------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 8: 8.10 released press@debian.org December 9th, 2017 https://www.debian.org/News/2017/20171209 ------------------------------------------------------------------------ The Debian project is pleased to announce the tenth update of its oldstable distribution Debian 8 (codename "jessie"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 8 but only updates some of the packages included. There is no need to throw away old "jessie" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations. Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list Miscellaneous Bugfixes ---------------------- This oldstable update adds a few important corrections to the following packages: +---------------------------+-----------------------------------------+ | Package | Reason | +---------------------------+-----------------------------------------+ | bareos [1] | Fix permissions of bareos-dir logrotate | | | config; fix file corruption when using | | | SHA1 signature | | | | | base-files [2] | Update for the point release | | | | | bind9 [3] | Import upcoming DNSSEC KSK-2017 | | | | | cups [4] | Disable SSLv3 and RC4 by default to | | | address POODLE vulnerability | | | | | db [5] | Do not access DB_CONFIG when db_home is | | | not set [CVE-2017-10140] | | | | | db5.3 [6] | Do not access DB_CONFIG when db_home is | | | not set [CVE-2017-10140] | | | | | debian-installer [7] | Rebuild for the point release | | | | | debian-installer-netboot- | Rebuild for the point release | | images [8] | | | | | | debmirror [9] | Tolerate unknown lines in *.diff/Index; | | | mirror DEP-11 metadata files; prefer xz | | | over gz, and cope with either being | | | missing; mirror and validate InRelease | | | files | | | | | dns-root-data [10] | Update root.hints to 2017072601 | | | version; add KSK-2017 to root.key file | | | | | dput [11] | dput.cf: replace security- | | | master.debian.org with | | | ftp.upload.security.debian.org | | | | | dwww [12] | Fix "Last-Modified" header name | | | | | elog [13] | Update patch 0005_elogd_CVE-2016- | | | 6342_fix to grant access as normal user | | | | | flightgear [14] | Fix arbitrary file overwrite | | | vulnerability [CVE-2017-13709] | | | | | gsoap [15] | Fix integer overflow via large XML | | | document [CVE-2017-9765] | | | | | hexchat [16] | Fix segmentation fault following / | | | server command | | | | | icu [17] | Fix double free in | | | createMetazoneMappings() [CVE-2017- | | | 14952] | | | | | kdepim [18] | Fix "send Later with Delay bypasses | | | OpenPGP" [CVE-2017-9604] | | | | | kedpm [19] | Fix information leak via command | | | history file [CVE-2017-8296] | | | | | keyringer [20] | Handle subkeys without expiration date | | | and public keys listed multiple times | | | | | krb5 [21] | Security fixes - remote authenticated | | | attackers can crash the KDC [CVE-2017- | | | 11368]; kdc crash on | | | restrict_anon_to_tgt [CVE-2016-3120]; | | | remote DOS with ldap for authenticated | | | attackers [CVE-2016-3119]; prevent | | | requires_preauth bypass [CVE-2015-2694] | | | | | libdatetime-timezone- | Update included data | | perl [22] | | | | | | libdbi [23] | Re-enable error handler call in | | | dbi_result_next_row() | | | | | libembperl-perl [24] | Change hard dependency on mod_perl in | | | zembperl.load to Recommends, fixing an | | | installation failure when libapache2- | | | mod-perl2 is not installed | | | | | libio-socket-ssl- | Fix segfault using malformed client | | perl [25] | certificates | | | | | liblouis [26] | Fix multiple stack-based buffer | | | overflows [CVE-2014-8184] | | | | | libofx [27] | Security fixes [CVE-2017-2816 CVE-2017- | | | 14731] | | | | | libwnckmm [28] | Tighten dependencies between packages; | | | use jquery.js from libjs-jquery | | | | | libwpd [29] | Security fix [CVE-2017-14226] | | | | | libx11 [30] | Fix "insufficient validation of data | | | from the X server can cause out of | | | boundary memory read (XGetImage()) or | | | write (XListFonts())" [CVE-2016-7942 | | | CVE-2016-7943] | | | | | libxfixes [31] | Fix integer overflow on illegal server | | | response [CVE-2016-7944] | | | | | libxi [32] | Fix "insufficient validation of data | | | from the X server can cause out of | | | boundary memory access or endless | | | loops" [CVE-2016-7945 CVE-2016-7946] | | | | | libxrandr [33] | Avoid out of boundary accesses on | | | illegal responses [CVE-2016-7947 | | | CVE-2016-7948] | | | | | libxtst [34] | Fix "insufficient validation of data | | | from the X server can cause out of | | | boundary memory access or endless | | | loops" [CVE-2016-7951 CVE-2016-7952] | | | | | libxv [35] | Fix protocol handling issues in libXv | | | [CVE-2016-5407] | | | | | libxvmc [36] | Avoid buffer underflow on empty strings | | | [CVE-2016-7953] | | | | | linux [37] | New stable kernel version 3.16.51 | | | | | ncurses [38] | Fix various crash bugs in the tic | | | library and the tic binary [CVE-2017- | | | 10684 CVE-2017-10685 CVE-2017-11112 | | | CVE-2017-11113 CVE-2017-13728 CVE-2017- | | | 13729 CVE-2017-13730 CVE-2017-13731 | | | CVE-2017-13732 CVE-2017-13734 CVE-2017- | | | 13733] | | | | | openssh [39] | Test configuration before starting or | | | reloading sshd under systemd; make | | | "--" before the hostname terminate | | | argument processing after the hostname | | | too | | | | | pdns [40] | Add missing check on API operations | | | [CVE-2017-15091] | | | | | pdns-recursor [41] | Fix configuration file injection in the | | | API [CVE-2017-15093] | | | | | postgresql-9.4 [42] | New upstream bugfix release | | | | | python-tablib [43] | Securely load YAML [CVE-2017-2810] | | | | | request-tracker4 [44] | Fix regression in previous security | | | release where incorrect SHA256 | | | passwords could trigger an error | | | | | ruby-ox [45] | Avoid crash with invalid XML passed to | | | Oj.parse_obj() [CVE-2017-15928] | | | | | sam2p [46] | Fix several integer overflow or heap- | | | based buffer overflow issues [CVE-2017- | | | 14628 CVE-2017-14629 CVE-2017-14630 | | | CVE-2017-14631 CVE-2017-14636 CVE-2017- | | | 14637 CVE-2017-16663] | | | | | slurm-llnl [47] | Fix security issue caused by insecure | | | file path handling triggered by the | | | failure of a Prolog script [CVE-2016- | | | 10030] | | | | | sudo [48] | Fix arbitrary terminal access | | | [CVE-2017-1000368] | | | | | syslinux [49] | Fix boot problem for old BIOS firmware | | | by correcting C/H/S order | | | | | tor [50] | Add "Bastet" directory authority; | | | update geoip and geoip6 to the October | | | 4 2017 Maxmind GeoLite2 country | | | database; fix a memset() off the end of | | | an array when packing cells | | | | | transfig [51] | Add input sanitisation on FIG files | | | [CVE-2017-16899]; sanitize input of | | | fill patterns | | | | | tzdata [52] | New upstream release | | | | | unbound [53] | Fix install of trust anchor when two | | | anchors are present; include root trust | | | anchor id 20326 | | | | | weechat [54] | "logger: call strftime before replacing | | | buffer local variables" [CVE-2017- | | | 14727] | | | | +---------------------------+-----------------------------------------+ 1: https://packages.debian.org/src:bareos 2: https://packages.debian.org/src:base-files 3: https://packages.debian.org/src:bind9 4: https://packages.debian.org/src:cups 5: https://packages.debian.org/src:db 6: https://packages.debian.org/src:db5.3 7: https://packages.debian.org/src:debian-installer 8: https://packages.debian.org/src:debian-installer-netboot-images 9: https://packages.debian.org/src:debmirror 10: https://packages.debian.org/src:dns-root-data 11: https://packages.debian.org/src:dput 12: https://packages.debian.org/src:dwww 13: https://packages.debian.org/src:elog 14: https://packages.debian.org/src:flightgear 15: https://packages.debian.org/src:gsoap 16: https://packages.debian.org/src:hexchat 17: https://packages.debian.org/src:icu 18: https://packages.debian.org/src:kdepim 19: https://packages.debian.org/src:kedpm 20: https://packages.debian.org/src:keyringer 21: https://packages.debian.org/src:krb5 22: https://packages.debian.org/src:libdatetime-timezone-perl 23: https://packages.debian.org/src:libdbi 24: https://packages.debian.org/src:libembperl-perl 25: https://packages.debian.org/src:libio-socket-ssl-perl 26: https://packages.debian.org/src:liblouis 27: https://packages.debian.org/src:libofx 28: https://packages.debian.org/src:libwnckmm 29: https://packages.debian.org/src:libwpd 30: https://packages.debian.org/src:libx11 31: https://packages.debian.org/src:libxfixes 32: https://packages.debian.org/src:libxi 33: https://packages.debian.org/src:libxrandr 34: https://packages.debian.org/src:libxtst 35: https://packages.debian.org/src:libxv 36: https://packages.debian.org/src:libxvmc 37: https://packages.debian.org/src:linux 38: https://packages.debian.org/src:ncurses 39: https://packages.debian.org/src:openssh 40: https://packages.debian.org/src:pdns 41: https://packages.debian.org/src:pdns-recursor 42: https://packages.debian.org/src:postgresql-9.4 43: https://packages.debian.org/src:python-tablib 44: https://packages.debian.org/src:request-tracker4 45: https://packages.debian.org/src:ruby-ox 46: https://packages.debian.org/src:sam2p 47: https://packages.debian.org/src:slurm-llnl 48: https://packages.debian.org/src:sudo 49: https://packages.debian.org/src:syslinux 50: https://packages.debian.org/src:tor 51: https://packages.debian.org/src:transfig 52: https://packages.debian.org/src:tzdata 53: https://packages.debian.org/src:unbound 54: https://packages.debian.org/src:weechat Security Updates ---------------- This revision adds the following security updates to the oldstable release. The Security Team has already released an advisory for each of these updates: +----------------+----------------------------+ | Advisory ID | Package | +----------------+----------------------------+ | DSA-3904 [55] | bind9 [56] | | | | | DSA-3908 [57] | nginx [58] | | | | | DSA-3909 [59] | samba [60] | | | | | DSA-3913 [61] | apache2 [62] | | | | | DSA-3914 [63] | imagemagick [64] | | | | | DSA-3916 [65] | atril [66] | | | | | DSA-3917 [67] | catdoc [68] | | | | | DSA-3921 [69] | enigmail [70] | | | | | DSA-3922 [71] | mysql-5.5 [72] | | | | | DSA-3924 [73] | varnish [74] | | | | | DSA-3928 [75] | firefox-esr [76] | | | | | DSA-3929 [77] | libsoup2.4 [78] | | | | | DSA-3930 [79] | freeradius [80] | | | | | DSA-3932 [81] | subversion [82] | | | | | DSA-3933 [83] | pjproject [84] | | | | | DSA-3934 [85] | git [86] | | | | | DSA-3935 [87] | postgresql-9.4 [88] | | | | | DSA-3937 [89] | zabbix [90] | | | | | DSA-3938 [91] | libgd2 [92] | | | | | DSA-3939 [93] | botan1.10 [94] | | | | | DSA-3940 [95] | cvs [96] | | | | | DSA-3942 [97] | supervisor [98] | | | | | DSA-3943 [99] | gajim [100] | | | | | DSA-3945 [101] | linux [102] | | | | | DSA-3946 [103] | libmspack [104] | | | | | DSA-3947 [105] | newsbeuter [106] | | | | | DSA-3948 [107] | ioquake3 [108] | | | | | DSA-3949 [109] | augeas [110] | | | | | DSA-3950 [111] | libraw [112] | | | | | DSA-3951 [113] | smb4k [114] | | | | | DSA-3952 [115] | libxml2 [116] | | | | | DSA-3956 [117] | connman [118] | | | | | DSA-3958 [119] | fontforge [120] | | | | | DSA-3960 [121] | gnupg [122] | | | | | DSA-3961 [123] | libgd2 [124] | | | | | DSA-3962 [125] | strongswan [126] | | | | | DSA-3963 [127] | mercurial [128] | | | | | DSA-3964 [129] | asterisk [130] | | | | | DSA-3969 [131] | xen [132] | | | | | DSA-3970 [133] | emacs24 [134] | | | | | DSA-3971 [135] | tcpdump [136] | | | | | DSA-3972 [137] | bluez [138] | | | | | DSA-3973 [139] | wordpress-shibboleth [140] | | | | | DSA-3974 [141] | tomcat8 [142] | | | | | DSA-3976 [143] | freexl [144] | | | | | DSA-3977 [145] | newsbeuter [146] | | | | | DSA-3978 [147] | gdk-pixbuf [148] | | | | | DSA-3979 [149] | pyjwt [150] | | | | | DSA-3980 [151] | apache2 [152] | | | | | DSA-3981 [153] | linux [154] | | | | | DSA-3982 [155] | perl [156] | | | | | DSA-3983 [157] | samba [158] | | | | | DSA-3984 [159] | git [160] | | | | | DSA-3986 [161] | ghostscript [162] | | | | | DSA-3987 [163] | firefox-esr [164] | | | | | DSA-3988 [165] | libidn2-0 [166] | | | | | DSA-3989 [167] | dnsmasq [168] | | | | | DSA-3990 [169] | asterisk [170] | | | | | DSA-3992 [171] | curl [172] | | | | | DSA-3995 [173] | libxfont [174] | | | | | DSA-3997 [175] | wordpress [176] | | | | | DSA-3998 [177] | nss [178] | | | | | DSA-3999 [179] | wpa [180] | | | | | DSA-4000 [181] | xorg-server [182] | | | | | DSA-4002 [183] | mysql-5.5 [184] | | | | | DSA-4004 [185] | jackson-databind [186] | | | | | DSA-4006 [187] | mupdf [188] | | | | | DSA-4007 [189] | curl [190] | | | | | DSA-4008 [191] | wget [192] | | | | | DSA-4011 [193] | quagga [194] | | | | | DSA-4012 [195] | libav [196] | | | | | DSA-4013 [197] | openjpeg2 [198] | | | | | DSA-4016 [199] | irssi [200] | | | | | DSA-4018 [201] | openssl [202] | | | | | DSA-4021 [203] | otrs2 [204] | | | | | DSA-4022 [205] | libreoffice [206] | | | | | DSA-4025 [207] | libpam4j [208] | | | | | DSA-4026 [209] | bchunk [210] | | | | | DSA-4027 [211] | postgresql-9.4 [212] | | | | | DSA-4029 [213] | postgresql-common [214] | | | | | DSA-4033 [215] | konversation [216] | | | | | DSA-4035 [217] | firefox-esr [218] | | | | | DSA-4037 [219] | jackson-databind [220] | | | | | DSA-4038 [221] | shibboleth-sp2 [222] | | | | | DSA-4039 [223] | opensaml2 [224] | | | | | DSA-4040 [225] | imagemagick [226] | | | | | DSA-4041 [227] | procmail [228] | | | | | DSA-4042 [229] | libxml-libxml-perl [230] | | | | | DSA-4043 [231] | samba [232] | | | | | DSA-4045 [233] | vlc [234] | | | | | DSA-4046 [235] | libspring-ldap-java [236] | | | | | DSA-4047 [237] | otrs2 [238] | | | | | DSA-4051 [239] | curl [240] | | | | | DSA-4052 [241] | bzr [242] | | | | +----------------+----------------------------+ 55: https://www.debian.org/security/2017/dsa-3904 56: https://packages.debian.org/src:bind9 57: https://www.debian.org/security/2017/dsa-3908 58: https://packages.debian.org/src:nginx 59: https://www.debian.org/security/2017/dsa-3909 60: https://packages.debian.org/src:samba 61: https://www.debian.org/security/2017/dsa-3913 62: https://packages.debian.org/src:apache2 63: https://www.debian.org/security/2017/dsa-3914 64: https://packages.debian.org/src:imagemagick 65: https://www.debian.org/security/2017/dsa-3916 66: https://packages.debian.org/src:atril 67: https://www.debian.org/security/2017/dsa-3917 68: https://packages.debian.org/src:catdoc 69: https://www.debian.org/security/2017/dsa-3921 70: https://packages.debian.org/src:enigmail 71: https://www.debian.org/security/2017/dsa-3922 72: https://packages.debian.org/src:mysql-5.5 73: https://www.debian.org/security/2017/dsa-3924 74: https://packages.debian.org/src:varnish 75: https://www.debian.org/security/2017/dsa-3928 76: https://packages.debian.org/src:firefox-esr 77: https://www.debian.org/security/2017/dsa-3929 78: https://packages.debian.org/src:libsoup2.4 79: https://www.debian.org/security/2017/dsa-3930 80: https://packages.debian.org/src:freeradius 81: https://www.debian.org/security/2017/dsa-3932 82: https://packages.debian.org/src:subversion 83: https://www.debian.org/security/2017/dsa-3933 84: https://packages.debian.org/src:pjproject 85: https://www.debian.org/security/2017/dsa-3934 86: https://packages.debian.org/src:git 87: https://www.debian.org/security/2017/dsa-3935 88: https://packages.debian.org/src:postgresql-9.4 89: https://www.debian.org/security/2017/dsa-3937 90: https://packages.debian.org/src:zabbix 91: https://www.debian.org/security/2017/dsa-3938 92: https://packages.debian.org/src:libgd2 93: https://www.debian.org/security/2017/dsa-3939 94: https://packages.debian.org/src:botan1.10 95: https://www.debian.org/security/2017/dsa-3940 96: https://packages.debian.org/src:cvs 97: https://www.debian.org/security/2017/dsa-3942 98: https://packages.debian.org/src:supervisor 99: https://www.debian.org/security/2017/dsa-3943 100: https://packages.debian.org/src:gajim 101: https://www.debian.org/security/2017/dsa-3945 102: https://packages.debian.org/src:linux 103: https://www.debian.org/security/2017/dsa-3946 104: https://packages.debian.org/src:libmspack 105: https://www.debian.org/security/2017/dsa-3947 106: https://packages.debian.org/src:newsbeuter 107: https://www.debian.org/security/2017/dsa-3948 108: https://packages.debian.org/src:ioquake3 109: https://www.debian.org/security/2017/dsa-3949 110: https://packages.debian.org/src:augeas 111: https://www.debian.org/security/2017/dsa-3950 112: https://packages.debian.org/src:libraw 113: https://www.debian.org/security/2017/dsa-3951 114: https://packages.debian.org/src:smb4k 115: https://www.debian.org/security/2017/dsa-3952 116: https://packages.debian.org/src:libxml2 117: https://www.debian.org/security/2017/dsa-3956 118: https://packages.debian.org/src:connman 119: https://www.debian.org/security/2017/dsa-3958 120: https://packages.debian.org/src:fontforge 121: https://www.debian.org/security/2017/dsa-3960 122: https://packages.debian.org/src:gnupg 123: https://www.debian.org/security/2017/dsa-3961 124: https://packages.debian.org/src:libgd2 125: https://www.debian.org/security/2017/dsa-3962 126: https://packages.debian.org/src:strongswan 127: https://www.debian.org/security/2017/dsa-3963 128: https://packages.debian.org/src:mercurial 129: https://www.debian.org/security/2017/dsa-3964 130: https://packages.debian.org/src:asterisk 131: https://www.debian.org/security/2017/dsa-3969 132: https://packages.debian.org/src:xen 133: https://www.debian.org/security/2017/dsa-3970 134: https://packages.debian.org/src:emacs24 135: https://www.debian.org/security/2017/dsa-3971 136: https://packages.debian.org/src:tcpdump 137: https://www.debian.org/security/2017/dsa-3972 138: https://packages.debian.org/src:bluez 139: https://www.debian.org/security/2017/dsa-3973 140: https://packages.debian.org/src:wordpress-shibboleth 141: https://www.debian.org/security/2017/dsa-3974 142: https://packages.debian.org/src:tomcat8 143: https://www.debian.org/security/2017/dsa-3976 144: https://packages.debian.org/src:freexl 145: https://www.debian.org/security/2017/dsa-3977 146: https://packages.debian.org/src:newsbeuter 147: https://www.debian.org/security/2017/dsa-3978 148: https://packages.debian.org/src:gdk-pixbuf 149: https://www.debian.org/security/2017/dsa-3979 150: https://packages.debian.org/src:pyjwt 151: https://www.debian.org/security/2017/dsa-3980 152: https://packages.debian.org/src:apache2 153: https://www.debian.org/security/2017/dsa-3981 154: https://packages.debian.org/src:linux 155: https://www.debian.org/security/2017/dsa-3982 156: https://packages.debian.org/src:perl 157: https://www.debian.org/security/2017/dsa-3983 158: https://packages.debian.org/src:samba 159: https://www.debian.org/security/2017/dsa-3984 160: https://packages.debian.org/src:git 161: https://www.debian.org/security/2017/dsa-3986 162: https://packages.debian.org/src:ghostscript 163: https://www.debian.org/security/2017/dsa-3987 164: https://packages.debian.org/src:firefox-esr 165: https://www.debian.org/security/2017/dsa-3988 166: https://packages.debian.org/src:libidn2-0 167: https://www.debian.org/security/2017/dsa-3989 168: https://packages.debian.org/src:dnsmasq 169: https://www.debian.org/security/2017/dsa-3990 170: https://packages.debian.org/src:asterisk 171: https://www.debian.org/security/2017/dsa-3992 172: https://packages.debian.org/src:curl 173: https://www.debian.org/security/2017/dsa-3995 174: https://packages.debian.org/src:libxfont 175: https://www.debian.org/security/2017/dsa-3997 176: https://packages.debian.org/src:wordpress 177: https://www.debian.org/security/2017/dsa-3998 178: https://packages.debian.org/src:nss 179: https://www.debian.org/security/2017/dsa-3999 180: https://packages.debian.org/src:wpa 181: https://www.debian.org/security/2017/dsa-4000 182: https://packages.debian.org/src:xorg-server 183: https://www.debian.org/security/2017/dsa-4002 184: https://packages.debian.org/src:mysql-5.5 185: https://www.debian.org/security/2017/dsa-4004 186: https://packages.debian.org/src:jackson-databind 187: https://www.debian.org/security/2017/dsa-4006 188: https://packages.debian.org/src:mupdf 189: https://www.debian.org/security/2017/dsa-4007 190: https://packages.debian.org/src:curl 191: https://www.debian.org/security/2017/dsa-4008 192: https://packages.debian.org/src:wget 193: https://www.debian.org/security/2017/dsa-4011 194: https://packages.debian.org/src:quagga 195: https://www.debian.org/security/2017/dsa-4012 196: https://packages.debian.org/src:libav 197: https://www.debian.org/security/2017/dsa-4013 198: https://packages.debian.org/src:openjpeg2 199: https://www.debian.org/security/2017/dsa-4016 200: https://packages.debian.org/src:irssi 201: https://www.debian.org/security/2017/dsa-4018 202: https://packages.debian.org/src:openssl 203: https://www.debian.org/security/2017/dsa-4021 204: https://packages.debian.org/src:otrs2 205: https://www.debian.org/security/2017/dsa-4022 206: https://packages.debian.org/src:libreoffice 207: https://www.debian.org/security/2017/dsa-4025 208: https://packages.debian.org/src:libpam4j 209: https://www.debian.org/security/2017/dsa-4026 210: https://packages.debian.org/src:bchunk 211: https://www.debian.org/security/2017/dsa-4027 212: https://packages.debian.org/src:postgresql-9.4 213: https://www.debian.org/security/2017/dsa-4029 214: https://packages.debian.org/src:postgresql-common 215: https://www.debian.org/security/2017/dsa-4033 216: https://packages.debian.org/src:konversation 217: https://www.debian.org/security/2017/dsa-4035 218: https://packages.debian.org/src:firefox-esr 219: https://www.debian.org/security/2017/dsa-4037 220: https://packages.debian.org/src:jackson-databind 221: https://www.debian.org/security/2017/dsa-4038 222: https://packages.debian.org/src:shibboleth-sp2 223: https://www.debian.org/security/2017/dsa-4039 224: https://packages.debian.org/src:opensaml2 225: https://www.debian.org/security/2017/dsa-4040 226: https://packages.debian.org/src:imagemagick 227: https://www.debian.org/security/2017/dsa-4041 228: https://packages.debian.org/src:procmail 229: https://www.debian.org/security/2017/dsa-4042 230: https://packages.debian.org/src:libxml-libxml-perl 231: https://www.debian.org/security/2017/dsa-4043 232: https://packages.debian.org/src:samba 233: https://www.debian.org/security/2017/dsa-4045 234: https://packages.debian.org/src:vlc 235: https://www.debian.org/security/2017/dsa-4046 236: https://packages.debian.org/src:libspring-ldap-java 237: https://www.debian.org/security/2017/dsa-4047 238: https://packages.debian.org/src:otrs2 239: https://www.debian.org/security/2017/dsa-4051 240: https://packages.debian.org/src:curl 241: https://www.debian.org/security/2017/dsa-4052 242: https://packages.debian.org/src:bzr Removed packages ---------------- The following packages were removed due to circumstances beyond our control: +---------------------------------+---------------------------------+ | Package | Reason | +---------------------------------+---------------------------------+ | libnet-ping-external-perl [243] | Unmaintained, security issues | | | | | aiccu [244] | Useless since shutdown of SixXS | | | | +---------------------------------+---------------------------------+ 243: https://packages.debian.org/src:libnet-ping-external-perl 244: https://packages.debian.org/src:aiccu Debian Installer ---------------- The installer has been updated to include the fixes incorporated into stable by the point release. URLs ---- The complete lists of packages that have changed with this revision: http://ftp.debian.org/debian/dists/jessie/ChangeLog The current oldstable distribution: http://ftp.debian.org/debian/dists/oldstable/ Proposed updates to the oldstable distribution: http://ftp.debian.org/debian/dists/oldstable-proposed-updates oldstable distribution information (release notes, errata etc.): https://www.debian.org/releases/oldstable/ Security announcements and information: https://security.debian.org/ [245] 245: https://www.debian.org/security/ About Debian ------------ The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. Contact Information ------------------- For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.
Attachment:
signature.asc
Description: PGP signature