------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 10: 10.3 released press@debian.org February 8th, 2020 https://www.debian.org/News/2020/20200208 ------------------------------------------------------------------------ The Debian project is pleased to announce the third update of its stable distribution Debian 10 (codename "buster"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 10 but only updates some of the packages included. There is no need to throw away old "buster" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations. Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list Miscellaneous Bugfixes ---------------------- This stable update adds a few important corrections to the following packages: +---------------------------+-----------------------------------------+ | Package | Reason | +---------------------------+-----------------------------------------+ | alot�[1] | Remove expiration time from test suite | | | keys, fixing build failure | | | | | atril�[2] | Fix segfault when no document is | | | loaded; fix read of uninitialised | | | memory [CVE-2019-11459] | | | | | base-files�[3] | Update for the point release | | | | | beagle�[4] | Provide wrapper script instead of | | | symlinks to JARs, making them work | | | again | | | | | bgpdump�[5] | Fix segmentation fault | | | | | boost1.67�[6] | Fix undefined behaviour leading to | | | crashing libboost-numpy | | | | | brightd�[7] | Actually compare the value read out | | | of /sys/class/power_supply/AC/online | | | with "0" | | | | | casacore-data-jplde�[8] | Include tables up to 2040 | | | | | clamav�[9] | New upstream release; fix denial of | | | service issue [CVE-2019-15961]; remove | | | ScanOnAccess option, replacing with | | | clamonacc | | | | | compactheader�[10] | New upstream release compatible with | | | Thunderbird 68 | | | | | console-common�[11] | Fix regression that led to files not | | | being included | | | | | csh�[12] | Fix segfault on eval | | | | | cups�[13] | Fix memory leak in ppdOpen; fix | | | validation of default language in | | | ippSetValuetag [CVE-2019-2228] | | | | | cyrus-imapd�[14] | Add BACKUP type to cyrus-upgrade-db, | | | fixing upgrade issues | | | | | debian-edu-config�[15] | Keep proxy settings on client if WPAD | | | is unreachable | | | | | debian-installer�[16] | Rebuild against proposed-updates; tweak | | | mini.iso generation on arm so EFI | | | netboot will work; update | | | USE_UDEBS_FROM default from unstable to | | | buster, to help users performing local | | | builds | | | | | debian-installer-netboot- | Rebuild against proposed-updates | | images�[17] | | | | | | debian-security- | Update security support status of | | support�[18] | several packages | | | | | debos�[19] | Rebuild against updated golang-github- | | | go-debos-fakemachine | | | | | dispmua�[20] | New upstream release compatible with | | | Thunderbird 68 | | | | | dkimpy�[21] | New upstream stable release | | | | | dkimpy-milter�[22] | Fix privilege management at startup so | | | Unix sockets work | | | | | dpdk�[23] | New upstream stable release | | | | | e2fsprogs�[24] | Fix potential stack underflow in e2fsck | | | [CVE-2019-5188]; fix use after free in | | | e2fsck | | | | | fig2dev�[25] | Allow Fig v2 text strings ending with | | | multiple ^A [CVE-2019-19555]; reject | | | huge arrow types causing integer | | | overflow [CVE-2019-19746]; fix several | | | crashes [CVE-2019-19797] | | | | | freerdp2�[26] | Fix realloc return handling [CVE-2019- | | | 17177] | | | | | freetds�[27] | tds: Make sure UDT has varint set to 8 | | | [CVE-2019-13508] | | | | | git-lfs�[28] | Fix build