info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Updated Debian 8: 8.11 released
3 views
Skip to first unread message
Donald Norwood
Jun 23, 2018, 2:00:03 PM6/23/18
to
------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 8: 8.11 released pr...@debian.org
June 23rd, 2018 https://www.debian.org/News/2018/20180623
------------------------------------------------------------------------
The Debian project is pleased to announce the eleventh (and final)
update of its oldstable distribution Debian 8 (codename "jessie"). This
point release mainly adds corrections for security issues, along with a
few adjustments for serious problems. Security advisories have already
been published separately and are referenced where available.
After this point release, Debian's Security and Release Teams will no
longer be producing updates for Debian 8. Users wishing to continue to
receive security support should upgrade to Debian 9, or see
https://wiki.debian.org/LTS for details about the subset of
architectures and packages covered by the Long Term Support project.
The packages for some architectures for DSA 3746, DSA 3944, DSA 3968,
DSA 4010, DSA 4014, DSA 4061, DSA 4075, DSA 4102, DSA 4155, DSA 4209 and
DSA 4218 are not included in this point release for technical reasons.
All other security updates released during the lifetime of "jessie" that
have not previously been part of a point release are included in this
update.
Please note that the point release does not constitute a new version of
Debian 8 but only updates some of the packages included. There is no
need to throw away old "jessie" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.
Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.
New installation images will be available soon at the regular locations.
Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:
https://www.debian.org/mirror/list
Miscellaneous Bugfixes
----------------------
This oldstable update adds a few important corrections to the following
packages:
+----------------------------+----------------------------------------+
| Package | Reason |
+----------------------------+----------------------------------------+
| adminer [1] | Don't allow connections to privileged |
| | ports [CVE-2018-7667] |
| | |
| base-files [2] | Update for the point release |
| | |
| blktrace [3] | Fix buffer overflow in btt [CVE-2018- |
| | 10689] |
| | |
| bwm-ng [4] | Explicitly build without libstatgrab |
| | support |
| | |
| clamav [5] | Security update [CVE-2017-6418 |
| | CVE-2017-6420 CVE-2017-12374 CVE-2017- |
| | 12375 CVE-2017-12376 CVE-2017-12377 |
| | CVE-2017-12378 CVE-2017-12379 |
| | CVE-2017-12380]; fix temporary file |
| | cleanup issue; new upstream release; |
| | new upstream version |
| | |
| debian-installer [6] | Rebuild for the point release |
| | |
| debian-installer-netboot- | Rebuild for the point release |
| images [7] | |
| | |
| debian-security- | Update package data |
| support [8] | |
| | |
| dh-make-perl [9] | Support Contents file without header |
| | |
| dns-root-data [10] | Update IANA DNSSEC files to 2017-02-02 |
| | versions |
| | |
| faad2 [11] | Fix several DoS issues via crafted MP4 |
| | files [CVE-2017-9218 CVE-2017-9219 |
| | CVE-2017-9220 CVE-2017-9221 CVE-2017- |
| | 9222 CVE-2017-9223 CVE-2017-9253 |
| | CVE-2017-9254 CVE-2017-9255 CVE-2017- |
| | 9256 CVE-2017-9257] |
| | |
| file [12] | Avoid reading past the end of a buffer |
| | [CVE-2018-10360]] |
| | |
| ghostscript [13] | Fix segfault with fuzzing file in |
| | gxht_thresh_image_init[); fix buffer |
| | overflow in fill_threshold_buffer |
| | [CVE-2016-10317]; pdfwrite - Guard |
| | against trying to output an infinite |
| | number [CVE-2018-10194] |
| | |
| intel-microcode [14] | Update included microcode, including |
| | fixes for Spectre v2 [CVE-2017-5715] |
| | |
| lame [15] | Fix security issues by switching to |
| | use I/O routines from sndfile |
| | [CVE-2017-15018 CVE-2017-15045 |
| | CVE-2017-15046 CVE-2017-9869 CVE-2017- |
| | 9870 CVE-2017-9871 CVE-2017-9872] |
| | |
| libdatetime-timezone- | Update included data |
| perl [16] | |
| | |
| libextractor [17] | Various security fixes [CVE-2017-15266 |
| | CVE-2017-15267 CVE-2017-15600 |
| | CVE-2017-15601 CVE-2017-15602 |
| | CVE-2017-15922 CVE-2017-17440] |
| | |
| libipc-run-perl [18] | Fix memory leak |
| | |
| linux [19] | New upstream stable release |
| | |
| mactelnet [20] | Security fix [CVE-2016-7115] |
| | |
| ncurses [21] | Fix buffer overflow in the |
| | _nc_write_entry function [CVE-2017- |
| | 16879] |
| | |
| nvidia-graphics- | New upstream version |
| drivers [22] | |
| | |
| nvidia-graphics-drivers- | Update to latest driver |
| legacy-304xx [23] | |
| | |
| openafs [24] | Fix kernel module build against linux |
| | 3.16.51-3+deb8u1 kernels after |
| | security update-induced ABI changes |
| | |
| openldap [25] | Fix upgrade failure when olcSuffix |
| | contains a backslash; fix memory |
| | corruption caused by calling |
| | sasl_client_init() multiple times |
| | |
| patch [26] | Fix arbitrary command execution in ed- |
| | style patches [CVE-2018-1000156] |
| | |
| postgresql-9.4 [27] | New upstream release |
| | |
| psensor [28] | Fix directory traversal issue |
| | [CVE-2014-10073] |
| | |
| python-mimeparse [29] | Fix python3-mimeparse's dependencies |
| | |
| rar [30] | Strip statically linked rar and |
| | install the dynamically linked version |
| | instead |
| | |
| reportbug [31] | Stop CCing secure-testing- |
| | te...@lists.alioth.debian.org |
| | |
| sam2p [32] | Fix multiple invalid frees and buffer- |
| | overflow vulnerabilities [CVE-2018- |
| | 7487 CVE-2018-7551 CVE-2018-7552 |
| | CVE-2018-7553 CVE-2018-7554] |
| | |
| slurm-llnl [33] | Fix upgrade issue from wheezy |
| | |
| soundtouch [34] | Security fixes [CVE-2017-9258 |
| | CVE-2017-9259 CVE-2017-9260] |
| | |
| subversion [35] | Fix crashes with Perl bindings, |
| | commonly seen when using git-svn |
| | |
| tzdata [36] | Update included data |
| | |
| user-mode-linux [37] | Rebuild against current jessie kernel |
| | |
| virtualbox-guest- | Fix multiple security issues |
| additions-iso [38] | [CVE-2016-0592 CVE-2016-0495 CVE-2015- |
| | 8104 CVE-2015-7183 CVE-2015-5307 |
| | CVE-2015-7183 CVE-2015-4813 CVE-2015- |
| | 4896 CVE-2015-3456] |
| | |
| xerces-c [39] | Fix Denial of Service via external DTD |
| | reference [CVE-2017-12627] |
| | |
| zsh [40] | Rebuild against libraries currently in |
| | jessie |
| | |
+----------------------------+----------------------------------------+
1: https://packages.debian.org/src:adminer
2: https://packages.debian.org/src:base-files
3: https://packages.debian.org/src:blktrace
4: https://packages.debian.org/src:bwm-ng
5: https://packages.debian.org/src:clamav
6: https://packages.debian.org/src:debian-installer
7: https://packages.debian.org/src:debian-installer-netboot-images
8: https://packages.debian.org/src:debian-security-support
9: https://packages.debian.org/src:dh-make-perl
10: https://packages.debian.org/src:dns-root-data
11: https://packages.debian.org/src:faad2
12: https://packages.debian.org/src:file
13: https://packages.debian.org/src:ghostscript
14: https://packages.debian.org/src:intel-microcode
15: https://packages.debian.org/src:lame
16: https://packages.debian.org/src:libdatetime-timezone-perl
17: https://packages.debian.org/src:libextractor
18: https://packages.debian.org/src:libipc-run-perl
19: https://packages.debian.org/src:linux
20: https://packages.debian.org/src:mactelnet
21: https://packages.debian.org/src:ncurses
22: https://packages.debian.org/src:nvidia-graphics-drivers
23: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-304xx
24: https://packages.debian.org/src:openafs
25: https://packages.debian.org/src:openldap
26: https://packages.debian.org/src:patch
27: https://packages.debian.org/src:postgresql-9.4
28: https://packages.debian.org/src:psensor
29: https://packages.debian.org/src:python-mimeparse
30: https://packages.debian.org/src:rar
31: https://packages.debian.org/src:reportbug
32: https://packages.debian.org/src:sam2p
33: https://packages.debian.org/src:slurm-llnl
34: https://packages.debian.org/src:soundtouch
35: https://packages.debian.org/src:subversion
36: https://packages.debian.org/src:tzdata
37: https://packages.debian.org/src:user-mode-linux
38: https://packages.debian.org/src:virtualbox-guest-additions-iso
39: https://packages.debian.org/src:xerces-c
40: https://packages.debian.org/src:zsh
Security Updates
----------------
This revision adds the following security updates to the oldstable
release. The Security Team has already released an advisory for each of
these updates:
+----------------+----------------------------------+
| Advisory ID | Package |
+----------------+----------------------------------+
| DSA-3707 [41] | openjdk-7 [42] |
| | |
| DSA-3708 [43] | mat [44] |
| | |
| DSA-3746 [45] | graphicsmagick [46] |
| | |
| DSA-3782 [47] | openjdk-7 [48] |
| | |
| DSA-3832 [49] | openoffice.org-dictionaries [50] |
| | |
| DSA-3858 [51] | openjdk-7 [52] |
| | |
| DSA-3923 [53] | freerdp [54] |
| | |
| DSA-3944 [55] | mariadb-10.0 [56] |
| | |
| DSA-3954 [57] | openjdk-7 [58] |
| | |
| DSA-3968 [59] | icedove [60] |
| | |
| DSA-4010 [61] | git-annex [62] |
| | |
| DSA-4014 [63] | thunderbird [64] |
| | |
| DSA-4048 [65] | openjdk-7 [66] |
| | |
| DSA-4054 [67] | tor [68] |
| | |
| DSA-4057 [69] | erlang [70] |
| | |
| DSA-4058 [71] | optipng [72] |
| | |
| DSA-4059 [73] | libxcursor [74] |
| | |
| DSA-4060 [75] | wireshark [76] |
| | |
| DSA-4061 [77] | thunderbird [78] |
| | |
| DSA-4062 [79] | firefox-esr [80] |
| | |
| DSA-4066 [81] | otrs2 [82] |
| | |
| DSA-4067 [83] | openafs [84] |
| | |
| DSA-4068 [85] | rsync [86] |
| | |
| DSA-4069 [87] | otrs2 [88] |
| | |
| DSA-4070 [89] | enigmail [90] |
| | |
| DSA-4071 [91] | sensible-utils [92] |
| | |
| DSA-4075 [93] | thunderbird [94] |
| | |
| DSA-4076 [95] | asterisk [96] |
| | |
| DSA-4077 [97] | gimp [98] |
| | |
| DSA-4079 [99] | poppler [100] |
| | |
| DSA-4081 [101] | php5 [102] |
| | |
| DSA-4082 [103] | linux [104] |
| | |
| DSA-4082 [105] | linux-latest [106] |
| | |
| DSA-4083 [107] | poco [108] |
| | |
| DSA-4084 [109] | gifsicle [110] |
| | |
| DSA-4085 [111] | xmltooling [112] |
| | |
| DSA-4086 [113] | libxml2 [114] |
| | |
| DSA-4087 [115] | transmission [116] |
| | |
| DSA-4088 [117] | gdk-pixbuf [118] |
| | |
| DSA-4089 [119] | bind9 [120] |
| | |
| DSA-4090 [121] | wordpress [122] |
| | |
| DSA-4091 [123] | mysql-5.5 [124] |
| | |
| DSA-4092 [125] | awstats [126] |
| | |
| DSA-4093 [127] | openocd [128] |
| | |
| DSA-4094 [129] | smarty3 [130] |
| | |
| DSA-4096 [131] | firefox-esr [132] |
| | |
| DSA-4097 [133] | poppler [134] |
| | |
| DSA-4098 [135] | curl [136] |
| | |
| DSA-4100 [137] | tiff [138] |
| | |
| DSA-4101 [139] | wireshark [140] |
| | |
| DSA-4102 [141] | thunderbird [142] |
| | |
| DSA-4104 [143] | p7zip [144] |
| | |
| DSA-4108 [145] | mailman [146] |
| | |
| DSA-4109 [147] | ruby-omniauth [148] |
| | |
| DSA-4110 [149] | exim4 [150] |
| | |
| DSA-4111 [151] | libreoffice [152] |
| | |
| DSA-4114 [153] | jackson-databind [154] |
| | |
| DSA-4115 [155] | quagga [156] |
| | |
| DSA-4117 [157] | gcc-4.9 [158] |
| | |
| DSA-4118 [159] | tomcat-native [160] |
| | |
| DSA-4119 [161] | libav [162] |
| | |
| DSA-4122 [163] | squid3 [164] |
| | |
| DSA-4123 [165] | drupal7 [166] |
| | |
| DSA-4124 [167] | lucene-solr [168] |
| | |
| DSA-4126 [169] | xmltooling [170] |
| | |
| DSA-4127 [171] | simplesamlphp [172] |
| | |
| DSA-4129 [173] | freexl [174] |
| | |
| DSA-4130 [175] | dovecot [176] |
| | |
| DSA-4132 [177] | libvpx [178] |
| | |
| DSA-4133 [179] | isc-dhcp [180] |
| | |
| DSA-4136 [181] | curl [182] |
| | |
| DSA-4137 [183] | libvirt [184] |
| | |
| DSA-4139 [185] | firefox-esr [186] |
| | |
| DSA-4140 [187] | libvorbis [188] |
| | |
| DSA-4141 [189] | libvorbisidec [190] |
| | |
| DSA-4142 [191] | uwsgi [192] |
| | |
| DSA-4143 [193] | firefox-esr [194] |
| | |
| DSA-4146 [195] | plexus-utils [196] |
| | |
| DSA-4147 [197] | polarssl [198] |
| | |
| DSA-4148 [199] | kamailio [200] |
| | |
| DSA-4149 [201] | plexus-utils2 [202] |
| | |
| DSA-4150 [203] | icu [204] |
| | |
| DSA-4151 [205] | librelp [206] |
| | |
| DSA-4152 [207] | mupdf [208] |
| | |
| DSA-4153 [209] | firefox-esr [210] |
| | |
| DSA-4154 [211] | net-snmp [212] |
| | |
| DSA-4155 [213] | thunderbird [214] |
| | |
| DSA-4156 [215] | drupal7 [216] |
| | |
| DSA-4157 [217] | openssl [218] |
| | |
| DSA-4161 [219] | python-django [220] |
| | |
| DSA-4163 [221] | beep [222] |
| | |
| DSA-4164 [223] | apache2 [224] |
| | |
| DSA-4165 [225] | ldap-account-manager [226] |
| | |
| DSA-4167 [227] | sharutils [228] |
| | |
| DSA-4168 [229] | squirrelmail [230] |
| | |
| DSA-4172 [231] | perl [232] |
| | |
| DSA-4175 [233] | freeplane [234] |
| | |
| DSA-4176 [235] | mysql-5.5 [236] |
| | |
| DSA-4177 [237] | libsdl2-image [238] |
| | |
| DSA-4178 [239] | libreoffice [240] |
| | |
| DSA-4179 [241] | linux-tools [242] |
| | |
| DSA-4180 [243] | drupal7 [244] |
| | |
| DSA-4184 [245] | sdl-image1.2 [246] |
| | |
| DSA-4186 [247] | gunicorn [248] |
| | |
| DSA-4187 [249] | linux-latest [250] |
| | |
| DSA-4187 [251] | linux [252] |
| | |
| DSA-4189 [253] | quassel [254] |
| | |
| DSA-4190 [255] | jackson-databind [256] |
| | |
| DSA-4192 [257] | libmad [258] |
| | |
| DSA-4193 [259] | wordpress [260] |
| | |
| DSA-4194 [261] | lucene-solr [262] |
| | |
| DSA-4195 [263] | wget [264] |
| | |
| DSA-4196 [265] | linux [266] |
| | |
| DSA-4199 [267] | firefox-esr [268] |
| | |
| DSA-4202 [269] | curl [270] |
| | |
| DSA-4204 [271] | imagemagick [272] |
| | |
| DSA-4208 [273] | procps [274] |
| | |
| DSA-4209 [275] | thunderbird [276] |
| | |
| DSA-4211 [277] | xdg-utils [278] |
| | |
| DSA-4212 [279] | git [280] |
| | |
| DSA-4214 [281] | zookeeper [282] |
| | |
| DSA-4215 [283] | batik [284] |
| | |
| DSA-4216 [285] | prosody [286] |
| | |
| DSA-4217 [287] | wireshark [288] |
| | |
| DSA-4218 [289] | memcached [290] |
| | |
| DSA-4220 [291] | firefox-esr [292] |
| | |
| DSA-4221 [293] | libvncserver [294] |
| | |
| DSA-4222 [295] | gnupg2 [296] |
| | |
| DSA-4224 [297] | gnupg [298] |
| | |
| DSA-4225 [299] | openjdk-7 [300] |
| | |
| DSA-4226 [301] | perl [302] |
| | |
| DSA-4227 [303] | plexus-archiver [304] |
| | |
| DSA-4228 [305] | spip [306] |
| | |
| DSA-4229 [307] | strongswan [308] |
| | |
+----------------+----------------------------------+
41: https://www.debian.org/security/2016/dsa-3707
42: https://packages.debian.org/src:openjdk-7
43: https://www.debian.org/security/2016/dsa-3708
44: https://packages.debian.org/src:mat
45: https://www.debian.org/security/2016/dsa-3746
46: https://packages.debian.org/src:graphicsmagick
47: https://www.debian.org/security/2017/dsa-3782
48: https://packages.debian.org/src:openjdk-7
49: https://www.debian.org/security/2017/dsa-3832
50: https://packages.debian.org/src:openoffice.org-dictionaries
51: https://www.debian.org/security/2017/dsa-3858
52: https://packages.debian.org/src:openjdk-7
53: https://www.debian.org/security/2017/dsa-3923
54: https://packages.debian.org/src:freerdp
55: https://www.debian.org/security/2017/dsa-3944
56: https://packages.debian.org/src:mariadb-10.0
57: https://www.debian.org/security/2017/dsa-3954
58: https://packages.debian.org/src:openjdk-7
59: https://www.debian.org/security/2017/dsa-3968
60: https://packages.debian.org/src:icedove
61: https://www.debian.org/security/2017/dsa-4010
62: https://packages.debian.org/src:git-annex
63: https://www.debian.org/security/2017/dsa-4014
64: https://packages.debian.org/src:thunderbird
65: https://www.debian.org/security/2017/dsa-4048
66: https://packages.debian.org/src:openjdk-7
67: https://www.debian.org/security/2017/dsa-4054
68: https://packages.debian.org/src:tor
69: https://www.debian.org/security/2017/dsa-4057
70: https://packages.debian.org/src:erlang
71: https://www.debian.org/security/2017/dsa-4058
72: https://packages.debian.org/src:optipng
73: https://www.debian.org/security/2017/dsa-4059
74: https://packages.debian.org/src:libxcursor
75: https://www.debian.org/security/2017/dsa-4060
76: https://packages.debian.org/src:wireshark
77: https://www.debian.org/security/2017/dsa-4061
78: https://packages.debian.org/src:thunderbird
79: https://www.debian.org/security/2017/dsa-4062
80: https://packages.debian.org/src:firefox-esr
81: https://www.debian.org/security/2017/dsa-4066
82: https://packages.debian.org/src:otrs2
83: https://www.debian.org/security/2017/dsa-4067
84: https://packages.debian.org/src:openafs
85: https://www.debian.org/security/2017/dsa-4068
86: https://packages.debian.org/src:rsync
87: https://www.debian.org/security/2017/dsa-4069
88: https://packages.debian.org/src:otrs2
89: https://www.debian.org/security/2017/dsa-4070
90: https://packages.debian.org/src:enigmail
91: https://www.debian.org/security/2017/dsa-4071
92: https://packages.debian.org/src:sensible-utils
93: https://www.debian.org/security/2017/dsa-4075
94: https://packages.debian.org/src:thunderbird
95: https://www.debian.org/security/2017/dsa-4076
96: https://packages.debian.org/src:asterisk
97: https://www.debian.org/security/2017/dsa-4077
98: https://packages.debian.org/src:gimp
99: https://www.debian.org/security/2018/dsa-4079
100: https://packages.debian.org/src:poppler
101: https://www.debian.org/security/2018/dsa-4081
102: https://packages.debian.org/src:php5
103: https://www.debian.org/security/2018/dsa-4082
104: https://packages.debian.org/src:linux
105: https://www.debian.org/security/2018/dsa-4082
106: https://packages.debian.org/src:linux-latest
107: https://www.debian.org/security/2018/dsa-4083
108: https://packages.debian.org/src:poco
109: https://www.debian.org/security/2018/dsa-4084
110: https://packages.debian.org/src:gifsicle
111: https://www.debian.org/security/2018/dsa-4085
112: https://packages.debian.org/src:xmltooling
113: https://www.debian.org/security/2018/dsa-4086
114: https://packages.debian.org/src:libxml2
115: https://www.debian.org/security/2018/dsa-4087
116: https://packages.debian.org/src:transmission
117: https://www.debian.org/security/2018/dsa-4088
118: https://packages.debian.org/src:gdk-pixbuf
119: https://www.debian.org/security/2018/dsa-4089
120: https://packages.debian.org/src:bind9
121: https://www.debian.org/security/2018/dsa-4090
122: https://packages.debian.org/src:wordpress
123: https://www.debian.org/security/2018/dsa-4091
124: https://packages.debian.org/src:mysql-5.5
125: https://www.debian.org/security/2018/dsa-4092
126: https://packages.debian.org/src:awstats
127: https://www.debian.org/security/2018/dsa-4093
128: https://packages.debian.org/src:openocd
129: https://www.debian.org/security/2018/dsa-4094
130: https://packages.debian.org/src:smarty3
131: https://www.debian.org/security/2018/dsa-4096
132: https://packages.debian.org/src:firefox-esr
133: https://www.debian.org/security/2018/dsa-4097
134: https://packages.debian.org/src:poppler
135: https://www.debian.org/security/2018/dsa-4098
136: https://packages.debian.org/src:curl
137: https://www.debian.org/security/2018/dsa-4100
138: https://packages.debian.org/src:tiff
139: https://www.debian.org/security/2018/dsa-4101
140: https://packages.debian.org/src:wireshark
141: https://www.debian.org/security/2018/dsa-4102
142: https://packages.debian.org/src:thunderbird
143: https://www.debian.org/security/2018/dsa-4104
144: https://packages.debian.org/src:p7zip
145: https://www.debian.org/security/2018/dsa-4108
146: https://packages.debian.org/src:mailman
147: https://www.debian.org/security/2018/dsa-4109
148: https://packages.debian.org/src:ruby-omniauth
149: https://www.debian.org/security/2018/dsa-4110
150: https://packages.debian.org/src:exim4
151: https://www.debian.org/security/2018/dsa-4111
152: https://packages.debian.org/src:libreoffice
153: https://www.debian.org/security/2018/dsa-4114
154: https://packages.debian.org/src:jackson-databind
155: https://www.debian.org/security/2018/dsa-4115
156: https://packages.debian.org/src:quagga
157: https://www.debian.org/security/2018/dsa-4117
158: https://packages.debian.org/src:gcc-4.9
159: https://www.debian.org/security/2018/dsa-4118
160: https://packages.debian.org/src:tomcat-native
161: https://www.debian.org/security/2018/dsa-4119
162: https://packages.debian.org/src:libav
163: https://www.debian.org/security/2018/dsa-4122
164: https://packages.debian.org/src:squid3
165: https://www.debian.org/security/2018/dsa-4123
166: https://packages.debian.org/src:drupal7
167: https://www.debian.org/security/2018/dsa-4124
168: https://packages.debian.org/src:lucene-solr
169: https://www.debian.org/security/2018/dsa-4126
170: https://packages.debian.org/src:xmltooling
171: https://www.debian.org/security/2018/dsa-4127
172: https://packages.debian.org/src:simplesamlphp
173: https://www.debian.org/security/2018/dsa-4129
174: https://packages.debian.org/src:freexl
175: https://www.debian.org/security/2018/dsa-4130
176: https://packages.debian.org/src:dovecot
177: https://www.debian.org/security/2018/dsa-4132
178: https://packages.debian.org/src:libvpx
179: https://www.debian.org/security/2018/dsa-4133
180: https://packages.debian.org/src:isc-dhcp
181: https://www.debian.org/security/2018/dsa-4136
182: https://packages.debian.org/src:curl
183: https://www.debian.org/security/2018/dsa-4137
184: https://packages.debian.org/src:libvirt
185: https://www.debian.org/security/2018/dsa-4139
186: https://packages.debian.org/src:firefox-esr
187: https://www.debian.org/security/2018/dsa-4140
188: https://packages.debian.org/src:libvorbis
189: https://www.debian.org/security/2018/dsa-4141
190: https://packages.debian.org/src:libvorbisidec
191: https://www.debian.org/security/2018/dsa-4142
192: https://packages.debian.org/src:uwsgi
193: https://www.debian.org/security/2018/dsa-4143
194: https://packages.debian.org/src:firefox-esr
195: https://www.debian.org/security/2018/dsa-4146
196: https://packages.debian.org/src:plexus-utils
197: https://www.debian.org/security/2018/dsa-4147
198: https://packages.debian.org/src:polarssl
199: https://www.debian.org/security/2018/dsa-4148
200: https://packages.debian.org/src:kamailio
201: https://www.debian.org/security/2018/dsa-4149
202: https://packages.debian.org/src:plexus-utils2
203: https://www.debian.org/security/2018/dsa-4150
204: https://packages.debian.org/src:icu
205: https://www.debian.org/security/2018/dsa-4151
206: https://packages.debian.org/src:librelp
207: https://www.debian.org/security/2018/dsa-4152
208: https://packages.debian.org/src:mupdf
209: https://www.debian.org/security/2018/dsa-4153
210: https://packages.debian.org/src:firefox-esr
211: https://www.debian.org/security/2018/dsa-4154
212: https://packages.debian.org/src:net-snmp
213: https://www.debian.org/security/2018/dsa-4155
214: https://packages.debian.org/src:thunderbird
215: https://www.debian.org/security/2018/dsa-4156
216: https://packages.debian.org/src:drupal7
217: https://www.debian.org/security/2018/dsa-4157
218: https://packages.debian.org/src:openssl
219: https://www.debian.org/security/2018/dsa-4161
220: https://packages.debian.org/src:python-django
221: https://www.debian.org/security/2018/dsa-4163
222: https://packages.debian.org/src:beep
223: https://www.debian.org/security/2018/dsa-4164
224: https://packages.debian.org/src:apache2
225: https://www.debian.org/security/2018/dsa-4165
226: https://packages.debian.org/src:ldap-account-manager
227: https://www.debian.org/security/2018/dsa-4167
228: https://packages.debian.org/src:sharutils
229: https://www.debian.org/security/2018/dsa-4168
230: https://packages.debian.org/src:squirrelmail
231: https://www.debian.org/security/2018/dsa-4172
232: https://packages.debian.org/src:perl
233: https://www.debian.org/security/2018/dsa-4175
234: https://packages.debian.org/src:freeplane
235: https://www.debian.org/security/2018/dsa-4176
236: https://packages.debian.org/src:mysql-5.5
237: https://www.debian.org/security/2018/dsa-4177
238: https://packages.debian.org/src:libsdl2-image
239: https://www.debian.org/security/2018/dsa-4178
240: https://packages.debian.org/src:libreoffice
241: https://www.debian.org/security/2018/dsa-4179
242: https://packages.debian.org/src:linux-tools
243: https://www.debian.org/security/2018/dsa-4180
244: https://packages.debian.org/src:drupal7
245: https://www.debian.org/security/2018/dsa-4184
246: https://packages.debian.org/src:sdl-image1.2
247: https://www.debian.org/security/2018/dsa-4186
248: https://packages.debian.org/src:gunicorn
249: https://www.debian.org/security/2018/dsa-4187
250: https://packages.debian.org/src:linux-latest
251: https://www.debian.org/security/2018/dsa-4187
252: https://packages.debian.org/src:linux
253: https://www.debian.org/security/2018/dsa-4189
254: https://packages.debian.org/src:quassel
255: https://www.debian.org/security/2018/dsa-4190
256: https://packages.debian.org/src:jackson-databind
257: https://www.debian.org/security/2018/dsa-4192
258: https://packages.debian.org/src:libmad
259: https://www.debian.org/security/2018/dsa-4193
260: https://packages.debian.org/src:wordpress
261: https://www.debian.org/security/2018/dsa-4194
262: https://packages.debian.org/src:lucene-solr
263: https://www.debian.org/security/2018/dsa-4195
264: https://packages.debian.org/src:wget
265: https://www.debian.org/security/2018/dsa-4196
266: https://packages.debian.org/src:linux
267: https://www.debian.org/security/2018/dsa-4199
268: https://packages.debian.org/src:firefox-esr
269: https://www.debian.org/security/2018/dsa-4202
270: https://packages.debian.org/src:curl
271: https://www.debian.org/security/2018/dsa-4204
272: https://packages.debian.org/src:imagemagick
273: https://www.debian.org/security/2018/dsa-4208
274: https://packages.debian.org/src:procps
275: https://www.debian.org/security/2018/dsa-4209
276: https://packages.debian.org/src:thunderbird
277: https://www.debian.org/security/2018/dsa-4211
278: https://packages.debian.org/src:xdg-utils
279: https://www.debian.org/security/2018/dsa-4212
280: https://packages.debian.org/src:git
281: https://www.debian.org/security/2018/dsa-4214
282: https://packages.debian.org/src:zookeeper
283: https://www.debian.org/security/2018/dsa-4215
284: https://packages.debian.org/src:batik
285: https://www.debian.org/security/2018/dsa-4216
286: https://packages.debian.org/src:prosody
287: https://www.debian.org/security/2018/dsa-4217
288: https://packages.debian.org/src:wireshark
289: https://www.debian.org/security/2018/dsa-4218
290: https://packages.debian.org/src:memcached
291: https://www.debian.org/security/2018/dsa-4220
292: https://packages.debian.org/src:firefox-esr
293: https://www.debian.org/security/2018/dsa-4221
294: https://packages.debian.org/src:libvncserver
295: https://www.debian.org/security/2018/dsa-4222
296: https://packages.debian.org/src:gnupg2
297: https://www.debian.org/security/2018/dsa-4224
298: https://packages.debian.org/src:gnupg
299: https://www.debian.org/security/2018/dsa-4225
300: https://packages.debian.org/src:openjdk-7
301: https://www.debian.org/security/2018/dsa-4226
302: https://packages.debian.org/src:perl
303: https://www.debian.org/security/2018/dsa-4227
304: https://packages.debian.org/src:plexus-archiver
305: https://www.debian.org/security/2018/dsa-4228
306: https://packages.debian.org/src:spip
307: https://www.debian.org/security/2018/dsa-4229
308: https://packages.debian.org/src:strongswan
Removed packages
----------------
The following packages were removed due to circumstances beyond our
control:
+-------------------------------+-------------------------------------+
| Package | Reason |
+-------------------------------+-------------------------------------+
| dolibarr [309] | Too much work to maintain it |
| | properly in Debian |
| | |
| electrum [310] | No longer able to connect to the |
| | network |
| | |
| jirc [311] | Broken with jessie's libpoe-filter- |
| | xml-perl |
| | |
| nvidia-graphics-modules [312] | License problem; incompatible with |
| | current kernel ABI |
| | |
| openstreetmap-client [313] | Broken |
| | |
| redmine [314] | No longer security supported |
| | |
| redmine-plugin-pretend [315] | Depends on redmine |
| | |
| redmine-plugin- | Depends on redmine |
| recaptcha [316] | |
| | |
| redmine-recaptcha [317] | Depends on redmine |
| | |
| youtube-dl [318] | Incompatible YouTube API changes |
| | |
+-------------------------------+-------------------------------------+
309: https://packages.debian.org/src:dolibarr
310: https://packages.debian.org/src:electrum
311: https://packages.debian.org/src:jirc
312: https://packages.debian.org/src:nvidia-graphics-modules
313: https://packages.debian.org/src:openstreetmap-client
314: https://packages.debian.org/src:redmine
315: https://packages.debian.org/src:redmine-plugin-pretend
316: https://packages.debian.org/src:redmine-plugin-recaptcha
317: https://packages.debian.org/src:redmine-recaptcha
318: https://packages.debian.org/src:youtube-dl
Debian Installer
----------------
The installer has been updated to include the fixes incorporated into
oldstable by the point release.
URLs
----
The complete lists of packages that have changed with this revision:
http://ftp.debian.org/debian/dists/jessie/ChangeLog
The current oldstable distribution:
http://ftp.debian.org/debian/dists/oldstable/
Proposed updates to the oldstable distribution:
http://ftp.debian.org/debian/dists/oldstable-proposed-updates
oldstable distribution information (release notes, errata etc.):
https://www.debian.org/releases/oldstable/
Security announcements and information:
https://security.debian.org/ [319]
319: https://www.debian.org/security/
About Debian
------------
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.
Contact Information
-------------------
For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to <pr...@debian.org>, or contact the
stable release team at <debian-...@lists.debian.org>.
--
--
Donald Norwood
www.debian.org
The Debian Project https://www.debian.org/
Updated Debian 8: 8.11 released pr...@debian.org
June 23rd, 2018 https://www.debian.org/News/2018/20180623
------------------------------------------------------------------------
The Debian project is pleased to announce the eleventh (and final)
update of its oldstable distribution Debian 8 (codename "jessie"). This
point release mainly adds corrections for security issues, along with a
few adjustments for serious problems. Security advisories have already
been published separately and are referenced where available.
After this point release, Debian's Security and Release Teams will no
longer be producing updates for Debian 8. Users wishing to continue to
receive security support should upgrade to Debian 9, or see
https://wiki.debian.org/LTS for details about the subset of
architectures and packages covered by the Long Term Support project.
The packages for some architectures for DSA 3746, DSA 3944, DSA 3968,
DSA 4010, DSA 4014, DSA 4061, DSA 4075, DSA 4102, DSA 4155, DSA 4209 and
DSA 4218 are not included in this point release for technical reasons.
All other security updates released during the lifetime of "jessie" that
have not previously been part of a point release are included in this
update.
Please note that the point release does not constitute a new version of
Debian 8 but only updates some of the packages included. There is no
need to throw away old "jessie" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.
Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.
New installation images will be available soon at the regular locations.
Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:
https://www.debian.org/mirror/list
Miscellaneous Bugfixes
----------------------
This oldstable update adds a few important corrections to the following
packages:
+----------------------------+----------------------------------------+
| Package | Reason |
+----------------------------+----------------------------------------+
| adminer [1] | Don't allow connections to privileged |
| | ports [CVE-2018-7667] |
| | |
| base-files [2] | Update for the point release |
| | |
| blktrace [3] | Fix buffer overflow in btt [CVE-2018- |
| | 10689] |
| | |
| bwm-ng [4] | Explicitly build without libstatgrab |
| | support |
| | |
| clamav [5] | Security update [CVE-2017-6418 |
| | CVE-2017-6420 CVE-2017-12374 CVE-2017- |
| | 12375 CVE-2017-12376 CVE-2017-12377 |
| | CVE-2017-12378 CVE-2017-12379 |
| | CVE-2017-12380]; fix temporary file |
| | cleanup issue; new upstream release; |
| | new upstream version |
| | |
| debian-installer [6] | Rebuild for the point release |
| | |
| debian-installer-netboot- | Rebuild for the point release |
| images [7] | |
| | |
| debian-security- | Update package data |
| support [8] | |
| | |
| dh-make-perl [9] | Support Contents file without header |
| | |
| dns-root-data [10] | Update IANA DNSSEC files to 2017-02-02 |
| | versions |
| | |
| faad2 [11] | Fix several DoS issues via crafted MP4 |
| | files [CVE-2017-9218 CVE-2017-9219 |
| | CVE-2017-9220 CVE-2017-9221 CVE-2017- |
| | 9222 CVE-2017-9223 CVE-2017-9253 |
| | CVE-2017-9254 CVE-2017-9255 CVE-2017- |
| | 9256 CVE-2017-9257] |
| | |
| file [12] | Avoid reading past the end of a buffer |
| | [CVE-2018-10360]] |
| | |
| ghostscript [13] | Fix segfault with fuzzing file in |
| | gxht_thresh_image_init[); fix buffer |
| | overflow in fill_threshold_buffer |
| | [CVE-2016-10317]; pdfwrite - Guard |
| | against trying to output an infinite |
| | number [CVE-2018-10194] |
| | |
| intel-microcode [14] | Update included microcode, including |
| | fixes for Spectre v2 [CVE-2017-5715] |
| | |
| lame [15] | Fix security issues by switching to |
| | use I/O routines from sndfile |
| | [CVE-2017-15018 CVE-2017-15045 |
| | CVE-2017-15046 CVE-2017-9869 CVE-2017- |
| | 9870 CVE-2017-9871 CVE-2017-9872] |
| | |
| libdatetime-timezone- | Update included data |
| perl [16] | |
| | |
| libextractor [17] | Various security fixes [CVE-2017-15266 |
| | CVE-2017-15267 CVE-2017-15600 |
| | CVE-2017-15601 CVE-2017-15602 |
| | CVE-2017-15922 CVE-2017-17440] |
| | |
| libipc-run-perl [18] | Fix memory leak |
| | |
| linux [19] | New upstream stable release |
| | |
| mactelnet [20] | Security fix [CVE-2016-7115] |
| | |
| ncurses [21] | Fix buffer overflow in the |
| | _nc_write_entry function [CVE-2017- |
| | 16879] |
| | |
| nvidia-graphics- | New upstream version |
| drivers [22] | |
| | |
| nvidia-graphics-drivers- | Update to latest driver |
| legacy-304xx [23] | |
| | |
| openafs [24] | Fix kernel module build against linux |
| | 3.16.51-3+deb8u1 kernels after |
| | security update-induced ABI changes |
| | |
| openldap [25] | Fix upgrade failure when olcSuffix |
| | contains a backslash; fix memory |
| | corruption caused by calling |
| | sasl_client_init() multiple times |
| | |
| patch [26] | Fix arbitrary command execution in ed- |
| | style patches [CVE-2018-1000156] |
| | |
| postgresql-9.4 [27] | New upstream release |
| | |
| psensor [28] | Fix directory traversal issue |
| | [CVE-2014-10073] |
| | |
| python-mimeparse [29] | Fix python3-mimeparse's dependencies |
| | |
| rar [30] | Strip statically linked rar and |
| | install the dynamically linked version |
| | instead |
| | |
| reportbug [31] | Stop CCing secure-testing- |
| | te...@lists.alioth.debian.org |
| | |
| sam2p [32] | Fix multiple invalid frees and buffer- |
| | overflow vulnerabilities [CVE-2018- |
| | 7487 CVE-2018-7551 CVE-2018-7552 |
| | CVE-2018-7553 CVE-2018-7554] |
| | |
| slurm-llnl [33] | Fix upgrade issue from wheezy |
| | |
| soundtouch [34] | Security fixes [CVE-2017-9258 |
| | CVE-2017-9259 CVE-2017-9260] |
| | |
| subversion [35] | Fix crashes with Perl bindings, |
| | commonly seen when using git-svn |
| | |
| tzdata [36] | Update included data |
| | |
| user-mode-linux [37] | Rebuild against current jessie kernel |
| | |
| virtualbox-guest- | Fix multiple security issues |
| additions-iso [38] | [CVE-2016-0592 CVE-2016-0495 CVE-2015- |
| | 8104 CVE-2015-7183 CVE-2015-5307 |
| | CVE-2015-7183 CVE-2015-4813 CVE-2015- |
| | 4896 CVE-2015-3456] |
| | |
| xerces-c [39] | Fix Denial of Service via external DTD |
| | reference [CVE-2017-12627] |
| | |
| zsh [40] | Rebuild against libraries currently in |
| | jessie |
| | |
+----------------------------+----------------------------------------+
1: https://packages.debian.org/src:adminer
2: https://packages.debian.org/src:base-files
3: https://packages.debian.org/src:blktrace
4: https://packages.debian.org/src:bwm-ng
5: https://packages.debian.org/src:clamav
6: https://packages.debian.org/src:debian-installer
7: https://packages.debian.org/src:debian-installer-netboot-images
8: https://packages.debian.org/src:debian-security-support
9: https://packages.debian.org/src:dh-make-perl
10: https://packages.debian.org/src:dns-root-data
11: https://packages.debian.org/src:faad2
12: https://packages.debian.org/src:file
13: https://packages.debian.org/src:ghostscript
14: https://packages.debian.org/src:intel-microcode
15: https://packages.debian.org/src:lame
16: https://packages.debian.org/src:libdatetime-timezone-perl
17: https://packages.debian.org/src:libextractor
18: https://packages.debian.org/src:libipc-run-perl
19: https://packages.debian.org/src:linux
20: https://packages.debian.org/src:mactelnet
21: https://packages.debian.org/src:ncurses
22: https://packages.debian.org/src:nvidia-graphics-drivers
23: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-304xx
24: https://packages.debian.org/src:openafs
25: https://packages.debian.org/src:openldap
26: https://packages.debian.org/src:patch
27: https://packages.debian.org/src:postgresql-9.4
28: https://packages.debian.org/src:psensor
29: https://packages.debian.org/src:python-mimeparse
30: https://packages.debian.org/src:rar
31: https://packages.debian.org/src:reportbug
32: https://packages.debian.org/src:sam2p
33: https://packages.debian.org/src:slurm-llnl
34: https://packages.debian.org/src:soundtouch
35: https://packages.debian.org/src:subversion
36: https://packages.debian.org/src:tzdata
37: https://packages.debian.org/src:user-mode-linux
38: https://packages.debian.org/src:virtualbox-guest-additions-iso
39: https://packages.debian.org/src:xerces-c
40: https://packages.debian.org/src:zsh
Security Updates
----------------
This revision adds the following security updates to the oldstable
release. The Security Team has already released an advisory for each of
these updates:
+----------------+----------------------------------+
| Advisory ID | Package |
+----------------+----------------------------------+
| DSA-3707 [41] | openjdk-7 [42] |
| | |
| DSA-3708 [43] | mat [44] |
| | |
| DSA-3746 [45] | graphicsmagick [46] |
| | |
| DSA-3782 [47] | openjdk-7 [48] |
| | |
| DSA-3832 [49] | openoffice.org-dictionaries [50] |
| | |
| DSA-3858 [51] | openjdk-7 [52] |
| | |
| DSA-3923 [53] | freerdp [54] |
| | |
| DSA-3944 [55] | mariadb-10.0 [56] |
| | |
| DSA-3954 [57] | openjdk-7 [58] |
| | |
| DSA-3968 [59] | icedove [60] |
| | |
| DSA-4010 [61] | git-annex [62] |
| | |
| DSA-4014 [63] | thunderbird [64] |
| | |
| DSA-4048 [65] | openjdk-7 [66] |
| | |
| DSA-4054 [67] | tor [68] |
| | |
| DSA-4057 [69] | erlang [70] |
| | |
| DSA-4058 [71] | optipng [72] |
| | |
| DSA-4059 [73] | libxcursor [74] |
| | |
| DSA-4060 [75] | wireshark [76] |
| | |
| DSA-4061 [77] | thunderbird [78] |
| | |
| DSA-4062 [79] | firefox-esr [80] |
| | |
| DSA-4066 [81] | otrs2 [82] |
| | |
| DSA-4067 [83] | openafs [84] |
| | |
| DSA-4068 [85] | rsync [86] |
| | |
| DSA-4069 [87] | otrs2 [88] |
| | |
| DSA-4070 [89] | enigmail [90] |
| | |
| DSA-4071 [91] | sensible-utils [92] |
| | |
| DSA-4075 [93] | thunderbird [94] |
| | |
| DSA-4076 [95] | asterisk [96] |
| | |
| DSA-4077 [97] | gimp [98] |
| | |
| DSA-4079 [99] | poppler [100] |
| | |
| DSA-4081 [101] | php5 [102] |
| | |
| DSA-4082 [103] | linux [104] |
| | |
| DSA-4082 [105] | linux-latest [106] |
| | |
| DSA-4083 [107] | poco [108] |
| | |
| DSA-4084 [109] | gifsicle [110] |
| | |
| DSA-4085 [111] | xmltooling [112] |
| | |
| DSA-4086 [113] | libxml2 [114] |
| | |
| DSA-4087 [115] | transmission [116] |
| | |
| DSA-4088 [117] | gdk-pixbuf [118] |
| | |
| DSA-4089 [119] | bind9 [120] |
| | |
| DSA-4090 [121] | wordpress [122] |
| | |
| DSA-4091 [123] | mysql-5.5 [124] |
| | |
| DSA-4092 [125] | awstats [126] |
| | |
| DSA-4093 [127] | openocd [128] |
| | |
| DSA-4094 [129] | smarty3 [130] |
| | |
| DSA-4096 [131] | firefox-esr [132] |
| | |
| DSA-4097 [133] | poppler [134] |
| | |
| DSA-4098 [135] | curl [136] |
| | |
| DSA-4100 [137] | tiff [138] |
| | |
| DSA-4101 [139] | wireshark [140] |
| | |
| DSA-4102 [141] | thunderbird [142] |
| | |
| DSA-4104 [143] | p7zip [144] |
| | |
| DSA-4108 [145] | mailman [146] |
| | |
| DSA-4109 [147] | ruby-omniauth [148] |
| | |
| DSA-4110 [149] | exim4 [150] |
| | |
| DSA-4111 [151] | libreoffice [152] |
| | |
| DSA-4114 [153] | jackson-databind [154] |
| | |
| DSA-4115 [155] | quagga [156] |
| | |
| DSA-4117 [157] | gcc-4.9 [158] |
| | |
| DSA-4118 [159] | tomcat-native [160] |
| | |
| DSA-4119 [161] | libav [162] |
| | |
| DSA-4122 [163] | squid3 [164] |
| | |
| DSA-4123 [165] | drupal7 [166] |
| | |
| DSA-4124 [167] | lucene-solr [168] |
| | |
| DSA-4126 [169] | xmltooling [170] |
| | |
| DSA-4127 [171] | simplesamlphp [172] |
| | |
| DSA-4129 [173] | freexl [174] |
| | |
| DSA-4130 [175] | dovecot [176] |
| | |
| DSA-4132 [177] | libvpx [178] |
| | |
| DSA-4133 [179] | isc-dhcp [180] |
| | |
| DSA-4136 [181] | curl [182] |
| | |
| DSA-4137 [183] | libvirt [184] |
| | |
| DSA-4139 [185] | firefox-esr [186] |
| | |
| DSA-4140 [187] | libvorbis [188] |
| | |
| DSA-4141 [189] | libvorbisidec [190] |
| | |
| DSA-4142 [191] | uwsgi [192] |
| | |
| DSA-4143 [193] | firefox-esr [194] |
| | |
| DSA-4146 [195] | plexus-utils [196] |
| | |
| DSA-4147 [197] | polarssl [198] |
| | |
| DSA-4148 [199] | kamailio [200] |
| | |
| DSA-4149 [201] | plexus-utils2 [202] |
| | |
| DSA-4150 [203] | icu [204] |
| | |
| DSA-4151 [205] | librelp [206] |
| | |
| DSA-4152 [207] | mupdf [208] |
| | |
| DSA-4153 [209] | firefox-esr [210] |
| | |
| DSA-4154 [211] | net-snmp [212] |
| | |
| DSA-4155 [213] | thunderbird [214] |
| | |
| DSA-4156 [215] | drupal7 [216] |
| | |
| DSA-4157 [217] | openssl [218] |
| | |
| DSA-4161 [219] | python-django [220] |
| | |
| DSA-4163 [221] | beep [222] |
| | |
| DSA-4164 [223] | apache2 [224] |
| | |
| DSA-4165 [225] | ldap-account-manager [226] |
| | |
| DSA-4167 [227] | sharutils [228] |
| | |
| DSA-4168 [229] | squirrelmail [230] |
| | |
| DSA-4172 [231] | perl [232] |
| | |
| DSA-4175 [233] | freeplane [234] |
| | |
| DSA-4176 [235] | mysql-5.5 [236] |
| | |
| DSA-4177 [237] | libsdl2-image [238] |
| | |
| DSA-4178 [239] | libreoffice [240] |
| | |
| DSA-4179 [241] | linux-tools [242] |
| | |
| DSA-4180 [243] | drupal7 [244] |
| | |
| DSA-4184 [245] | sdl-image1.2 [246] |
| | |
| DSA-4186 [247] | gunicorn [248] |
| | |
| DSA-4187 [249] | linux-latest [250] |
| | |
| DSA-4187 [251] | linux [252] |
| | |
| DSA-4189 [253] | quassel [254] |
| | |
| DSA-4190 [255] | jackson-databind [256] |
| | |
| DSA-4192 [257] | libmad [258] |
| | |
| DSA-4193 [259] | wordpress [260] |
| | |
| DSA-4194 [261] | lucene-solr [262] |
| | |
| DSA-4195 [263] | wget [264] |
| | |
| DSA-4196 [265] | linux [266] |
| | |
| DSA-4199 [267] | firefox-esr [268] |
| | |
| DSA-4202 [269] | curl [270] |
| | |
| DSA-4204 [271] | imagemagick [272] |
| | |
| DSA-4208 [273] | procps [274] |
| | |
| DSA-4209 [275] | thunderbird [276] |
| | |
| DSA-4211 [277] | xdg-utils [278] |
| | |
| DSA-4212 [279] | git [280] |
| | |
| DSA-4214 [281] | zookeeper [282] |
| | |
| DSA-4215 [283] | batik [284] |
| | |
| DSA-4216 [285] | prosody [286] |
| | |
| DSA-4217 [287] | wireshark [288] |
| | |
| DSA-4218 [289] | memcached [290] |
| | |
| DSA-4220 [291] | firefox-esr [292] |
| | |
| DSA-4221 [293] | libvncserver [294] |
| | |
| DSA-4222 [295] | gnupg2 [296] |
| | |
| DSA-4224 [297] | gnupg [298] |
| | |
| DSA-4225 [299] | openjdk-7 [300] |
| | |
| DSA-4226 [301] | perl [302] |
| | |
| DSA-4227 [303] | plexus-archiver [304] |
| | |
| DSA-4228 [305] | spip [306] |
| | |
| DSA-4229 [307] | strongswan [308] |
| | |
+----------------+----------------------------------+
41: https://www.debian.org/security/2016/dsa-3707
42: https://packages.debian.org/src:openjdk-7
43: https://www.debian.org/security/2016/dsa-3708
44: https://packages.debian.org/src:mat
45: https://www.debian.org/security/2016/dsa-3746
46: https://packages.debian.org/src:graphicsmagick
47: https://www.debian.org/security/2017/dsa-3782
48: https://packages.debian.org/src:openjdk-7
49: https://www.debian.org/security/2017/dsa-3832
50: https://packages.debian.org/src:openoffice.org-dictionaries
51: https://www.debian.org/security/2017/dsa-3858
52: https://packages.debian.org/src:openjdk-7
53: https://www.debian.org/security/2017/dsa-3923
54: https://packages.debian.org/src:freerdp
55: https://www.debian.org/security/2017/dsa-3944
56: https://packages.debian.org/src:mariadb-10.0
57: https://www.debian.org/security/2017/dsa-3954
58: https://packages.debian.org/src:openjdk-7
59: https://www.debian.org/security/2017/dsa-3968
60: https://packages.debian.org/src:icedove
61: https://www.debian.org/security/2017/dsa-4010
62: https://packages.debian.org/src:git-annex
63: https://www.debian.org/security/2017/dsa-4014
64: https://packages.debian.org/src:thunderbird
65: https://www.debian.org/security/2017/dsa-4048
66: https://packages.debian.org/src:openjdk-7
67: https://www.debian.org/security/2017/dsa-4054
68: https://packages.debian.org/src:tor
69: https://www.debian.org/security/2017/dsa-4057
70: https://packages.debian.org/src:erlang
71: https://www.debian.org/security/2017/dsa-4058
72: https://packages.debian.org/src:optipng
73: https://www.debian.org/security/2017/dsa-4059
74: https://packages.debian.org/src:libxcursor
75: https://www.debian.org/security/2017/dsa-4060
76: https://packages.debian.org/src:wireshark
77: https://www.debian.org/security/2017/dsa-4061
78: https://packages.debian.org/src:thunderbird
79: https://www.debian.org/security/2017/dsa-4062
80: https://packages.debian.org/src:firefox-esr
81: https://www.debian.org/security/2017/dsa-4066
82: https://packages.debian.org/src:otrs2
83: https://www.debian.org/security/2017/dsa-4067
84: https://packages.debian.org/src:openafs
85: https://www.debian.org/security/2017/dsa-4068
86: https://packages.debian.org/src:rsync
87: https://www.debian.org/security/2017/dsa-4069
88: https://packages.debian.org/src:otrs2
89: https://www.debian.org/security/2017/dsa-4070
90: https://packages.debian.org/src:enigmail
91: https://www.debian.org/security/2017/dsa-4071
92: https://packages.debian.org/src:sensible-utils
93: https://www.debian.org/security/2017/dsa-4075
94: https://packages.debian.org/src:thunderbird
95: https://www.debian.org/security/2017/dsa-4076
96: https://packages.debian.org/src:asterisk
97: https://www.debian.org/security/2017/dsa-4077
98: https://packages.debian.org/src:gimp
99: https://www.debian.org/security/2018/dsa-4079
100: https://packages.debian.org/src:poppler
101: https://www.debian.org/security/2018/dsa-4081
102: https://packages.debian.org/src:php5
103: https://www.debian.org/security/2018/dsa-4082
104: https://packages.debian.org/src:linux
105: https://www.debian.org/security/2018/dsa-4082
106: https://packages.debian.org/src:linux-latest
107: https://www.debian.org/security/2018/dsa-4083
108: https://packages.debian.org/src:poco
109: https://www.debian.org/security/2018/dsa-4084
110: https://packages.debian.org/src:gifsicle
111: https://www.debian.org/security/2018/dsa-4085
112: https://packages.debian.org/src:xmltooling
113: https://www.debian.org/security/2018/dsa-4086
114: https://packages.debian.org/src:libxml2
115: https://www.debian.org/security/2018/dsa-4087
116: https://packages.debian.org/src:transmission
117: https://www.debian.org/security/2018/dsa-4088
118: https://packages.debian.org/src:gdk-pixbuf
119: https://www.debian.org/security/2018/dsa-4089
120: https://packages.debian.org/src:bind9
121: https://www.debian.org/security/2018/dsa-4090
122: https://packages.debian.org/src:wordpress
123: https://www.debian.org/security/2018/dsa-4091
124: https://packages.debian.org/src:mysql-5.5
125: https://www.debian.org/security/2018/dsa-4092
126: https://packages.debian.org/src:awstats
127: https://www.debian.org/security/2018/dsa-4093
128: https://packages.debian.org/src:openocd
129: https://www.debian.org/security/2018/dsa-4094
130: https://packages.debian.org/src:smarty3
131: https://www.debian.org/security/2018/dsa-4096
132: https://packages.debian.org/src:firefox-esr
133: https://www.debian.org/security/2018/dsa-4097
134: https://packages.debian.org/src:poppler
135: https://www.debian.org/security/2018/dsa-4098
136: https://packages.debian.org/src:curl
137: https://www.debian.org/security/2018/dsa-4100
138: https://packages.debian.org/src:tiff
139: https://www.debian.org/security/2018/dsa-4101
140: https://packages.debian.org/src:wireshark
141: https://www.debian.org/security/2018/dsa-4102
142: https://packages.debian.org/src:thunderbird
143: https://www.debian.org/security/2018/dsa-4104
144: https://packages.debian.org/src:p7zip
145: https://www.debian.org/security/2018/dsa-4108
146: https://packages.debian.org/src:mailman
147: https://www.debian.org/security/2018/dsa-4109
148: https://packages.debian.org/src:ruby-omniauth
149: https://www.debian.org/security/2018/dsa-4110
150: https://packages.debian.org/src:exim4
151: https://www.debian.org/security/2018/dsa-4111
152: https://packages.debian.org/src:libreoffice
153: https://www.debian.org/security/2018/dsa-4114
154: https://packages.debian.org/src:jackson-databind
155: https://www.debian.org/security/2018/dsa-4115
156: https://packages.debian.org/src:quagga
157: https://www.debian.org/security/2018/dsa-4117
158: https://packages.debian.org/src:gcc-4.9
159: https://www.debian.org/security/2018/dsa-4118
160: https://packages.debian.org/src:tomcat-native
161: https://www.debian.org/security/2018/dsa-4119
162: https://packages.debian.org/src:libav
163: https://www.debian.org/security/2018/dsa-4122
164: https://packages.debian.org/src:squid3
165: https://www.debian.org/security/2018/dsa-4123
166: https://packages.debian.org/src:drupal7
167: https://www.debian.org/security/2018/dsa-4124
168: https://packages.debian.org/src:lucene-solr
169: https://www.debian.org/security/2018/dsa-4126
170: https://packages.debian.org/src:xmltooling
171: https://www.debian.org/security/2018/dsa-4127
172: https://packages.debian.org/src:simplesamlphp
173: https://www.debian.org/security/2018/dsa-4129
174: https://packages.debian.org/src:freexl
175: https://www.debian.org/security/2018/dsa-4130
176: https://packages.debian.org/src:dovecot
177: https://www.debian.org/security/2018/dsa-4132
178: https://packages.debian.org/src:libvpx
179: https://www.debian.org/security/2018/dsa-4133
180: https://packages.debian.org/src:isc-dhcp
181: https://www.debian.org/security/2018/dsa-4136
182: https://packages.debian.org/src:curl
183: https://www.debian.org/security/2018/dsa-4137
184: https://packages.debian.org/src:libvirt
185: https://www.debian.org/security/2018/dsa-4139
186: https://packages.debian.org/src:firefox-esr
187: https://www.debian.org/security/2018/dsa-4140
188: https://packages.debian.org/src:libvorbis
189: https://www.debian.org/security/2018/dsa-4141
190: https://packages.debian.org/src:libvorbisidec
191: https://www.debian.org/security/2018/dsa-4142
192: https://packages.debian.org/src:uwsgi
193: https://www.debian.org/security/2018/dsa-4143
194: https://packages.debian.org/src:firefox-esr
195: https://www.debian.org/security/2018/dsa-4146
196: https://packages.debian.org/src:plexus-utils
197: https://www.debian.org/security/2018/dsa-4147
198: https://packages.debian.org/src:polarssl
199: https://www.debian.org/security/2018/dsa-4148
200: https://packages.debian.org/src:kamailio
201: https://www.debian.org/security/2018/dsa-4149
202: https://packages.debian.org/src:plexus-utils2
203: https://www.debian.org/security/2018/dsa-4150
204: https://packages.debian.org/src:icu
205: https://www.debian.org/security/2018/dsa-4151
206: https://packages.debian.org/src:librelp
207: https://www.debian.org/security/2018/dsa-4152
208: https://packages.debian.org/src:mupdf
209: https://www.debian.org/security/2018/dsa-4153
210: https://packages.debian.org/src:firefox-esr
211: https://www.debian.org/security/2018/dsa-4154
212: https://packages.debian.org/src:net-snmp
213: https://www.debian.org/security/2018/dsa-4155
214: https://packages.debian.org/src:thunderbird
215: https://www.debian.org/security/2018/dsa-4156
216: https://packages.debian.org/src:drupal7
217: https://www.debian.org/security/2018/dsa-4157
218: https://packages.debian.org/src:openssl
219: https://www.debian.org/security/2018/dsa-4161
220: https://packages.debian.org/src:python-django
221: https://www.debian.org/security/2018/dsa-4163
222: https://packages.debian.org/src:beep
223: https://www.debian.org/security/2018/dsa-4164
224: https://packages.debian.org/src:apache2
225: https://www.debian.org/security/2018/dsa-4165
226: https://packages.debian.org/src:ldap-account-manager
227: https://www.debian.org/security/2018/dsa-4167
228: https://packages.debian.org/src:sharutils
229: https://www.debian.org/security/2018/dsa-4168
230: https://packages.debian.org/src:squirrelmail
231: https://www.debian.org/security/2018/dsa-4172
232: https://packages.debian.org/src:perl
233: https://www.debian.org/security/2018/dsa-4175
234: https://packages.debian.org/src:freeplane
235: https://www.debian.org/security/2018/dsa-4176
236: https://packages.debian.org/src:mysql-5.5
237: https://www.debian.org/security/2018/dsa-4177
238: https://packages.debian.org/src:libsdl2-image
239: https://www.debian.org/security/2018/dsa-4178
240: https://packages.debian.org/src:libreoffice
241: https://www.debian.org/security/2018/dsa-4179
242: https://packages.debian.org/src:linux-tools
243: https://www.debian.org/security/2018/dsa-4180
244: https://packages.debian.org/src:drupal7
245: https://www.debian.org/security/2018/dsa-4184
246: https://packages.debian.org/src:sdl-image1.2
247: https://www.debian.org/security/2018/dsa-4186
248: https://packages.debian.org/src:gunicorn
249: https://www.debian.org/security/2018/dsa-4187
250: https://packages.debian.org/src:linux-latest
251: https://www.debian.org/security/2018/dsa-4187
252: https://packages.debian.org/src:linux
253: https://www.debian.org/security/2018/dsa-4189
254: https://packages.debian.org/src:quassel
255: https://www.debian.org/security/2018/dsa-4190
256: https://packages.debian.org/src:jackson-databind
257: https://www.debian.org/security/2018/dsa-4192
258: https://packages.debian.org/src:libmad
259: https://www.debian.org/security/2018/dsa-4193
260: https://packages.debian.org/src:wordpress
261: https://www.debian.org/security/2018/dsa-4194
262: https://packages.debian.org/src:lucene-solr
263: https://www.debian.org/security/2018/dsa-4195
264: https://packages.debian.org/src:wget
265: https://www.debian.org/security/2018/dsa-4196
266: https://packages.debian.org/src:linux
267: https://www.debian.org/security/2018/dsa-4199
268: https://packages.debian.org/src:firefox-esr
269: https://www.debian.org/security/2018/dsa-4202
270: https://packages.debian.org/src:curl
271: https://www.debian.org/security/2018/dsa-4204
272: https://packages.debian.org/src:imagemagick
273: https://www.debian.org/security/2018/dsa-4208
274: https://packages.debian.org/src:procps
275: https://www.debian.org/security/2018/dsa-4209
276: https://packages.debian.org/src:thunderbird
277: https://www.debian.org/security/2018/dsa-4211
278: https://packages.debian.org/src:xdg-utils
279: https://www.debian.org/security/2018/dsa-4212
280: https://packages.debian.org/src:git
281: https://www.debian.org/security/2018/dsa-4214
282: https://packages.debian.org/src:zookeeper
283: https://www.debian.org/security/2018/dsa-4215
284: https://packages.debian.org/src:batik
285: https://www.debian.org/security/2018/dsa-4216
286: https://packages.debian.org/src:prosody
287: https://www.debian.org/security/2018/dsa-4217
288: https://packages.debian.org/src:wireshark
289: https://www.debian.org/security/2018/dsa-4218
290: https://packages.debian.org/src:memcached
291: https://www.debian.org/security/2018/dsa-4220
292: https://packages.debian.org/src:firefox-esr
293: https://www.debian.org/security/2018/dsa-4221
294: https://packages.debian.org/src:libvncserver
295: https://www.debian.org/security/2018/dsa-4222
296: https://packages.debian.org/src:gnupg2
297: https://www.debian.org/security/2018/dsa-4224
298: https://packages.debian.org/src:gnupg
299: https://www.debian.org/security/2018/dsa-4225
300: https://packages.debian.org/src:openjdk-7
301: https://www.debian.org/security/2018/dsa-4226
302: https://packages.debian.org/src:perl
303: https://www.debian.org/security/2018/dsa-4227
304: https://packages.debian.org/src:plexus-archiver
305: https://www.debian.org/security/2018/dsa-4228
306: https://packages.debian.org/src:spip
307: https://www.debian.org/security/2018/dsa-4229
308: https://packages.debian.org/src:strongswan
Removed packages
----------------
The following packages were removed due to circumstances beyond our
control:
+-------------------------------+-------------------------------------+
| Package | Reason |
+-------------------------------+-------------------------------------+
| dolibarr [309] | Too much work to maintain it |
| | properly in Debian |
| | |
| electrum [310] | No longer able to connect to the |
| | network |
| | |
| jirc [311] | Broken with jessie's libpoe-filter- |
| | xml-perl |
| | |
| nvidia-graphics-modules [312] | License problem; incompatible with |
| | current kernel ABI |
| | |
| openstreetmap-client [313] | Broken |
| | |
| redmine [314] | No longer security supported |
| | |
| redmine-plugin-pretend [315] | Depends on redmine |
| | |
| redmine-plugin- | Depends on redmine |
| recaptcha [316] | |
| | |
| redmine-recaptcha [317] | Depends on redmine |
| | |
| youtube-dl [318] | Incompatible YouTube API changes |
| | |
+-------------------------------+-------------------------------------+
309: https://packages.debian.org/src:dolibarr
310: https://packages.debian.org/src:electrum
311: https://packages.debian.org/src:jirc
312: https://packages.debian.org/src:nvidia-graphics-modules
313: https://packages.debian.org/src:openstreetmap-client
314: https://packages.debian.org/src:redmine
315: https://packages.debian.org/src:redmine-plugin-pretend
316: https://packages.debian.org/src:redmine-plugin-recaptcha
317: https://packages.debian.org/src:redmine-recaptcha
318: https://packages.debian.org/src:youtube-dl
Debian Installer
----------------
The installer has been updated to include the fixes incorporated into
oldstable by the point release.
URLs
----
The complete lists of packages that have changed with this revision:
http://ftp.debian.org/debian/dists/jessie/ChangeLog
The current oldstable distribution:
http://ftp.debian.org/debian/dists/oldstable/
Proposed updates to the oldstable distribution:
http://ftp.debian.org/debian/dists/oldstable-proposed-updates
oldstable distribution information (release notes, errata etc.):
https://www.debian.org/releases/oldstable/
Security announcements and information:
https://security.debian.org/ [319]
319: https://www.debian.org/security/
About Debian
------------
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.
Contact Information
-------------------
For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to <pr...@debian.org>, or contact the
stable release team at <debian-...@lists.debian.org>.
--
--
Donald Norwood
www.debian.org
0 new messages