------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 12: 12.2 released press@debian.org October 7th, 2023 https://www.debian.org/News/2023/20231007 ------------------------------------------------------------------------ The Debian project is pleased to announce the second update of its stable distribution Debian 12 (codename "bookworm"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 12 but only updates some of the packages included. There is no need to throw away old "bookworm" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations. Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list Miscellaneous Bugfixes ---------------------- This stable update adds a few important corrections to the following packages: +--------------------------+------------------------------------------+ | Package | Reason | +--------------------------+------------------------------------------+ | amd64-microcode [1] | Update included microcode, including | | | fixes for "AMD Inception" on AMD Zen4 | | | processors [CVE-2023-20569] | | | | | arctica-greeter [2] | Support configuring the onscreen | | | keyboard theme via ArcticaGreeter's | | | gsettings; use "Compact" OSK layout | | | (instead of Small) which includes | | | special keys such as German Umlauts; fix | | | display of authentication failure | | | messages; use active theme rather then | | | emerald | | | | | autofs [3] | Fix regression determining reachability | | | on dual-stack hosts | | | | | base-files [4] | Update for the 12.2 point release | | | | | batik [5] | Fix Server Side Request Forgery issues | | | [CVE-2022-44729 CVE-2022-44730] | | | | | boxer-data [6] | No longer install https-everywhere for | | | Firefox | | | | | brltty [7] | xbrlapi: Do not try to start brltty with | | | ba+a2 when unavailable; fix cursor | | | routing and braille panning in Orca when | | | xbrlapi is installed but the a2 screen | | | driver is not | | | | | ca-certificates-java [8] | Work around unconfigured JRE during new | | | installations | | | | | cairosvg [9] | Handle data: URLs in safe mode | | | | | calibre [10] | Fix export feature | | | | | clamav [11] | New upstream stable release; security | | | fixes [CVE-2023-20197 CVE-2023-20212] | | | | | cryptmount [12] | Avoid memory initialisation issues in | | | command line parser | | | | | cups [13] | Fix heap-based buffer overflow issue | | | [CVE-2023-4504]; fix unauthenticated | | | access issue [CVE-2023-32360] | | | | | curl [14] | Build with OpenLDAP to correct improper | | | fetch of binary LDAP attributes; fix | | | excessive memory consumption issue | | | [CVE-2023-38039] | | | | | cyrus-imapd [15] | Ensure mailboxes are not lost on | | | upgrades from bullseye | | | | | dar [16] | Fix issues with creating isolated | | | catalogs when dar was built using a | | | recent gcc version | | | | | dbus [17] | New upstream stable release; fix a dbus- | | | daemon crash during policy reload if a | | | connection belongs to a user account | | | that has been deleted, or if a Name | | | Service Switch plugin is broken, on | | | kernels not supporting SO_PEERGROUPS; | | | report the error correctly if getting | | | the groups of a uid fails; dbus-user- | | | session: Copy XDG_CURRENT_DESKTOP to | | | activation environment | | | | | debian-archive- | Clean up leftover keyrings in | | keyring [18] | trusted.gpg.d | | | | | debian-edu-doc [19] | Update Debian Edu Bookworm manual | | | | | debian-edu-install [20] | New upstream release; adjust D-I auto- | | | partitioning sizes | | | | | debian-installer [21] | Increase Linux kernel ABI to 6.1.0-13; | | | rebuild against proposed-updates | | | | | debian-installer- | Rebuild against proposed-updates | | netboot-images [22] | | | | | | debian-parl [23] | Rebuild with newer boxer-data; no longer | | | depend on webext-https-everywhere | | | | | debianutils [24] | Fix duplicate entries in /etc/shells; | | | manage /bin/sh in the state file; fix | | | canonicalization of shells in aliased | | | locations | | | | | dgit [25] | Use the old /updates security map only | | | for buster; prevent pushing older | | | versions than are already in the archive | | | | | dhcpcd5 [26] | Ease upgrades with leftovers from | | | wheezy; drop deprecated ntpd | | | integration; fix version in cleanup | | | script | | | | | dpdk [27] | New upstream stable release | | | | | dput-ng [28] | Update permitted upload targets; fix | | | failure to build from source | | | | | efibootguard [29] | Fix Insufficient or missing validation | | | and sanitization of input from | | | untrustworthy bootloader environment | | | files [CVE-2023-39950] | | | | | electrum [30] | Fix a Lightning security issue | | | | | filezilla [31] | Fix builds for 32-bit architectures; fix | | | crash when removing filetypes from list | | | | | firewalld [32] | Don't mix IPv4 and IPv6 addresses in a | | | single nftables rule | | | | | flann [33] | Drop extra -llz4 from flann.pc | | | | | foot [34] | Ignore XTGETTCAP queries with invalid | | | hex encodings | | | | | freedombox [35] | Use n= in apt preferences for smooth | | | upgrades | | | | | freeradius [36] | Ensure TLS-Client-Cert-Common-Name | | | contains correct data | | | | | ghostscript [37] | Fix buffer overflow issue [CVE-2023- | | | 38559]; try and secure the IJS server | | | startup [CVE-2023-43115] | | | | | gitit [38] | Rebuild against new pandoc | | | | | gjs [39] | Avoid infinite loops of idle callbacks | | | if an idle handler is called during GC | | | | | glibc [40] | Fix the value of F_GETLK/F_SETLK/ | | | F_SETLKW with __USE_FILE_OFFSET64 on | | | ppc64el; fix a stack read overflow in | | | getaddrinfo in no-aaaa mode [CVE-2023- | | | 4527]; fix use after free in | | | getcanonname [CVE-2023-4806 CVE-2023- | | | 5156]; fix _dl_find_object to return | | | correct values even during early startup | | | | | gosa-plugins- | Silence deprecation warnings in web | | netgroups [41] | interface | | | | | gosa-plugins- | Fix management of DHCP/DNS entries in | | systems [42] | default theme; fix adding (standalone) | | | "Network printer" systems; fix | | | generation of target DNs for various | | | system types; fix icon rendering in DHCP | | | servlet; enforce unqualified hostname | | | for workstations | | | | | gtk+3.0 [43] | New upstream stable release; fix several | | | crashes; show more information in the | | | "inspector" debugging interface; | | | silence GFileInfo warnings if used with | | | a backported version of GLib; use a | | | light colour for the caret in dark | | | themes, making it much easier to see in | | | some apps, in particular Evince | | | | | gtk4 [44] | Fix truncation in places sidebar with | | | large text accessibility setting | | | | | haskell-hakyll [45] | Rebuild against new pandoc | | | | | highway [46] | Fix support for armhf systems lacking | | | NEON | | | | | hnswlib [47] | Fix double free in init_index when the M | | | argument is a large integer [CVE-2023- | | | 37365] | | | | | horizon [48] | Fix open redirect issue [CVE-2022-45582] | | | | | icingaweb2 [49] | Suppress undesirable deprecation notices | | | | | imlib2 [50] | Fix preservation of alpha channel flag | | | | | indent [51] | Fix out of buffer read; fix buffer | | | overwrite [CVE-2023-40305] | | | | | inetutils [52] | Check return values when dropping | | | privileges [CVE-2023-40303] | | | | | inn2 [53] | Fix nnrpd hangs when compression is | | | enabled; add support for high-precision | | | syslog timestamps; make inn- | | | {radius,secrets}.conf not world readable | | | | | jekyll [54] | Support YAML aliases | | | | | kernelshark [55] | Fix segfault in libshark-tepdata; fix | | | capturing when target directory contains | | | a space | | | | | krb5 [56] | Fix freeing of uninitialised pointer | | | [CVE-2023-36054] | | | | | lemonldap-ng [57] | Apply login control to auth-slave | | | requests; fix open redirection due to | | | incorrect escape handling; fix open | | | redirection when OIDC RP has no redirect | | | URIs; fix Server Side Request Forgery | | | issue [CVE-2023-44469] | | | | | libapache-mod-jk [58] | Remove implicit mapping functionality, | | | which could lead to unintended exposure | | | of the status worker and/or bypass of | | | security constraints [CVE-2023-41081] | | | | | libclamunrar [59] | New upstream stable release | | | | | libmatemixer [60] | Fix heap corruptions / application | | | crashes when removing audio devices | | | | | libpam-mklocaluser [61] | pam-auth-update: ensure the module is | | | ordered before other session type | | | modules | | | | | libxnvctrl [62] | New source package split from nvidia- | | | settings | | | | | linux [63] | New upstream stable release | | | | | linux-signed-amd64 [64] | New upstream stable release | | | | | linux-signed-arm64 [65] | New upstream stable release | | | | | linux-signed-i386 [66] | New upstream stable release | | | | | llvm-defaults [67] | Fix /usr/include/lld symlink; add Breaks | | | against not co-installable packages for | | | smoother upgrades from bullseye | | | | | ltsp [68] | Avoid using mv on init symlink | | | | | lxc [69] | Fix nftables syntax for IPv6 NAT | | | | | lxcfs [70] | Fix CPU reporting within an arm32 | | | container with large numbers of CPUs | | | | | marco [71] | Only enable compositing if it is | | | available | | | | | mariadb [72] | New upstream bugfix release | | | | | mate-notification- | Fix two memory leaks | | daemon [73] | | | | | | mgba [74] | Fix broken audio in libretro core; fix | | | crash on hardware incapable of OpenGL | | | 3.2 | | | | | modsecurity [75] | Fix denial of service issue [CVE-2023- | | | 38285] | | | | | monitoring-plugins [76] | check_disk: avoid mounting when | | | searching for matching mount points, | | | resolving a regression in speed from | | | bullseye | | | | | mozjs102 [77] | New upstream stable release; fix | | | "incorrect value used during WASM | | | compilation" [CVE-2023-4046], potential | | | use after free issue [CVE-2023-37202], | | | memory safety issues [CVE-2023-37211 | | | CVE-2023-34416] | | | | | mutt [78] | New upstream stable release | | | | | nco [79] | Re-enable udunits2 support | | | | | nftables [80] | Fix incorrect bytecode generation hit | | | with new kernel check that rejects | | | adding rules to bound chains | | | | | node-dottie [81] | Security fix (prototype pollution) | | | [CVE-2023-26132] | | | | | nvidia-settings [82] | New upstream bugfix release | | | | | nvidia-settings- | New upstream bugfix release | | tesla [83] | | | | | | nx-libs [84] | Fix missing symlink /usr/share/nx/fonts; | | | fix manpage | | | | | open-ath9k-htc- | Load correct firmware | | firmware [85] | | | | | | openbsd-inetd [86] | Fix memory handling issues | | | | | openrefine [87] | Fix arbitrary code execution issue | | | [CVE-2023-37476] | | | | | openscap [88] | Fix dependencies of openscap-utils and | | | python3-openscap | | | | | openssh [89] | Fix remote code execution issue via a | | | forwarded agent socket [CVE-2023-38408] | | | | | openssl [90] | New upstream stable release; security | | | fixes [CVE-2023-2975 CVE-2023-3446 | | | CVE-2023-3817] | | | | | pam [91] | Fix pam-auth-update --disable; update | | | Turkish translation | | | | | pandoc [92] | Fix arbitrary file write issue | | | [CVE-2023-35936] | | | | | plasma-framework [93] | Fix plasmashell crashes | | | | | plasma-workspace [94] | Fix crash in krunner | | | | | python-git [95] | Fix remote code execution issue | | | [CVE-2023-40267], blind local file | | | inclusion issue [CVE-2023-41040] | | | | | pywinrm [96] | Fix compatibility with Python 3.11 | | | | | qemu [97] | Update to upstream 7.2.5 tree; ui/vnc- | | | clipboard: fix infinite loop in | | | inflate_buffer [CVE-2023-3255]; fix NULL | | | pointer dereference issue [CVE-2023- | | | 3354]; fix buffer overflow issue | | | [CVE-2023-3180] | | | | | qtlocation-opensource- | Fix freeze when loading map tiles | | src [98] | | | | | | rar [99] | Upstream bugfix release [CVE-2023-40477] | | | | | reprepro [100] | Fix race condition when using external | | | decompressors | | | | | rmlint [101] | Fix error in other packages caused by | | | invalid python package version; fix GUI | | | startup failure with recent python3.11 | | | | | roundcube [102] | New upstream stable release; fix OAuth2 | | | authentication; fix cross site scripting | | | issues [CVE-2023-43770] | | | | | runit-services [103] | dhclient: don't hardcode use of eth1 | | | | | samba [104] | New upstream stable release | | | | | sitesummary [105] | New upstream release; fix installation | | | of sitesummary-maintenance CRON/systemd- | | | timerd script; fix insecure temporary | | | file and directory creation | | | | | slbackup-php [106] | Bug fixes: log remote commands to | | | stderr; disable SSH known hosts files; | | | PHP 8 compatibility | | | | | spamprobe [107] | Fix crashes parsing JPEG attachments | | | | | stunnel4 [108] | Fix handling of a peer closing TLS | | | connection without proper shutdown | | | messaging | | | | | systemd [109] | New upstream stable release; fix minor | | | security issue in arm64 and riscv64 | | | systemd-boot (EFI) with device tree | | | blobs loading | | | | | testng7 [110] | Backport to stable for future openjdk-17 | | | builds | | | | | timg [111] | Fix buffer overflow vulnerability | | | [CVE-2023-40968] | | | | | transmission [112] | Replace openssl3 compat patch to fix | | | memory leak | | | | | unbound [113] | Fix error log flooding when using DNS | | | over TLS with openssl 3.0 | | | | | unrar-nonfree [114] | Fix remote code execution issue | | | [CVE-2023-40477] | | | | | vorta [115] | Handle ctime and mtime changes in diffs | | | | | vte2.91 [116] | Invalidate ring view more often when | | | necessary, fixing various assertion | | | failures during event handling | | | | | x2goserver [117] | x2goruncommand: add support for KDE | | | Plasma 5; x2gostartagent: prevent | | | logfile corruption; keystrokes.cfg: sync | | | with nx-libs; fix encoding of Finnish | | | translation | | | | +--------------------------+------------------------------------------+ 1: https://packages.debian.org/src:amd64-microcode 2: https://packages.debian.org/src:arctica-greeter 3: https://packages.debian.org/src:autofs 4: https://packages.debian.org/src:base-files 5: https://packages.debian.org/src:batik 6: https://packages.debian.org/src:boxer-data 7: https://packages.debian.org/src:brltty 8: https://packages.debian.org/src:ca-certificates-java 9: https://packages.debian.org/src:cairosvg 10: https://packages.debian.org/src:calibre 11: https://packages.debian.org/src:clamav 12: https://packages.debian.org/src:cryptmount 13: https://packages.debian.org/src:cups 14: https://packages.debian.org/src:curl 15: https://packages.debian.org/src:cyrus-imapd 16: https://packages.debian.org/src:dar 17: https://packages.debian.org/src:dbus 18: https://packages.debian.org/src:debian-archive-keyring 19: https://packages.debian.org/src:debian-edu-doc 20: https://packages.debian.org/src:debian-edu-install 21: https://packages.debian.org/src:debian-installer 22: https://packages.debian.org/src:debian-installer-netboot-images 23: https://packages.debian.org/src:debian-parl 24: https://packages.debian.org/src:debianutils 25: https://packages.debian.org/src:dgit 26: https://packages.debian.org/src:dhcpcd5 27: https://packages.debian.org/src:dpdk 28: https://packages.debian.org/src:dput-ng 29: https://packages.debian.org/src:efibootguard 30: https://packages.debian.org/src:electrum 31: https://packages.debian.org/src:filezilla 32: https://packages.debian.org/src:firewalld 33: https://packages.debian.org/src:flann 34: https://packages.debian.org/src:foot 35: https://packages.debian.org/src:freedombox 36: https://packages.debian.org/src:freeradius 37: https://packages.debian.org/src:ghostscript 38: https://packages.debian.org/src:gitit 39: https://packages.debian.org/src:gjs 40: https://packages.debian.org/src:glibc 41: https://packages.debian.org/src:gosa-plugins-netgroups 42: https://packages.debian.org/src:gosa-plugins-systems 43: https://packages.debian.org/src:gtk+3.0 44: https://packages.debian.org/src:gtk4 45: https://packages.debian.org/src:haskell-hakyll 46: https://packages.debian.org/src:highway 47: https://packages.debian.org/src:hnswlib 48: https://packages.debian.org/src:horizon 49: https://packages.debian.org/src:icingaweb2 50: https://packages.debian.org/src:imlib2 51: https://packages.debian.org/src:indent 52: https://packages.debian.org/src:inetutils 53: https://packages.debian.org/src:inn2 54: https://packages.debian.org/src:jekyll 55: https://packages.debian.org/src:kernelshark 56: https://packages.debian.org/src:krb5 57: https://packages.debian.org/src:lemonldap-ng 58: https://packages.debian.org/src:libapache-mod-jk 59: https://packages.debian.org/src:libclamunrar 60: https://packages.debian.org/src:libmatemixer 61: https://packages.debian.org/src:libpam-mklocaluser 62: https://packages.debian.org/src:libxnvctrl 63: https://packages.debian.org/src:linux 64: https://packages.debian.org/src:linux-signed-amd64 65: https://packages.debian.org/src:linux-signed-arm64 66: https://packages.debian.org/src:linux-signed-i386 67: https://packages.debian.org/src:llvm-defaults 68: https://packages.debian.org/src:ltsp 69: https://packages.debian.org/src:lxc 70: https://packages.debian.org/src:lxcfs 71: https://packages.debian.org/src:marco 72: https://packages.debian.org/src:mariadb 73: https://packages.debian.org/src:mate-notification-daemon 74: https://packages.debian.org/src:mgba 75: https://packages.debian.org/src:modsecurity 76: https://packages.debian.org/src:monitoring-plugins 77: https://packages.debian.org/src:mozjs102 78: https://packages.debian.org/src:mutt 79: https://packages.debian.org/src:nco 80: https://packages.debian.org/src:nftables 81: https://packages.debian.org/src:node-dottie 82: https://packages.debian.org/src:nvidia-settings 83: https://packages.debian.org/src:nvidia-settings-tesla 84: https://packages.debian.org/src:nx-libs 85: https://packages.debian.org/src:open-ath9k-htc-firmware 86: https://packages.debian.org/src:openbsd-inetd 87: https://packages.debian.org/src:openrefine 88: https://packages.debian.org/src:openscap 89: https://packages.debian.org/src:openssh 90: https://packages.debian.org/src:openssl 91: https://packages.debian.org/src:pam 92: https://packages.debian.org/src:pandoc 93: https://packages.debian.org/src:plasma-framework 94: https://packages.debian.org/src:plasma-workspace 95: https://packages.debian.org/src:python-git 96: https://packages.debian.org/src:pywinrm 97: https://packages.debian.org/src:qemu 98: https://packages.debian.org/src:qtlocation-opensource-src 99: https://packages.debian.org/src:rar 100: https://packages.debian.org/src:reprepro 101: https://packages.debian.org/src:rmlint 102: https://packages.debian.org/src:roundcube 103: https://packages.debian.org/src:runit-services 104: https://packages.debian.org/src:samba 105: https://packages.debian.org/src:sitesummary 106: https://packages.debian.org/src:slbackup-php 107: https://packages.debian.org/src:spamprobe 108: https://packages.debian.org/src:stunnel4 109: https://packages.debian.org/src:systemd 110: https://packages.debian.org/src:testng7 111: https://packages.debian.org/src:timg 112: https://packages.debian.org/src:transmission 113: https://packages.debian.org/src:unbound 114: https://packages.debian.org/src:unrar-nonfree 115: https://packages.debian.org/src:vorta 116: https://packages.debian.org/src:vte2.91 117: https://packages.debian.org/src:x2goserver Security Updates ---------------- This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates: +----------------+---------------------------+ | Advisory ID | Package | +----------------+---------------------------+ | DSA-5454 [118] | kanboard [119] | | | | | DSA-5455 [120] | iperf3 [121] | | | | | DSA-5456 [122] | chromium [123] | | | | | DSA-5457 [124] | webkit2gtk [125] | | | | | DSA-5458 [126] | openjdk-17 [127] | | | | | DSA-5459 [128] | amd64-microcode [129] | | | | | DSA-5460 [130] | curl [131] | | | | | DSA-5462 [132] | linux-signed-amd64 [133] | | | | | DSA-5462 [134] | linux-signed-arm64 [135] | | | | | DSA-5462 [136] | linux-signed-i386 [137] | | | | | DSA-5462 [138] | linux [139] | | | | | DSA-5463 [140] | thunderbird [141] | | | | | DSA-5464 [142] | firefox-esr [143] | | | | | DSA-5465 [144] | python-django [145] | | | | | DSA-5466 [146] | ntpsec [147] | | | | | DSA-5467 [148] | chromium [149] | | | | | DSA-5468 [150] | webkit2gtk [151] | | | | | DSA-5469 [152] | thunderbird [153] | | | | | DSA-5471 [154] | libhtmlcleaner-java [155] | | | | | DSA-5472 [156] | cjose [157] | | | | | DSA-5473 [158] | orthanc [159] | | | | | DSA-5474 [160] | intel-microcode [161] | | | | | DSA-5475 [162] | linux-signed-amd64 [163] | | | | | DSA-5475 [164] | linux-signed-arm64 [165] | | | | | DSA-5475 [166] | linux-signed-i386 [167] | | | | | DSA-5475 [168] | linux [169] | | | | | DSA-5476 [170] | gst-plugins-ugly1.0 [171] | | | | | DSA-5477 [172] | samba [173] | | | | | DSA-5479 [174] | chromium [175] | | | | | DSA-5481 [176] | fastdds [177] | | | | | DSA-5482 [178] | tryton-server [179] | | | | | DSA-5483 [180] | chromium [181] | | | | | DSA-5484 [182] | librsvg [183] | | | | | DSA-5485 [184] | firefox-esr [185] | | | | | DSA-5487 [186] | chromium [187] | | | | | DSA-5488 [188] | thunderbird [189] | | | | | DSA-5491 [190] | chromium [191] | | | | | DSA-5492 [192] | linux-signed-amd64 [193] | | | | | DSA-5492 [194] | linux-signed-arm64 [195] | | | | | DSA-5492 [196] | linux-signed-i386 [197] | | | | | DSA-5492 [198] | linux [199] | | | | | DSA-5493 [200] | open-vm-tools [201] | | | | | DSA-5494 [202] | mutt [203] | | | | | DSA-5495 [204] | frr [205] | | | | | DSA-5496 [206] | firefox-esr [207] | | | | | DSA-5497 [208] | libwebp [209] | | | | | DSA-5498 [210] | thunderbird [211] | | | | | DSA-5501 [212] | gnome-shell [213] | | | | | DSA-5504 [214] | bind9 [215] | | | | | DSA-5505 [216] | lldpd [217] | | | | | DSA-5507 [218] | jetty9 [219] | | | | | DSA-5510 [220] | libvpx [221] | | | | +----------------+---------------------------+ 118: https://www.debian.org/security/2023/dsa-5454 119: https://packages.debian.org/src:kanboard 120: https://www.debian.org/security/2023/dsa-5455 121: https://packages.debian.org/src:iperf3 122: https://www.debian.org/security/2023/dsa-5456 123: https://packages.debian.org/src:chromium 124: https://www.debian.org/security/2023/dsa-5457 125: https://packages.debian.org/src:webkit2gtk 126: https://www.debian.org/security/2023/dsa-5458 127: https://packages.debian.org/src:openjdk-17 128: https://www.debian.org/security/2023/dsa-5459 129: https://packages.debian.org/src:amd64-microcode 130: https://www.debian.org/security/2023/dsa-5460 131: https://packages.debian.org/src:curl 132: https://www.debian.org/security/2023/dsa-5462 133: https://packages.debian.org/src:linux-signed-amd64 134: https://www.debian.org/security/2023/dsa-5462 135: https://packages.debian.org/src:linux-signed-arm64 136: https://www.debian.org/security/2023/dsa-5462 137: https://packages.debian.org/src:linux-signed-i386 138: https://www.debian.org/security/2023/dsa-5462 139: https://packages.debian.org/src:linux 140: https://www.debian.org/security/2023/dsa-5463 141: https://packages.debian.org/src:thunderbird 142: https://www.debian.org/security/2023/dsa-5464 143: https://packages.debian.org/src:firefox-esr 144: https://www.debian.org/security/2023/dsa-5465 145: https://packages.debian.org/src:python-django 146: https://www.debian.org/security/2023/dsa-5466 147: https://packages.debian.org/src:ntpsec 148: https://www.debian.org/security/2023/dsa-5467 149: https://packages.debian.org/src:chromium 150: https://www.debian.org/security/2023/dsa-5468 151: https://packages.debian.org/src:webkit2gtk 152: https://www.debian.org/security/2023/dsa-5469 153: https://packages.debian.org/src:thunderbird 154: https://www.debian.org/security/2023/dsa-5471 155: https://packages.debian.org/src:libhtmlcleaner-java 156: https://www.debian.org/security/2023/dsa-5472 157: https://packages.debian.org/src:cjose 158: https://www.debian.org/security/2023/dsa-5473 159: https://packages.debian.org/src:orthanc 160: https://www.debian.org/security/2023/dsa-5474 161: https://packages.debian.org/src:intel-microcode 162: https://www.debian.org/security/2023/dsa-5475 163: https://packages.debian.org/src:linux-signed-amd64 164: https://www.debian.org/security/2023/dsa-5475 165: https://packages.debian.org/src:linux-signed-arm64 166: https://www.debian.org/security/2023/dsa-5475 167: https://packages.debian.org/src:linux-signed-i386 168: https://www.debian.org/security/2023/dsa-5475 169: https://packages.debian.org/src:linux 170: https://www.debian.org/security/2023/dsa-5476 171: https://packages.debian.org/src:gst-plugins-ugly1.0 172: https://www.debian.org/security/2023/dsa-5477 173: https://packages.debian.org/src:samba 174: https://www.debian.org/security/2023/dsa-5479 175: https://packages.debian.org/src:chromium 176: https://www.debian.org/security/2023/dsa-5481 177: https://packages.debian.org/src:fastdds 178: https://www.debian.org/security/2023/dsa-5482 179: https://packages.debian.org/src:tryton-server 180: https://www.debian.org/security/2023/dsa-5483 181: https://packages.debian.org/src:chromium 182: https://www.debian.org/security/2023/dsa-5484 183: https://packages.debian.org/src:librsvg 184: https://www.debian.org/security/2023/dsa-5485 185: https://packages.debian.org/src:firefox-esr 186: https://www.debian.org/security/2023/dsa-5487 187: https://packages.debian.org/src:chromium 188: https://www.debian.org/security/2023/dsa-5488 189: https://packages.debian.org/src:thunderbird 190: https://www.debian.org/security/2023/dsa-5491 191: https://packages.debian.org/src:chromium 192: https://www.debian.org/security/2023/dsa-5492 193: https://packages.debian.org/src:linux-signed-amd64 194: https://www.debian.org/security/2023/dsa-5492 195: https://packages.debian.org/src:linux-signed-arm64 196: https://www.debian.org/security/2023/dsa-5492 197: https://packages.debian.org/src:linux-signed-i386 198: https://www.debian.org/security/2023/dsa-5492 199: https://packages.debian.org/src:linux 200: https://www.debian.org/security/2023/dsa-5493 201: https://packages.debian.org/src:open-vm-tools 202: https://www.debian.org/security/2023/dsa-5494 203: https://packages.debian.org/src:mutt 204: https://www.debian.org/security/2023/dsa-5495 205: https://packages.debian.org/src:frr 206: https://www.debian.org/security/2023/dsa-5496 207: https://packages.debian.org/src:firefox-esr 208: https://www.debian.org/security/2023/dsa-5497 209: https://packages.debian.org/src:libwebp 210: https://www.debian.org/security/2023/dsa-5498 211: https://packages.debian.org/src:thunderbird 212: https://www.debian.org/security/2023/dsa-5501 213: https://packages.debian.org/src:gnome-shell 214: https://www.debian.org/security/2023/dsa-5504 215: https://packages.debian.org/src:bind9 216: https://www.debian.org/security/2023/dsa-5505 217: https://packages.debian.org/src:lldpd 218: https://www.debian.org/security/2023/dsa-5507 219: https://packages.debian.org/src:jetty9 220: https://www.debian.org/security/2023/dsa-5510 221: https://packages.debian.org/src:libvpx Removed packages ---------------- The following packages were removed due to circumstances beyond our control: +------------------------+---------------------------------------------+ | Package | Reason | +------------------------+---------------------------------------------+ | https-everywhere [222] | obsolete, major browsers offer native | | | support | | | | +------------------------+---------------------------------------------+ 222: https://packages.debian.org/src:https-everywhere Debian Installer ---------------- The installer has been updated to include the fixes incorporated into stable by the point release. URLs ---- The complete lists of packages that have changed with this revision: https://deb.debian.org/debian/dists/bookworm/ChangeLog The current stable distribution: https://deb.debian.org/debian/dists/stable/ Proposed updates to the stable distribution: https://deb.debian.org/debian/dists/proposed-updates stable distribution information (release notes, errata etc.): https://www.debian.org/releases/stable/ Security announcements and information: https://www.debian.org/security/ About Debian ------------ The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. Contact Information ------------------- For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature