------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 8: 8.8 released press@debian.org May 6th, 2017 https://www.debian.org/News/2017/20170506 ------------------------------------------------------------------------ The Debian project is pleased to announce the eighth update of its stable distribution Debian 8 (codename "jessie"). This update mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems. Security advisories were already published separately and are referenced where available. Please note that this update does not constitute a new version of Debian 8 but only updates some of the packages included. There is no need to throw away old "jessie" CDs or DVDs but only to update via an up-to-date Debian mirror after an installation, to cause any out of date packages to be updated. Those who frequently install updates from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update. New installation media and CD and DVD images containing updated packages will be available soon at the regular locations. Upgrading to this revision online is usually done by pointing the aptitude (or apt) package tool (see the sources.list(5) manual page) to one of Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list Miscellaneous Bugfixes ---------------------- This stable update adds a few important corrections to the following packages: +-------------------------+-------------------------------------------+ | Package | Reason | +-------------------------+-------------------------------------------+ | activemq [1] | Fix DoS in activemq-core via shutdown | | | command [CVE-2015-7559] | | | | | apf-firewall [2] | Add compatibility with kernels >= 3.X | | | | | apt-xapian-index [3] | Remove call to update-python-modules | | | | | base-files [4] | Update for the point release | | | | | binutils [5] | Apply patch from upstream to fix gold on | | | arm64 | | | | | ca-certificates [6] | Update-ca-certificates: update local | | | certificates directory when calling -- | | | fresh; support running without hooks | | | | | commons-daemon [7] | Fix ppc64el support | | | | | crafty [8] | Do not generate CPU specific code | | | | | debian-edu-doc [9] | Update translations | | | | | debian-installer [10] | Rebuild for the point release | | | | | debian-installer- | Rebuild for the point release | | netboot-images [11] | | | | | | dropbear [12] | Fix command restriction bypass in | | | authorized_keys [CVE-2016-3116], format | | | string injection [CVE-2016-7406] and | | | arbitrary code execution issues | | | [CVE-2016-7407 CVE-2016-7408] | | | | | erlang [13] | Fix heap overflow vulnerability in | | | regular expression parsing [CVE-2016- | | | 10253] | | | | | glibc [14] | Fix PowerPC sqrt inaccuracy | | | | | gnome-media [15] | Add missing Breaks: gnome-media-common, | | | libgnome-media-dev, libgnome-media0 to | | | match Replaces | | | | | gnome-screenshot [16] | Use dash for time format separator | | | | | gnome-settings- | Use dash for time format separator | | daemon [17] | | | | | | gnutls28 [18] | Fix truncation issue in PKCS#12 password | | | encoding; fix double free in certificate | | | information printing [CVE-2017-5334]; fix | | | memory leak in server side error path; | | | fix memory leaks and an infinite loop in | | | OpenPGP certificate parsing [CVE-2017- | | | 5335 CVE-2017-5336 CVE-2017-5337]; fix | | | integer overflow in OpenPGP certificate | | | parsing [CVE-2017-7869]; fix read past | | | the end of buffer in OpenPGP certificate | | | parsing; fix crashes in OpenPGP | | | certificate parsing, related to private | | | key parsing [GNUTLS-SA-2017-3B]; fix | | | possible OOM in OpenPGP certificate | | | parsing [GNUTLS-SA-2017-3C] | | | | | groovy [19] | Fix remote code execution vulnerability | | | via crafted serialized object [CVE-2016- | | | 6814] | | | | | groovy2 [20] | Fix remote code execution vulnerability | | | via crafted serialized object [CVE-2016- | | | 6814] | | | | | guile-2.0 [21] | Fix REPL server vulnerability [CVE-2016- | | | 8606], mkdir umask-related vulnerability | | | [CVE-2016-8605] | | | | | initramfs-tools [22] | Include drivers for all keyboards when | | | MODULES=dep; include most USB host | | | drivers and all bus driver modules; | | | remove code that prunes 'broken' symlinks | | | and sometimes /etc/mtab; add all I2C bus | | | and mux drivers when MODULES=most; stop | | | force-loading drivers found through sysfs | | | when MODULES=dep | | | | | installation-guide [23] | Fix instructions for creating | | | syslinux.cfg to work with syslinux 5 | | | | | irqbalance [24] | Only warn once for affinity hint subset | | | empty irqs | | | | | kup [25] | Backport changes needed to work with | | | kernel.org in future | | | | | libdatetime-timezone- | Update included data to 2017b | | perl [26] | | | | | | libindicate [27] | libindicate-gtk3-dev: depend on | | | libindicate-gtk3-3 instead of | | | libindicate-gtk3 | | | | | libmateweather [28] | Rename Rangoon timezone to Yangon (follow | | | tzdata 2016g change) | | | | | libvirt [29] | Improve qemu v2.6+ compatibility | | | | | libvorbisidec [30] | Add libogg-dev dependency to | | | libvorbisidec-dev | | | | | libxslt [31] | Check for integer overflow in | | | xsltAddTextString [CVE-2017-5029] | | | | | linux [32] | Update to new stable release 3.16.43; mm/ | | | huge_memory.c: fix up "mm/huge_memory.c: | | | respect FOLL_FORCE/FOLL_COW for thp" | | | backort | | | | | logback [33] | Don't deserialize data from untrusted | | | sockets [CVE-2017-5929] | | | | | lxc [34] | Ensure target netns is caller-owned | | | [CVE-2017-5985] | | | | | minicom [35] | Fix out of bounds write in vt100.c | | | [CVE-2017-7467] | | | | | modsecurity-crs [36] | Fix typo in | | | modsecurity_crs_16_session_hijacking.conf | | | | | mongodb [37] | Fix permissions on .dbshell [CVE-2016- | | | 6494]; redact key and nonce from auth | | | attempt logs | | | | | ndisc6 [38] | Use upstream default merge hook when | | | resolvconf is not available | | | | | ndoutils [39] | Postrm purge: Check for ucf before | | | calling it | | | | | nvidia-graphics- | New upstream version (340.102) containing | | drivers [40] | security fixes [CVE-2017-0309 CVE-2017- | | | 0310 CVE-2017-0311 CVE-2017-0318 | | | CVE-2017-0321]; fix module build on Linux | | | 4.10 and newer | | | | | nvidia-graphics- | New upstream version (304.135) containing | | drivers- | security fixes [CVE-2017-0309 CVE-2017- | | legacy-304xx [41] | 0310 CVE-2017-0311 CVE-2017-0318 | | | CVE-2017-0321]; fix module build on Linux | | | 4.10 and newer | | | | | nvidia-graphics- | Rebuild using nvidia-kernel-source | | modules [42] | 340.102 | | | | | openchange [43] | Fix build failure with samba 4.2 | | | | | openmpi [44] | libopenmpi1.6: Fix two incorrect soname | | | links, Use versioned Conflicts: | | | libopenmpi2 (<< 1.6) to not interfere | | | with upgrades to stretch | | | | | plv8 [45] | Check for permission to call functions | | | | | postfix [46] | Fix build failure with Linux 4.x kernels; | | | add delmap to .prerm for all packages | | | that contain map data types exposed | | | through external .so files so that | | | upgrades to stretch (where the associated | | | files have moved) will be functional | | | | | postgresql-9.4 [47] | New upstream release | | | | | python- | Fix HKDF issue with small key sizes | | cryptography [48] | [CVE-2016-9243]; fix build failure due to | | | SSL2 method detection | | | | | radare2 [49] | Fix denial of service vulnerability | | | [CVE-2017-6197] | | | | | sane-backends [50] | Fix security issue [CVE-2017-6318] | | | | | sendmail [51] | Only touch files as smmsp:smmsp in /var/ | | | run/sendmail/stampdir to avoid possible | | | privilege escalation; use lockfile-create | | | (from lockfile-progs) instead of touch to | | | manage the cronjob lockfiles; sendmail- | | | base: Add Depends: netbase for /etc/ | | | services | | | | | sitesummary [52] | Fix package pre-removal script | | | | | smemstat [53] | Fix null pointer dereference when UID | | | can't be read | | | | | spip [54] | Fix multiple cross-site scripting issues, | | | server side request forgery attacks | | | [CVE-2016-7999], directory traversal | | | [CVE-2016-7982], arbitrary code execution | | | [CVE-2016-7998], cross-site request | | | forgery [CVE-2016-7980], cross-site | | | scripting vulnerabilities [CVE-2016-7981 | | | CVE-2016-9997 CVE-2016-9998 CVE-2016- | | | 9152] | | | | | sus [55] | Update for SUSv4 TC2 | | | | | synergy [56] | Fix a crash when synergyc starts | | | | | systemd [57] | Fix boolean properties retrieved via sd- | | | bus on big-endian architectures; | | | systemctl: Add is-enabled support for | | | SysV init scripts; if the start command | | | vanishes during runtime don't hit an | | | assert; if an automount unit is masked, | | | don't react to activation | | | | | transmissionrpc [58] | Add missing dependency from Python | | | modules to python-six | | | | | tzdata [59] | Update included data to 2017b; enable | | | partial translations of debconf templates | | | | | unzip [60] | Fix buffer overflows in unzip [CVE-2014- | | | 9913] and zipinfo [CVE-2016-9844] | | | | | uwsgi [61] | Fix build failure with recent glibc | | | | | vim [62] | Fix buffer overflows when reading | | | corrupted undo files [CVE-2017-6349 | | | CVE-2017-6350] | | | | | vlc [63] | New upstream release | | | | | webissues-server [64] | postrm purge: Check for ucf before | | | calling it | | | | | wget [65] | Fix CRLF injection in URL host parts | | | [CVE-2017-6508] | | | | | xmobar [66] | Update weather feed URL | | | | | xshisen [67] | Fix frequent segfault on start | | | | | yara [68] | Fix several security issues [CVE-2016- | | | 10210 CVE-2016-10211 CVE-2017-5923 | | | CVE-2017-5924] | | | | +-------------------------+-------------------------------------------+ 1: https://packages.debian.org/src:activemq 2: https://packages.debian.org/src:apf-firewall 3: https://packages.debian.org/src:apt-xapian-index 4: https://packages.debian.org/src:base-files 5: https://packages.debian.org/src:binutils 6: https://packages.debian.org/src:ca-certificates 7: https://packages.debian.org/src:commons-daemon 8: https://packages.debian.org/src:crafty 9: https://packages.debian.org/src:debian-edu-doc 10: https://packages.debian.org/src:debian-installer 11: https://packages.debian.org/src:debian-installer-netboot-images 12: https://packages.debian.org/src:dropbear 13: https://packages.debian.org/src:erlang 14: https://packages.debian.org/src:glibc 15: https://packages.debian.org/src:gnome-media 16: https://packages.debian.org/src:gnome-screenshot 17: https://packages.debian.org/src:gnome-settings-daemon 18: https://packages.debian.org/src:gnutls28 19: https://packages.debian.org/src:groovy 20: https://packages.debian.org/src:groovy2 21: https://packages.debian.org/src:guile-2.0 22: https://packages.debian.org/src:initramfs-tools 23: https://packages.debian.org/src:installation-guide 24: https://packages.debian.org/src:irqbalance 25: https://packages.debian.org/src:kup 26: https://packages.debian.org/src:libdatetime-timezone-perl 27: https://packages.debian.org/src:libindicate 28: https://packages.debian.org/src:libmateweather 29: https://packages.debian.org/src:libvirt 30: https://packages.debian.org/src:libvorbisidec 31: https://packages.debian.org/src:libxslt 32: https://packages.debian.org/src:linux 33: https://packages.debian.org/src:logback 34: https://packages.debian.org/src:lxc 35: https://packages.debian.org/src:minicom 36: https://packages.debian.org/src:modsecurity-crs 37: https://packages.debian.org/src:mongodb 38: https://packages.debian.org/src:ndisc6 39: https://packages.debian.org/src:ndoutils 40: https://packages.debian.org/src:nvidia-graphics-drivers 41: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-304xx 42: https://packages.debian.org/src:nvidia-graphics-modules 43: https://packages.debian.org/src:openchange 44: https://packages.debian.org/src:openmpi 45: https://packages.debian.org/src:plv8 46: https://packages.debian.org/src:postfix 47: https://packages.debian.org/src:postgresql-9.4 48: https://packages.debian.org/src:python-cryptography 49: https://packages.debian.org/src:radare2 50: https://packages.debian.org/src:sane-backends 51: https://packages.debian.org/src:sendmail 52: https://packages.debian.org/src:sitesummary 53: https://packages.debian.org/src:smemstat 54: https://packages.debian.org/src:spip 55: https://packages.debian.org/src:sus 56: https://packages.debian.org/src:synergy 57: https://packages.debian.org/src:systemd 58: https://packages.debian.org/src:transmissionrpc 59: https://packages.debian.org/src:tzdata 60: https://packages.debian.org/src:unzip 61: https://packages.debian.org/src:uwsgi 62: https://packages.debian.org/src:vim 63: https://packages.debian.org/src:vlc 64: https://packages.debian.org/src:webissues-server 65: https://packages.debian.org/src:wget 66: https://packages.debian.org/src:xmobar 67: https://packages.debian.org/src:xshisen 68: https://packages.debian.org/src:yara Security Updates ---------------- This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates: +----------------+--------------------------------+ | Advisory ID | Package | +----------------+--------------------------------+ | DSA-3690 [69] | icedove [70] | | | | | DSA-3711 [71] | mariadb-10.0 [72] | | | | | DSA-3730 [73] | icedove [74] | | | | | DSA-3743 [75] | python-bottle [76] | | | | | DSA-3756 [77] | icoutils [78] | | | | | DSA-3757 [79] | icedove [80] | | | | | DSA-3758 [81] | bind9 [82] | | | | | DSA-3759 [83] | python-pysaml2 [84] | | | | | DSA-3760 [85] | ikiwiki [86] | | | | | DSA-3761 [87] | rabbitmq-server [88] | | | | | DSA-3762 [89] | tiff [90] | | | | | DSA-3763 [91] | pdns-recursor [92] | | | | | DSA-3764 [93] | pdns [94] | | | | | DSA-3765 [95] | icoutils [96] | | | | | DSA-3766 [97] | mapserver [98] | | | | | DSA-3767 [99] | mysql-5.5 [100] | | | | | DSA-3768 [101] | openjpeg2 [102] | | | | | DSA-3769 [103] | libphp-swiftmailer [104] | | | | | DSA-3770 [105] | mariadb-10.0 [106] | | | | | DSA-3771 [107] | firefox-esr [108] | | | | | DSA-3772 [109] | libxpm [110] | | | | | DSA-3773 [111] | openssl [112] | | | | | DSA-3774 [113] | lcms2 [114] | | | | | DSA-3775 [115] | tcpdump [116] | | | | | DSA-3776 [117] | chromium-browser [118] | | | | | DSA-3777 [119] | libgd2 [120] | | | | | DSA-3778 [121] | ruby-archive-tar-minitar [122] | | | | | DSA-3779 [123] | wordpress [124] | | | | | DSA-3780 [125] | ntfs-3g [126] | | | | | DSA-3781 [127] | svgsalamander [128] | | | | | DSA-3783 [129] | php5 [130] | | | | | DSA-3784 [131] | viewvc [132] | | | | | DSA-3785 [133] | jasper [134] | | | | | DSA-3786 [135] | vim [136] | | | | | DSA-3787 [137] | tomcat7 [138] | | | | | DSA-3788 [139] | tomcat8 [140] | | | | | DSA-3789 [141] | libevent [142] | | | | | DSA-3790 [143] | spice [144] | | | | | DSA-3791 [145] | linux [146] | | | | | DSA-3792 [147] | libreoffice [148] | | | | | DSA-3793 [149] | shadow [150] | | | | | DSA-3794 [151] | munin [152] | | | | | DSA-3795 [153] | bind9 [154] | | | | | DSA-3796 [155] | apache2 [156] | | | | | DSA-3796 [157] | sitesummary [158] | | | | | DSA-3797 [159] | mupdf [160] | | | | | DSA-3798 [161] | tnef [162] | | | | | DSA-3799 [163] | imagemagick [164] | | | | | DSA-3800 [165] | libquicktime [166] | | | | | DSA-3801 [167] | ruby-zip [168] | | | | | DSA-3802 [169] | zabbix [170] | | | | | DSA-3803 [171] | texlive-base [172] | | | | | DSA-3804 [173] | linux [174] | | | | | DSA-3805 [175] | firefox-esr [176] | | | | | DSA-3806 [177] | pidgin [178] | | | | | DSA-3807 [179] | icoutils [180] | | | | | DSA-3808 [181] | imagemagick [182] | | | | | DSA-3809 [183] | mariadb-10.0 [184] | | | | | DSA-3810 [185] | chromium-browser [186] | | | | | DSA-3811 [187] | wireshark [188] | | | | | DSA-3812 [189] | ioquake3 [190] | | | | | DSA-3813 [191] | r-base [192] | | | | | DSA-3814 [193] | audiofile [194] | | | | | DSA-3815 [195] | wordpress [196] | | | | | DSA-3816 [197] | samba [198] | | | | | DSA-3817 [199] | jbig2dec [200] | | | | | DSA-3818 [201] | gst-plugins-bad1.0 [202] | | | | | DSA-3819 [203] | gst-plugins-base1.0 [204] | | | | | DSA-3820 [205] | gst-plugins-good1.0 [206] | | | | | DSA-3821 [207] | gst-plugins-ugly1.0 [208] | | | | | DSA-3822 [209] | gstreamer1.0 [210] | | | | | DSA-3823 [211] | eject [212] | | | | | DSA-3824 [213] | firebird2.5 [214] | | | | | DSA-3825 [215] | jhead [216] | | | | | DSA-3826 [217] | tryton-server [218] | | | | | DSA-3827 [219] | jasper [220] | | | | | DSA-3828 [221] | dovecot [222] | | | | | DSA-3829 [223] | bouncycastle [224] | | | | | DSA-3830 [225] | icu [226] | | | | | DSA-3831 [227] | firefox-esr [228] | | | | | DSA-3832 [229] | hunspell-en-us [230] | | | | | DSA-3832 [231] | uzbek-wordlist [232] | | | | | DSA-3832 [233] | icedove [234] | | | | | DSA-3833 [235] | libav [236] | | | | | DSA-3834 [237] | mysql-5.5 [238] | | | | | DSA-3835 [239] | python-django [240] | | | | | DSA-3836 [241] | weechat [242] | | | | | DSA-3837 [243] | libreoffice [244] | | | | | DSA-3838 [245] | ghostscript [246] | | | | | DSA-3839 [247] | freetype [248] | | | | +----------------+--------------------------------+ 69: https://www.debian.org/security/2016/dsa-3690 70: https://packages.debian.org/src:icedove 71: https://www.debian.org/security/2016/dsa-3711 72: https://packages.debian.org/src:mariadb-10.0 73: https://www.debian.org/security/2016/dsa-3730 74: https://packages.debian.org/src:icedove 75: https://www.debian.org/security/2017/dsa-3743 76: https://packages.debian.org/src:python-bottle 77: https://www.debian.org/security/2017/dsa-3756 78: https://packages.debian.org/src:icoutils 79: https://www.debian.org/security/2017/dsa-3757 80: https://packages.debian.org/src:icedove 81: https://www.debian.org/security/2017/dsa-3758 82: https://packages.debian.org/src:bind9 83: https://www.debian.org/security/2017/dsa-3759 84: https://packages.debian.org/src:python-pysaml2 85: https://www.debian.org/security/2017/dsa-3760 86: https://packages.debian.org/src:ikiwiki 87: https://www.debian.org/security/2017/dsa-3761 88: https://packages.debian.org/src:rabbitmq-server 89: https://www.debian.org/security/2017/dsa-3762 90: https://packages.debian.org/src:tiff 91: https://www.debian.org/security/2017/dsa-3763 92: https://packages.debian.org/src:pdns-recursor 93: https://www.debian.org/security/2017/dsa-3764 94: https://packages.debian.org/src:pdns 95: https://www.debian.org/security/2017/dsa-3765 96: https://packages.debian.org/src:icoutils 97: https://www.debian.org/security/2017/dsa-3766 98: https://packages.debian.org/src:mapserver 99: https://www.debian.org/security/2017/dsa-3767 100: https://packages.debian.org/src:mysql-5.5 101: https://www.debian.org/security/2017/dsa-3768 102: https://packages.debian.org/src:openjpeg2 103: https://www.debian.org/security/2017/dsa-3769 104: https://packages.debian.org/src:libphp-swiftmailer 105: https://www.debian.org/security/2017/dsa-3770 106: https://packages.debian.org/src:mariadb-10.0 107: https://www.debian.org/security/2017/dsa-3771 108: https://packages.debian.org/src:firefox-esr 109: https://www.debian.org/security/2017/dsa-3772 110: https://packages.debian.org/src:libxpm 111: https://www.debian.org/security/2017/dsa-3773 112: https://packages.debian.org/src:openssl 113: https://www.debian.org/security/2017/dsa-3774 114: https://packages.debian.org/src:lcms2 115: https://www.debian.org/security/2017/dsa-3775 116: https://packages.debian.org/src:tcpdump 117: https://www.debian.org/security/2017/dsa-3776 118: https://packages.debian.org/src:chromium-browser 119: https://www.debian.org/security/2017/dsa-3777 120: https://packages.debian.org/src:libgd2 121: https://www.debian.org/security/2017/dsa-3778 122: https://packages.debian.org/src:ruby-archive-tar-minitar 123: https://www.debian.org/security/2017/dsa-3779 124: https://packages.debian.org/src:wordpress 125: https://www.debian.org/security/2017/dsa-3780 126: https://packages.debian.org/src:ntfs-3g 127: https://www.debian.org/security/2017/dsa-3781 128: https://packages.debian.org/src:svgsalamander 129: https://www.debian.org/security/2017/dsa-3783 130: https://packages.debian.org/src:php5 131: https://www.debian.org/security/2017/dsa-3784 132: https://packages.debian.org/src:viewvc 133: https://www.debian.org/security/2017/dsa-3785 134: https://packages.debian.org/src:jasper 135: https://www.debian.org/security/2017/dsa-3786 136: https://packages.debian.org/src:vim 137: https://www.debian.org/security/2017/dsa-3787 138: https://packages.debian.org/src:tomcat7 139: https://www.debian.org/security/2017/dsa-3788 140: https://packages.debian.org/src:tomcat8 141: https://www.debian.org/security/2017/dsa-3789 142: https://packages.debian.org/src:libevent 143: https://www.debian.org/security/2017/dsa-3790 144: https://packages.debian.org/src:spice 145: https://www.debian.org/security/2017/dsa-3791 146: https://packages.debian.org/src:linux 147: https://www.debian.org/security/2017/dsa-3792 148: https://packages.debian.org/src:libreoffice 149: https://www.debian.org/security/2017/dsa-3793 150: https://packages.debian.org/src:shadow 151: https://www.debian.org/security/2017/dsa-3794 152: https://packages.debian.org/src:munin 153: https://www.debian.org/security/2017/dsa-3795 154: https://packages.debian.org/src:bind9 155: https://www.debian.org/security/2017/dsa-3796 156: https://packages.debian.org/src:apache2 157: https://www.debian.org/security/2017/dsa-3796 158: https://packages.debian.org/src:sitesummary 159: https://www.debian.org/security/2017/dsa-3797 160: https://packages.debian.org/src:mupdf 161: https://www.debian.org/security/2017/dsa-3798 162: https://packages.debian.org/src:tnef 163: https://www.debian.org/security/2017/dsa-3799 164: https://packages.debian.org/src:imagemagick 165: https://www.debian.org/security/2017/dsa-3800 166: https://packages.debian.org/src:libquicktime 167: https://www.debian.org/security/2017/dsa-3801 168: https://packages.debian.org/src:ruby-zip 169: https://www.debian.org/security/2017/dsa-3802 170: https://packages.debian.org/src:zabbix 171: https://www.debian.org/security/2017/dsa-3803 172: https://packages.debian.org/src:texlive-base 173: https://www.debian.org/security/2017/dsa-3804 174: https://packages.debian.org/src:linux 175: https://www.debian.org/security/2017/dsa-3805 176: https://packages.debian.org/src:firefox-esr 177: https://www.debian.org/security/2017/dsa-3806 178: https://packages.debian.org/src:pidgin 179: https://www.debian.org/security/2017/dsa-3807 180: https://packages.debian.org/src:icoutils 181: https://www.debian.org/security/2017/dsa-3808 182: https://packages.debian.org/src:imagemagick 183: https://www.debian.org/security/2017/dsa-3809 184: https://packages.debian.org/src:mariadb-10.0 185: https://www.debian.org/security/2017/dsa-3810 186: https://packages.debian.org/src:chromium-browser 187: https://www.debian.org/security/2017/dsa-3811 188: https://packages.debian.org/src:wireshark 189: https://www.debian.org/security/2017/dsa-3812 190: https://packages.debian.org/src:ioquake3 191: https://www.debian.org/security/2017/dsa-3813 192: https://packages.debian.org/src:r-base 193: https://www.debian.org/security/2017/dsa-3814 194: https://packages.debian.org/src:audiofile 195: https://www.debian.org/security/2017/dsa-3815 196: https://packages.debian.org/src:wordpress 197: https://www.debian.org/security/2017/dsa-3816 198: https://packages.debian.org/src:samba 199: https://www.debian.org/security/2017/dsa-3817 200: https://packages.debian.org/src:jbig2dec 201: https://www.debian.org/security/2017/dsa-3818 202: https://packages.debian.org/src:gst-plugins-bad1.0 203: https://www.debian.org/security/2017/dsa-3819 204: https://packages.debian.org/src:gst-plugins-base1.0 205: https://www.debian.org/security/2017/dsa-3820 206: https://packages.debian.org/src:gst-plugins-good1.0 207: https://www.debian.org/security/2017/dsa-3821 208: https://packages.debian.org/src:gst-plugins-ugly1.0 209: https://www.debian.org/security/2017/dsa-3822 210: https://packages.debian.org/src:gstreamer1.0 211: https://www.debian.org/security/2017/dsa-3823 212: https://packages.debian.org/src:eject 213: https://www.debian.org/security/2017/dsa-3824 214: https://packages.debian.org/src:firebird2.5 215: https://www.debian.org/security/2017/dsa-3825 216: https://packages.debian.org/src:jhead 217: https://www.debian.org/security/2017/dsa-3826 218: https://packages.debian.org/src:tryton-server 219: https://www.debian.org/security/2017/dsa-3827 220: https://packages.debian.org/src:jasper 221: https://www.debian.org/security/2017/dsa-3828 222: https://packages.debian.org/src:dovecot 223: https://www.debian.org/security/2017/dsa-3829 224: https://packages.debian.org/src:bouncycastle 225: https://www.debian.org/security/2017/dsa-3830 226: https://packages.debian.org/src:icu 227: https://www.debian.org/security/2017/dsa-3831 228: https://packages.debian.org/src:firefox-esr 229: https://www.debian.org/security/2017/dsa-3832 230: https://packages.debian.org/src:hunspell-en-us 231: https://www.debian.org/security/2017/dsa-3832 232: https://packages.debian.org/src:uzbek-wordlist 233: https://www.debian.org/security/2017/dsa-3832 234: https://packages.debian.org/src:icedove 235: https://www.debian.org/security/2017/dsa-3833 236: https://packages.debian.org/src:libav 237: https://www.debian.org/security/2017/dsa-3834 238: https://packages.debian.org/src:mysql-5.5 239: https://www.debian.org/security/2017/dsa-3835 240: https://packages.debian.org/src:python-django 241: https://www.debian.org/security/2017/dsa-3836 242: https://packages.debian.org/src:weechat 243: https://www.debian.org/security/2017/dsa-3837 244: https://packages.debian.org/src:libreoffice 245: https://www.debian.org/security/2017/dsa-3838 246: https://packages.debian.org/src:ghostscript 247: https://www.debian.org/security/2017/dsa-3839 248: https://packages.debian.org/src:freetype Removed packages ---------------- The following packages were removed due to circumstances beyond our control: +----------------------------------+-----------------------------------+ | Package | Reason | +----------------------------------+-----------------------------------+ | cgiemail [249] | RC-buggy, unmaintained | | | | | grive [250] | Broken due to Google API changes | | | | | libapache2-authenntlm-perl [251] | Broken with Apache 2.4 | | | | | libwww-dict-leo-org-perl [252] | Broken due to upstream changes | | | | | live-f1 [253] | Broken due to third party changes | | | | | owncloud [254] | Unsupportable | | | | | owncloud-apps [255] | Unsupportable | | | | +----------------------------------+-----------------------------------+ 249: https://packages.debian.org/src:cgiemail 250: https://packages.debian.org/src:grive 251: https://packages.debian.org/src:libapache2-authenntlm-perl 252: https://packages.debian.org/src:libwww-dict-leo-org-perl 253: https://packages.debian.org/src:live-f1 254: https://packages.debian.org/src:owncloud 255: https://packages.debian.org/src:owncloud-apps Debian Installer ---------------- The installer has been updated to include the fixes incorporated into stable by the point release. URLs ---- The complete lists of packages that have changed with this revision: http://ftp.debian.org/debian/dists/jessie/ChangeLog The current stable distribution: http://ftp.debian.org/debian/dists/stable/ Proposed updates to the stable distribution: http://ftp.debian.org/debian/dists/proposed-updates stable distribution information (release notes, errata etc.): https://www.debian.org/releases/stable/ Security announcements and information: https://security.debian.org/ [256] 256: https://www.debian.org/security/ About Debian ------------ The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. Contact Information ------------------- For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.
Attachment:
signature.asc
Description: OpenPGP digital signature