[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Updated Debian 8: 8.6 released



------------------------------------------------------------------------
The Debian Project                               https://www.debian.org/
Updated Debian 8: 8.6 released                          press@debian.org
September 17th, 2016           https://www.debian.org/News/2016/20160917
------------------------------------------------------------------------


The Debian project is pleased to announce the sixth update of its stable
distribution Debian 8 (codename "jessie"). This update mainly adds
corrections for security problems to the stable release, along with a
few adjustments for serious problems. Security advisories were already
published separately and are referenced where available.

Please note that this update does not constitute a new version of Debian
8 but only updates some of the packages included. There is no need to
throw away old "jessie" CDs or DVDs but only to update via an up-to-date
Debian mirror after an installation, to cause any out of date packages
to be updated.

Those who frequently install updates from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.

New installation media and CD and DVD images containing updated packages
will be available soon at the regular locations.

Upgrading to this revision online is usually done by pointing the
aptitude (or apt) package tool (see the sources.list(5) manual page) to
one of Debian's many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:

https://www.debian.org/mirror/list



Miscellaneous Bug Fixes
-----------------------

This stable update adds a few important corrections to the following
packages:

+-------------------------+-------------------------------------------+
| Package                 | Reason                                    |
+-------------------------+-------------------------------------------+
| adblock-plus [1]        | New upstream release, compatible with     |
|                         | firefox-esr                               |
|                         |                                           |
| apache2 [2]             | Fix race condition and logical error in   |
|                         | init script; remove links to              |
|                         | manpages.debian.org in default            |
|                         | index.html; mod_socache_memcache:         |
|                         | Increase idle timeout to 15s to allow     |
|                         | keep-alive connections; mod_proxy_fcgi:   |
|                         | Fix wrong behaviour with 304 responses;   |
|                         | correct systemd-sysv-generator behaviour; |
|                         | mod_proxy_html: Add missing config file   |
|                         | mods-available/proxy_html.conf            |
|                         |                                           |
| audiofile [3]           | Fix buffer overflow when changing both    |
|                         | sample format and number of channels      |
|                         | [CVE-2015-7747]                           |
|                         |                                           |
| automake-1.14 [4]       | Avoid insecure use of /tmp/ in install-sh |
|                         |                                           |
| backintime [5]          | Add missing dependency on python-dbus     |
|                         |                                           |
| backuppc [6]            | Fix regressions from samba update to 4.2  |
|                         |                                           |
| base-files [7]          | Update for the point release              |
|                         |                                           |
| biber [8]               | Fix breakage triggered by point release   |
|                         | update of perl                            |
|                         |                                           |
| cacti [9]               | Fix sql injection in tree.php [CVE-2016-  |
|                         | 3172] and graph_view.php [CVE-2016-3659]; |
|                         | fix authentication bypass [CVE-2016-2313] |
|                         |                                           |
| ccache [10]             | Upstream bug-fix release                  |
|                         |                                           |
| clamav [11]             | Don't fail if AllowSupplementaryGroups is |
|                         | still set in the configuration file       |
|                         |                                           |
| cmake [12]              | Fix FindOpenSSL module to detect OpenSSL  |
|                         | 1.0.1t                                    |
|                         |                                           |
| conkeror [13]           | Support Firefox 44 and later              |
|                         |                                           |
| debian-edu-config [14]  | Move from Iceweasel to Firefox ESR;       |
|                         | adjust ldap-tools/ldap-debian-edu-install |
|                         | to be compliant with systemd now that     |
|                         | unit samba.service is masked; dhclient-   |
|                         | exit-hooks.d/hostname: adjust for the     |
|                         | case of a dedicated LTSP server; adjust   |
|                         | cf.krb5client to ensure that cfengine     |
|                         | runs are idempotent; move code to         |
|                         | cleanup /usr/share/pam-configs/krb5       |
|                         | diversion from postinst to preinst to     |
|                         | ease upgrades from old wheezy             |
|                         | installations; don't purge libnss-mdns as |
|                         | cups now needs mdns for automatic printer |
|                         | detection                                 |
|                         |                                           |
| debian-edu-doc [15]     | Update Debian Edu jessie and wheezy       |
|                         | manuals from the wiki                     |
|                         |                                           |
| debian-installer [16]   | Rebuild against proposed-updates          |
|                         |                                           |
| debian-installer-       | Rebuild for the point release             |
| netboot-images [17]     |                                           |
|                         |                                           |
| debian-security-        | Update included support data; add support |
| support [18]            | for marking packages as losing support at |
|                         | a future date                             |
|                         |                                           |
| dietlibc [19]           | Fix insecure default PATH                 |
|                         |                                           |
| dwarfutils [20]         | Security fixes [CVE-2015-8538 CVE-2015-   |
|                         | 8750 CVE-2016-2050 CVE-2016-2091          |
|                         | CVE-2016-5034 CVE-2016-5036 CVE-2016-5038 |
|                         | CVE-2016-5039 CVE-2016-5042]              |
|                         |                                           |
| e2fsprogs [21]          | Disable prompts for time skew which is    |
|                         | fudged in e2fsck; fix potential           |
|                         | corruption of Hurd file systems by        |
|                         | e2fsck, pointer bugs that could cause     |
|                         | crashes in e2fsck and resize2fs           |
|                         |                                           |
| exim4 [22]              | Fix cutthrough bug with body lines having |
|                         | a single dot; fix crash on  "exim -be '$  |
|                         | {if crypteq{xxx}{\$aaa}{yes}{no}}'" ;     |
|                         | improve NEWS file; backport missing       |
|                         | upstream patch to actually make           |
|                         | $initial_cwd expansion work               |
|                         |                                           |
| file [23]               | Fix buffer over-write in finfo_open with  |
|                         | malformed magic file [CVE-2015-8865]      |
|                         |                                           |
| firegestures [24]       | New upstream release, compatible with     |
|                         | firefox-esr                               |
|                         |                                           |
| flashplugin-            | Update-flashplugin-nonfree: Delete old    |
| nonfree [25]            | get-upstream-version.pl from cache        |
|                         |                                           |
| fusionforge [26]        | Remove dependency on Mediawiki plugin     |
|                         | from fusionforge-full metapackage         |
|                         |                                           |
| gdcm [27]               | Fix integer overflow [CVE-2015-8396] and  |
|                         | denial of service [CVE-2015-8397]         |
|                         |                                           |
| glibc [28]              | Fix assertion failure with unconnectable  |
|                         | name server addresses (regression         |
|                         | introduced by CVE-2015-7547 fix); fix     |
|                         | *context functions on s390x; fix a buffer |
|                         | overflow in the glob function [CVE-2016-  |
|                         | 1234], a stack overflow in                |
|                         | nss_dns_getnetbyname_r [CVE-2016-3075], a |
|                         | stack overflow in getaddrinfo function    |
|                         | [CVE-2016-3706], a stack overflow in Sun  |
|                         | RPC clntudp_call() [CVE-2016-4429];       |
|                         | update from upstream stable branch; fix   |
|                         | open and openat functions with O_TMPFILE; |
|                         | fix backtrace hang on armel/armhf,        |
|                         | possibly causing a minor denial of        |
|                         | service vulnerability [CVE-2016-6323];    |
|                         | fix mtr on systems using only IPv6        |
|                         | nameservers                               |
|                         |                                           |
| gnome-maps [29]         | New upstream release; use the Mapbox tile |
|                         | server, instead of the no longer          |
|                         | supported MapQuest server                 |
|                         |                                           |
| gnome-sudoku [30]       | Don't generate the same puzzle sequence   |
|                         | every time                                |
|                         |                                           |
| gnupg [31]              | gpgv: Tweak default options for extra     |
|                         | security; g10: Fix checking key for       |
|                         | signature validation                      |
|                         |                                           |
| gnupg2 [32]             | gpgv: Tweak default options for extra     |
|                         | security; g10: Fix checking key for       |
|                         | signature validation                      |
|                         |                                           |
| greasemonkey [33]       | New upstream release, compatible with     |
|                         | firefox-esr                               |
|                         |                                           |
| intel-microcode [34]    | New upstream release                      |
|                         |                                           |
| jakarta-jmeter [35]     | Really install the templates; fix an      |
|                         | error with libxstream-java >= 1.4.9 when  |
|                         | loading the templates                     |
|                         |                                           |
| javatools [36]          | Return correct architecture string for    |
|                         | ppc64el in java-arch.sh                   |
|                         |                                           |
| kamailio [37]           | Fix libssl version check                  |
|                         |                                           |
| libbusiness-creditcard- | Adjust to changes in credit card ranges   |
| perl [38]               | and processing of various companies       |
|                         |                                           |
| libcss-dom-perl [39]    | Work around Encode changes included in    |
|                         | perl and libencode-perl stable updates    |
|                         |                                           |
| libdatetime-timezone-   | Update included data to 2016e; new        |
| perl [40]               | upstream release                          |
|                         |                                           |
| libdevel-declare-       | Fix breakage caused by change in perl     |
| perl [41]               | stable update                             |
|                         |                                           |
| libnet-ssleay-perl [42] | Fix build failure with openssl            |
|                         | 1.0.1t-1+deb8u1                           |
|                         |                                           |
| libquota-perl [43]      | Adapt platform detection to work with     |
|                         | Linux 4.x                                 |
|                         |                                           |
| libtool [44]            | Fix multi-arch co-installability [amd64   |
|                         | i386]                                     |
|                         |                                           |
| libxml2 [45]            | Fix a problem unparsing URIs without a    |
|                         | host part like qemu:///system; this       |
|                         | unbreaks libvirt, libsys-virt-perl and    |
|                         | others                                    |
|                         |                                           |
| linux [46]              | New upstream stable release               |
|                         |                                           |
| lxc [47]                | Make sure stretch/sid containers have an  |
|                         | init system, after init 1.34 dropped the  |
|                         | 'Essential: yes' header                   |
|                         |                                           |
| mariadb-10.0 [48]       | New upstream release, including security  |
|                         | fix [CVE-2016-6662]                       |
|                         |                                           |
| mozilla-noscript [49]   | New upstream release, compatible with     |
|                         | firefox-esr                               |
|                         |                                           |
| nullmailer [50]         | Do not keep relayhost data in debconf     |
|                         | database longer than strictly needed      |
|                         |                                           |
| open-iscsi [51]         | Init script: wait a bit after iSCSI       |
|                         | devices have appeared, working around a   |
|                         | race condition in which dependent devices |
|                         | can appear only after the initial udev    |
|                         | settle has returned; open-iscsi-udeb:     |
|                         | update initramfs after copying            |
|                         | configuration to target system            |
|                         |                                           |
| openssl [52]            | Fix length check for CRLs; enable asm     |
|                         | optimisation for s390x                    |
|                         |                                           |
| ovirt-guest-agent [53]  | Install ovirt-guest-agent.py executable;  |
|                         | change owner of log directory to          |
|                         | ovirtagent in postinst                    |
|                         |                                           |
| piuparts [54]           | Fix build failure (don't test the current |
|                         | Debian release status, tracking that is   |
|                         | distro-info-data's problem)               |
|                         |                                           |
| policykit-1 [55]        | Several bug-fixes: fix heap corruption    |
|                         | [CVE-2015-3255], local authenticated      |
|                         | denial of service [CVE-2015-4625] and     |
|                         | issue with invalid object paths in        |
|                         | RegisterAuthenticationAgent [CVE-2015-    |
|                         | 3218]                                     |
|                         |                                           |
| publicsuffix [56]       | New upstream release                      |
|                         |                                           |
| pypdf2 [57]             | Fix infinite loop in readObject()         |
|                         | function                                  |
|                         |                                           |
| python-django [58]      | Bug-fix update to 1.7.11                  |
|                         |                                           |
| python2.7 [59]          | Address StartTLS stripping attack in      |
|                         | smtplib [CVE-2016-0772], integer overflow |
|                         | in zipimporter [CVE-2016-5636], HTTP      |
|                         | header injection [CVE-2016-5699]          |
|                         |                                           |
| quassel [60]            | Fix remote DoS in quassel core with       |
|                         | invalid handshake data [CVE-2016-4414]    |
|                         |                                           |
| ruby-eventmachine [61]  | Fix remotely triggerable crash due to FD  |
|                         | handling                                  |
|                         |                                           |
| ruby2.1 [62]            | dl::dlopen should not open a library with |
|                         | tainted library name in safe mode         |
|                         | [CVE-2009-5147]; Fiddle handles should    |
|                         | not call functions with tainted function  |
|                         | names [CVE-2015-7551]                     |
|                         |                                           |
| sendmail [63]           | Do not abort with an assertion if the     |
|                         | connection to an LDAP server is lost;     |
|                         | ensure sendmail {client_port} is set      |
|                         | correctly on little endian machines       |
|                         |                                           |
| sqlite3 [64]            | Fix tempdir selection vulnerability       |
|                         | [CVE-2016-6153], segfault following heavy |
|                         | SAVEPOINT usage                           |
|                         |                                           |
| systemd [65]            | Use the right timeout for stop processes  |
|                         | we fork; don't reset log level to NOTICE  |
|                         | if we get quiet on the kernel cmdline;    |
|                         | fix prepare priority queue comparison     |
|                         | function in sd-event; update links to     |
|                         | kernel.org cgroup documentation; don't    |
|                         | start console-getty.service when /dev/    |
|                         | console is missing; order systemd-user-   |
|                         | sessions.service after nss-user-          |
|                         | lookup.target and network.target          |
|                         |                                           |
| tabmixplus [66]         | New upstream release, compatible with     |
|                         | firefox-esr                               |
|                         |                                           |
| tcpreplay [67]          | Handle frames of 65535 octets size, add a |
|                         | size check [CVE-2016-6160]                |
|                         |                                           |
| tor [68]                | Update the set of authority directory     |
|                         | servers                                   |
|                         |                                           |
| tzdata [69]             | New upstream release; update to 2016e     |
|                         |                                           |
| unbound [70]            | Init script fixes: add  "pidfile"  magic  |
|                         | comment; call start-stop-daemon with --   |
|                         | retry for 'stop' action                   |
|                         |                                           |
| util-vserver [71]       | Rebuild against dietlibc                  |
|                         | 0.33~cvs20120325-6+deb8u1, fixing         |
|                         | insecure default PATH                     |
|                         |                                           |
| vorbis-tools [72]       | Fix large alloca on bad AIFF input to     |
|                         | oggenc [CVE-2015-6749], Validate count of |
|                         | channels in the header [CVE-2014-9638     |
|                         | CVE-2014-9639], fix segmentation fault in |
|                         | vcut                                      |
|                         |                                           |
| vtk [73]                | Rebuild to fix Java paths [ppc64el]       |
|                         |                                           |
| wget [74]               | By default, on server redirects to a FTP  |
|                         | resource, use the original URL to get the |
|                         | local file name [CVE-2016-4971]           |
|                         |                                           |
| wpa [75]                | Security updates relating to invalid      |
|                         | characters [CVE-2016-4476, CVE-2016-4477] |
|                         |                                           |
| yaws [76]               | Fix HTTP_PROXY cgi env injection          |
|                         | [CVE-2016-1000108]                        |
|                         |                                           |
| zabbix [77]             | Fix mysql.size shell command injection in |
|                         | zabbix-agent [CVE-2016-4338]              |
|                         |                                           |
+-------------------------+-------------------------------------------+

