------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 11: 11.10 released press@debian.org June 29th, 2024 https://www.debian.org/News/2024/2024062902 ------------------------------------------------------------------------ The Debian project is pleased to announce the tenth update of its oldstable distribution Debian 11 (codename "bullseye"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 11 but only updates some of the packages included. There is no need to throw away old "bullseye" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations. Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list Miscellaneous Bugfixes ---------------------- This oldstable update adds a few important corrections to the following packages: +--------------------------+------------------------------------------+ | Package | Reason | +--------------------------+------------------------------------------+ | allegro5 [1] | Fix buffer overflow issues [CVE-2021- | | | 36489] | | | | | amavisd-new [2] | Handle multiple boundary parameters that | | | contain conflicting values [CVE-2024- | | | 28054] | | | | | bart [3] | Fix build test failures by relaxing a | | | floating-point comparison | | | | | bart-cuda [4] | Fix build test failures by relaxing a | | | floating-point comparison | | | | | base-files [5] | Update for the point release | | | | | cloud-init-22.4.2 [6] | Introduce later-versioned replacement | | | for cloud-init package | | | | | cpu [7] | Provide exactly one definition of | | | globalLdap in ldap plugin | | | | | curl [8] | Fix memory leak when HTTP/2 server push | | | is aborted [CVE-2024-2398] | | | | | debian-installer [9] | Increase Linux kernel ABI to 5.10.0-30; | | | rebuild against proposed-updates | | | | | debian-installer- | Rebuild against proposed-updates | | netboot-images [10] | | | | | | debsig-verify [11] | Rebuild for outdated Built-Using | | | | | deets [12] | Rebuild for outdated Built-Using | | | | | distro-info-data [13] | Declare intentions for bullseye/ | | | bookworm; fix past data; add Ubuntu | | | 24.10 | | | | | django-mailman3 [14] | Scrub messages before archiving | | | | | dns-root-data [15] | Update root hints; update expired | | | security information | | | | | emacs [16] | Protect against unsafe remote resources | | | [CVE-2024-30203 CVE-2024-30204 CVE-2024- | | | 30205]; fix memory leak in patch for | | | CVE-2022-48337 | | | | | galera-4 [17] | New upstream bugfix release; update | | | upstream release signing key; prevent | | | date-related test failures | | | | | gdk-pixbuf [18] | ANI: Reject files with multiple anih | | | chunks [CVE-2022-48622]; ANI: Reject | | | files with multiple INAM or IART chunks; | | | ANI: Validate anih chunk size | | | | | glib2.0 [19] | Fix a (rare) memory leak | | | | | gnutls28 [20] | Fix assertion failure verifying a | | | certificate chain with a cycle of cross | | | signatures [CVE-2024-0567]; fix timing | | | side-channel attack inside RSA-PSK key | | | exchange [CVE-2024-0553] | | | | | gross [21] | Fix stack-based buffer overflow | | | [CVE-2023-52159] | | | | | hovercraft [22] | Depend on python3-setuptools | | | | | imlib2 [23] | Fix heap-buffer overflow vulnerability | | | when using the tgaflip function in | | | loader_tga.c [CVE-2024-25447 CVE-2024- | | | 25448 CVE-2024-25450] | | | | | intel-microcode [24] | Fixes for INTEL-SA-INTEL-SA-00972 | | | [CVE-2023-39368], INTEL-SA-INTEL- | | | SA-00982 [CVE-2023-38575], INTEL-SA- | | | INTEL-SA-00898 [CVE-2023-28746], INTEL- | | | SA-INTEL-SA-00960 [CVE-2023-22655] and | | | INTEL-SA-INTEL-SA-01045 [CVE-2023- | | | 43490]; mitigate for INTEL-SA-01051 | | | [CVE-2023-45733], INTEL-SA-01052 | | | [CVE-2023-46103], INTEL-SA-01036 | | | [CVE-2023-45745, CVE-2023-47855] and | | | unspecified functional issues on various | | | Intel processors | | | | | jose [25] | Fix potential denial-of-service issue | | | [CVE-2023-50967] | | | | | json-smart [26] | Fix excessive recursion leading to stack | | | overflow [CVE-2023-1370]; fix denial of | | | service via crafted request [CVE-2021- | | | 31684] | | | | | lacme [27] | Fix post-issuance validation logic | | | | | libapache2-mod-auth- | Fix missing input validation leading to | | openidc [28] | DoS [CVE-2024-24814] | | | | | libjwt [29] | Fix a timing side channel via strcmp() | | | [CVE-2024-25189] | | | | | libkf5ksieve [30] | Prevent leaking passwords into server- | | | side logs | | | | | libmicrohttpd [31] | Fix out of bounds read with crafted POST | | | requests [CVE-2023-27371] | | | | | libssh2 [32] | Fix out of bounds memory check in | | | _libssh2_packet_add [CVE-2020-22218] | | | | | links2 [33] | Rebuild for outdated Built-Using | | | | | nano [34] | Fix malicious symlink issue [CVE-2024- | | | 5742] | | | | | ngircd [35] | Respect "SSLConnect" option for | | | incoming connections; server certificate | | | validation on server links (S2S-TLS); | | | METADATA: Fix unsetting "cloakhost" | | | | | nvidia-graphics- | End support for Tesla 450 drivers; build | | drivers [36] | libnvidia-fbc1 for arm64; upstream | | | security fixes [CVE-2022-42265 CVE-2024- | | | 0074 CVE-2024-0078]; new upstream stable | | | release; security fixes [CVE-2024-0090 | | | CVE-2024-0092]; fix build on ppc64el | | | | | nvidia-graphics-drivers- | Convert to transitional packages | | tesla-450 [37] | | | | | | nvidia-graphics-drivers- | New upstream LTS release [CVE-2024-0074 | | tesla-470 [38] | CVE-2024-0078 CVE-2022-42265 CVE-2024- | | | 0090 CVE-2024-0092]; fix build on | | | ppc64el | | | | | nvidia-settings [39] | New upstream bugfix release; build for | | | ppc64el | | | | | org-mode [40] | Protect against unsafe remote resources | | | [CVE-2024-30203 CVE-2024-30204 CVE-2024- | | | 30205] | | | | | php-composer-xdebug- | Force system dependency loading | | handler [41] | | | | | | php-doctrine- | Force system dependency loading | | annotations [42] | | | | | | php-phpseclib [43] | Force system dependency loading; guard | | | isPrime() and randomPrime() for | | | BigInteger [CVE-2024-27354]; limit OID | | | length in ASN1 [CVE-2024-27355]; fix | | | BigInteger getLength() | | | | | php-proxy-manager [44] | Force system dependency loading | | | | | php-symfony- | Force system dependency loading | | contracts [45] | | | | | | php-zend-code [46] | Force system dependency loading | | | | | phpseclib [47] | Force system dependency loading; guard | | | isPrime() and randomPrime() for | | | BigInteger [CVE-2024-27354]; limit OID | | | length in ASN1 [CVE-2024-27355]; fix | | | BigInteger getLength() | | | | | postfix [48] | Upstream bugfix release | | | | | postgresql-13 [49] | New upstream stable release | | | | | pypdf2 [50] | Fix quadratic runtime with malformed PDF | | | missing xref marker [CVE-2023-36810]; | | | fix infinite loop with crafted input | | | [CVE-2022-24859] | | | | | python-aiosmtpd [51] | Fix SMTP smuggling issue [CVE-2024- | | | 27305]; fix STARTTLS unencrypted command | | | injection issue [CVE-2024-34083] | | | | | python-dnslib [52] | Validate transaction ID in client.py | | | | | python-idna [53] | Fix denial of service issue [CVE-2024- | | | 3651] | | | | | python-stdnum [54] | Fix FTBFS when test date is not far | | | enough in the future | | | | | qtbase-opensource- | Security fixes [CVE-2022-25255 CVE-2023- | | src [55] | 24607 CVE-2023-32762 CVE-2023-32763 | | | CVE-2023-33285 CVE-2023-34410 CVE-2023- | | | 37369 CVE-2023-38197 CVE-2023-51714 | | | CVE-2024-25580] | | | | | reportbug [56] | Fix suite name to codename mappings to | | | reflect the bookworm release | | | | | rust-cbindgen-web [57] | New source package to support builds of | | | newer Firefox ESR versions | | | | | rustc-web [58] | Support firefox-esr and thunderbird in | | | bullseye for LTS | | | | | sendmail [59] | Fix SMTP smuggling issue [CVE-2023- | | | 51765]; add forgotten configuration for | | | rejecting NUL by defualt | | | | | symfony [60] | Force system dependency loading; | | | DateTypeTest: ensure submitted year is | | | accepted choice | | | | | systemd [61] | Meson: drop arch filtering in syscall | | | list; unset TZ before timezone-sensitive | | | unit tests are run | | | | | wpa [62] | Fix authentication bypass issue | | | [CVE-2023-52160] | | | | +--------------------------+------------------------------------------+ 1: https://packages.debian.org/src:allegro5 2: https://packages.debian.org/src:amavisd-new 3: https://packages.debian.org/src:bart 4: https://packages.debian.org/src:bart-cuda 5: https://packages.debian.org/src:base-files 6: https://packages.debian.org/src:cloud-init-22.4.2 7: https://packages.debian.org/src:cpu 8: https://packages.debian.org/src:curl 9: https://packages.debian.org/src:debian-installer 10: https://packages.debian.org/src:debian-installer-netboot-images 11: https://packages.debian.org/src:debsig-verify 12: https://packages.debian.org/src:deets 13: https://packages.debian.org/src:distro-info-data 14: https://packages.debian.org/src:django-mailman3 15: https://packages.debian.org/src:dns-root-data 16: https://packages.debian.org/src:emacs 17: https://packages.debian.org/src:galera-4 18: https://packages.debian.org/src:gdk-pixbuf 19: https://packages.debian.org/src:glib2.0 20: https://packages.debian.org/src:gnutls28 21: https://packages.debian.org/src:gross 22: https://packages.debian.org/src:hovercraft 23: https://packages.debian.org/src:imlib2 24: https://packages.debian.org/src:intel-microcode 25: https://packages.debian.org/src:jose 26: https://packages.debian.org/src:json-smart 27: https://packages.debian.org/src:lacme 28: https://packages.debian.org/src:libapache2-mod-auth-openidc 29: https://packages.debian.org/src:libjwt 30: https://packages.debian.org/src:libkf5ksieve 31: https://packages.debian.org/src:libmicrohttpd 32: https://packages.debian.org/src:libssh2 33: https://packages.debian.org/src:links2 34: https://packages.debian.org/src:nano 35: https://packages.debian.org/src:ngircd 36: https://packages.debian.org/src:nvidia-graphics-drivers 37: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-450 38: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-470 39: https://packages.debian.org/src:nvidia-settings 40: https://packages.debian.org/src:org-mode 41: https://packages.debian.org/src:php-composer-xdebug-handler 42: https://packages.debian.org/src:php-doctrine-annotations 43: https://packages.debian.org/src:php-phpseclib 44: https://packages.debian.org/src:php-proxy-manager 45: https://packages.debian.org/src:php-symfony-contracts 46: https://packages.debian.org/src:php-zend-code 47: https://packages.debian.org/src:phpseclib 48: https://packages.debian.org/src:postfix 49: https://packages.debian.org/src:postgresql-13 50: https://packages.debian.org/src:pypdf2 51: https://packages.debian.org/src:python-aiosmtpd 52: https://packages.debian.org/src:python-dnslib 53: https://packages.debian.org/src:python-idna 54: https://packages.debian.org/src:python-stdnum 55: https://packages.debian.org/src:qtbase-opensource-src 56: https://packages.debian.org/src:reportbug 57: https://packages.debian.org/src:rust-cbindgen-web 58: https://packages.debian.org/src:rustc-web 59: https://packages.debian.org/src:sendmail 60: https://packages.debian.org/src:symfony 61: https://packages.debian.org/src:systemd 62: https://packages.debian.org/src:wpa Security Updates ---------------- This revision adds the following security updates to the oldstable release. The Security Team has already released an advisory for each of these updates: +----------------+---------------------------+ | Advisory ID | Package | +----------------+---------------------------+ | DSA-5146 [63] | puma [64] | | | | | DSA-5360 [65] | emacs [66] | | | | | DSA-5575 [67] | webkit2gtk [68] | | | | | DSA-5580 [69] | webkit2gtk [70] | | | | | DSA-5596 [71] | asterisk [72] | | | | | DSA-5616 [73] | ruby-sanitize [74] | | | | | DSA-5618 [75] | webkit2gtk [76] | | | | | DSA-5619 [77] | libgit2 [78] | | | | | DSA-5620 [79] | unbound [80] | | | | | DSA-5621 [81] | bind9 [82] | | | | | DSA-5622 [83] | postgresql-13 [84] | | | | | DSA-5624 [85] | edk2 [86] | | | | | DSA-5625 [87] | engrampa [88] | | | | | DSA-5627 [89] | firefox-esr [90] | | | | | DSA-5628 [91] | imagemagick [92] | | | | | DSA-5630 [93] | thunderbird [94] | | | | | DSA-5631 [95] | iwd [96] | | | | | DSA-5632 [97] | composer [98] | | | | | DSA-5635 [99] | yard [100] | | | | | DSA-5637 [101] | squid [102] | | | | | DSA-5638 [103] | libuv1 [104] | | | | | DSA-5640 [105] | openvswitch [106] | | | | | DSA-5641 [107] | fontforge [108] | | | | | DSA-5643 [109] | firefox-esr [110] | | | | | DSA-5644 [111] | thunderbird [112] | | | | | DSA-5645 [113] | firefox-esr [114] | | | | | DSA-5646 [115] | cacti [116] | | | | | DSA-5647 [117] | samba [118] | | | | | DSA-5650 [119] | util-linux [120] | | | | | DSA-5651 [121] | mediawiki [122] | | | | | DSA-5652 [123] | py7zr [124] | | | | | DSA-5653 [125] | gtkwave [126] | | | | | DSA-5657 [127] | xorg-server [128] | | | | | DSA-5659 [129] | trafficserver [130] | | | | | DSA-5660 [131] | php7.4 [132] | | | | | DSA-5662 [133] | apache2 [134] | | | | | DSA-5663 [135] | firefox-esr [136] | | | | | DSA-5664 [137] | jetty9 [138] | | | | | DSA-5666 [139] | flatpak [140] | | | | | DSA-5667 [141] | tomcat9 [142] | | | | | DSA-5669 [143] | guix [144] | | | | | DSA-5670 [145] | thunderbird [146] | | | | | DSA-5671 [147] | openjdk-11 [148] | | | | | DSA-5672 [149] | openjdk-17 [150] | | | | | DSA-5673 [151] | glibc [152] | | | | | DSA-5678 [153] | glibc [154] | | | | | DSA-5679 [155] | less [156] | | | | | DSA-5681 [157] | linux-signed-amd64 [158] | | | | | DSA-5681 [159] | linux-signed-arm64 [160] | | | | | DSA-5681 [161] | linux-signed-i386 [162] | | | | | DSA-5681 [163] | linux [164] | | | | | DSA-5682 [165] | glib2.0 [166] | | | | | DSA-5682 [167] | gnome-shell [168] | | | | | DSA-5684 [169] | webkit2gtk [170] | | | | | DSA-5685 [171] | wordpress [172] | | | | | DSA-5686 [173] | dav1d [174] | | | | | DSA-5688 [175] | atril [176] | | | | | DSA-5690 [177] | libreoffice [178] | | | | | DSA-5691 [179] | firefox-esr [180] | | | | | DSA-5692 [181] | ghostscript [182] | | | | | DSA-5693 [183] | thunderbird [184] | | | | | DSA-5695 [185] | webkit2gtk [186] | | | | | DSA-5698 [187] | ruby-rack [188] | | | | | DSA-5700 [189] | python-pymysql [190] | | | | | DSA-5702 [191] | gst-plugins-base1.0 [192] | | | | | DSA-5703 [193] | linux-signed-amd64 [194] | | | | | DSA-5703 [195] | linux-signed-arm64 [196] | | | | | DSA-5703 [197] | linux-signed-i386 [198] | | | | | DSA-5703 [199] | linux [200] | | | | | DSA-5704 [201] | pillow [202] | | | | | DSA-5707 [203] | vlc [204] | | | | | DSA-5709 [205] | firefox-esr [206] | | | | | DSA-5711 [207] | thunderbird [208] | | | | | DSA-5713 [209] | libndp [210] | | | | | DSA-5714 [211] | roundcube [212] | | | | | DSA-5715 [213] | composer [214] | | | | +----------------+---------------------------+ 63: https://www.debian.org/security/2022/dsa-5146 64: https://packages.debian.org/src:puma 65: https://www.debian.org/security/2023/dsa-5360 66: https://packages.debian.org/src:emacs 67: https://www.debian.org/security/2023/dsa-5575 68: https://packages.debian.org/src:webkit2gtk 69: https://www.debian.org/security/2023/dsa-5580 70: https://packages.debian.org/src:webkit2gtk 71: https://www.debian.org/security/2024/dsa-5596 72: https://packages.debian.org/src:asterisk 73: https://www.debian.org/security/2024/dsa-5616 74: https://packages.debian.org/src:ruby-sanitize 75: https://www.debian.org/security/2024/dsa-5618 76: https://packages.debian.org/src:webkit2gtk 77: https://www.debian.org/security/2024/dsa-5619 78: https://packages.debian.org/src:libgit2 79: https://www.debian.org/security/2024/dsa-5620 80: https://packages.debian.org/src:unbound 81: https://www.debian.org/security/2024/dsa-5621 82: https://packages.debian.org/src:bind9 83: https://www.debian.org/security/2024/dsa-5622 84: https://packages.debian.org/src:postgresql-13 85: https://www.debian.org/security/2024/dsa-5624 86: https://packages.debian.org/src:edk2 87: https://www.debian.org/security/2024/dsa-5625 88: https://packages.debian.org/src:engrampa 89: https://www.debian.org/security/2024/dsa-5627 90: https://packages.debian.org/src:firefox-esr 91: https://www.debian.org/security/2024/dsa-5628 92: https://packages.debian.org/src:imagemagick 93: https://www.debian.org/security/2024/dsa-5630 94: https://packages.debian.org/src:thunderbird 95: https://www.debian.org/security/2024/dsa-5631 96: https://packages.debian.org/src:iwd 97: https://www.debian.org/security/2024/dsa-5632 98: https://packages.debian.org/src:composer 99: https://www.debian.org/security/2024/dsa-5635 100: https://packages.debian.org/src:yard 101: https://www.debian.org/security/2024/dsa-5637 102: https://packages.debian.org/src:squid 103: https://www.debian.org/security/2024/dsa-5638 104: https://packages.debian.org/src:libuv1 105: https://www.debian.org/security/2024/dsa-5640 106: https://packages.debian.org/src:openvswitch 107: https://www.debian.org/security/2024/dsa-5641 108: https://packages.debian.org/src:fontforge 109: https://www.debian.org/security/2024/dsa-5643 110: https://packages.debian.org/src:firefox-esr 111: https://www.debian.org/security/2024/dsa-5644 112: https://packages.debian.org/src:thunderbird 113: https://www.debian.org/security/2024/dsa-5645 114: https://packages.debian.org/src:firefox-esr 115: https://www.debian.org/security/2024/dsa-5646 116: https://packages.debian.org/src:cacti 117: https://www.debian.org/security/2024/dsa-5647 118: https://packages.debian.org/src:samba 119: https://www.debian.org/security/2024/dsa-5650 120: https://packages.debian.org/src:util-linux 121: https://www.debian.org/security/2024/dsa-5651 122: https://packages.debian.org/src:mediawiki 123: https://www.debian.org/security/2024/dsa-5652 124: https://packages.debian.org/src:py7zr 125: https://www.debian.org/security/2024/dsa-5653 126: https://packages.debian.org/src:gtkwave 127: https://www.debian.org/security/2024/dsa-5657 128: https://packages.debian.org/src:xorg-server 129: https://www.debian.org/security/2024/dsa-5659 130: https://packages.debian.org/src:trafficserver 131: https://www.debian.org/security/2024/dsa-5660 132: https://packages.debian.org/src:php7.4 133: https://www.debian.org/security/2024/dsa-5662 134: https://packages.debian.org/src:apache2 135: https://www.debian.org/security/2024/dsa-5663 136: https://packages.debian.org/src:firefox-esr 137: https://www.debian.org/security/2024/dsa-5664 138: https://packages.debian.org/src:jetty9 139: https://www.debian.org/security/2024/dsa-5666 140: https://packages.debian.org/src:flatpak 141: https://www.debian.org/security/2024/dsa-5667 142: https://packages.debian.org/src:tomcat9 143: https://www.debian.org/security/2024/dsa-5669 144: https://packages.debian.org/src:guix 145: https://www.debian.org/security/2024/dsa-5670 146: https://packages.debian.org/src:thunderbird 147: https://www.debian.org/security/2024/dsa-5671 148: https://packages.debian.org/src:openjdk-11 149: https://www.debian.org/security/2024/dsa-5672 150: https://packages.debian.org/src:openjdk-17 151: https://www.debian.org/security/2024/dsa-5673 152: https://packages.debian.org/src:glibc 153: https://www.debian.org/security/2024/dsa-5678 154: https://packages.debian.org/src:glibc 155: https://www.debian.org/security/2024/dsa-5679 156: https://packages.debian.org/src:less 157: https://www.debian.org/security/2024/dsa-5681 158: https://packages.debian.org/src:linux-signed-amd64 159: https://www.debian.org/security/2024/dsa-5681 160: https://packages.debian.org/src:linux-signed-arm64 161: https://www.debian.org/security/2024/dsa-5681 162: https://packages.debian.org/src:linux-signed-i386 163: https://www.debian.org/security/2024/dsa-5681 164: https://packages.debian.org/src:linux 165: https://www.debian.org/security/2024/dsa-5682 166: https://packages.debian.org/src:glib2.0 167: https://www.debian.org/security/2024/dsa-5682 168: https://packages.debian.org/src:gnome-shell 169: https://www.debian.org/security/2024/dsa-5684 170: https://packages.debian.org/src:webkit2gtk 171: https://www.debian.org/security/2024/dsa-5685 172: https://packages.debian.org/src:wordpress 173: https://www.debian.org/security/2024/dsa-5686 174: https://packages.debian.org/src:dav1d 175: https://www.debian.org/security/2024/dsa-5688 176: https://packages.debian.org/src:atril 177: https://www.debian.org/security/2024/dsa-5690 178: https://packages.debian.org/src:libreoffice 179: https://www.debian.org/security/2024/dsa-5691 180: https://packages.debian.org/src:firefox-esr 181: https://www.debian.org/security/2024/dsa-5692 182: https://packages.debian.org/src:ghostscript 183: https://www.debian.org/security/2024/dsa-5693 184: https://packages.debian.org/src:thunderbird 185: https://www.debian.org/security/2024/dsa-5695 186: https://packages.debian.org/src:webkit2gtk 187: https://www.debian.org/security/2024/dsa-5698 188: https://packages.debian.org/src:ruby-rack 189: https://www.debian.org/security/2024/dsa-5700 190: https://packages.debian.org/src:python-pymysql 191: https://www.debian.org/security/2024/dsa-5702 192: https://packages.debian.org/src:gst-plugins-base1.0 193: https://www.debian.org/security/2024/dsa-5703 194: https://packages.debian.org/src:linux-signed-amd64 195: https://www.debian.org/security/2024/dsa-5703 196: https://packages.debian.org/src:linux-signed-arm64 197: https://www.debian.org/security/2024/dsa-5703 198: https://packages.debian.org/src:linux-signed-i386 199: https://www.debian.org/security/2024/dsa-5703 200: https://packages.debian.org/src:linux 201: https://www.debian.org/security/2024/dsa-5704 202: https://packages.debian.org/src:pillow 203: https://www.debian.org/security/2024/dsa-5707 204: https://packages.debian.org/src:vlc 205: https://www.debian.org/security/2024/dsa-5709 206: https://packages.debian.org/src:firefox-esr 207: https://www.debian.org/security/2024/dsa-5711 208: https://packages.debian.org/src:thunderbird 209: https://www.debian.org/security/2024/dsa-5713 210: https://packages.debian.org/src:libndp 211: https://www.debian.org/security/2024/dsa-5714 212: https://packages.debian.org/src:roundcube 213: https://www.debian.org/security/2024/dsa-5715 214: https://packages.debian.org/src:composer Removed packages ---------------- The following packages were removed due to circumstances beyond our control: +-----------------------------+------------------------------------+ | Package | Reason | +-----------------------------+------------------------------------+ | phppgadmin [215] | Security issues | | | | | pytest-salt-factories [216] | Only needed for to-be-removed salt | | | | | pytest-testinfra [217] | Only needed for to-be-removed salt | | | | | salt [218] | Unsupportable, unmaintained | | | | | snort [219] | Security concerns, unmaintained | | | | +-----------------------------+------------------------------------+ 215: https://packages.debian.org/src:phppgadmin 216: https://packages.debian.org/src:pytest-salt-factories 217: https://packages.debian.org/src:pytest-testinfra 218: https://packages.debian.org/src:salt 219: https://packages.debian.org/src:snort Debian Installer ---------------- The installer has been updated to include the fixes incorporated into oldstable by the point release. URLs ---- The complete lists of packages that have changed with this revision: https://deb.debian.org/debian/dists/bullseye/ChangeLog The current oldstable distribution: https://deb.debian.org/debian/dists/oldstable/ Proposed updates to the oldstable distribution: https://deb.debian.org/debian/dists/oldstable-proposed-updates oldstable distribution information (release notes, errata etc.): https://www.debian.org/releases/oldstable/ Security announcements and information: https://www.debian.org/security/ About Debian ------------ The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. Contact Information ------------------- For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.
Attachment:
signature.asc
Description: This is a digitally signed message part