Debian 8.3 megjelenés, Debian GNU/Linux 8 “Jessie” frissítés

Debian 8.3 megjelenés, Debian GNU/Linux 8 “Jessie” frissítés

Megjelent az új GNU/Linux, a Debian 8.3-as verziója, A “Jessie” kódnévre keresztelt linux disztribúció megjelenésével az első debian, amelyik a systemd-s initet tartalmazza. Két új architektúra támogatottsága is bekerült a Debian 8-ba, így már arm64 és ppc64el  architektúrákon is futtatható a az új stabil debian.

Nagyon sok verzióban tölthető le a Debian Jessie, a szokásos architektúrákban, 32bites és 64bites verzióban, teljes DVD set, CD image. live DVD, a leggyakoribb Desktop verziókban, és a szokásos minimális “net-install” verziót is ingyen használhatjuk.

A Debian 8.3 linux frissítései

Package Reason
android-platform-frameworks-base [i386] rebuild to fix dependency on android-libhost
apache2 Fix split-logfile to work with current perl, secondary-init-script to not source the main init script with ‘set -e’, tests on deferred MPM switch; add versioned Replaces / Breaks for libapache2-mod-macro
apt Hide first pdiff merge failure debug message; fix marking of deps of pkgs in APT::Never-MarkAuto-Sections as manual; do not parse Status fields from remote sources
apt-dater-host Fix kernel version detection
apt-offline Add missing dependency on python-apt
arb Skip compiler version check
augeas HTTPD lense: include /etc/apache2/conf-available directory, allow EOL comments after section tags
base-files Update for the 8.3 point release; os-release: drop trailing slash in SUPPORT_URL variable
bcfg2 Support Django 1.7
ben Fix compact links; ignore potential errors when deleting lock file; call dose-debcheck with –deb-native-arch
ca-certificates Update Mozilla certificate authority bundle to version 2.6
ceph URL-encode bucket name [CVE-2015-5245]
charybdis Security fix [CVE-2015-5290]; initialise gnutls properly
chrony Build depend on libcap-dev, to allow dropping of privileges
commons-httpclient Ensure HTTPS calls use http.socket.timeout during SSL Handshake [CVE-2015-5262]
cpuset Update filesystem namespace prefix patch
curlftpfs Avoid unsafe cast for getpass() on 64-bit architectures
dbconfig-common Fix permissions of PostgreSQL backup files
debian-handbook Update for Jessie
debian-installer Re-introduce installer images for QNAP TS-x09; provide u-boot images for plug computers; add the part_gpt module into the core grub image; add beep to UEFI x86 boot menu; add ‘s’ shortcut for speech to UEFI x86 boot menu; exclude usb-serial-modules from the armel network-console image and usb-modules explicitly on armel/orion5x network-console; drop the file extension from the initrd for QNAP devices; adjust p-u support to handle file:// instead of (f|ht)tp:// only
debian-installer-netboot-images Rebuild for the point release
docbook2x Do not install info/dir.gz files
doctrine Fix directory permissions issue [CVE-2015-5723]
drbd-utils Fix drbdadm adjust with IPv6 peer addresses
ejabberd Fix broken LDAP queries
exfat-utils Fix buffer overflow and infinite loop
exim4 Fix some MIME ACL related crashes; fix a bug causing duplicate deliveries, especially on TLS connections
fglrx-driver New upstream release; fix security issue [CVE-2015-7724]
file Fix –parameter handling
flash-kernel Avoid waiting for Ctrl-C if any debconf frontend is in use
fuse-exfat Fix buffer overflow and infinite loop
ganglia-modules-linux Only restart the ganglia service after installation if it was previously running
getmail4 Set poplib._MAXLINE=1MB
glance Prevent image status being directly modified via v1 API [CVE-2015-5251]
glibc Fix getaddrinfo sometimes returning uninitialized data with nscd; fix data corruption while reading the NSS files database [CVE-2015-5277]; fix buffer overflow (read past end of buffer) in internal_fnmatch; fix _IO_wstr_overflow integer overflow; fix unexpected closing of nss_files databases after lookups, causing denial of service [CVE-2014-8121]; fix NSCD netgroup cache; unconditionally disable LD_POINTER_GUARD; mangle function pointers in tls_dtor_list; fix memory allocations issues that can lead to buffer overflows on the stack; update TSX blacklist to also include some Broadwell CPUs
gnome-orca Ensure correct focus on password entry, so characters are not echoed
gnome-shell-extension-weather Display a warning if API key has not been supplied by the user, since querying no longer works without such a key
gummi Avoid predictable naming of temporary files [CVE 2015-7758]
human-icon-theme debian/ do not run processes in background
ieee-data Update included data files, adding mam.txt and oui36.txt; stop downloading via HTTPS, as neither wget nor curl support TLS AIA, as now used by
intel-microcode Update included microcode
iptables-persistent Stop rules files being world-readable; rewrite README
isc-dhcp Fix error when maximum lease time is used on 64-bit systems
keepassx Fix storage of passwords in clear text [CVE-2015-8378]
libapache-mod-fastcgi Switch B-D from libtool to libtool-bin to fix build failure
libapache2-mod-perl2 Fix crashes in modperl_interp_unselect()
libcgi-session-perl Untaint raw data coming from session storage backends, fixing a regression caused by CVE-2015-8607 fixes in perl
libdatetime-timezone-perl New upstream release
libencode-perl Correctly handle a lack of BOM when decoding
libhtml-scrubber-perl Fix cross-site scripting vulnerability in comments [CVE-2015-5667]
libinfinity Fix possible crashes when an entry is removed from the document browser and when access control lists are enabled
libiptables-parse-perl Fix use of predictable names for temporary files [CVE-2015-8326]
libraw Fix index overflow in smal_decode_segment [CVE-2015-8366]; fix memory objects are not initialized properly [CVE-2015-8367]
libssh Fix “null pointer dereference due to a logical error in the handling of a SSH_MSG_NEWKEYS and KEXDH_REPLY packets” [CVE-2015-3146]
linux Update to upstream release 3.16.7-ctk20; nbd: restore request timeout detection; [x86] enable PINCTRL_BAYTRAIL; [mips*/octeon] enable CAVIUM_CN63XXP1; firmware_class: fix condition in directory search loop; [x86] KVM: svm: unconditionally intercept #DB [CVE-2015-8104]
linux-tools Add new hyperv-daemons package
lldpd Fix a segfault and an assertion error when receiving incorrectly formed LLDP management addresses
madfuload Use autoreconf -fi to fix build failure with automake 1.14
mdadm Disable incremental assembly, as it can cause issues booting a degraded RAID
mkvmlinuz Direct run-parts output to stderr
monit Fix umask-related regression from 5.8.1
mpm-itk Fix an issue where closing of connections was attempted in the parent. This would result in “Connection: close” not being honoured, and various odd effects with SSL keepalive in certain browsers
multipath-tools Fix discovery of devices with blank sysfs attribute; add documentation to cover additional friendly names scenarios; init: fix stop failure when no root device is found; use ‘SCSI_IDENT_.*’ as the default property whitelist
netcfg Fix is_layer3_qeth on s390x to avoid bailing out if the network driver is not qeth
nvidia-graphics-drivers New upstream release [CVE-2015-5950]; fix Unsanitized User Mode Input issue [CVE-2015-7869]
nvidia-graphics-drivers-legacy-304xx New upstream release; fix unsanitized User Mode Input issue [CVE-2015-7869]
nvidia-graphics-modules Rebuild against nvidia-kernel-source 340.96
openldap Fix a crash when adding a large attribute value with the auditlog overlay enabled
openvpn Add –no-block to if-up.d script to avoid hanging boot on interfaces with openvpn instances
owncloud Fix local file inclusion on Microsoft Windows Platform [CVE-2015-4716], resource exhaustion when sanitizing filenames [CVE-2015-4717], command injection when using external SMB storage [CVE-2015-4718], calendar export: Authorization Bypass Through User-Controlled Key [CVE-2015-6670]; fix reflected XSS in OCS provider discovery [oc-sa-2016-001] [CVE-2016-1498], disclosure of files that begin with \”.v\” due to unchecked return value [oc-sa-2016-003] [CVE-2016-1500], information exposure via directory listing in the file scanner [oc-sa-2016-002] [CVE-2016-1499], installation path disclosure through error message [oc-sa-2016-004] [CVE-2016-1501]
pam Fix DoS / user enumeration due to blocking pipe in pam_unix [CVE-2015-3238]
pcre3 Fix security issues [CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073 CVE-2015-8384 CVE-2015-8388]
pdns Fix upgrades with default configuration
perl Correctly handle a lack of BOM when decoding
php-auth-sasl Rebuild with pkg-php-tools 1.28 to correct PHP dependencies
php-doctrine-annotations Fix directory permissions issue [CVE-2015-5723]
php-doctrine-cache Fix file / directory permissions issue [CVE-2015-5723]
php-doctrine-common Fix file permissions issue [CVE-2015-5723]
php-dropbox Refuse to handle any files containing an @ [CVE-2015-4715]
php-mail-mimedecode Rebuild with pkg-php-tools 1.28 to correct PHP dependencies
php5 New upstream release
plowshare4 Disable Javascript support
postgresql-9.1 New upstream release
pykerberos Add KDC authenticity verification support [CVE-2015-3206]
python-yaql Remove broken python3-yaql package
qpsmtpd Fix compatibility issue with newer Net::DNS versions
quassel Fix remote DoS in quassel core, using /op * command [CVE-2015-8547]
redis Ensure that a valid runtime directory is created when running under systemd
redmine Fix upgrades when there are locally-installed plugins; fix moving issues across projects
rsyslog Fix crash in imfile module when using inotify mode; prevent a segfault in dynafile creation
ruby-bson Fix DoS and possible injection [CVE-2015-4410]
s390-dasd If no channel is found, exit cleanly. This allows s390-dasd to step out of the way on VMs with virtio disks
shadow Fix error handling in busy user detection
sparse Fix build failure with llvm-3.5
spip Fix cross-site scripting issue
stk Install missing SKINI.{msg,tbl} include files
sus Update checksums for upstream tarball
swift Fix unauthorized delete of versioned Swift object [CVE-2015-1856]; fix information leak via Swift tempurls [CVE-2015-5223]; fix service name of object-expirer in init script; add container-sync init script; “standardise” user addition
systemd Fix namespace breakage due to incorrect path sorting; don’t timeout after 90 seconds when no password was entered for cryptsetup devices; only set the kernel’s timezone when the RTC runs in local time, avoiding possible jumps backward in time; fix incorrect handling of comma separator in systemd-delta; make DHCP broadcast behaviour configurable in systemd-networkd
tangerine-icon-theme debian/ do not run processes in background
torbrowser-launcher Really apply patches from 0.1.9-1+deb8u1; stop confining start-tor-browser script with AppArmor; set usr.bin.torbrowser-launcher AppArmor profiles to complain mode
ttylog Fix truncation of device name when selecting device
tzdata New upstream release
uqm Add missing -lm flag, fixing build failure
vlc New upstream stable release
webkitgtk New upstream stable release; fix “late TLS certificate verification” [CVE-2015-2330]
wxmaxima Prevent crash on encountering parenthesis in dialogues
zendframework Fix entropy issue with captcha [ZF2015-09]

A Debian 8.3 linux biztonsági frissítései

Advisory ID Package
DSA-3208 freexl
DSA-3235 openjdk-7
DSA-3280 php5
DSA-3311 mariadb-10.0
DSA-3316 openjdk-7
DSA-3324 icedove
DSA-3327 squid3
DSA-3332 wordpress
DSA-3337 gdk-pixbuf
DSA-3344 php5
DSA-3346 drupal7
DSA-3347 pdns
DSA-3348 qemu
DSA-3350 bind9
DSA-3351 chromium-browser
DSA-3352 screen
DSA-3353 openslp-dfsg
DSA-3354 spice
DSA-3355 libvdpau
DSA-3356 openldap
DSA-3357 vzctl
DSA-3358 php5
DSA-3359 virtualbox
DSA-3360 icu
DSA-3361 qemu
DSA-3363 owncloud-client
DSA-3364 linux
DSA-3365 iceweasel
DSA-3366 rpcbind
DSA-3367 wireshark
DSA-3368 cyrus-sasl2
DSA-3369 zendframework
DSA-3370 freetype
DSA-3371 spice
DSA-3373 owncloud
DSA-3374 postgresql-9.4
DSA-3375 wordpress
DSA-3376 chromium-browser
DSA-3377 mysql-5.5
DSA-3378 gdk-pixbuf
DSA-3379 miniupnpc
DSA-3380 php5
DSA-3381 openjdk-7
DSA-3382 phpmyadmin
DSA-3384 virtualbox
DSA-3385 mariadb-10.0
DSA-3386 unzip
DSA-3387 openafs
DSA-3388 ntp
DSA-3390 xen
DSA-3391 php-horde
DSA-3392 freeimage
DSA-3393 iceweasel
DSA-3394 libreoffice
DSA-3395 krb5
DSA-3397 wpa
DSA-3398 strongswan
DSA-3399 libpng
DSA-3400 lxc
DSA-3401 openjdk-7
DSA-3402 symfony
DSA-3403 libcommons-collections3-java
DSA-3404 python-django
DSA-3405 smokeping
DSA-3406 nspr
DSA-3407 dpkg
DSA-3409 putty
DSA-3411 cups-filters
DSA-3412 redis
DSA-3413 openssl
DSA-3414 xen
DSA-3415 chromium-browser
DSA-3416 libphp-phpmailer
DSA-3417 bouncycastle
DSA-3418 chromium-browser
DSA-3419 cups-filters
DSA-3420 bind9
DSA-3421 grub2
DSA-3422 iceweasel
DSA-3423 cacti
DSA-3424 subversion
DSA-3425 tryton-server
DSA-3426 linux
DSA-3427 blueman
DSA-3428 tomcat8
DSA-3429 foomatic-filters
DSA-3430 libxml2
DSA-3431 ganeti
DSA-3433 ldb
DSA-3433 samba
DSA-3434 linux
DSA-3435 git
DSA-3438 xscreensaver
DSA-3439 prosody
DSA-3440 sudo
DSA-3441 perl
DSA-3442 isc-dhcp
DSA-3443 libpng
DSA-3444 wordpress
DSA-3445 pygments
DSA-3446 openssh

No Comments.

Leave a Reply