    1: https://packages.debian.org/src:adblock-plus
    2: https://packages.debian.org/src:apache2
    3: https://packages.debian.org/src:audiofile
    4: https://packages.debian.org/src:automake-1.14
    5: https://packages.debian.org/src:backintime
    6: https://packages.debian.org/src:backuppc
    7: https://packages.debian.org/src:base-files
    8: https://packages.debian.org/src:biber
    9: https://packages.debian.org/src:cacti
   10: https://packages.debian.org/src:ccache
   11: https://packages.debian.org/src:clamav
   12: https://packages.debian.org/src:cmake
   13: https://packages.debian.org/src:conkeror
   14: https://packages.debian.org/src:debian-edu-config
   15: https://packages.debian.org/src:debian-edu-doc
   16: https://packages.debian.org/src:debian-installer
   17: https://packages.debian.org/src:debian-installer-netboot-images
   18: https://packages.debian.org/src:debian-security-support
   19: https://packages.debian.org/src:dietlibc
   20: https://packages.debian.org/src:dwarfutils
   21: https://packages.debian.org/src:e2fsprogs
   22: https://packages.debian.org/src:exim4
   23: https://packages.debian.org/src:file
   24: https://packages.debian.org/src:firegestures
   25: https://packages.debian.org/src:flashplugin-nonfree
   26: https://packages.debian.org/src:fusionforge
   27: https://packages.debian.org/src:gdcm
   28: https://packages.debian.org/src:glibc
   29: https://packages.debian.org/src:gnome-maps
   30: https://packages.debian.org/src:gnome-sudoku
   31: https://packages.debian.org/src:gnupg
   32: https://packages.debian.org/src:gnupg2
   33: https://packages.debian.org/src:greasemonkey
   34: https://packages.debian.org/src:intel-microcode
   35: https://packages.debian.org/src:jakarta-jmeter
   36: https://packages.debian.org/src:javatools
   37: https://packages.debian.org/src:kamailio
   38: https://packages.debian.org/src:libbusiness-creditcard-perl
   39: https://packages.debian.org/src:libcss-dom-perl
   40: https://packages.debian.org/src:libdatetime-timezone-perl
   41: https://packages.debian.org/src:libdevel-declare-perl
   42: https://packages.debian.org/src:libnet-ssleay-perl
   43: https://packages.debian.org/src:libquota-perl
   44: https://packages.debian.org/src:libtool
   45: https://packages.debian.org/src:libxml2
   46: https://packages.debian.org/src:linux
   47: https://packages.debian.org/src:lxc
   48: https://packages.debian.org/src:mariadb-10.0
   49: https://packages.debian.org/src:mozilla-noscript
   50: https://packages.debian.org/src:nullmailer
   51: https://packages.debian.org/src:open-iscsi
   52: https://packages.debian.org/src:openssl
   53: https://packages.debian.org/src:ovirt-guest-agent
   54: https://packages.debian.org/src:piuparts
   55: https://packages.debian.org/src:policykit-1
   56: https://packages.debian.org/src:publicsuffix
   57: https://packages.debian.org/src:pypdf2
   58: https://packages.debian.org/src:python-django
   59: https://packages.debian.org/src:python2.7
   60: https://packages.debian.org/src:quassel
   61: https://packages.debian.org/src:ruby-eventmachine
   62: https://packages.debian.org/src:ruby2.1
   63: https://packages.debian.org/src:sendmail
   64: https://packages.debian.org/src:sqlite3
   65: https://packages.debian.org/src:systemd
   66: https://packages.debian.org/src:tabmixplus
   67: https://packages.debian.org/src:tcpreplay
   68: https://packages.debian.org/src:tor
   69: https://packages.debian.org/src:tzdata
   70: https://packages.debian.org/src:unbound
   71: https://packages.debian.org/src:util-vserver
   72: https://packages.debian.org/src:vorbis-tools
   73: https://packages.debian.org/src:vtk
   74: https://packages.debian.org/src:wget
   75: https://packages.debian.org/src:wpa
   76: https://packages.debian.org/src:yaws
   77: https://packages.debian.org/src:zabbix

The "mariadb-10.0" package failed to build on the powerpc architecture,
but has been included in the point release to allow quicker release of
the fix for CVE-2016-6662, which had not been disclosed at the time of
the upload. If a fix for the build failure becomes available before the
next mariadb-10.0 DSA, an updated package may be released via "jessie-
updates".


Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

+----------------+----------------------------------+
| Advisory ID    | Package                          |
+----------------+----------------------------------+
| DSA-3548 [78]  | samba [79]                       |
|                |                                  |
| DSA-3548 [80]  | talloc [81]                      |
|                |                                  |
| DSA-3548 [82]  | tdb [83]                         |
|                |                                  |
| DSA-3548 [84]  | tevent [85]                      |
|                |                                  |
| DSA-3548 [86]  | ldb [87]                         |
|                |                                  |
| DSA-3565 [88]  | monotone [89]                    |
|                |                                  |
| DSA-3588 [90]  | symfony [91]                     |
|                |                                  |
| DSA-3589 [92]  | gdk-pixbuf [93]                  |
|                |                                  |
| DSA-3590 [94]  | chromium-browser [95]            |
|                |                                  |
| DSA-3591 [96]  | imagemagick [97]                 |
|                |                                  |
| DSA-3592 [98]  | nginx [99]                       |
|                |                                  |
| DSA-3593 [100] | libxml2 [101]                    |
|                |                                  |
| DSA-3594 [102] | chromium-browser [103]           |
|                |                                  |
| DSA-3595 [104] | mariadb-10.0 [105]               |
|                |                                  |
| DSA-3596 [106] | spice [107]                      |
|                |                                  |
| DSA-3597 [108] | expat [109]                      |
|                |                                  |
| DSA-3598 [110] | vlc [111]                        |
|                |                                  |
| DSA-3599 [112] | p7zip [113]                      |
|                |                                  |
| DSA-3600 [114] | firefox-esr [115]                |
|                |                                  |
| DSA-3602 [116] | php5 [117]                       |
|                |                                  |
| DSA-3603 [118] | libav [119]                      |
|                |                                  |
| DSA-3604 [120] | drupal7 [121]                    |
|                |                                  |
| DSA-3605 [122] | libxslt [123]                    |
|                |                                  |
| DSA-3606 [124] | libpdfbox-java [125]             |
|                |                                  |
| DSA-3607 [126] | linux [127]                      |
|                |                                  |
| DSA-3608 [128] | libreoffice [129]                |
|                |                                  |
| DSA-3609 [130] | tomcat8 [131]                    |
|                |                                  |
| DSA-3610 [132] | xerces-c [133]                   |
|                |                                  |
| DSA-3611 [134] | libcommons-fileupload-java [135] |
|                |                                  |
| DSA-3612 [136] | gimp [137]                       |
|                |                                  |
| DSA-3613 [138] | libvirt [139]                    |
|                |                                  |
| DSA-3614 [140] | tomcat7 [141]                    |
|                |                                  |
| DSA-3615 [142] | wireshark [143]                  |
|                |                                  |
| DSA-3616 [144] | linux [145]                      |
|                |                                  |
| DSA-3617 [146] | horizon [147]                    |
|                |                                  |
| DSA-3618 [148] | php5 [149]                       |
|                |                                  |
| DSA-3619 [150] | libgd2 [151]                     |
|                |                                  |
| DSA-3620 [152] | pidgin [153]                     |
|                |                                  |
| DSA-3621 [154] | mysql-connector-java [155]       |
|                |                                  |
| DSA-3622 [156] | python-django [157]              |
|                |                                  |
| DSA-3623 [158] | apache2 [159]                    |
|                |                                  |
| DSA-3624 [160] | mysql-5.5 [161]                  |
|                |                                  |
| DSA-3625 [162] | squid3 [163]                     |
|                |                                  |
| DSA-3626 [164] | openssh [165]                    |
|                |                                  |
| DSA-3627 [166] | phpmyadmin [167]                 |
|                |                                  |
| DSA-3628 [168] | libunicode-linebreak-perl [169]  |
|                |                                  |
| DSA-3628 [170] | debhelper [171]                  |
|                |                                  |
| DSA-3628 [172] | libmime-encwords-perl [173]      |
|                |                                  |
| DSA-3628 [174] | perl [175]                       |
|                |                                  |
| DSA-3628 [176] | libsys-syslog-perl [177]         |
|                |                                  |
| DSA-3628 [178] | libmodule-build-perl [179]       |
|                |                                  |
| DSA-3628 [180] | libnet-dns-perl [181]            |
|                |                                  |
| DSA-3628 [182] | libintl-perl [183]               |
|                |                                  |
| DSA-3628 [184] | cdbs [185]                       |
|                |                                  |
| DSA-3628 [186] | libmime-charset-perl [187]       |
|                |                                  |
| DSA-3628 [188] | devscripts [189]                 |
|                |                                  |
| DSA-3628 [190] | exim4 [191]                      |
|                |                                  |
| DSA-3629 [192] | ntp [193]                        |
|                |                                  |
| DSA-3630 [194] | libgd2 [195]                     |
|                |                                  |
| DSA-3631 [196] | php5 [197]                       |
|                |                                  |
| DSA-3632 [198] | mariadb-10.0 [199]               |
|                |                                  |
| DSA-3633 [200] | xen [201]                        |
|                |                                  |
| DSA-3634 [202] | redis [203]                      |
|                |                                  |
| DSA-3635 [204] | libdbd-mysql-perl [205]          |
|                |                                  |
| DSA-3637 [206] | chromium-browser [207]           |
|                |                                  |
| DSA-3638 [208] | curl [209]                       |
|                |                                  |
| DSA-3639 [210] | wordpress [211]                  |
|                |                                  |
| DSA-3640 [212] | firefox-esr [213]                |
|                |                                  |
| DSA-3641 [214] | openjdk-7 [215]                  |
|                |                                  |
| DSA-3642 [216] | lighttpd [217]                   |
|                |                                  |
| DSA-3643 [218] | kde4libs [219]                   |
|                |                                  |
| DSA-3644 [220] | fontconfig [221]                 |
|                |                                  |
| DSA-3645 [222] | chromium-browser [223]           |
|                |                                  |
| DSA-3646 [224] | postgresql-9.4 [225]             |
|                |                                  |
| DSA-3647 [226] | icedove [227]                    |
|                |                                  |
| DSA-3648 [228] | wireshark [229]                  |
|                |                                  |
| DSA-3649 [230] | gnupg [231]                      |
|                |                                  |
| DSA-3650 [232] | libgcrypt20 [233]                |
|                |                                  |
| DSA-3651 [234] | rails [235]                      |
|                |                                  |
| DSA-3652 [236] | imagemagick [237]                |
|                |                                  |
| DSA-3653 [238] | flex [239]                       |
|                |                                  |
| DSA-3653 [240] | bogofilter [241]                 |
|                |                                  |
| DSA-3654 [242] | quagga [243]                     |
|                |                                  |
| DSA-3655 [244] | mupdf [245]                      |
|                |                                  |
| DSA-3656 [246] | tryton-server [247]              |
|                |                                  |
| DSA-3657 [248] | libarchive [249]                 |
|                |                                  |
| DSA-3658 [250] | libidn [251]                     |
|                |                                  |
| DSA-3659 [252] | linux [253]                      |
|                |                                  |
| DSA-3660 [254] | chromium-browser [255]           |
|                |                                  |
| DSA-3661 [256] | charybdis [257]                  |
|                |                                  |
| DSA-3662 [258] | inspircd [259]                   |
|                |                                  |
| DSA-3663 [260] | xen [261]                        |
|                |                                  |
| DSA-3664 [262] | pdns [263]                       |
|                |                                  |
+----------------+----------------------------------+

   78: https://www.debian.org/security/2016/dsa-3548
   79: https://packages.debian.org/src:samba
   80: https://www.debian.org/security/2016/dsa-3548
   81: https://packages.debian.org/src:talloc
   82: https://www.debian.org/security/2016/dsa-3548
   83: https://packages.debian.org/src:tdb
   84: https://www.debian.org/security/2016/dsa-3548
   85: https://packages.debian.org/src:tevent
   86: https://www.debian.org/security/2016/dsa-3548
   87: https://packages.debian.org/src:ldb
   88: https://www.debian.org/security/2016/dsa-3565
   89: https://packages.debian.org/src:monotone
   90: https://www.debian.org/security/2016/dsa-3588
   91: https://packages.debian.org/src:symfony
   92: https://www.debian.org/security/2016/dsa-3589
   93: https://packages.debian.org/src:gdk-pixbuf
   94: https://www.debian.org/security/2016/dsa-3590
   95: https://packages.debian.org/src:chromium-browser
   96: https://www.debian.org/security/2016/dsa-3591
   97: https://packages.debian.org/src:imagemagick
   98: https://www.debian.org/security/2016/dsa-3592
   99: https://packages.debian.org/src:nginx
  100: https://www.debian.org/security/2016/dsa-3593
  101: https://packages.debian.org/src:libxml2
  102: https://www.debian.org/security/2016/dsa-3594
  103: https://packages.debian.org/src:chromium-browser
  104: https://www.debian.org/security/2016/dsa-3595
  105: https://packages.debian.org/src:mariadb-10.0
  106: https://www.debian.org/security/2016/dsa-3596
  107: https://packages.debian.org/src:spice
  108: https://www.debian.org/security/2016/dsa-3597
  109: https://packages.debian.org/src:expat
  110: https://www.debian.org/security/2016/dsa-3598
  111: https://packages.debian.org/src:vlc
  112: https://www.debian.org/security/2016/dsa-3599
  113: https://packages.debian.org/src:p7zip
  114: https://www.debian.org/security/2016/dsa-3600
  115: https://packages.debian.org/src:firefox-esr
  116: https://www.debian.org/security/2016/dsa-3602
  117: https://packages.debian.org/src:php5
  118: https://www.debian.org/security/2016/dsa-3603
  119: https://packages.debian.org/src:libav
  120: https://www.debian.org/security/2016/dsa-3604
  121: https://packages.debian.org/src:drupal7
  122: https://www.debian.org/security/2016/dsa-3605
  123: https://packages.debian.org/src:libxslt
  124: https://www.debian.org/security/2016/dsa-3606
  125: https://packages.debian.org/src:libpdfbox-java
  126: https://www.debian.org/security/2016/dsa-3607
  127: https://packages.debian.org/src:linux
  128: https://www.debian.org/security/2016/dsa-3608
  129: https://packages.debian.org/src:libreoffice
  130: https://www.debian.org/security/2016/dsa-3609
  131: https://packages.debian.org/src:tomcat8
  132: https://www.debian.org/security/2016/dsa-3610
  133: https://packages.debian.org/src:xerces-c
  134: https://www.debian.org/security/2016/dsa-3611
  135: https://packages.debian.org/src:libcommons-fileupload-java
  136: https://www.debian.org/security/2016/dsa-3612
  137: https://packages.debian.org/src:gimp
  138: https://www.debian.org/security/2016/dsa-3613
  139: https://packages.debian.org/src:libvirt
  140: https://www.debian.org/security/2016/dsa-3614
  141: https://packages.debian.org/src:tomcat7
  142: https://www.debian.org/security/2016/dsa-3615
  143: https://packages.debian.org/src:wireshark
  144: https://www.debian.org/security/2016/dsa-3616
  145: https://packages.debian.org/src:linux
  146: https://www.debian.org/security/2016/dsa-3617
  147: https://packages.debian.org/src:horizon
  148: https://www.debian.org/security/2016/dsa-3618
  149: https://packages.debian.org/src:php5
  150: https://www.debian.org/security/2016/dsa-3619
  151: https://packages.debian.org/src:libgd2
  152: https://www.debian.org/security/2016/dsa-3620
  153: https://packages.debian.org/src:pidgin
  154: https://www.debian.org/security/2016/dsa-3621
  155: https://packages.debian.org/src:mysql-connector-java
  156: https://www.debian.org/security/2016/dsa-3622
  157: https://packages.debian.org/src:python-django
  158: https://www.debian.org/security/2016/dsa-3623
  159: https://packages.debian.org/src:apache2
  160: https://www.debian.org/security/2016/dsa-3624
  161: https://packages.debian.org/src:mysql-5.5
  162: https://www.debian.org/security/2016/dsa-3625
  163: https://packages.debian.org/src:squid3
  164: https://www.debian.org/security/2016/dsa-3626
  165: https://packages.debian.org/src:openssh
  166: https://www.debian.org/security/2016/dsa-3627
  167: https://packages.debian.org/src:phpmyadmin
  168: https://www.debian.org/security/2016/dsa-3628
  169: https://packages.debian.org/src:libunicode-linebreak-perl
  170: https://www.debian.org/security/2016/dsa-3628
  171: https://packages.debian.org/src:debhelper
  172: https://www.debian.org/security/2016/dsa-3628
  173: https://packages.debian.org/src:libmime-encwords-perl
  174: https://www.debian.org/security/2016/dsa-3628
  175: https://packages.debian.org/src:perl
  176: https://www.debian.org/security/2016/dsa-3628
  177: https://packages.debian.org/src:libsys-syslog-perl
  178: https://www.debian.org/security/2016/dsa-3628
  179: https://packages.debian.org/src:libmodule-build-perl
  180: https://www.debian.org/security/2016/dsa-3628
  181: https://packages.debian.org/src:libnet-dns-perl
  182: https://www.debian.org/security/2016/dsa-3628
  183: https://packages.debian.org/src:libintl-perl
  184: https://www.debian.org/security/2016/dsa-3628
  185: https://packages.debian.org/src:cdbs
  186: https://www.debian.org/security/2016/dsa-3628
  187: https://packages.debian.org/src:libmime-charset-perl
  188: https://www.debian.org/security/2016/dsa-3628
  189: https://packages.debian.org/src:devscripts
  190: https://www.debian.org/security/2016/dsa-3628
  191: https://packages.debian.org/src:exim4
  192: https://www.debian.org/security/2016/dsa-3629
  193: https://packages.debian.org/src:ntp
  194: https://www.debian.org/security/2016/dsa-3630
  195: https://packages.debian.org/src:libgd2
  196: https://www.debian.org/security/2016/dsa-3631
  197: https://packages.debian.org/src:php5
  198: https://www.debian.org/security/2016/dsa-3632
  199: https://packages.debian.org/src:mariadb-10.0
  200: https://www.debian.org/security/2016/dsa-3633
  201: https://packages.debian.org/src:xen
  202: https://www.debian.org/security/2016/dsa-3634
  203: https://packages.debian.org/src:redis
  204: https://www.debian.org/security/2016/dsa-3635
  205: https://packages.debian.org/src:libdbd-mysql-perl
  206: https://www.debian.org/security/2016/dsa-3637
  207: https://packages.debian.org/src:chromium-browser
  208: https://www.debian.org/security/2016/dsa-3638
  209: https://packages.debian.org/src:curl
  210: https://www.debian.org/security/2016/dsa-3639
  211: https://packages.debian.org/src:wordpress
  212: https://www.debian.org/security/2016/dsa-3640
  213: https://packages.debian.org/src:firefox-esr
  214: https://www.debian.org/security/2016/dsa-3641
  215: https://packages.debian.org/src:openjdk-7
  216: https://www.debian.org/security/2016/dsa-3642
  217: https://packages.debian.org/src:lighttpd
  218: https://www.debian.org/security/2016/dsa-3643
  219: https://packages.debian.org/src:kde4libs
  220: https://www.debian.org/security/2016/dsa-3644
  221: https://packages.debian.org/src:fontconfig
  222: https://www.debian.org/security/2016/dsa-3645
  223: https://packages.debian.org/src:chromium-browser
  224: https://www.debian.org/security/2016/dsa-3646
  225: https://packages.debian.org/src:postgresql-9.4
  226: https://www.debian.org/security/2016/dsa-3647
  227: https://packages.debian.org/src:icedove
  228: https://www.debian.org/security/2016/dsa-3648
  229: https://packages.debian.org/src:wireshark
  230: https://www.debian.org/security/2016/dsa-3649
  231: https://packages.debian.org/src:gnupg
  232: https://www.debian.org/security/2016/dsa-3650
  233: https://packages.debian.org/src:libgcrypt20
  234: https://www.debian.org/security/2016/dsa-3651
  235: https://packages.debian.org/src:rails
  236: https://www.debian.org/security/2016/dsa-3652
  237: https://packages.debian.org/src:imagemagick
  238: https://www.debian.org/security/2016/dsa-3653
  239: https://packages.debian.org/src:flex
  240: https://www.debian.org/security/2016/dsa-3653
  241: https://packages.debian.org/src:bogofilter
  242: https://www.debian.org/security/2016/dsa-3654
  243: https://packages.debian.org/src:quagga
  244: https://www.debian.org/security/2016/dsa-3655
  245: https://packages.debian.org/src:mupdf
  246: https://www.debian.org/security/2016/dsa-3656
  247: https://packages.debian.org/src:tryton-server
  248: https://www.debian.org/security/2016/dsa-3657
  249: https://packages.debian.org/src:libarchive
  250: https://www.debian.org/security/2016/dsa-3658
  251: https://packages.debian.org/src:libidn
  252: https://www.debian.org/security/2016/dsa-3659
  253: https://packages.debian.org/src:linux
  254: https://www.debian.org/security/2016/dsa-3660
  255: https://packages.debian.org/src:chromium-browser
  256: https://www.debian.org/security/2016/dsa-3661
  257: https://packages.debian.org/src:charybdis
  258: https://www.debian.org/security/2016/dsa-3662
  259: https://packages.debian.org/src:inspircd
  260: https://www.debian.org/security/2016/dsa-3663
  261: https://packages.debian.org/src:xen
  262: https://www.debian.org/security/2016/dsa-3664
  263: https://packages.debian.org/src:pdns

Removed packages
----------------

The following packages were removed due to circumstances beyond our
control:

+-------------+-----------------------------------+
| Package     | Reason                            |
+-------------+-----------------------------------+
| minit [264] | Unmaintained and outdated         |
|             |                                   |
| trn [265]   | Security issues; replaced by trn4 |
|             |                                   |
+-------------+-----------------------------------+

  264: https://packages.debian.org/src:minit
  265: https://packages.debian.org/src:trn

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into
stable by the point release.


URLs
----

The complete lists of packages that have changed with this revision:

http://ftp.debian.org/debian/dists/jessie/ChangeLog


The current stable distribution:

http://ftp.debian.org/debian/dists/stable/


Proposed updates to the stable distribution:

http://ftp.debian.org/debian/dists/proposed-updates


stable distribution information (release notes, errata etc.):

https://www.debian.org/releases/stable/


Security announcements and information:

https://security.debian.org/ [266]

  266: https://www.debian.org/security/


About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.


Contact Information
-------------------

For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to <press@debian.org>, or contact the
stable release team at <debian-release@lists.debian.org>.


Attachment: pgpzlndugjGP3.pgp
Description: Firma digital OpenPGP


Reply to: