Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Updated Debian 10: 10.5 released

2 views
Skip to first unread message

Donald Norwood

unread,
Aug 1, 2020, 11:50:04 AM8/1/20
to
------------------------------------------------------------------------
The Debian Project                               https://www.debian.org/
Updated Debian 10: 10.5 released                        pr...@debian.org
August 1st, 2020               https://www.debian.org/News/2020/20200801
------------------------------------------------------------------------


The Debian project is pleased to announce the fifth update of its stable
distribution Debian 10 (codename "buster"). This point release mainly
adds corrections for security issues, along with a few adjustments for
serious problems. Security advisories have already been published
separately and are referenced where available.

This point release also addresses Debian Security Advisory: DSA-4735-1
grub2 -- security update [1] which covers multiple CVE issues regarding
the GRUB2 UEFI SecureBoot 'BootHole' vulnerability [2].

    1: https://www.debian.org/security/2020/dsa-4735
    2: https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/

Please note that the point release does not constitute a new version of
Debian 10 but only updates some of the packages included. There is no
need to throw away old "buster" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.

New installation images will be available soon at the regular locations.

Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:

https://www.debian.org/mirror/list

Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

+---------------------------+------------------------------------------+
| Package                   | Reason                                   |
+---------------------------+------------------------------------------+
| appstream-glib [3]        | Fix build failures in 2020 and later     |
|                           |                                          |
| asunder [4]               | Use gnudb instead of freedb by default   |
|                           |                                          |
| b43-fwcutter [5]          | Ensure removal succeeds under non-       |
|                           | English locales; do not fail removal if  |
|                           | some files no longer exist; fix missing  |
|                           | dependencies on pciutils and ca-         |
|                           | certificates                             |
|                           |                                          |
| balsa [6]                 | Provide server identity when validating  |
|                           | certificates, allowing successful        |
|                           | validation when using the glib-          |
|                           | networking patch for CVE-2020-13645      |
|                           |                                          |
| base-files [7]            | Update for the point release             |
|                           |                                          |
| batik [8]                 | Fix server-side request forgery via      |
|                           | xlink:href attributes [CVE-2019-17566]   |
|                           |                                          |
| borgbackup [9]            | Fix index corruption bug leading to data |
|                           | loss                                     |
|                           |                                          |
| bundler [10]              | Update required version of ruby-         |
|                           | molinillo                                |
|                           |                                          |
| c-icap-modules [11]       | Add support for ClamAV 0.102             |
|                           |                                          |
| cacti [12]                | Fix issue where UNIX timestamps after    |
|                           | September 13th 2020 were rejected as     |
|                           | graph start / end; fix remote code       |
|                           | execution [CVE-2020-7237], cross-site    |
|                           | scripting [CVE-2020-7106], CSRF issue    |
|                           | [CVE-2020-13231]; disabling a user       |
|                           | account does not immediately invalidate  |
|                           | permissions [CVE-2020-13230]             |
|                           |                                          |
| calamares-settings-       | Enable displaymanager module, fixing     |
| debian [13]               | autologin options; use xdg-user-dir to   |
|                           | specify Desktop directory                |
|                           |                                          |
| clamav [14]               | New upstream release; security fixes     |
|                           | [CVE-2020-3327 CVE-2020-3341 CVE-2020-   |
|                           | 3350 CVE-2020-3327 CVE-2020-3481]        |
|                           |                                          |
| cloud-init [15]           | New upstream release                     |
|                           |                                          |
| commons-                  | Prevent object creation when loading     |
| configuration2 [16]       | YAML files [CVE-2020-1953]               |
|                           |                                          |
| confget [17]              | Fix the Python module's handling of      |
|                           | values containing  "="                   |
|                           |                                          |
| dbus [18]                 | New upstream stable release; prevent a   |
|                           | denial of service issue [CVE-2020-       |
|                           | 12049]; prevent use-after-free if two    |
|                           | usernames share a uid                    |
|                           |                                          |
| debian-edu-config [19]    | Fix loss of dynamically allocated IPv4   |
|                           | address                                  |
|                           |                                          |
| debian-installer [20]     | Update Linux ABI to 4.19.0-10            |
|                           |                                          |
| debian-installer-netboot- | Rebuild against proposed-updates         |
| images [21]               |                                          |
|                           |                                          |
| debian-ports-archive-     | Increase the expiration date of the 2020 |
| keyring [22]              | key (84C573CD4E1AFD6C) by one year; add  |
|                           | Debian Ports Archive Automatic Signing   |
|                           | Key (2021); move the 2018 key (ID:       |
|                           | 06AED62430CB581C) to the removed keyring |
|                           |                                          |
| debian-security-          | Update support status of several         |
| support [23]              | packages                                 |
|                           |                                          |
| dpdk [24]                 | New upstream release                     |
|                           |                                          |
| exiv2 [25]                | Adjust overly restrictive security patch |
|                           | [CVE-2018-10958 and CVE-2018-10999]; fix |
|                           | denial of service issue [CVE-2018-16336] |
|                           |                                          |
| fdroidserver [26]         | Fix Litecoin address validation          |
|                           |                                          |
| file-roller [27]          | Security fix [CVE-2020-11736]            |
|                           |                                          |
| freerdp2 [28]             | Fix smartcard logins; security fixes     |
|                           | [CVE-2020-11521 CVE-2020-11522 CVE-2020- |
|                           | 11523 CVE-2020-11524 CVE-2020-11525      |
|                           | CVE-2020-11526]                          |
|                           |                                          |
| fwupd [29]                | New upstream release; fix possible       |
|                           | signature verification issue [CVE-2020-  |
|                           | 10759]; use rotated Debian signing keys  |
|                           |                                          |
| fwupd-amd64-signed [30]   | New upstream release; fix possible       |
|                           | signature verification issue [CVE-2020-  |
|                           | 10759]; use rotated Debian signing keys  |
|                           |                                          |
| fwupd-arm64-signed [31]   | New upstream release; fix possible       |
|                           | signature verification issue [CVE-2020-  |
|                           | 10759]; use rotated Debian signing keys  |
|                           |                                          |
| fwupd-armhf-signed [32]   | New upstream release; fix possible       |
|                           | signature verification issue [CVE-2020-  |
|                           | 10759]; use rotated Debian signing keys  |
|                           |                                          |
| fwupd-i386-signed [33]    | New upstream release; fix possible       |
|                           | signature verification issue [CVE-2020-  |
|                           | 10759]; use rotated Debian signing keys  |
|                           |                                          |
| fwupdate [34]             | Use rotated Debian signing keys          |
|                           |                                          |
| fwupdate-amd64-           | Use rotated Debian signing keys          |
| signed [35]               |                                          |
|                           |                                          |
| fwupdate-arm64-           | Use rotated Debian signing keys          |
| signed [36]               |                                          |
|                           |                                          |
| fwupdate-armhf-           | Use rotated Debian signing keys          |
| signed [37]               |                                          |
|                           |                                          |
| fwupdate-i386-signed [38] | Use rotated Debian signing keys          |
|                           |                                          |
| gist [39]                 | Avoid deprecated authorization API       |
|                           |                                          |
| glib-networking [40]      | Return bad identity error if identity is |
|                           | unset [CVE-2020-13645]; break balsa      |
|                           | older than 2.5.6-2+deb10u1 as the fix    |
|                           | for CVE-2020-13645 breaks balsa's        |
|                           | certificate verification                 |
|                           |                                          |
| gnutls28 [41]             | Fix TL1.2 resumption errors; fix memory  |
|                           | leak; handle zero length session         |
|                           | tickets, fixing connection errors on     |
|                           | TLS1.2 sessions to some big hosting      |
|                           | providers; fix verification error with   |
|                           | alternate chains                         |
|                           |                                          |
| intel-microcode [42]      | Downgrade some microcodes to previously  |
|                           | issued versions, working around hangs on |
|                           | boot on Skylake-U/Y and Skylake Xeon E3  |
|                           |                                          |
| jackson-databind [43]     | Fix multiple security issues affecting   |
|                           | BeanDeserializerFactory [CVE-2020-9548   |
|                           | CVE-2020-9547 CVE-2020-9546 CVE-2020-    |
|                           | 8840 CVE-2020-14195 CVE-2020-14062       |
|                           | CVE-2020-14061 CVE-2020-14060 CVE-2020-  |
|                           | 11620 CVE-2020-11619 CVE-2020-11113      |
|                           | CVE-2020-11112 CVE-2020-11111 CVE-2020-  |
|                           | 10969 CVE-2020-10968 CVE-2020-10673      |
|                           | CVE-2020-10672 CVE-2019-20330 CVE-2019-  |
|                           | 17531 and CVE-2019-17267]                |
|                           |                                          |
| jameica [44]              | Add mckoisqldb to classpath, allowing    |
|                           | use of SynTAX plugin                     |
|                           |                                          |
| jigdo [45]                | Fix HTTPS support in jigdo-lite and      |
|                           | jigdo-mirror                             |
|                           |                                          |
| ksh [46]                  | Fix environment variable restriction     |
|                           | issue [CVE-2019-14868]                   |
|                           |                                          |
| lemonldap-ng [47]         | Fix nginx configuration regression       |
|                           | introduced by the fix for CVE-2019-19791 |
|                           |                                          |
| libapache-mod-jk [48]     | Rename Apache configuration file so it   |
|                           | can be automatically enabled and         |
|                           | disabled                                 |
|                           |                                          |
| libclamunrar [49]         | New upstream stable release; add an      |
|                           | unversioned meta-package                 |
|                           |                                          |
| libembperl-perl [50]      | Handle error pages from Apache >= 2.4.40 |
|                           |                                          |
| libexif [51]              | Security fixes [CVE-2020-12767 CVE-2020- |
|                           | 0093 CVE-2020-13112 CVE-2020-13113       |
|                           | CVE-2020-13114]; fix buffer overflow     |
|                           | [CVE-2020-0182] and integer overflow     |
|                           | [CVE-2020-0198]                          |
|                           |                                          |
| libinput [52]             | Quirks: add trackpoint integration       |
|                           | attribute                                |
|                           |                                          |
| libntlm [53]              | Fix buffer overflow [CVE-2019-17455]     |
|                           |                                          |
| libpam-radius-auth [54]   | Fix buffer overflow in password field    |
|                           | [CVE-2015-9542]                          |
|                           |                                          |
| libunwind [55]            | Fix segfaults on mips; manually enable C |
|                           | ++ exception support only on i386 and    |
|                           | amd64                                    |
|                           |                                          |
| libyang [56]              | Fix cache corruption crash, CVE-2019-    |
|                           | 19333, CVE-2019-19334                    |
|                           |                                          |
| linux [57]                | New upstream stable release              |
|                           |                                          |
| linux-latest [58]         | Update for 4.19.0-10 kernel ABI          |
|                           |                                          |
| linux-signed-amd64 [59]   | New upstream stable release              |
|                           |                                          |
| linux-signed-arm64 [60]   | New upstream stable release              |
|                           |                                          |
| linux-signed-i386 [61]    | New upstream stable release              |
|                           |                                          |
| lirc [62]                 | Fix conffile management                  |
|                           |                                          |
| mailutils [63]            | maidag: drop setuid privileges for all   |
|                           | delivery operations but mda [CVE-2019-   |
|                           | 18862]                                   |
|                           |                                          |
| mariadb-10.3 [64]         | New upstream stable release; security    |
|                           | fixes [CVE-2020-2752 CVE-2020-2760       |
|                           | CVE-2020-2812 CVE-2020-2814 CVE-2020-    |
|                           | 13249]; fix regression in RocksDB ZSTD   |
|                           | detection                                |
|                           |                                          |
| mod-gnutls [65]           | Fix a possible segfault on failed TLS    |
|                           | handshake; fix test failures             |
|                           |                                          |
| multipath-tools [66]      | kpartx: use correct path to partx in     |
|                           | udev rule                                |
|                           |                                          |
| mutt [67]                 | Don't check IMAP PREAUTH encryption if   |
|                           | $tunnel is in use                        |
|                           |                                          |
| mydumper [68]             | Link against libm                        |
|                           |                                          |
| nfs-utils [69]            | statd: take user-id from /var/lib/nfs/sm |
|                           | [CVE-2019-3689]; don't make /var/lib/nfs |
|                           | owned by statd                           |
|                           |                                          |
| nginx [70]                | Fix error page request smuggling         |
|                           | vulnerability [CVE-2019-20372]           |
|                           |                                          |
| nmap [71]                 | Update default key size to 2048 bits     |
|                           |                                          |
| node-dot-prop [72]        | Fix regression introduced in CVE-2020-   |
|                           | 8116 fix                                 |
|                           |                                          |
| node-handlebars [73]      | Disallow calling  "helperMissing"  and   |
|                           | "blockHelperMissing"  directly           |
|                           | [CVE-2019-19919]                         |
|                           |                                          |
| node-minimist [74]        | Fix prototype pollution [CVE-2020-7598]  |
|                           |                                          |
| nvidia-graphics-          | New upstream stable release; security    |
| drivers [75]              | fixes [CVE-2020-5963 CVE-2020-5967]      |
|                           |                                          |
| nvidia-graphics-drivers-  | New upstream stable release; security    |
| legacy-390xx [76]         | fixes [CVE-2020-5963 CVE-2020-5967]      |
|                           |                                          |
| openstack-debian-         | Install resolvconf if installing cloud-  |
| images [77]               | init                                     |
|                           |                                          |
| pagekite [78]             | Avoid issues with expiry of shipped SSL  |
|                           | certificates by using those from the ca- |
|                           | certificates package                     |
|                           |                                          |
| pdfchain [79]             | Fix crash at startup                     |
|                           |                                          |
| perl [80]                 | Fix multiple regular expression related  |
|                           | security issues [CVE-2020-10543          |
|                           | CVE-2020-10878 CVE-2020-12723]           |
|                           |                                          |
| php-horde [81]            | Fix cross-site scripting vulnerability   |
|                           | [CVE-2020-8035]                          |
|                           |                                          |
| php-horde-gollem [82]     | Fix cross-site scripting vulnerability   |
|                           | in breadcrumb output [CVE-2020-8034]     |
|                           |                                          |
| pillow [83]               | Fix multiple out-of-bounds read issues   |
|                           | [CVE-2020-11538 CVE-2020-10378 CVE-2020- |
|                           | 10177]                                   |
|                           |                                          |
| policyd-rate-limit [84]   | Fix issues in accounting due to socket   |
|                           | reuse                                    |
|                           |                                          |
| postfix [85]              | New upstream stable release; fix         |
|                           | segfault in the tlsproxy client role     |
|                           | when the server role was disabled; fix   |
|                           | "maillog_file_rotate_suffix default      |
|                           | value used the minute instead of the     |
|                           | month" ; fix several TLS related issues; |
|                           | README.Debian fixes                      |
|                           |                                          |
| python-markdown2 [86]     | Fix cross-site scripting issue           |
|                           | [CVE-2020-11888]                         |
|                           |                                          |
| python3.7 [87]            | Avoid infinite loop when reading         |
|                           | specially crafted TAR files using the    |
|                           | tarfile module [CVE-2019-20907]; resolve |
|                           | hash collisions for IPv4Interface and    |
|                           | IPv6Interface [CVE-2020-14422]; fix      |
|                           | denial of service issue in               |
|                           | urllib.request.AbstractBasicAuthHandler  |
|                           | [CVE-2020-8492]                          |
|                           |                                          |
| qdirstat [88]             | Fix saving of user-configured MIME       |
|                           | categories                               |
|                           |                                          |
| raspi3-firmware [89]      | Fix typo that could lead to unbootable   |
|                           | systems                                  |
|                           |                                          |
| resource-agents [90]      | IPsrcaddr: make  "proto"  optional to    |
|                           | fix regression when used without         |
|                           | NetworkManager                           |
|                           |                                          |
| ruby-json [91]            | Fix unsafe object creation vulnerability |
|                           | [CVE-2020-10663]                         |
|                           |                                          |
| shim [92]                 | Use rotated Debian signing keys          |
|                           |                                          |
| shim-helpers-amd64-       | Use rotated Debian signing keys          |
| signed [93]               |                                          |
|                           |                                          |
| shim-helpers-arm64-       | Use rotated Debian signing keys          |
| signed [94]               |                                          |
|                           |                                          |
| shim-helpers-i386-        | Use rotated Debian signing keys          |
| signed [95]               |                                          |
|                           |                                          |
| speedtest-cli [96]        | Pass correct headers to fix upload speed |
|                           | test                                     |
|                           |                                          |
| ssvnc [97]                | Fix out-of-bounds write [CVE-2018-       |
|                           | 20020], infinite loop [CVE-2018-20021],  |
|                           | improper initialisation [CVE-2018-       |
|                           | 20022], potential denial-of-service      |
|                           | [CVE-2018-20024]                         |
|                           |                                          |
| storebackup [98]          | Fix possible privilege escalation        |
|                           | vulnerability [CVE-2020-7040]            |
|                           |                                          |
| suricata [99]             | Fix dropping privileges in nflog runmode |
|                           |                                          |
| tigervnc [100]            | Don't use libunwind on armel, armhf or   |
|                           | arm64                                    |
|                           |                                          |
| transmission [101]        | Fix possible denial of service issue     |
|                           | [CVE-2018-10756]                         |
|                           |                                          |
| wav2cdr [102]             | Use C99 fixed-size integer types to fix  |
|                           | runtime assertion on 64bit architectures |
|                           | other than amd64 and alpha               |
|                           |                                          |
| zipios++ [103]            | Security fix [CVE-2019-13453]            |
|                           |                                          |
+---------------------------+------------------------------------------+

    3: https://packages.debian.org/src:appstream-glib
    4: https://packages.debian.org/src:asunder
    5: https://packages.debian.org/src:b43-fwcutter
    6: https://packages.debian.org/src:balsa
    7: https://packages.debian.org/src:base-files
    8: https://packages.debian.org/src:batik
    9: https://packages.debian.org/src:borgbackup
   10: https://packages.debian.org/src:bundler
   11: https://packages.debian.org/src:c-icap-modules
   12: https://packages.debian.org/src:cacti
   13: https://packages.debian.org/src:calamares-settings-debian
   14: https://packages.debian.org/src:clamav
   15: https://packages.debian.org/src:cloud-init
   16: https://packages.debian.org/src:commons-configuration2
   17: https://packages.debian.org/src:confget
   18: https://packages.debian.org/src:dbus
   19: https://packages.debian.org/src:debian-edu-config
   20: https://packages.debian.org/src:debian-installer
   21: https://packages.debian.org/src:debian-installer-netboot-images
   22: https://packages.debian.org/src:debian-ports-archive-keyring
   23: https://packages.debian.org/src:debian-security-support
   24: https://packages.debian.org/src:dpdk
   25: https://packages.debian.org/src:exiv2
   26: https://packages.debian.org/src:fdroidserver
   27: https://packages.debian.org/src:file-roller
   28: https://packages.debian.org/src:freerdp2
   29: https://packages.debian.org/src:fwupd
   30: https://packages.debian.org/src:fwupd-amd64-signed
   31: https://packages.debian.org/src:fwupd-arm64-signed
   32: https://packages.debian.org/src:fwupd-armhf-signed
   33: https://packages.debian.org/src:fwupd-i386-signed
   34: https://packages.debian.org/src:fwupdate
   35: https://packages.debian.org/src:fwupdate-amd64-signed
   36: https://packages.debian.org/src:fwupdate-arm64-signed
   37: https://packages.debian.org/src:fwupdate-armhf-signed
   38: https://packages.debian.org/src:fwupdate-i386-signed
   39: https://packages.debian.org/src:gist
   40: https://packages.debian.org/src:glib-networking
   41: https://packages.debian.org/src:gnutls28
   42: https://packages.debian.org/src:intel-microcode
   43: https://packages.debian.org/src:jackson-databind
   44: https://packages.debian.org/src:jameica
   45: https://packages.debian.org/src:jigdo
   46: https://packages.debian.org/src:ksh
   47: https://packages.debian.org/src:lemonldap-ng
   48: https://packages.debian.org/src:libapache-mod-jk
   49: https://packages.debian.org/src:libclamunrar
   50: https://packages.debian.org/src:libembperl-perl
   51: https://packages.debian.org/src:libexif
   52: https://packages.debian.org/src:libinput
   53: https://packages.debian.org/src:libntlm
   54: https://packages.debian.org/src:libpam-radius-auth
   55: https://packages.debian.org/src:libunwind
   56: https://packages.debian.org/src:libyang
   57: https://packages.debian.org/src:linux
   58: https://packages.debian.org/src:linux-latest
   59: https://packages.debian.org/src:linux-signed-amd64
   60: https://packages.debian.org/src:linux-signed-arm64
   61: https://packages.debian.org/src:linux-signed-i386
   62: https://packages.debian.org/src:lirc
   63: https://packages.debian.org/src:mailutils
   64: https://packages.debian.org/src:mariadb-10.3
   65: https://packages.debian.org/src:mod-gnutls
   66: https://packages.debian.org/src:multipath-tools
   67: https://packages.debian.org/src:mutt
   68: https://packages.debian.org/src:mydumper
   69: https://packages.debian.org/src:nfs-utils
   70: https://packages.debian.org/src:nginx
   71: https://packages.debian.org/src:nmap
   72: https://packages.debian.org/src:node-dot-prop
   73: https://packages.debian.org/src:node-handlebars
   74: https://packages.debian.org/src:node-minimist
   75: https://packages.debian.org/src:nvidia-graphics-drivers
   76: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-390xx
   77: https://packages.debian.org/src:openstack-debian-images
   78: https://packages.debian.org/src:pagekite
   79: https://packages.debian.org/src:pdfchain
   80: https://packages.debian.org/src:perl
   81: https://packages.debian.org/src:php-horde
   82: https://packages.debian.org/src:php-horde-gollem
   83: https://packages.debian.org/src:pillow
   84: https://packages.debian.org/src:policyd-rate-limit
   85: https://packages.debian.org/src:postfix
   86: https://packages.debian.org/src:python-markdown2
   87: https://packages.debian.org/src:python3.7
   88: https://packages.debian.org/src:qdirstat
   89: https://packages.debian.org/src:raspi3-firmware
   90: https://packages.debian.org/src:resource-agents
   91: https://packages.debian.org/src:ruby-json
   92: https://packages.debian.org/src:shim
   93: https://packages.debian.org/src:shim-helpers-amd64-signed
   94: https://packages.debian.org/src:shim-helpers-arm64-signed
   95: https://packages.debian.org/src:shim-helpers-i386-signed
   96: https://packages.debian.org/src:speedtest-cli
   97: https://packages.debian.org/src:ssvnc
   98: https://packages.debian.org/src:storebackup
   99: https://packages.debian.org/src:suricata
  100: https://packages.debian.org/src:tigervnc
  101: https://packages.debian.org/src:transmission
  102: https://packages.debian.org/src:wav2cdr
  103: https://packages.debian.org/src:zipios++

Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

+----------------+-----------------------------+
| Advisory ID    | Package                     |
+----------------+-----------------------------+
| DSA-4626 [104] | php7.3 [105]                |
|                |                             |
| DSA-4674 [106] | roundcube [107]             |
|                |                             |
| DSA-4675 [108] | graphicsmagick [109]        |
|                |                             |
| DSA-4676 [110] | salt [111]                  |
|                |                             |
| DSA-4677 [112] | wordpress [113]             |
|                |                             |
| DSA-4678 [114] | firefox-esr [115]           |
|                |                             |
| DSA-4679 [116] | keystone [117]              |
|                |                             |
| DSA-4680 [118] | tomcat9 [119]               |
|                |                             |
| DSA-4681 [120] | webkit2gtk [121]            |
|                |                             |
| DSA-4682 [122] | squid [123]                 |
|                |                             |
| DSA-4683 [124] | thunderbird [125]           |
|                |                             |
| DSA-4684 [126] | libreswan [127]             |
|                |                             |
| DSA-4685 [128] | apt [129]                   |
|                |                             |
| DSA-4686 [130] | apache-log4j1.2 [131]       |
|                |                             |
| DSA-4687 [132] | exim4 [133]                 |
|                |                             |
| DSA-4688 [134] | dpdk [135]                  |
|                |                             |
| DSA-4689 [136] | bind9 [137]                 |
|                |                             |
| DSA-4690 [138] | dovecot [139]               |
|                |                             |
| DSA-4691 [140] | pdns-recursor [141]         |
|                |                             |
| DSA-4692 [142] | netqmail [143]              |
|                |                             |
| DSA-4694 [144] | unbound [145]               |
|                |                             |
| DSA-4695 [146] | firefox-esr [147]           |
|                |                             |
| DSA-4696 [148] | nodejs [149]                |
|                |                             |
| DSA-4697 [150] | gnutls28 [151]              |
|                |                             |
| DSA-4699 [152] | linux-signed-amd64 [153]    |
|                |                             |
| DSA-4699 [154] | linux-signed-arm64 [155]    |
|                |                             |
| DSA-4699 [156] | linux-signed-i386 [157]     |
|                |                             |
| DSA-4699 [158] | linux [159]                 |
|                |                             |
| DSA-4700 [160] | roundcube [161]             |
|                |                             |
| DSA-4701 [162] | intel-microcode [163]       |
|                |                             |
| DSA-4702 [164] | thunderbird [165]           |
|                |                             |
| DSA-4704 [166] | vlc [167]                   |
|                |                             |
| DSA-4705 [168] | python-django [169]         |
|                |                             |
| DSA-4707 [170] | mutt [171]                  |
|                |                             |
| DSA-4708 [172] | neomutt [173]               |
|                |                             |
| DSA-4709 [174] | wordpress [175]             |
|                |                             |
| DSA-4710 [176] | trafficserver [177]         |
|                |                             |
| DSA-4711 [178] | coturn [179]                |
|                |                             |
| DSA-4712 [180] | imagemagick [181]           |
|                |                             |
| DSA-4713 [182] | firefox-esr [183]           |
|                |                             |
| DSA-4714 [184] | chromium [185]              |
|                |                             |
| DSA-4716 [186] | docker.io [187]             |
|                |                             |
| DSA-4718 [188] | thunderbird [189]           |
|                |                             |
| DSA-4719 [190] | php7.3 [191]                |
|                |                             |
| DSA-4720 [192] | roundcube [193]             |
|                |                             |
| DSA-4721 [194] | ruby2.5 [195]               |
|                |                             |
| DSA-4722 [196] | ffmpeg [197]                |
|                |                             |
| DSA-4723 [198] | xen [199]                   |
|                |                             |
| DSA-4724 [200] | webkit2gtk [201]            |
|                |                             |
| DSA-4725 [202] | evolution-data-server [203] |
|                |                             |
| DSA-4726 [204] | nss [205]                   |
|                |                             |
| DSA-4727 [206] | tomcat9 [207]               |
|                |                             |
| DSA-4728 [208] | qemu [209]                  |
|                |                             |
| DSA-4729 [210] | libopenmpt [211]            |
|                |                             |
| DSA-4730 [212] | ruby-sanitize [213]         |
|                |                             |
| DSA-4731 [214] | redis [215]                 |
|                |                             |
| DSA-4732 [216] | squid [217]                 |
|                |                             |
| DSA-4733 [218] | qemu [219]                  |
|                |                             |
| DSA-4735 [220] | grub-efi-amd64-signed [221] |
|                |                             |
| DSA-4735 [222] | grub-efi-arm64-signed [223] |
|                |                             |
| DSA-4735 [224] | grub-efi-ia32-signed [225]  |
|                |                             |
| DSA-4735 [226] | grub2 [227]                 |
|                |                             |
+----------------+-----------------------------+

  104: https://www.debian.org/security/2020/dsa-4626
  105: https://packages.debian.org/src:php7.3
  106: https://www.debian.org/security/2020/dsa-4674
  107: https://packages.debian.org/src:roundcube
  108: https://www.debian.org/security/2020/dsa-4675
  109: https://packages.debian.org/src:graphicsmagick
  110: https://www.debian.org/security/2020/dsa-4676
  111: https://packages.debian.org/src:salt
  112: https://www.debian.org/security/2020/dsa-4677
  113: https://packages.debian.org/src:wordpress
  114: https://www.debian.org/security/2020/dsa-4678
  115: https://packages.debian.org/src:firefox-esr
  116: https://www.debian.org/security/2020/dsa-4679
  117: https://packages.debian.org/src:keystone
  118: https://www.debian.org/security/2020/dsa-4680
  119: https://packages.debian.org/src:tomcat9
  120: https://www.debian.org/security/2020/dsa-4681
  121: https://packages.debian.org/src:webkit2gtk
  122: https://www.debian.org/security/2020/dsa-4682
  123: https://packages.debian.org/src:squid
  124: https://www.debian.org/security/2020/dsa-4683
  125: https://packages.debian.org/src:thunderbird
  126: https://www.debian.org/security/2020/dsa-4684
  127: https://packages.debian.org/src:libreswan
  128: https://www.debian.org/security/2020/dsa-4685
  129: https://packages.debian.org/src:apt
  130: https://www.debian.org/security/2020/dsa-4686
  131: https://packages.debian.org/src:apache-log4j1.2
  132: https://www.debian.org/security/2020/dsa-4687
  133: https://packages.debian.org/src:exim4
  134: https://www.debian.org/security/2020/dsa-4688
  135: https://packages.debian.org/src:dpdk
  136: https://www.debian.org/security/2020/dsa-4689
  137: https://packages.debian.org/src:bind9
  138: https://www.debian.org/security/2020/dsa-4690
  139: https://packages.debian.org/src:dovecot
  140: https://www.debian.org/security/2020/dsa-4691
  141: https://packages.debian.org/src:pdns-recursor
  142: https://www.debian.org/security/2020/dsa-4692
  143: https://packages.debian.org/src:netqmail
  144: https://www.debian.org/security/2020/dsa-4694
  145: https://packages.debian.org/src:unbound
  146: https://www.debian.org/security/2020/dsa-4695
  147: https://packages.debian.org/src:firefox-esr
  148: https://www.debian.org/security/2020/dsa-4696
  149: https://packages.debian.org/src:nodejs
  150: https://www.debian.org/security/2020/dsa-4697
  151: https://packages.debian.org/src:gnutls28
  152: https://www.debian.org/security/2020/dsa-4699
  153: https://packages.debian.org/src:linux-signed-amd64
  154: https://www.debian.org/security/2020/dsa-4699
  155: https://packages.debian.org/src:linux-signed-arm64
  156: https://www.debian.org/security/2020/dsa-4699
  157: https://packages.debian.org/src:linux-signed-i386
  158: https://www.debian.org/security/2020/dsa-4699
  159: https://packages.debian.org/src:linux
  160: https://www.debian.org/security/2020/dsa-4700
  161: https://packages.debian.org/src:roundcube
  162: https://www.debian.org/security/2020/dsa-4701
  163: https://packages.debian.org/src:intel-microcode
  164: https://www.debian.org/security/2020/dsa-4702
  165: https://packages.debian.org/src:thunderbird
  166: https://www.debian.org/security/2020/dsa-4704
  167: https://packages.debian.org/src:vlc
  168: https://www.debian.org/security/2020/dsa-4705
  169: https://packages.debian.org/src:python-django
  170: https://www.debian.org/security/2020/dsa-4707
  171: https://packages.debian.org/src:mutt
  172: https://www.debian.org/security/2020/dsa-4708
  173: https://packages.debian.org/src:neomutt
  174: https://www.debian.org/security/2020/dsa-4709
  175: https://packages.debian.org/src:wordpress
  176: https://www.debian.org/security/2020/dsa-4710
  177: https://packages.debian.org/src:trafficserver
  178: https://www.debian.org/security/2020/dsa-4711
  179: https://packages.debian.org/src:coturn
  180: https://www.debian.org/security/2020/dsa-4712
  181: https://packages.debian.org/src:imagemagick
  182: https://www.debian.org/security/2020/dsa-4713
  183: https://packages.debian.org/src:firefox-esr
  184: https://www.debian.org/security/2020/dsa-4714
  185: https://packages.debian.org/src:chromium
  186: https://www.debian.org/security/2020/dsa-4716
  187: https://packages.debian.org/src:docker.io
  188: https://www.debian.org/security/2020/dsa-4718
  189: https://packages.debian.org/src:thunderbird
  190: https://www.debian.org/security/2020/dsa-4719
  191: https://packages.debian.org/src:php7.3
  192: https://www.debian.org/security/2020/dsa-4720
  193: https://packages.debian.org/src:roundcube
  194: https://www.debian.org/security/2020/dsa-4721
  195: https://packages.debian.org/src:ruby2.5
  196: https://www.debian.org/security/2020/dsa-4722
  197: https://packages.debian.org/src:ffmpeg
  198: https://www.debian.org/security/2020/dsa-4723
  199: https://packages.debian.org/src:xen
  200: https://www.debian.org/security/2020/dsa-4724
  201: https://packages.debian.org/src:webkit2gtk
  202: https://www.debian.org/security/2020/dsa-4725
  203: https://packages.debian.org/src:evolution-data-server
  204: https://www.debian.org/security/2020/dsa-4726
  205: https://packages.debian.org/src:nss
  206: https://www.debian.org/security/2020/dsa-4727
  207: https://packages.debian.org/src:tomcat9
  208: https://www.debian.org/security/2020/dsa-4728
  209: https://packages.debian.org/src:qemu
  210: https://www.debian.org/security/2020/dsa-4729
  211: https://packages.debian.org/src:libopenmpt
  212: https://www.debian.org/security/2020/dsa-4730
  213: https://packages.debian.org/src:ruby-sanitize
  214: https://www.debian.org/security/2020/dsa-4731
  215: https://packages.debian.org/src:redis
  216: https://www.debian.org/security/2020/dsa-4732
  217: https://packages.debian.org/src:squid
  218: https://www.debian.org/security/2020/dsa-4733
  219: https://packages.debian.org/src:qemu
  220: https://www.debian.org/security/2020/dsa-4735
  221: https://packages.debian.org/src:grub-efi-amd64-signed
  222: https://www.debian.org/security/2020/dsa-4735
  223: https://packages.debian.org/src:grub-efi-arm64-signed
  224: https://www.debian.org/security/2020/dsa-4735
  225: https://packages.debian.org/src:grub-efi-ia32-signed
  226: https://www.debian.org/security/2020/dsa-4735
  227: https://packages.debian.org/src:grub2

Removed packages
----------------

The following packages were removed due to circumstances beyond our
control:

+--------------------------------+------------------------------------+
| Package                        | Reason                             |
+--------------------------------+------------------------------------+
| golang-github-unknwon-         | Security issues; unmaintained      |
| cae [228]                      |                                    |
|                                |                                    |
| janus [229]                    | Not supportable in stable          |
|                                |                                    |
| mathematica-fonts [230]        | Relies on unavailable download     |
|                                | location                           |
|                                |                                    |
| matrix-synapse [231]           | Security issues; unsupportable     |
|                                |                                    |
| selenium-firefoxdriver [232]   | Incompatible with newer Firefox    |
|                                | ESR versions                       |
|                                |                                    |
+--------------------------------+------------------------------------+

  228: https://packages.debian.org/src:golang-github-unknwon-cae
  229: https://packages.debian.org/src:janus
  230: https://packages.debian.org/src:mathematica-fonts
  231: https://packages.debian.org/src:matrix-synapse
  232: https://packages.debian.org/src:selenium-firefoxdriver

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into
stable by the point release.


URLs
----

The complete lists of packages that have changed with this revision:

http://ftp.debian.org/debian/dists/buster/ChangeLog


The current stable distribution:

http://ftp.debian.org/debian/dists/stable/


Proposed updates to the stable distribution:

http://ftp.debian.org/debian/dists/proposed-updates


stable distribution information (release notes, errata etc.):

https://www.debian.org/releases/stable/


Security announcements and information:

https://www.debian.org/security/

About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.


Contact Information
-------------------

For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to <pr...@debian.org>, or contact the
stable release team at <debian-...@lists.debian.org>.

signature.asc
0 new messages