issues with newer Go versions | | | | | gnubg�[29] | Increase the size of static buffers | | | used to build messages during program | | | start so that the Spanish translation | | | doesn't overflow a buffer | | | | | gnutls28�[30] | Fix interop problems with gnutls 2.x; | | | fix parsing of certificates using | | | RegisteredID | | | | | gtk2-engines-murrine�[31] | Fix co-installability with other themes | | | | | guile-2.2�[32] | Fix build failure | | | | | libburn�[33] | Fix "cdrskin multi-track burning was | | | slow and stalled after track 1" | | | | | libcgns�[34] | Fix build failure on ppc64el | | | | | libimobiledevice�[35] | Properly handle partial SSL writes | | | | | libmatroska�[36] | Increase shared library dependency to | | | 1.4.7 since that version introduced new | | | symbols | | | | | libmysofa�[37] | Security fixes [CVE-2019-16091 | | | CVE-2019-16092 CVE-2019-16093 CVE-2019- | | | 16094 CVE-2019-16095] | | | | | libole-storage-lite- | Fix interpretation of years from 2020 | | perl�[38] | onwards | | | | | libparse-win32registry- | Fix interpretation of years from 2020 | | perl�[39] | onwards | | | | | libperl4-corelibs- | Fix interpretation of years from 2020 | | perl�[40] | onwards | | | | | libsolv�[41] | Fix heap buffer overflow [CVE-2019- | | | 20387] | | | | | libspreadsheet-wright- | Fix previously unusable OpenDocument | | perl�[42] | spreadsheets and passing of JSON | | | formatting options | | | | | libtimedate-perl�[43] | Fix interpretation of years from 2020 | | | onwards | | | | | libvirt�[44] | Apparmor: Allow one to run pygrub; | | | don't render osxsave, ospke into QEMU | | | command line; this helps newer QEMU | | | with some configs generated by virt- | | | install | | | | | libvncserver�[45] | RFBserver: don't leak stack memory to | | | the remote [CVE-2019-15681]; resolve a | | | freeze during connection closure and a | | | segmentation fault on multi-threaded | | | VNC servers; fix issue connecting to | | | VMWare servers; fix crashing of x11vnc | | | when vncviewer connects | | | | | limnoria�[46] | Fix remote information disclosure and | | | possibly remote code execution in the | | | Math plugin [CVE-2019-19010] | | | | | linux�[47] | New upstream stable release | | | | | linux-latest�[48] | Update for 4.19.0-8 Linux kernel ABI | | | | | linux-signed-amd64�[49] | New upstream stable release | | | | | linux-signed-arm64�[50] | New upstream stable release | | | | | linux-signed-i386�[51] | New upstream stable release | | | | | mariadb-10.3�[52] | New upstream stable release [CVE-2019- | | | 2938 CVE-2019-2974 CVE-2020-2574] | | | | | mesa�[53] | Call shmget() with permission 0600 | | | instead of 0777 [CVE-2019-5068] | | | | | mnemosyne�[54] | Add missing dependency on PIL | | | | | modsecurity�[55] | Fix cookie header parsing bug | | | [CVE-2019-19886] | | | | | node-handlebars�[56] | Disallow calling "helperMissing" and | | | "blockHelperMissing" directly | | | [CVE-2019-19919] | | | | | node-kind-of�[57] | Fix type checking vulnerability in | | | ctorName() [CVE-2019-20149] | | | | | ntpsec�[58] | Fix slow DNS retries; fix ntpdate -s | | | (syslog) to fix the if-up hook; | | | documentation fixes | | | | | numix-gtk-theme�[59] | Fix co-installability with other themes | | | | | nvidia-graphics-drivers- | New upstream stable release | | legacy-340xx�[60] | | | | | | nyancat�[61] | Rebuild in a clean environment to add | | | the systemd unit for nyancat-server | | | | | openjpeg2�[62] | Fix heap overflow [CVE-2018-21010] and | | | integer overflow [CVE-2018-20847] | | | | | opensmtpd�[63] | Warn users of change of smtpd.conf | | | syntax (in earlier versions); install | | | smtpctl setgid opensmtpq; handle non- | | | zero exit code from hostname during | | | config phase | | | | | openssh�[64] | Deny (non-fatally) ipc in the seccomp | | | sandbox, fixing failures with OpenSSL | | | 1.1.1d and Linux < 3.19 on some | | | architectures | | | | | php-horde�[65] | Fix stored cross-site scripting issue | | | in Horde Cloud Block [CVE-2019-12095] | | | | | php-horde-text- | Fix invalid regular expressions | | filter�[66] | | | | | | postfix�[67] | New upstream stable release | | | | | postgresql-11�[68] | New upstream stable release | | | | | print-manager�[69] | Fix crash if CUPS returns the same ID | | | for multiple print jobs | | | | | proftpd-dfsg�[70] | Fix CRL issues [CVE-2019-19270 | | | CVE-2019-19269] | | | | | pykaraoke�[71] | Fix path to fonts | | | | | python-evtx�[72] | Fix import of "hexdump" | | | | | python- | Close file after getting hash, avoiding | | internetarchive�[73] | file descriptor exhaustion | | | | | python3.7�[74] | Security fixes [CVE-2019-9740 CVE-2019- | | | 9947 CVE-2019-9948 CVE-2019-10160 | | | CVE-2019-16056 CVE-2019-16935] | | | | | qtbase-opensource- | Add support for non-PPD printers and | | src�[75] | avoid silent fallback to a printer | | | supporting PPD; fix crash when using | | | QLabels with rich text; fix graphics | | | tablet hover events | | | | | qtwebengine-opensource- | Fix PDF parsing; disable executable | | src�[76] | stack | | | | | quassel�[77] | Fix quasselcore AppArmor denials when | | | the config is saved; correct default | | | channel for Debian; remove unnecessary | | | NEWS file | | | | | qwinff�[78] | Fix crash due to incorrect file | | | detection | | | | | raspi3-firmware�[79] | Fix detection of serial console with | | | kernel 5.x | | | | | ros-ros-comm�[80] | Fix security issues [CVE-2019-13566 | | | CVE-2019-13465 CVE-2019-13445] | | | | | roundcube�[81] | New upstream stable release; fix | | | insecure permissions in enigma plugin | | | [CVE-2018-1000071] | | | | | schleuder�[82] | Fix recognizing keywords in mails with | | | "protected headers" and empty subject; | | | strip non-self-signatures when | | | refreshing or fetching keys; error if | | | the argument provided to `refresh_keys` | | | is not an existing list; add missing | | | List-Id header to notification mails | | | sent to admins; handle decryption | | | problems gracefully; default to | | | ASCII-8BIT encoding | | | | | simplesamlphp�[83] | Fix incompatibility with PHP 7.3 | | | | | sogo-connector�[84] | New upstream release compatible with | | | Thunderbird 68 | | | | | spf-engine�[85] | Fix privilege management at startup so | | | Unix sockets work; update documentation | | | for TestOnly | | | | | sudo�[86] | Fix a (non-exploitable in buster) | | | buffer overflow when pwfeedback is | | | enabled and input is a not a tty | | | [CVE-2019-18634] | | | | | systemd�[87] | Set fs.file-max sysctl to LONG_MAX | | | rather than ULONG_MAX; change | | | ownership/mode of the execution | | | directories also for static users, | | | ensuring that execution directories | | | like CacheDirectory and StateDirectory | | | are properly chowned to the user | | | specified in User= before launching the | | | service | | | | | tifffile�[88] | Fix wrapper script | | | | | tigervnc�[89] | Security fixes [CVE-2019-15691 | | | CVE-2019-15692 CVE-2019-15693 CVE-2019- | | | 15694 CVE-2019-15695] | | | | | tightvnc�[90] | Security fixes [CVE-2014-6053 CVE-2019- | | | 8287 CVE-2018-20021 CVE-2018-20022 | | | CVE-2018-20748 CVE-2018-7225 CVE-2019- | | | 15678 CVE-2019-15679 CVE-2019-15680 | | | CVE-2019-15681] | | | | | uif�[91] | Fix paths to ip(6)tables-restore in | | | light of the migration to nftables | | | | | unhide�[92] | Fix stack exhaustion | | | | | x2goclient�[93] | Strip ~/, ~user{,/}, ${HOME}{,/} and | | | $HOME{,/} from destination paths in SCP | | | mode; fixes regression with newer | | | libssh versions with fixes for | | | CVE-2019-14889 applied | | | | | xmltooling�[94] | Fix race condition that could lead to | | | crash under load | | | | +---------------------------+-----------------------------------------+ 1: https://packages.debian.org/src:alot 2: https://packages.debian.org/src:atril 3: https://packages.debian.org/src:base-files 4: https://packages.debian.org/src:beagle 5: https://packages.debian.org/src:bgpdump 6: https://packages.debian.org/src:boost1.67 7: https://packages.debian.org/src:brightd 8: https://packages.debian.org/src:casacore-data-jplde 9: https://packages.debian.org/src:clamav 10: https://packages.debian.org/src:compactheader 11: https://packages.debian.org/src:console-common 12: https://packages.debian.org/src:csh 13: https://packages.debian.org/src:cups 14: https://packages.debian.org/src:cyrus-imapd 15: https://packages.debian.org/src:debian-edu-config 16: https://packages.debian.org/src:debian-installer 17: https://packages.debian.org/src:debian-installer-netboot-images 18: https://packages.debian.org/src:debian-security-support 19: https://packages.debian.org/src:debos 20: https://packages.debian.org/src:dispmua 21: https://packages.debian.org/src:dkimpy 22: https://packages.debian.org/src:dkimpy-milter 23: https://packages.debian.org/src:dpdk 24: https://packages.debian.org/src:e2fsprogs 25: https://packages.debian.org/src:fig2dev 26: https://packages.debian.org/src:freerdp2 27: https://packages.debian.org/src:freetds 28: https://packages.debian.org/src:git-lfs 29: https://packages.debian.org/src:gnubg 30: https://packages.debian.org/src:gnutls28 31: https://packages.debian.org/src:gtk2-engines-murrine 32: https://packages.debian.org/src:guile-2.2 33: https://packages.debian.org/src:libburn 34: https://packages.debian.org/src:libcgns 35: https://packages.debian.org/src:libimobiledevice 36: https://packages.debian.org/src:libmatroska 37: https://packages.debian.org/src:libmysofa 38: https://packages.debian.org/src:libole-storage-lite-perl 39: https://packages.debian.org/src:libparse-win32registry-perl 40: https://packages.debian.org/src:libperl4-corelibs-perl 41: https://packages.debian.org/src:libsolv 42: https://packages.debian.org/src:libspreadsheet-wright-perl 43: https://packages.debian.org/src:libtimedate-perl 44: https://packages.debian.org/src:libvirt 45: https://packages.debian.org/src:libvncserver 46: https://packages.debian.org/src:limnoria 47: https://packages.debian.org/src:linux 48: https://packages.debian.org/src:linux-latest 49: https://packages.debian.org/src:linux-signed-amd64 50: https://packages.debian.org/src:linux-signed-arm64 51: https://packages.debian.org/src:linux-signed-i386 52: https://packages.debian.org/src:mariadb-10.3 53: https://packages.debian.org/src:mesa 54: https://packages.debian.org/src:mnemosyne 55: https://packages.debian.org/src:modsecurity 56: https://packages.debian.org/src:node-handlebars 57: https://packages.debian.org/src:node-kind-of 58: https://packages.debian.org/src:ntpsec 59: https://packages.debian.org/src:numix-gtk-theme 60: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-340xx 61: https://packages.debian.org/src:nyancat 62: https://packages.debian.org/src:openjpeg2 63: https://packages.debian.org/src:opensmtpd 64: https://packages.debian.org/src:openssh 65: https://packages.debian.org/src:php-horde 66: https://packages.debian.org/src:php-horde-text-filter 67: https://packages.debian.org/src:postfix 68: https://packages.debian.org/src:postgresql-11 69: https://packages.debian.org/src:print-manager 70: https://packages.debian.org/src:proftpd-dfsg 71: https://packages.debian.org/src:pykaraoke 72: https://packages.debian.org/src:python-evtx 73: https://packages.debian.org/src:python-internetarchive 74: https://packages.debian.org/src:python3.7 75: https://packages.debian.org/src:qtbase-opensource-src 76: https://packages.debian.org/src:qtwebengine-opensource-src 77: https://packages.debian.org/src:quassel 78: https://packages.debian.org/src:qwinff 79: https://packages.debian.org/src:raspi3-firmware 80: https://packages.debian.org/src:ros-ros-comm 81: https://packages.debian.org/src:roundcube 82: https://packages.debian.org/src:schleuder 83: https://packages.debian.org/src:simplesamlphp 84: https://packages.debian.org/src:sogo-connector 85: https://packages.debian.org/src:spf-engine 86: https://packages.debian.org/src:sudo 87: https://packages.debian.org/src:systemd 88: https://packages.debian.org/src:tifffile 89: https://packages.debian.org/src:tigervnc 90: https://packages.debian.org/src:tightvnc 91: https://packages.debian.org/src:uif 92: https://packages.debian.org/src:unhide 93: https://packages.debian.org/src:x2goclient 94: https://packages.debian.org/src:xmltooling Security Updates ---------------- This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates: +----------------+--------------------------+ | Advisory ID | Package | +----------------+--------------------------+ | DSA-4546�[95] | openjdk-11�[96] | | | | | DSA-4563�[97] | webkit2gtk�[98] | | | | | DSA-4564�[99] | linux�[100] | | | | | DSA-4564�[101] | linux-signed-i386�[102] | | | | | DSA-4564�[103] | linux-signed-arm64�[104] | | | | | DSA-4564�[105] | linux-signed-amd64�[106] | | | | | DSA-4565�[107] | intel-microcode�[108] | | | | | DSA-4566�[109] | qemu�[110] | | | | | DSA-4567�[111] | dpdk�[112] | | | | | DSA-4568�[113] | postgresql-common�[114] | | | | | DSA-4569�[115] | ghostscript�[116] | | | | | DSA-4570�[117] | mosquitto�[118] | | | | | DSA-4571�[119] | enigmail�[120] | | | | | DSA-4571�[121] | thunderbird�[122] | | | | | DSA-4572�[123] | slurm-llnl�[124] | | | | | DSA-4573�[125] | symfony�[126] | | | | | DSA-4575�[127] | chromium�[128] | | | | | DSA-4577�[129] | haproxy�[130] | | | | | DSA-4578�[131] | libvpx�[132] | | | | | DSA-4579�[133] | nss�[134] | | | | | DSA-4580�[135] | firefox-esr�[136] | | | | | DSA-4581�[137] | git�[138] | | | | | DSA-4582�[139] | davical�[140] | | | | | DSA-4583�[141] | spip�[142] | | | | | DSA-4584�[143] | spamassassin�[144] | | | | | DSA-4585�[145] | thunderbird�[146] | | | | | DSA-4586�[147] | ruby2.5�[148] | | | | | DSA-4588�[149] | python-ecdsa�[150] | | | | | DSA-4589�[151] | debian-edu-config�[152] | | | | | DSA-4590�[153] | cyrus-imapd�[154] | | | | | DSA-4591�[155] | cyrus-sasl2�[156] | | | | | DSA-4592�[157] | mediawiki�[158] | | | | | DSA-4593�[159] | freeimage�[160] | | | | | DSA-4595�[161] | debian-lan-config�[162] | | | | | DSA-4597�[163] | netty�[164] | | | | | DSA-4598�[165] | python-django�[166] | | | | | DSA-4599�[167] | wordpress�[168] | | | | | DSA-4600�[169] | firefox-esr�[170] | | | | | DSA-4601�[171] | ldm�[172] | | | | | DSA-4602�[173] | xen�[174] | | | | | DSA-4603�[175] | thunderbird�[176] | | | | | DSA-4604�[177] | cacti�[178] | | | | | DSA-4605�[179] | openjdk-11�[180] | | | | | DSA-4606�[181] | chromium�[182] | | | | | DSA-4607�[183] | openconnect�[184] | | | | | DSA-4608�[185] | tiff�[186] | | | | | DSA-4609�[187] | python-apt�[188] | | | | | DSA-4610�[189] | webkit2gtk�[190] | | | | | DSA-4611�[191] | opensmtpd�[192] | | | | | DSA-4612�[193] | prosody-modules�[194] | | | | | DSA-4613�[195] | libidn2�[196] | | | | | DSA-4615�[197] | spamassassin�[198] | | | | +----------------+--------------------------+ 95: https://www.debian.org/security/2019/dsa-4546 96: https://packages.debian.org/src:openjdk-11 97: https://www.debian.org/security/2019/dsa-4563 98: https://packages.debian.org/src:webkit2gtk 99: https://www.debian.org/security/2019/dsa-4564 100: https://packages.debian.org/src:linux 101: https://www.debian.org/security/2019/dsa-4564 102: https://packages.debian.org/src:linux-signed-i386 103: https://www.debian.org/security/2019/dsa-4564 104: https://packages.debian.org/src:linux-signed-arm64 105: https://www.debian.org/security/2019/dsa-4564 106: https://packages.debian.org/src:linux-signed-amd64 107: https://www.debian.org/security/2019/dsa-4565 108: https://packages.debian.org/src:intel-microcode 109: https://www.debian.org/security/2019/dsa-4566 110: https://packages.debian.org/src:qemu 111: https://www.debian.org/security/2019/dsa-4567 112: https://packages.debian.org/src:dpdk 113: https://www.debian.org/security/2019/dsa-4568 114: https://packages.debian.org/src:postgresql-common 115: https://www.debian.org/security/2019/dsa-4569 116: https://packages.debian.org/src:ghostscript 117: https://www.debian.org/security/2019/dsa-4570 118: https://packages.debian.org/src:mosquitto 119: https://www.debian.org/security/2019/dsa-4571 120: https://packages.debian.org/src:enigmail 121: https://www.debian.org/security/2019/dsa-4571 122: https://packages.debian.org/src:thunderbird 123: https://www.debian.org/security/2019/dsa-4572 124: https://packages.debian.org/src:slurm-llnl 125: https://www.debian.org/security/2019/dsa-4573 126: https://packages.debian.org/src:symfony 127: https://www.debian.org/security/2019/dsa-4575 128: https://packages.debian.org/src:chromium 129: https://www.debian.org/security/2019/dsa-4577 130: https://packages.debian.org/src:haproxy 131: https://www.debian.org/security/2019/dsa-4578 132: https://packages.debian.org/src:libvpx 133: https://www.debian.org/security/2019/dsa-4579 134: https://packages.debian.org/src:nss 135: https://www.debian.org/security/2019/dsa-4580 136: https://packages.debian.org/src:firefox-esr 137: https://www.debian.org/security/2019/dsa-4581 138: https://packages.debian.org/src:git 139: https://www.debian.org/security/2019/dsa-4582 140: https://packages.debian.org/src:davical 141: https://www.debian.org/security/2019/dsa-4583 142: https://packages.debian.org/src:spip 143: https://www.debian.org/security/2019/dsa-4584 144: https://packages.debian.org/src:spamassassin 145: https://www.debian.org/security/2019/dsa-4585 146: https://packages.debian.org/src:thunderbird 147: https://www.debian.org/security/2019/dsa-4586 148: https://packages.debian.org/src:ruby2.5 149: https://www.debian.org/security/2019/dsa-4588 150: https://packages.debian.org/src:python-ecdsa 151: https://www.debian.org/security/2019/dsa-4589 152: https://packages.debian.org/src:debian-edu-config 153: https://www.debian.org/security/2019/dsa-4590 154: https://packages.debian.org/src:cyrus-imapd 155: https://www.debian.org/security/2019/dsa-4591 156: https://packages.debian.org/src:cyrus-sasl2 157: https://www.debian.org/security/2019/dsa-4592 158: https://packages.debian.org/src:mediawiki 159: https://www.debian.org/security/2019/dsa-4593 160: https://packages.debian.org/src:freeimage 161: https://www.debian.org/security/2019/dsa-4595 162: https://packages.debian.org/src:debian-lan-config 163: https://www.debian.org/security/2020/dsa-4597 164: https://packages.debian.org/src:netty 165: https://www.debian.org/security/2020/dsa-4598 166: https://packages.debian.org/src:python-django 167: https://www.debian.org/security/2020/dsa-4599 168: https://packages.debian.org/src:wordpress 169: https://www.debian.org/security/2020/dsa-4600 170: https://packages.debian.org/src:firefox-esr 171: https://www.debian.org/security/2020/dsa-4601 172: https://packages.debian.org/src:ldm 173: https://www.debian.org/security/2020/dsa-4602 174: https://packages.debian.org/src:xen 175: https://www.debian.org/security/2020/dsa-4603 176: https://packages.debian.org/src:thunderbird 177: https://www.debian.org/security/2020/dsa-4604 178: https://packages.debian.org/src:cacti 179: https://www.debian.org/security/2020/dsa-4605 180: https://packages.debian.org/src:openjdk-11 181: https://www.debian.org/security/2020/dsa-4606 182: https://packages.debian.org/src:chromium 183: https://www.debian.org/security/2020/dsa-4607 184: https://packages.debian.org/src:openconnect 185: https://www.debian.org/security/2020/dsa-4608 186: https://packages.debian.org/src:tiff 187: https://www.debian.org/security/2020/dsa-4609 188: https://packages.debian.org/src:python-apt 189: https://www.debian.org/security/2020/dsa-4610 190: https://packages.debian.org/src:webkit2gtk 191: https://www.debian.org/security/2020/dsa-4611 192: https://packages.debian.org/src:opensmtpd 193: https://www.debian.org/security/2020/dsa-4612 194: https://packages.debian.org/src:prosody-modules 195: https://www.debian.org/security/2020/dsa-4613 196: https://packages.debian.org/src:libidn2 197: https://www.debian.org/security/2020/dsa-4615 198: https://packages.debian.org/src:spamassassin Removed packages ---------------- The following packages were removed due to circumstances beyond our control: +----------------------+-----------------------------------------------+ | Package | Reason | +----------------------+-----------------------------------------------+ | caml-crush�[199] | [armel] Unbuildable due to lack of ocaml- | | | native-compilers | | | | | firetray�[200] | Incompatible with current Thunderbird | | | versions | | | | | koji�[201] | Security issues | | | | | python-lamson�[202] | Broken by changes in python-daemon | | | | | radare2�[203] | Security issues; upstream do not offer stable | | | support | | | | | radare2-cutter�[204] | Depends on to-be-removed radare2 | | | | +----------------------+-----------------------------------------------+ 199: https://packages.debian.org/src:caml-crush 200: https://packages.debian.org/src:firetray 201: https://packages.debian.org/src:koji 202: https://packages.debian.org/src:python-lamson 203: https://packages.debian.org/src:radare2 204: https://packages.debian.org/src:radare2-cutter Debian Installer ---------------- The installer has been updated to include the fixes incorporated into stable by the point release. URLs ---- The complete lists of packages that have changed with this revision: http://ftp.debian.org/debian/dists/buster/ChangeLog The current stable distribution: http://ftp.debian.org/debian/dists/stable/ Proposed updates to the stable distribution: http://ftp.debian.org/debian/dists/proposed-updates stable distribution information (release notes, errata etc.): https://www.debian.org/releases/stable/ Security announcements and information: https://www.debian.org/security/ About Debian ------------ The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. Contact Information ------------------- For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.
Attachment:
signature.asc
Description: PGP signature