Fwd: [SUA 237-1] Upcoming Debian 12 Update (12.1)

[xiao shen wen（肖盛文）]

 
Debian 12.1 将在下周发布。

-------- 转发的消息 --------

主题:	[SUA 237-1] Upcoming Debian 12 Update (12.1)
重新发送日期:	Mon, 17 Jul 2023 21:20:22 +0000 (UTC)
Resent-From:	debian-stab...@lists.debian.org
日期:	Mon, 17 Jul 2023 17:59:41 +0100
From:	Jonathan Wiltshire <j...@debian.org>
回复地址:	debian-...@lists.debian.org
收件人:	debian-stab...@lists.debian.org

----------------------------------------------------------------------------
Debian Stable Updates Announcement SUA 237-1 https://www.debian.org/
debian-...@lists.debian.org Jonathan Wiltshire
July 17th, 2023
----------------------------------------------------------------------------

Upcoming Debian 12 Update (12.1)

An update to Debian 12 is scheduled for Saturday, July 22nd 2023. As of now
it will include the following bug fixes. They can be found in
"bookworm-proposed-updates", which is carried by all official mirrors.

Please note that packages published through security.debian.org are not
listed, but will be included if possible. Some of the updates below are also
already available through "bookworm-updates".

Testing and feedback would be appreciated. Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of them
by copying "debian-...@lists.debian.org" on your mails.

Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

Package Reason
------- ------

aide Properly handle creating the system user; fix
child directory processing on equal match

autofs Fix hang when using Kerberos-authenticated LDAP

ayatana-indicator-datetime Fix playing of custom alarm sounds

base-files Update for the point release

bepasty Fix rendering of text uploads

boost1.81 Add missing dependency on libboost-json1.81.0
to libboost-json1.81-dev

bup Correctly restore POSIX ACLs

chromium Security update (from bookworm-security during
late freeze)

context Enable socket in ConTeXt mtxrun

cpdb-libs Fix a buffer overflow vulnerability
[CVE-2023-34095]

cpp-httplib Fix CRLF injection issue [CVE-2023-26130]

crowdsec Fix default acquis.yaml to also include the
journalctl datasource, limited to the
ssh.service unit, making sure acquisition works
even without the traditional auth.log file;
make sure an invalid datasource doesn't make
the engine error out

cups Security fixes: use-after-free
[CVE-2023-34241]; heap buffer overflow
[CVE-2023-32324]

cvs Configure full path to ssh

dbus New upstream stable release; fix denial of
service issue [CVE-2023-34969]; stop trying to
take DPKG_ROOT into account, restoring copying
of systemd's /etc/machine-id in preference to
creating an entirely new machine ID

desktop-base Remove emerald alternatives on package
uninstallation

dh-python Re-introduce Breaks+Replaces on python2 needed
to help apt in some upgrade scenarios

dkms Add Breaks against obsolete, incompatible
*-dkms packages

dnf Fix default DNF const PYTHON_INSTALL_DIR

dpdk New upstream stable release

exim4 Fix argument parsing for ${run } expansion; fix
${srs_encode ..} returning incorrect result
every 1024 days

fai Fix IP address lifetime

firefox-esr Security update (from bookworm-security during
late freeze)

glibc Fix a buffer overflow in gmon; fix a deadlock
in getaddrinfo (__check_pf) with deferred
cancellation; fix y2038 support in strftime on
32-bit architectures; fix corner case parsing
of /etc/gshadow which can return bad pointers,
causing segfaults in applications; fix a
deadlock in system() when called concurrently
from multiple threads; cdefs: limit definition
of fortification macros to __FORTIFY_LEVEL > 0
to support old C90 compilers

gnome-control-center New upstream bugfix release

gnome-maps New upstream bugfix release

gnome-shell New upstream bugfix release

gnome-software New upstream release; memory leak fixes

gosa Silence PHP 8.2 deprecation warnings; fix
missing template in default theme; fix table
styling, fixing use of debugLevel > 0

groonga Fix documentation links

guestfs-tools Security update (from bookworm-security during
late freeze)

indent Restore the ROUND_UP macro and adjust the
initial buffer size

installation-guide Enable Indonesian translation

kanboard Various security fixes [CVE-2023-32685
CVE-2023-33956 CVE-2023-33968 CVE-2023-33969
CVE-2023-33970]

kf5-messagelib Search also for subkeys

libmatekbd Fix memory leaks

libnginx-mod-http-modsecurity
Binary rebuild with pcre2

libreoffice New upstream bugfix release

libreswan Fix potential denial-of-service issue
[CVE-2023-30570]

libxml2 Fix NULL pointer dereference issue
[CVE-2022-2309]

linux New upstream stable release; netfilter:
nf_tables: do not ignore genmask when looking
up chain by id [CVE-2023-31248], prevent OOB
access in nft_byteorder_eval [CVE-2023-35001]

linux-signed-amd64 New upstream stable release; netfilter:
nf_tables: do not ignore genmask when looking
up chain by id [CVE-2023-31248], prevent OOB
access in nft_byteorder_eval [CVE-2023-35001]

linux-signed-arm64 New upstream stable release; netfilter:
nf_tables: do not ignore genmask when looking
up chain by id [CVE-2023-31248], prevent OOB
access in nft_byteorder_eval [CVE-2023-35001]

linux-signed-i386 New upstream stable release; netfilter:
nf_tables: do not ignore genmask when looking
up chain by id [CVE-2023-31248], prevent OOB
access in nft_byteorder_eval [CVE-2023-35001]

mailman3 Drop redundant cron job; handle ordering of
services when MariaDB is present

marco Show correct window title when owned by
superuser

mate-control-center Fix various memory leaks

mate-power-manager Fix serveral memory leaks

mate-session-manager Fix several memory leaks; allow clutter
backends other than x11

mrtg Handle relocated configuration file;
translation updates

multipath-tools Hide underlying paths from LVM; prevent initial
service failure on new installations

mutter New upstream bugfix release

network-manager-strongswan Build editor component with GTK 4 support

nfdump Return success when starting; fix segfault in
option parsing

nftables Fix regression in set listing format

node-openpgp-seek-bzip Correct installation of files in seek-bzip
package

node-tough-cookie Security fix (prototype pollution)
[CVE-2023-26136]

node-undici Security fixes: protect "Host" HTTP header from
CLRF injection [CVE-2023-23936]; potential
ReDoS on Headers.set and Headers.append
[CVE-2023-24807]

node-webpack Security fix (cross-realm objects)
[CVE-2023-28154]

nvidia-cuda-toolkit Update bundled openjdk-8-jre

nvidia-graphics-drivers New upstream stable release; security fixes
[CVE-2023-25515 CVE-2023-25516]

nvidia-graphics-drivers-tesla
New upstream stable release; security fixes
[CVE-2023-25515 CVE-2023-25516]

nvidia-graphics-drivers-tesla-470
New upstream stable release; security fixes
[CVE-2023-25515 CVE-2023-25516]

nvidia-modprobe New upstream bugfix release

nvidia-open-gpu-kernel-modules
New upstream stable release; security fixes
[CVE-2023-25515 CVE-2023-25516]

nvidia-support Add Breaks against incompatible packages from
bullseye

onionshare Fix installation of desktop furniture

openvpn Fix memory leak and dangling pointer (possible
crash vector)

pacemaker Fix regression in the resource scheduler

postfix New upstream bugfix release; fix "postfix set-
permissions"

proftpd-dfsg Do not enable inetd-style socket at
installation

qemu New upstream stable release; fix USB devices
not being available to XEN HVM domUs; 9pfs:
prevent opening special files [CVE-2023-2861];
fix reentrancy issues in the LSI controller
[CVE-2023-0330]

request-tracker5 Fix links to documentation

rime-cantonese Sort words and characters by frequency

rime-luna-pinyin Install missing pinyin schema data

samba New upstream stable release; ensure manpages
are generated during build; enable ability to
store kerberos tickets in kernel keyring; fix
build issues on armel and mipsel; fix windows
logon/trust issues with 2023-07 windows updates

schleuder-cli Security fix (value escaping)

smarty4 Fix arbitrary code execution issue
[CVE-2023-28447]

spip Various security issues; security fix
(authentication data filtering)

sra-sdk Fix installation of files in libngs-java

sudo Fix event log format

systemd New upstream bugfix release; new upstream
stable release

tang Fix race condition when creating/rotating keys
[CVE-2023-1672]

texlive-bin Disable socket in luatex by default
[CVE-2023-32668]; make installable on i386

unixodbc Add Breaks+Replaces against odbcinst1debian1

usb.ids Data update

vm Disable byte compilation

vte2.91 New upstream bugfix release

xerial-sqlite-jdbc Use a UUID for connection ID [CVE-2023-32697]

yajl Memory leak security fix; fix denial of service
issue [CVE-2017-16516], integer overflow issue
[CVE-2022-24795]

A complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:

<https://release.debian.org/proposed-updates/stable.html>

If you encounter any issues, please don't hesitate to get in touch with the
Debian Release Team at "debian-...@lists.debian.org".

-- 
Jonathan Wiltshire                                      j...@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

[Liang Guo]

Dear atzlinux, 

建议不要在邮件列表之间转发消息，如果用户有需要，会自己去订阅相关的邮件列表。

谢谢

--
您收到此邮件是因为您订阅了Google网上论坛上的“广州 GNU/Linux 用户组”群组。
要退订此群组并停止接收此群组的电子邮件，请发送电子邮件到gzlug+un...@googlegroups.com。
要在网络上查看此讨论，请访问https://groups.google.com/d/msgid/gzlug/6f2fa7f2-3bf7-587e-070c-f63d16a67f82%40atzlinux.com。

--

Liang Guo

[xiao shen wen（肖盛文）]

Debian 邮件列表可以在这里订阅：

https://lists.debian.org/

这个是 Debian 稳定版版本发布信息：
https://lists.debian.org/debian-stable-announce/

在 2023/7/18 09:01, Liang Guo 写道:

Dear atzlinux, 

建议不要在邮件列表之间转发消息，如果用户有需要，会自己去订阅相关的邮件列表。

谢谢

On Tue, Jul 18, 2023 at 8:58 AM xiao shen wen（肖盛文） <x...@atzlinux.com> wrote:

 
Debian 12.1 将在下周发布。

--

Liang Guo

--
您收到此邮件是因为您订阅了Google网上论坛上的“广州 GNU/Linux 用户组”群组。
要退订此群组并停止接收此群组的电子邮件，请发送电子邮件到gzlug+un...@googlegroups.com。

要在网络上查看此讨论，请访问https://groups.google.com/d/msgid/gzlug/CAJwrgW5Yq4kk0TWCiP_LPS_3sxjEkauM%3Dqy-E9uF8hA0Q%3Dv5JQ%40mail.gmail.com。

-- 
肖盛文 xiao sheng wen
微信(wechat)：atzlinux
《铜豌豆 Linux》https://www.atzlinux.com
基于 Debian 的 Linux 中文 桌面 操作系统
GnuPG Public Key: 0x2F338C7DC7909957

[Liang Guo]

请不要在邮件列表之间转发消息

谢谢！

> 要在网络上查看此讨论，请访问https://groups.google.com/d/msgid/gzlug/9b7a4154-51f9-eb0b-19fb-af85a3b5db3b%40atzlinux.com。



--
Liang Guo