[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Updated Debian 9: 9.8 released



------------------------------------------------------------------------
The Debian Project                               https://www.debian.org/
Updated Debian 9: 9.8 released                          press@debian.org
February 16th, 2019            https://www.debian.org/News/2019/20190216
------------------------------------------------------------------------


The Debian project is pleased to announce the eighth update of its
stable distribution Debian 9 (codename "stretch"). This point release
mainly adds corrections for security issues, along with a few
adjustments for serious problems. Security advisories have already been
published separately and are referenced where available.

Please note that the point release does not constitute a new version of
Debian 9 but only updates some of the packages included. There is no
need to throw away old "stretch" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.

New installation images will be available soon at the regular locations.

Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:

https://www.debian.org/mirror/list



Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

+--------------------------+------------------------------------------+
| Package                  | Reason                                   |
+--------------------------+------------------------------------------+
| arc [1]                  | Fix directory traversal bugs [CVE-2015-  |
|                          | 9275], arcdie crash when called with     |
|                          | more than 1 variable argument and        |
|                          | version 1 arc header reading             |
|                          |                                          |
| astroml-addons [2]       | Fix Python 3 dependencies                |
|                          |                                          |
| base-files [3]           | Update for the point release             |
|                          |                                          |
| c3p0 [4]                 | Fix XML External Entity vulnerability    |
|                          | [CVE-2018-20433]                         |
|                          |                                          |
| ca-certificates-java [5] | Fix temporary jvm-*.cfg generation on    |
|                          | armhf                                    |
|                          |                                          |
| chkrootkit [6]           | Fix regular expression for filtering out |
|                          | dhcpd and dhclient as false positives    |
|                          | from the packet sniffer test             |
|                          |                                          |
| compactheader [7]        | Update to work with newer Thunderbird    |
|                          | versions                                 |
|                          |                                          |
| courier [8]              | Fix @piddir@ substitution                |
|                          |                                          |
| cups [9]                 | Security fixes [CVE-2017-18248 CVE-2018- |
|                          | 4700]                                    |
|                          |                                          |
| debian-edu-config [10]   | Fix configuration of personal web pages; |
|                          | re-enable offline installation of a      |
|                          | combi server including diskless          |
|                          | workstation support; enable Chromium     |
|                          | homepage setting at installation time    |
|                          | and via LDAP                             |
|                          |                                          |
| debian-installer [11]    | Rebuild for the point release            |
|                          |                                          |
| debian-installer-        | Rebuild against proposed-updates         |
| netboot-images [12]      |                                          |
|                          |                                          |
| debian-security-         | Update support status of various         |
| support [13]             | packages                                 |
|                          |                                          |
| dnspython [14]           | Fix error when parsing nsec3 bitmap from |
|                          | text                                     |
|                          |                                          |
| egg [15]                 | Skip emacsen-install for unsupported     |
|                          | xemacs21                                 |
|                          |                                          |
| erlang [16]              | Do not install Erlang mode for XEmacs    |
|                          |                                          |
| espeakup [17]            | debian/espeakup.service: Fix             |
|                          | compatibility with older versions of     |
|                          | systemd                                  |
|                          |                                          |
| freerdp [18]             | Fix security issues [CVE-2018-8786       |
|                          | CVE-2018-8787 CVE-2018-8788]; add        |
|                          | CredSSP v3 and RDP proto v6 support      |
|                          |                                          |
| ganeti-os-noop [19]      | Fix size detection for non-block devices |
|                          |                                          |
| glibc [20]               | Fix several security isses [CVE-2017-    |
|                          | 15670 CVE-2017-15671 CVE-2017-15804      |
|                          | CVE-2017-1000408 CVE-2017-1000409        |
|                          | CVE-2017-16997 CVE-2017-18269 CVE-2018-  |
|                          | 11236 CVE-2018-11237]; avoid             |
|                          | segmentation faults on CPUs with AVX512- |
|                          | F; fix a use after free in               |
|                          | pthread_create(); check for postgresql   |
|                          | in NSS check; fix pthread_cond_wait() in |
|                          | the pshared case on non-x86.             |
|                          |                                          |
| gnulib [21]              | vasnprintf: Fix heap memory overrun bug  |
|                          | [CVE-2018-17942]                         |
|                          |                                          |
| gnupg2 [22]              | Avoid crash when importing without a TTY |
|                          |                                          |
| graphite-api [23]        | Fix RequiresMountsFor spelling in        |
|                          | systemd service                          |
|                          |                                          |
| grokmirror [24]          | Add missing dependency on python-pkg-    |
|                          | resources                                |
|                          |                                          |
| gvrng [25]               | Fix permissions problem that prevented   |
|                          | starting gvrng; generate correct Python  |
|                          | dependencies                             |
|                          |                                          |
| ibus [26]                | Fix multi-arch installation by removing  |
|                          | the gir package's Python dependency      |
|                          |                                          |
| icinga2 [27]             | Fix timestamps being stored as local     |
|                          | time in PostgreSQL                       |
|                          |                                          |
| intel-microcode [28]     | Add accumulated fixes for Westmere EP    |
|                          | (signature 0x206c2) [Intel SA-00161      |
|                          | CVE-2018-3615 CVE-2018-3620 CVE-2018-    |
|                          | 3646 Intel SA-00115 CVE-2018-3639        |
|                          | CVE-2018-3640 Intel SA-0088 CVE-2017-    |
|                          | 5753 CVE-2017-5754]                      |
|                          |                                          |
| isort [29]               | Fix Python dependencies                  |
|                          |                                          |
| jdupes [30]              | Fix potential crash on ARM               |
|                          |                                          |
| kmodpy [31]              | Remove incorrect Multi-Arch: same from   |
|                          | python-kmodpy                            |
|                          |                                          |
| libapache2-mod-          | Don't allow <Perl> sections in user      |
| perl2 [32]               | controlled configuration [CVE-2011-2767] |
|                          |                                          |
| libb2 [33]               | Detect if the system can use AVX before  |
|                          | actually using it                        |
|                          |                                          |
| libdatetime-timezone-    | Update included data                     |
| perl [34]                |                                          |
|                          |                                          |
| libemail-address-list-   | Fix DoS vulnerability [CVE-2018-18898]   |
| perl [35]                |                                          |
|                          |                                          |
| libemail-address-        | Fix DoS vulnerabilities [CVE-2015-7686   |
| perl [36]                | CVE-2018-12558]                          |
|                          |                                          |
| libgpod [37]             | python-gpod: Add missing dependency on   |
|                          | python-gobject-2                         |
|                          |                                          |
| libssh [38]              | Fix broken server-side keyboard-         |
|                          | interactive authentication               |
|                          |                                          |
| linux [39]               | New upstream release; new upstream       |
|                          | version; fix build failures on arm64 and |
|                          | mips*; libceph: fix                      |
|                          | CEPH_FEATURE_CEPHX_V2 check in           |
|                          | calc_signature()                         |
|                          |                                          |
| linux-igd [40]           | Make the init script require $network    |
|                          |                                          |
| lttng-modules [41]       | Fix build on linux-rt 4.9 kernels and    |
|                          | kernels >= 4.9.0-3                       |
|                          |                                          |
| mistral [42]             | Fix  "std.ssh action may disclose        |
|                          | presence of arbitrary files"  [CVE-2018- |
|                          | 16849]                                   |
|                          |                                          |
| monkeysign [43]          | Fix security issue [CVE-2018-12020];     |
|                          | actually send multiple emails instead of |
|                          | a single one                             |
|                          |                                          |
| mpqc [44]                | Also install sc-libtool                  |
|                          |                                          |
| nvidia-graphics-         | New upstream release                     |
| drivers [45]             |                                          |
|                          |                                          |
| nvidia-modprobe [46]     | New upstream release                     |
|                          |                                          |
| nvidia-persistenced [47] | New upstream release                     |
|                          |                                          |
| nvidia-settings [48]     | New upstream release                     |
|                          |                                          |
| nvidia-xconfig [49]      | New upstream release                     |
|                          |                                          |
| openni2 [50]             | Fix armhf baseline violation and armel   |
|                          | FTBFS caused by NEON usage               |
|                          |                                          |
| openvpn [51]             | Fix NCP behaviour on TLS reconnect,      |
|                          | causing  "AEAD Decrypt error: cipher     |
|                          | final failed"  errors                    |
|                          |                                          |
| parsedatetime [52]       | Add support for Python 3                 |
|                          |                                          |
| pdns [53]                | Fix security issues [CVE-2018-1046       |
|                          | CVE-2018-10851]; fix MySQL queries with  |
|                          | stored procedures; fix LDAP, Lua,        |
|                          | OpenDBX backends not finding domains     |
|                          |                                          |
| pdns-recursor [54]       | Fix security issues [CVE-2018-10851      |
|                          | CVE-2018-14626 CVE-2018-14644]           |
|                          |                                          |
| photocollage [55]        | Add missing dependency on gir1.2-gtk-3.0 |
|                          |                                          |
| postfix [56]             | New upstream stable release; avoid       |
|                          | postconf failures when postfix-instance- |
|                          | generator runs during boot               |
|                          |                                          |
| postgresql-9.6 [57]      | New upstream release                     |
|                          |                                          |
| postgrey [58]            | No change rebuild                        |
|                          |                                          |
| pylint-django [59]       | Fix Python 3 dependencies                |
|                          |                                          |
| python-acme [60]         | Backport newer version for tls-sni-01    |
|                          | deprecation                              |
|                          |                                          |
| python-arpy [61]         | Fix Python 3 dependencies                |
|                          |                                          |
| python-certbot [62]      | Backport newer version for tls-sni-01    |
|                          | deprecation                              |
|                          |                                          |
| python-certbot-          | Update for deprecation of tls-sni-01     |
| apache [63]              |                                          |
|                          |                                          |
| python-certbot-          | Update for deprecation of tls-sni-01     |
| nginx [64]               |                                          |
|                          |                                          |
| python-hypothesis [65]   | Fix (inverted) dependencies of python3-  |
|                          | hypothesis and python-hypothesis-doc     |
|                          |                                          |
| python-josepy [66]       | New package, required by Certbot         |
|                          |                                          |
| pyzo [67]                | Add missing dependency on python3-pkg-   |
|                          | resources                                |
|                          |                                          |
| r-cran-readxl [68]       | Fix crash bugs [CVE-2018-20450 CVE-2018- |
|                          | 20452]                                   |
|                          |                                          |
| rtkit [69]               | Move dbus and polkit from Recommends to  |
|                          | Depends                                  |
|                          |                                          |
| ruby-rack [70]           | Fix a possible cross-site scripting      |
|                          | vulnerability [CVE-2018-16471]           |
|                          |                                          |
| samba [71]               | New upstream release; s3:ntlm_auth: fix  |
|                          | memory leak in manage_gensec_request();  |
|                          | ignore nmbd start errors when there is   |
|                          | no non-loopback interface or no local    |
|                          | IPv4 non-loopback interface; fix         |
|                          | CVE-2018-14629 regression on a non-CNAME |
|                          | record                                   |
|                          |                                          |
| sl-modem [72]            | Support Linux versions > 3               |
|                          |                                          |
| sogo-connector [73]      | Update to work with newer Thunderbird    |
|                          | versions                                 |
|                          |                                          |
| sox [74]                 | Really apply fixes for CVE-2014-8145     |
|                          |                                          |
| ssh-agent-filter [75]    | Fix two-byte out-of-bounds stack write   |
|                          |                                          |
| supercollider [76]       | Disable support for XEmacs and Emacs     |
|                          | <=23                                     |
|                          |                                          |
| sympa [77]               | Remove /etc/sympa/sympa.conf-smime.in    |
|                          | from conffiles; use full path for head   |
|                          | command in Sympa configuration file      |
|                          |                                          |
| twitter-bootstrap3 [78]  | Fix multiple security vulnerabilities    |
|                          | [CVE-2018-14040 CVE-2018-14041 CVE-2018- |
|                          | 14042]                                   |
|                          |                                          |
| tzdata [79]              | New upstream release                     |
|                          |                                          |
| uglifyjs [80]            | Fix manpage contents                     |
|                          |                                          |
| uriparser [81]           | Fix multiple security vulnerabilties     |
|                          | [CVE-2018-19198 CVE-2018-19199 CVE-2018- |
|                          | 19200]                                   |
|                          |                                          |
| vm [82]                  | Drop support for xemacs21                |
|                          |                                          |
| vulture [83]             | Add missing dependency on python3-pkg-   |
|                          | resources                                |
|                          |                                          |
| wayland [84]             | Fix possible integer overflow [CVE-2017- |
|                          | 16612]                                   |
|                          |                                          |
| wicd [85]                | Always depend on net-tools, rather than  |
|                          | alternatives                             |
|                          |                                          |
| wvstreams [86]           | Work around stack corruption             |
|                          |                                          |
| xapian-core [87]         | Fix leaks of freelist blocks in corner   |
|                          | cases, which then get reported as        |
|                          | "DatabaseCorruptError"  by               |
|                          | Database::check()                        |
|                          |                                          |
| xkeycaps [88]            | Prevent segfault in commands.c when more |
|                          | than 8 keysyms per key are present       |
|                          |                                          |
| yosys [89]               | Fix  "ModuleNotFoundError: No module     |
|                          | named 'smtio'"                           |
|                          |                                          |
| z3 [90]                  | Remove incorrect Multi-Arch: same from   |
|                          | python-z3                                |
|                          |                                          |
+--------------------------+------------------------------------------+

    1: https://packages.debian.org/src:arc
    2: https://packages.debian.org/src:astroml-addons
    3: https://packages.debian.org/src:base-files
    4: https://packages.debian.org/src:c3p0
    5: https://packages.debian.org/src:ca-certificates-java
    6: https://packages.debian.org/src:chkrootkit
    7: https://packages.debian.org/src:compactheader
    8: https://packages.debian.org/src:courier
    9: https://packages.debian.org/src:cups
   10: https://packages.debian.org/src:debian-edu-config
   11: https://packages.debian.org/src:debian-installer
   12: https://packages.debian.org/src:debian-installer-netboot-images
   13: https://packages.debian.org/src:debian-security-support
   14: https://packages.debian.org/src:dnspython
   15: https://packages.debian.org/src:egg
   16: https://packages.debian.org/src:erlang
   17: https://packages.debian.org/src:espeakup
   18: https://packages.debian.org/src:freerdp
   19: https://packages.debian.org/src:ganeti-os-noop
   20: https://packages.debian.org/src:glibc
   21: https://packages.debian.org/src:gnulib
   22: https://packages.debian.org/src:gnupg2
   23: https://packages.debian.org/src:graphite-api
   24: https://packages.debian.org/src:grokmirror
   25: https://packages.debian.org/src:gvrng
   26: https://packages.debian.org/src:ibus
   27: https://packages.debian.org/src:icinga2
   28: https://packages.debian.org/src:intel-microcode
   29: https://packages.debian.org/src:isort
   30: https://packages.debian.org/src:jdupes
   31: https://packages.debian.org/src:kmodpy
   32: https://packages.debian.org/src:libapache2-mod-perl2
   33: https://packages.debian.org/src:libb2
   34: https://packages.debian.org/src:libdatetime-timezone-perl
   35: https://packages.debian.org/src:libemail-address-list-perl
   36: https://packages.debian.org/src:libemail-address-perl
   37: https://packages.debian.org/src:libgpod
   38: https://packages.debian.org/src:libssh
   39: https://packages.debian.org/src:linux
   40: https://packages.debian.org/src:linux-igd
   41: https://packages.debian.org/src:lttng-modules
   42: https://packages.debian.org/src:mistral
   43: https://packages.debian.org/src:monkeysign
   44: https://packages.debian.org/src:mpqc
   45: https://packages.debian.org/src:nvidia-graphics-drivers
   46: https://packages.debian.org/src:nvidia-modprobe
   47: https://packages.debian.org/src:nvidia-persistenced
   48: https://packages.debian.org/src:nvidia-settings
   49: https://packages.debian.org/src:nvidia-xconfig
   50: https://packages.debian.org/src:openni2
   51: https://packages.debian.org/src:openvpn
   52: https://packages.debian.org/src:parsedatetime
   53: https://packages.debian.org/src:pdns
   54: https://packages.debian.org/src:pdns-recursor
   55: https://packages.debian.org/src:photocollage
   56: https://packages.debian.org/src:postfix
   57: https://packages.debian.org/src:postgresql-9.6
   58: https://packages.debian.org/src:postgrey
   59: https://packages.debian.org/src:pylint-django
   60: https://packages.debian.org/src:python-acme
   61: https://packages.debian.org/src:python-arpy
   62: https://packages.debian.org/src:python-certbot
   63: https://packages.debian.org/src:python-certbot-apache
   64: https://packages.debian.org/src:python-certbot-nginx
   65: https://packages.debian.org/src:python-hypothesis
   66: https://packages.debian.org/src:python-josepy
   67: https://packages.debian.org/src:pyzo
   68: https://packages.debian.org/src:r-cran-readxl
   69: https://packages.debian.org/src:rtkit
   70: https://packages.debian.org/src:ruby-rack
   71: https://packages.debian.org/src:samba
   72: https://packages.debian.org/src:sl-modem
   73: https://packages.debian.org/src:sogo-connector
   74: https://packages.debian.org/src:sox
   75: https://packages.debian.org/src:ssh-agent-filter
   76: https://packages.debian.org/src:supercollider
   77: https://packages.debian.org/src:sympa
   78: https://packages.debian.org/src:twitter-bootstrap3
   79: https://packages.debian.org/src:tzdata
   80: https://packages.debian.org/src:uglifyjs
   81: https://packages.debian.org/src:uriparser
   82: https://packages.debian.org/src:vm
   83: https://packages.debian.org/src:vulture
   84: https://packages.debian.org/src:wayland
   85: https://packages.debian.org/src:wicd
   86: https://packages.debian.org/src:wvstreams
   87: https://packages.debian.org/src:xapian-core
   88: https://packages.debian.org/src:xkeycaps
   89: https://packages.debian.org/src:yosys
   90: https://packages.debian.org/src:z3

Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

+----------------+------------------------+
| Advisory ID    | Package                |
+----------------+------------------------+
| DSA-4330 [91]  | chromium-browser [92]  |
|                |                        |
| DSA-4333 [93]  | icecast2 [94]          |
|                |                        |
| DSA-4334 [95]  | mupdf [96]             |
|                |                        |
| DSA-4335 [97]  | nginx [98]             |
|                |                        |
| DSA-4336 [99]  | ghostscript [100]      |
|                |                        |
| DSA-4337 [101] | thunderbird [102]      |
|                |                        |
| DSA-4338 [103] | qemu [104]             |
|                |                        |
| DSA-4339 [105] | ceph [106]             |
|                |                        |
| DSA-4340 [107] | chromium-browser [108] |
|                |                        |
| DSA-4342 [109] | chromium-browser [110] |
|                |                        |
| DSA-4343 [111] | liblivemedia [112]     |
|                |                        |
| DSA-4344 [113] | roundcube [114]        |
|                |                        |
| DSA-4345 [115] | samba [116]            |
|                |                        |
| DSA-4346 [117] | ghostscript [118]      |
|                |                        |
| DSA-4347 [119] | perl [120]             |
|                |                        |
| DSA-4348 [121] | openssl [122]          |
|                |                        |
| DSA-4349 [123] | tiff [124]             |
|                |                        |
| DSA-4350 [125] | policykit-1 [126]      |
|                |                        |
| DSA-4351 [127] | libphp-phpmailer [128] |
|                |                        |
| DSA-4353 [129] | php7.0 [130]           |
|                |                        |
| DSA-4354 [131] | firefox-esr [132]      |
|                |                        |
| DSA-4355 [133] | openssl1.0 [134]       |
|                |                        |
| DSA-4356 [135] | netatalk [136]         |
|                |                        |
| DSA-4357 [137] | libapache-mod-jk [138] |
|                |                        |
| DSA-4358 [139] | ruby-sanitize [140]    |
|                |                        |
| DSA-4359 [141] | wireshark [142]        |
|                |                        |
| DSA-4360 [143] | libarchive [144]       |
|                |                        |
| DSA-4361 [145] | libextractor [146]     |
|                |                        |
| DSA-4362 [147] | thunderbird [148]      |
|                |                        |
| DSA-4363 [149] | python-django [150]    |
|                |                        |
| DSA-4364 [151] | ruby-loofah [152]      |
|                |                        |
| DSA-4365 [153] | tmpreaper [154]        |
|                |                        |
| DSA-4366 [155] | vlc [156]              |
|                |                        |
| DSA-4367 [157] | systemd [158]          |
|                |                        |
| DSA-4368 [159] | zeromq3 [160]          |
|                |                        |
| DSA-4369 [161] | xen [162]              |
|                |                        |
| DSA-4370 [163] | drupal7 [164]          |
|                |                        |
| DSA-4372 [165] | ghostscript [166]      |
|                |                        |
| DSA-4375 [167] | spice [168]            |
|                |                        |
| DSA-4376 [169] | firefox-esr [170]      |
|                |                        |
| DSA-4377 [171] | rssh [172]             |
|                |                        |
| DSA-4378 [173] | php-pear [174]         |
|                |                        |
| DSA-4381 [175] | libreoffice [176]      |
|                |                        |
| DSA-4382 [177] | rssh [178]             |
|                |                        |
| DSA-4383 [179] | libvncserver [180]     |
|                |                        |
| DSA-4384 [181] | libgd2 [182]           |
|                |                        |
| DSA-4386 [183] | curl [184]             |
|                |                        |
| DSA-4387 [185] | openssh [186]          |
|                |                        |
+----------------+------------------------+

   91: https://www.debian.org/security/2018/dsa-4330
   92: https://packages.debian.org/src:chromium-browser
   93: https://www.debian.org/security/2018/dsa-4333
   94: https://packages.debian.org/src:icecast2
   95: https://www.debian.org/security/2018/dsa-4334
   96: https://packages.debian.org/src:mupdf
   97: https://www.debian.org/security/2018/dsa-4335
   98: https://packages.debian.org/src:nginx
   99: https://www.debian.org/security/2018/dsa-4336
  100: https://packages.debian.org/src:ghostscript
  101: https://www.debian.org/security/2018/dsa-4337
  102: https://packages.debian.org/src:thunderbird
  103: https://www.debian.org/security/2018/dsa-4338
  104: https://packages.debian.org/src:qemu
  105: https://www.debian.org/security/2018/dsa-4339
  106: https://packages.debian.org/src:ceph
  107: https://www.debian.org/security/2018/dsa-4340
  108: https://packages.debian.org/src:chromium-browser
  109: https://www.debian.org/security/2018/dsa-4342
  110: https://packages.debian.org/src:chromium-browser
  111: https://www.debian.org/security/2018/dsa-4343
  112: https://packages.debian.org/src:liblivemedia
  113: https://www.debian.org/security/2018/dsa-4344
  114: https://packages.debian.org/src:roundcube
  115: https://www.debian.org/security/2018/dsa-4345
  116: https://packages.debian.org/src:samba
  117: https://www.debian.org/security/2018/dsa-4346
  118: https://packages.debian.org/src:ghostscript
  119: https://www.debian.org/security/2018/dsa-4347
  120: https://packages.debian.org/src:perl
  121: https://www.debian.org/security/2018/dsa-4348
  122: https://packages.debian.org/src:openssl
  123: https://www.debian.org/security/2018/dsa-4349
  124: https://packages.debian.org/src:tiff
  125: https://www.debian.org/security/2018/dsa-4350
  126: https://packages.debian.org/src:policykit-1
  127: https://www.debian.org/security/2018/dsa-4351
  128: https://packages.debian.org/src:libphp-phpmailer
  129: https://www.debian.org/security/2018/dsa-4353
  130: https://packages.debian.org/src:php7.0
  131: https://www.debian.org/security/2018/dsa-4354
  132: https://packages.debian.org/src:firefox-esr
  133: https://www.debian.org/security/2018/dsa-4355
  134: https://packages.debian.org/src:openssl1.0
  135: https://www.debian.org/security/2018/dsa-4356
  136: https://packages.debian.org/src:netatalk
  137: https://www.debian.org/security/2018/dsa-4357
  138: https://packages.debian.org/src:libapache-mod-jk
  139: https://www.debian.org/security/2018/dsa-4358
  140: https://packages.debian.org/src:ruby-sanitize
  141: https://www.debian.org/security/2018/dsa-4359
  142: https://packages.debian.org/src:wireshark
  143: https://www.debian.org/security/2018/dsa-4360
  144: https://packages.debian.org/src:libarchive
  145: https://www.debian.org/security/2018/dsa-4361
  146: https://packages.debian.org/src:libextractor
  147: https://www.debian.org/security/2019/dsa-4362
  148: https://packages.debian.org/src:thunderbird
  149: https://www.debian.org/security/2019/dsa-4363
  150: https://packages.debian.org/src:python-django
  151: https://www.debian.org/security/2019/dsa-4364
  152: https://packages.debian.org/src:ruby-loofah
  153: https://www.debian.org/security/2019/dsa-4365
  154: https://packages.debian.org/src:tmpreaper
  155: https://www.debian.org/security/2019/dsa-4366
  156: https://packages.debian.org/src:vlc
  157: https://www.debian.org/security/2019/dsa-4367
  158: https://packages.debian.org/src:systemd
  159: https://www.debian.org/security/2019/dsa-4368
  160: https://packages.debian.org/src:zeromq3
  161: https://www.debian.org/security/2019/dsa-4369
  162: https://packages.debian.org/src:xen
  163: https://www.debian.org/security/2019/dsa-4370
  164: https://packages.debian.org/src:drupal7
  165: https://www.debian.org/security/2019/dsa-4372
  166: https://packages.debian.org/src:ghostscript
  167: https://www.debian.org/security/2019/dsa-4375
  168: https://packages.debian.org/src:spice
  169: https://www.debian.org/security/2019/dsa-4376
  170: https://packages.debian.org/src:firefox-esr
  171: https://www.debian.org/security/2019/dsa-4377
  172: https://packages.debian.org/src:rssh
  173: https://www.debian.org/security/2019/dsa-4378
  174: https://packages.debian.org/src:php-pear
  175: https://www.debian.org/security/2019/dsa-4381
  176: https://packages.debian.org/src:libreoffice
  177: https://www.debian.org/security/2019/dsa-4382
  178: https://packages.debian.org/src:rssh
  179: https://www.debian.org/security/2019/dsa-4383
  180: https://packages.debian.org/src:libvncserver
  181: https://www.debian.org/security/2019/dsa-4384
  182: https://packages.debian.org/src:libgd2
  183: https://www.debian.org/security/2019/dsa-4386
  184: https://packages.debian.org/src:curl
  185: https://www.debian.org/security/2019/dsa-4387
  186: https://packages.debian.org/src:openssh

Removed packages
----------------

The following packages were removed due to circumstances beyond our
control:

+---------------------------------+-----------------------------------+
| Package                         | Reason                            |
+---------------------------------+-----------------------------------+
| adblock-plus [187]              | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| calendar-exchange-              | incompatible with newer           |
| provider [188]                  | Thunderbird versions              |
|                                 |                                   |
| cookie-monster [189]            | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| corebird [190]                  | Broken by Twitter API changes     |
|                                 |                                   |
| debian-buttons [191]            | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| debian-parl [192]               | Depends on broken / removed       |
|                                 | Firefox plugins                   |
|                                 |                                   |
| firefox-branding-               | Incompatible with newer firefox-  |
| iceweasel [193]                 | esr versions                      |
|                                 |                                   |
| firefox-kwallet5 [194]          | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| flashblock [195]                | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| flickrbackup [196]              | Incompatible with current Flickr  |
|                                 | API                               |
|                                 |                                   |
| imap-acl-extension [197]        | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| libwww-topica-perl [198]        | Useless due to Topica site        |
|                                 | closure                           |
|                                 |                                   |
| mozilla-dom-inspector [199]     | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| mozilla-noscript [200]          | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| mozilla-password-editor [201]   | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| mozvoikko [202]                 | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| personaplus [203]               | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| python-formalchemy [204]        | Unusable, fails to import in      |
|                                 | Python                            |
|                                 |                                   |
| refcontrol [205]                | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| requestpolicy [206]             | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| spice-xpi [207]                 | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| toggle-proxy [208]              | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
| y-u-no-validate [209]           | Incompatible with newer firefox-  |
|                                 | esr versions                      |
|                                 |                                   |
+---------------------------------+-----------------------------------+

  187: https://packages.debian.org/src:adblock-plus
  188: https://packages.debian.org/src:calendar-exchange-provider
  189: https://packages.debian.org/src:cookie-monster
  190: https://packages.debian.org/src:corebird
  191: https://packages.debian.org/src:debian-buttons
  192: https://packages.debian.org/src:debian-parl
  193: https://packages.debian.org/src:firefox-branding-iceweasel
  194: https://packages.debian.org/src:firefox-kwallet5
  195: https://packages.debian.org/src:flashblock
  196: https://packages.debian.org/src:flickrbackup
  197: https://packages.debian.org/src:imap-acl-extension
  198: https://packages.debian.org/src:libwww-topica-perl
  199: https://packages.debian.org/src:mozilla-dom-inspector
  200: https://packages.debian.org/src:mozilla-noscript
  201: https://packages.debian.org/src:mozilla-password-editor
  202: https://packages.debian.org/src:mozvoikko
  203: https://packages.debian.org/src:personaplus
  204: https://packages.debian.org/src:python-formalchemy
  205: https://packages.debian.org/src:refcontrol
  206: https://packages.debian.org/src:requestpolicy
  207: https://packages.debian.org/src:spice-xpi
  208: https://packages.debian.org/src:toggle-proxy
  209: https://packages.debian.org/src:y-u-no-validate

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into
stable by the point release.


URLs
----

The complete lists of packages that have changed with this revision:

http://ftp.debian.org/debian/dists/stretch/ChangeLog


The current stable distribution:

http://ftp.debian.org/debian/dists/stable/


Proposed updates to the stable distribution:

http://ftp.debian.org/debian/dists/proposed-updates


stable distribution information (release notes, errata etc.):

https://www.debian.org/releases/stable/


Security announcements and information:

https://security.debian.org/ [210]

  210: https://www.debian.org/security/


About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.


Contact Information
-------------------

For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to <press@debian.org>, or contact the
stable release team at <debian-release@lists.debian.org>.

Attachment: signature.asc
Description: OpenPGP digital signature


Reply to: