runtime don't hit an      |
|                         | assert; if an automount unit is masked,   |
|                         | don't react to activation                 |
|                         |                                           |
| transmissionrpc [58]    | Add missing dependency from Python        |
|                         | modules to python-six                     |
|                         |                                           |
| tzdata [59]             | Update included data to 2017b; enable     |
|                         | partial translations of debconf templates |
|                         |                                           |
| unzip [60]              | Fix buffer overflows in unzip [CVE-2014-  |
|                         | 9913] and zipinfo [CVE-2016-9844]         |
|                         |                                           |
| uwsgi [61]              | Fix build failure with recent glibc       |
|                         |                                           |
| vim [62]                | Fix buffer overflows when reading         |
|                         | corrupted undo files [CVE-2017-6349       |
|                         | CVE-2017-6350]                            |
|                         |                                           |
| vlc [63]                | New upstream release                      |
|                         |                                           |
| webissues-server [64]   | postrm purge: Check for ucf before        |
|                         | calling it                                |
|                         |                                           |
| wget [65]               | Fix CRLF injection in URL host parts      |
|                         | [CVE-2017-6508]                           |
|                         |                                           |
| xmobar [66]             | Update weather feed URL                   |
|                         |                                           |
| xshisen [67]            | Fix frequent segfault on start            |
|                         |                                           |
| yara [68]               | Fix several security issues [CVE-2016-    |
|                         | 10210 CVE-2016-10211 CVE-2017-5923        |
|                         | CVE-2017-5924]                            |
|                         |                                           |
+-------------------------+-------------------------------------------+

A Debian 8.8 linux biztonsági frissítései

+----------------+--------------------------------+
| Advisory ID    | Package                        |
+----------------+--------------------------------+
| DSA-3690 [69]  | icedove [70]                   |
|                |                                |
| DSA-3711 [71]  | mariadb-10.0 [72]              |
|                |                                |
| DSA-3730 [73]  | icedove [74]                   |
|                |                                |
| DSA-3743 [75]  | python-bottle [76]             |
|                |                                |
| DSA-3756 [77]  | icoutils [78]                  |
|                |                                |
| DSA-3757 [79]  | icedove [80]                   |
|                |                                |
| DSA-3758 [81]  | bind9 [82]                     |
|                |                                |
| DSA-3759 [83]  | python-pysaml2 [84]            |
|                |                                |
| DSA-3760 [85]  | ikiwiki [86]                   |
|                |                                |
| DSA-3761 [87]  | rabbitmq-server [88]           |
|                |                                |
| DSA-3762 [89]  | tiff [90]                      |
|                |                                |
| DSA-3763 [91]  | pdns-recursor [92]             |
|                |                                |
| DSA-3764 [93]  | pdns [94]                      |
|                |                                |
| DSA-3765 [95]  | icoutils [96]                  |
|                |                                |
| DSA-3766 [97]  | mapserver [98]                 |
|                |                                |
| DSA-3767 [99]  | mysql-5.5 [100]                |
|                |                                |
| DSA-3768 [101] | openjpeg2 [102]                |
|                |                                |
| DSA-3769 [103] | libphp-swiftmailer [104]       |
|                |                                |
| DSA-3770 [105] | mariadb-10.0 [106]             |
|                |                                |
| DSA-3771 [107] | firefox-esr [108]              |
|                |                                |
| DSA-3772 [109] | libxpm [110]                   |
|                |                                |
| DSA-3773 [111] | openssl [112]                  |
|                |                                |
| DSA-3774 [113] | lcms2 [114]                    |
|                |                                |
| DSA-3775 [115] | tcpdump [116]                  |
|                |                                |
| DSA-3776 [117] | chromium-browser [118]         |
|                |                                |
| DSA-3777 [119] | libgd2 [120]                   |
|                |                                |
| DSA-3778 [121] | ruby-archive-tar-minitar [122] |
|                |                                |
| DSA-3779 [123] | wordpress [124]                |
|                |                                |
| DSA-3780 [125] | ntfs-3g [126]                  |
|                |                                |
| DSA-3781 [127] | svgsalamander [128]            |
|                |                                |
| DSA-3783 [129] | php5 [130]                     |
|                |                                |
| DSA-3784 [131] | viewvc [132]                   |
|                |                                |
| DSA-3785 [133] | jasper [134]                   |
|                |                                |
| DSA-3786 [135] | vim [136]                      |
|                |                                |
| DSA-3787 [137] | tomcat7 [138]                  |
|                |                                |
| DSA-3788 [139] | tomcat8 [140]                  |
|                |                                |
| DSA-3789 [141] | libevent [142]                 |
|                |                                |
| DSA-3790 [143] | spice [144]                    |
|                |                                |
| DSA-3791 [145] | linux [146]                    |
|                |                                |
| DSA-3792 [147] | libreoffice [148]              |
|                |                                |
| DSA-3793 [149] | shadow [150]                   |
|                |                                |
| DSA-3794 [151] | munin [152]                    |
|                |                                |
| DSA-3795 [153] | bind9 [154]                    |
|                |                                |
| DSA-3796 [155] | apache2 [156]                  |
|                |                                |
| DSA-3796 [157] | sitesummary [158]              |
|                |                                |
| DSA-3797 [159] | mupdf [160]                    |
|                |                                |
| DSA-3798 [161] | tnef [162]                     |
|                |                                |
| DSA-3799 [163] | imagemagick [164]              |
|                |                                |
| DSA-3800 [165] | libquicktime [166]             |
|                |                                |
| DSA-3801 [167] | ruby-zip [168]                 |
|                |                                |
| DSA-3802 [169] | zabbix [170]                   |
|                |                                |
| DSA-3803 [171] | texlive-base [172]             |
|                |                                |
| DSA-3804 [173] | linux [174]                    |
|                |                                |
| DSA-3805 [175] | firefox-esr [176]              |
|                |                                |
| DSA-3806 [177] | pidgin [178]                   |
|                |                                |
| DSA-3807 [179] | icoutils [180]                 |
|                |                                |
| DSA-3808 [181] | imagemagick [182]              |
|                |                                |
| DSA-3809 [183] | mariadb-10.0 [184]             |
|                |                                |
| DSA-3810 [185] | chromium-browser [186]         |
|                |                                |
| DSA-3811 [187] | wireshark [188]                |
|                |                                |
| DSA-3812 [189] | ioquake3 [190]                 |
|                |                                |
| DSA-3813 [191] | r-base [192]                   |
|                |                                |
| DSA-3814 [193] | audiofile [194]                |
|                |                                |
| DSA-3815 [195] | wordpress [196]                |
|                |                                |
| DSA-3816 [197] | samba [198]                    |
|                |                                |
| DSA-3817 [199] | jbig2dec [200]                 |
|                |                                |
| DSA-3818 [201] | gst-plugins-bad1.0 [202]       |
|                |                                |
| DSA-3819 [203] | gst-plugins-base1.0 [204]      |
|                |                                |
| DSA-3820 [205] | gst-plugins-good1.0 [206]      |
|                |                                |
| DSA-3821 [207] | gst-plugins-ugly1.0 [208]      |
|                |                                |
| DSA-3822 [209] | gstreamer1.0 [210]             |
|                |                                |
| DSA-3823 [211] | eject [212]                    |
|                |                                |
| DSA-3824 [213] | firebird2.5 [214]              |
|                |                                |
| DSA-3825 [215] | jhead [216]                    |
|                |                                |
| DSA-3826 [217] | tryton-server [218]            |
|                |                                |
| DSA-3827 [219] | jasper [220]                   |
|                |                                |
| DSA-3828 [221] | dovecot [222]                  |
|                |                                |
| DSA-3829 [223] | bouncycastle [224]             |
|                |                                |
| DSA-3830 [225] | icu [226]                      |
|                |                                |
| DSA-3831 [227] | firefox-esr [228]              |
|                |                                |
| DSA-3832 [229] | hunspell-en-us [230]           |
|                |                                |
| DSA-3832 [231] | uzbek-wordlist [232]           |
|                |                                |
| DSA-3832 [233] | icedove [234]                  |
|                |                                |
| DSA-3833 [235] | libav [236]                    |
|                |                                |
| DSA-3834 [237] | mysql-5.5 [238]                |
|                |                                |
| DSA-3835 [239] | python-django [240]            |
|                |                                |
| DSA-3836 [241] | weechat [242]                  |
|                |                                |
| DSA-3837 [243] | libreoffice [244]              |
|                |                                |
| DSA-3838 [245] | ghostscript [246]              |
|                |                                |
| DSA-3839 [247] | freetype [248]                 |
|                |                                |
+----------------+--------------------------------+

Hasonló IT bejegyzések, oldalak

No Comments.

Leave a Reply