Created
September 19, 2017 03:57
-
-
Save westporch/87acb794caee0b37d08eb4b0ce219fc8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<define-tag pagetitle>Updated Debian 9: 9.1 released</define-tag> | |
<define-tag release_date>2017-07-22</define-tag> | |
#use wml::debian::news | |
# $Id: | |
<define-tag release>9</define-tag> | |
<define-tag codename>stretch</define-tag> | |
<define-tag revision>9.1</define-tag> | |
<define-tag dsa> | |
<tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td> | |
<td align="center"><: | |
my @p = (); | |
for my $p (split (/,\s*/, "%2")) { | |
push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p)); | |
} | |
print join (", ", @p); | |
:></td></tr> | |
</define-tag> | |
<define-tag correction> | |
<tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr> | |
</define-tag> | |
<define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag> | |
<p>The Debian project is pleased to announce the first update of its | |
stable distribution Debian <release> (codename <q><codename></q>). | |
This point release mainly adds corrections for security issues, | |
along with a few adjustments for serious problems. Security advisories | |
have already been published separately and are referenced where available.</p> | |
<p>Please note that the point release does not constitute a new version of Debian | |
<release> but only updates some of the packages included. There is | |
no need to throw away old <q><codename></q> media. After installation, | |
packages can be upgraded to the current versions using an up-to-date Debian | |
mirror.</p> | |
<p>Those who frequently install updates from security.debian.org won't have | |
to update many packages, and most such updates are | |
included in the point release.</p> | |
<p>New installation images will be available soon at the regular locations.</p> | |
<p>Upgrading an existing installation to this revision can be achieved by | |
pointing the package management system at one of Debian's many HTTP mirrors. | |
A comprehensive list of mirrors is available at:</p> | |
<div class="center"> | |
<a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a> | |
</div> | |
<h2>Miscellaneous Bugfixes</h2> | |
<p>This stable update adds a few important corrections to the following | |
packages:</p> | |
<table border=0> | |
<tr><th>Package</th> <th>Reason</th></tr> | |
<correction 3dchess "Reduce wasteful CPU consumption"> | |
<correction adwaita-icon-theme "Fix malformed send-to-symbolic icon"> | |
<correction anope "Fix incorrect mail-transport-agent relationship"> | |
<correction apt "Reset failure reason when connection was successful, so later errors are reported as such and not as <q>connection failure</q> warnings; http: A response with Content-Length: 0 has no content, so don't try to read it; use port from SRV record instead of initial port"> | |
<correction avogadro "Update eigen3 patches"> | |
<correction base-files "Update for the 9.1 point release"> | |
<correction c-ares "Security fix [CVE-2017-1000381]"> | |
<correction debian-edu-doc "Update Debian Edu Stretch manual from the wiki; update translations"> | |
<correction debsecan "Add support for stretch and buster; Python needs https_proxy for proxy configuration with https:// URLs"> | |
<correction devscripts "debchange: target stretch-backports with --bpo; support $codename{,-{proposed-updates,security}}; bts: add support for the new <q>a11y</q> tag"> | |
<correction dgit "Multiple bugfixes"> | |
<correction dovecot "Fix syntax errors when sending Solr queries"> | |
<correction dwarfutils "Security fixes [CVE-2017-9052 CVE-2017-9053 CVE-2017-9054 CVE-2017-9055 CVE-2017-9998]"> | |
<correction fpc "Fix conversion from local time to UTC"> | |
<correction galternatives "Fix blank window when displaying properties"> | |
<correction geolinks "Fix python3 dependencies"> | |
<correction gnats "gnats-user: do not fail to purge if /var/lib/gnats/gnats-db is not empty"> | |
<correction gnome-settings-daemon "Do not add the <q>US</q> keyboard layout by default for new users, for some reason, this layout was preferred over the system configured one on the first login; preserve NumLock state between sessions by default"> | |
<correction gnuplot "Fix memory corruption vulnerability"> | |
<correction gnutls28 "Fix breakage with AES-GCM in-place encryption and decryption on aarch64"> | |
<correction grub-installer "Fix support for systems with a large number of disks"> | |
<correction intel-microcode "Update included microcode"> | |
<correction libclamunrar "Fix arbitrary memory write [CVE-2012-6706]"> | |
<correction libopenmpt "Security fixes: out-of-bounds read while loading a malfomed PLM file; arbitrary code execution by a crafted PSM file [CVE-2017-11311]; various security fixes"> | |
<correction libquicktime "Security fixes [CVE-2017-9122 CVE-2017-9123 CVE-2017-9124 CVE-2017-9125 CVE-2017-9126 CVE-2017-9127 CVE-2017-9128]"> | |
<correction linux-latest "Revert changes to debug symbol meta-packages"> | |
<correction nagios-nrpe "Restore previous SSL defaults"> | |
<correction nvidia-graphics-drivers "Bump Pre-Depends: nvidia-installer-cleanup to (>= 20151021) for smoother upgrades from jessie"> | |
<correction octave-ocs "Fix loading package functions"> | |
<correction open-iscsi "Speed up Debian Installer when iSCSI is not used"> | |
<correction openssh "Fix incoming compression statistics"> | |
<correction openstack-debian-images "Also add security updates for non wheezy/jessie"> | |
<correction os-prober "EFI - look for <q>dos</q> instead of <q>msdos</q>"> | |
<correction osinfo-db "Improve support for Stretch and Jessie"> | |
<correction partman-base "Protect the firmware area on all mmcblk devices (and not only on mmcblk0) from being clobbered during guided partitioning"> | |
<correction pdns-recursor "Add 2017 DNSSEC root key"> | |
<correction perl "Backport various Getopt-Long fixes from upstream 2.49..2.51; backport upstream patch fixing regexp <q>Malformed UTF-8 character</q>; apply upstream base.pm no-dot-in-inc fix"> | |
<correction phpunit "Security fix: arbitrary PHP code execution via HTTP POST"> | |
<correction protozero "Fix data_view equality operator"> | |
<correction pulseaudio "Fix copyright file"> | |
<correction pykde4 "Drop bindings for plasma webview bindings; they're obsolete and non-functional"> | |
<correction python-colorlog "Fix python3 dependencies"> | |
<correction python-imaplib2 "Fix python3 dependencies"> | |
<correction python-plumbum "Fix python3 dependencies"> | |
<correction qgis "Fix missing Breaks/Replaces against python-qgis-common"> | |
<correction request-tracker4 "Handle configuration permissions correctly following RT_SiteConfig.d changes"> | |
<correction retext "Backport upstream fix for crash in XSettings code; fix syntax in appdata XML file"> | |
<correction rkhunter "Disable remote updates [CVE-2017-7480]"> | |
<correction socat "Fix signals leading to possible 100% CPU usage"> | |
<correction squashfs-tools "Fix corruption of large files; fix rare race condition"> | |
<correction systemd "Fix out-of-bounds write in systemd-resolved [CVE-2017-9445]; be truly quiet in systemctl -q is-enabled; improve RLIMIT_NOFILE handling; debian/extra/rules: Use updated U2F ruleset"> | |
<correction thermald "Add Broadwell-GT3E and Kabylake support"> | |
<correction unrar-nonfree "Add bound checks for VMSF_DELTA, VMSF_RGB and VMSF_AUDIO paramters [CVE-2012-6706]"> | |
<correction win32-loader "Replace all mirror urls with deb.debian.org; drop bz2 compression for source"> | |
</table> | |
<h2>Security Updates</h2> | |
<p>This revision adds the following security updates to the stable | |
release. The Security Team has already released an advisory for each of | |
these updates:</p> | |
<table border=0> | |
<tr><th>Advisory ID</th> <th>Package</th></tr> | |
<dsa 2017 3876 otrs2> | |
<dsa 2017 3877 tor> | |
<dsa 2017 3882 request-tracker4> | |
<dsa 2017 3884 gnutls28> | |
<dsa 2017 3885 irssi> | |
<dsa 2017 3886 linux> | |
<dsa 2017 3887 glibc> | |
<dsa 2017 3888 exim4> | |
<dsa 2017 3890 spip> | |
<dsa 2017 3891 tomcat8> | |
<dsa 2017 3893 jython> | |
<dsa 2017 3895 flatpak> | |
<dsa 2017 3896 apache2> | |
<dsa 2017 3897 drupal7> | |
<dsa 2017 3900 openvpn> | |
<dsa 2017 3901 libgcrypt20> | |
<dsa 2017 3902 jabberd2> | |
<dsa 2017 3903 tiff> | |
<dsa 2017 3904 bind9> | |
<dsa 2017 3905 xorg-server> | |
<dsa 2017 3906 undertow> | |
<dsa 2017 3907 spice> | |
<dsa 2017 3908 nginx> | |
<dsa 2017 3910 knot> | |
<dsa 2017 3911 evince> | |
<dsa 2017 3912 heimdal> | |
</table> | |
<h2>Removed packages</h2> | |
<p>The following packages were removed due to circumstances beyond our | |
control:</p> | |
<table border=0> | |
<tr><th>Package</th> <th>Reason</th></tr> | |
<correction aiccu "Useless since shutdown of SixXS"> | |
</table> | |
<h2>Debian Installer</h2> | |
<p>The installer has been updated to include the fixes incorporated into | |
stable by the point release.</p> | |
<h2>URLs</h2> | |
<p>The complete lists of packages that have changed with this | |
revision:</p> | |
<div class="center"> | |
<url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog"> | |
</div> | |
<p>The current stable distribution:</p> | |
<div class="center"> | |
<url "http://ftp.debian.org/debian/dists/stable/"> | |
</div> | |
<p>Proposed updates to the stable distribution:</p> | |
<div class="center"> | |
<url "http://ftp.debian.org/debian/dists/proposed-updates"> | |
</div> | |
<p>stable distribution information (release notes, errata etc.):</p> | |
<div class="center"> | |
<a | |
href="$(HOME)/releases/stable/">https://www.debian.org/releases/stable/</a> | |
</div> | |
<p>Security announcements and information:</p> | |
<div class="center"> | |
<a href="$(HOME)/security/">https://security.debian.org/</a> | |
</div> | |
<h2>About Debian</h2> | |
<p>The Debian Project is an association of Free Software developers who | |
volunteer their time and effort in order to produce the completely free | |
operating system Debian.</p> | |
<h2>Contact Information</h2> | |
<p>For further information, please visit the Debian web pages at <a | |
href="$(HOME)/">https://www.debian.org/</a>, send mail to | |
<press@debian.org>, or contact the stable release team at | |
<debian-release@lists.debian.org>.</p> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment