------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 11: 11.10 released press@debian.org
June 29th, 2024 https://www.debian.org/News/2024/2024062902
------------------------------------------------------------------------
The Debian project is pleased to announce the tenth update of its
oldstable distribution Debian 11 (codename "bullseye"). This point
release mainly adds corrections for security issues, along with a few
adjustments for serious problems. Security advisories have already been
published separately and are referenced where available.
Please note that the point release does not constitute a new version of
Debian 11 but only updates some of the packages included. There is no
need to throw away old "bullseye" media. After installation, packages
can be upgraded to the current versions using an up-to-date Debian
mirror.
Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.
New installation images will be available soon at the regular locations.
Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:
https://www.debian.org/mirror/list
Miscellaneous Bugfixes
----------------------
This oldstable update adds a few important corrections to the following
packages:
+--------------------------+------------------------------------------+
| Package | Reason |
+--------------------------+------------------------------------------+
| allegro5 [1] | Fix buffer overflow issues [CVE-2021- |
| | 36489] |
| | |
| amavisd-new [2] | Handle multiple boundary parameters that |
| | contain conflicting values [CVE-2024- |
| | 28054] |
| | |
| bart [3] | Fix build test failures by relaxing a |
| | floating-point comparison |
| | |
| bart-cuda [4] | Fix build test failures by relaxing a |
| | floating-point comparison |
| | |
| base-files [5] | Update for the point release |
| | |
| cloud-init-22.4.2 [6] | Introduce later-versioned replacement |
| | for cloud-init package |
| | |
| cpu [7] | Provide exactly one definition of |
| | globalLdap in ldap plugin |
| | |
| curl [8] | Fix memory leak when HTTP/2 server push |
| | is aborted [CVE-2024-2398] |
| | |
| debian-installer [9] | Increase Linux kernel ABI to 5.10.0-30; |
| | rebuild against proposed-updates |
| | |
| debian-installer- | Rebuild against proposed-updates |
| netboot-images [10] | |
| | |
| debsig-verify [11] | Rebuild for outdated Built-Using |
| | |
| deets [12] | Rebuild for outdated Built-Using |
| | |
| distro-info-data [13] | Declare intentions for bullseye/ |
| | bookworm; fix past data; add Ubuntu |
| | 24.10 |
| | |
| django-mailman3 [14] | Scrub messages before archiving |
| | |
| dns-root-data [15] | Update root hints; update expired |
| | security information |
| | |
| emacs [16] | Protect against unsafe remote resources |
| | [CVE-2024-30203 CVE-2024-30204 CVE-2024- |
| | 30205]; fix memory leak in patch for |
| | CVE-2022-48337 |
| | |
| galera-4 [17] | New upstream bugfix release; update |
| | upstream release signing key; prevent |
| | date-related test failures |
| | |
| gdk-pixbuf [18] | ANI: Reject files with multiple anih |
| | chunks [CVE-2022-48622]; ANI: Reject |
| | files with multiple INAM or IART chunks; |
| | ANI: Validate anih chunk size |
| | |
| glib2.0 [19] | Fix a (rare) memory leak |
| | |
| gnutls28 [20] | Fix assertion failure verifying a |
| | certificate chain with a cycle of cross |
| | signatures [CVE-2024-0567]; fix timing |
| | side-channel attack inside RSA-PSK key |
| | exchange [CVE-2024-0553] |
| | |
| gross [21] | Fix stack-based buffer overflow |
| | [CVE-2023-52159] |
| | |
| hovercraft [22] | Depend on python3-setuptools |
| | |
| imlib2 [23] | Fix heap-buffer overflow vulnerability |
| | when using the tgaflip function in |
| | loader_tga.c [CVE-2024-25447 CVE-2024- |
| | 25448 CVE-2024-25450] |
| | |
| intel-microcode [24] | Fixes for INTEL-SA-INTEL-SA-00972 |
| | [CVE-2023-39368], INTEL-SA-INTEL- |
| | SA-00982 [CVE-2023-38575], INTEL-SA- |
| | INTEL-SA-00898 [CVE-2023-28746], INTEL- |
| | SA-INTEL-SA-00960 [CVE-2023-22655] and |
| | INTEL-SA-INTEL-SA-01045 [CVE-2023- |
| | 43490]; mitigate for INTEL-SA-01051 |
| | [CVE-2023-45733], INTEL-SA-01052 |
| | [CVE-2023-46103], INTEL-SA-01036 |
| | [CVE-2023-45745, CVE-2023-47855] and |
| | unspecified functional issues on various |
| | Intel processors |
| | |
| jose [25] | Fix potential denial-of-service issue |
| | [CVE-2023-50967] |
| | |
| json-smart [26] | Fix excessive recursion leading to stack |
| | overflow [CVE-2023-1370]; fix denial of |
| | service via crafted request [CVE-2021- |
| | 31684] |
| | |
| lacme [27] | Fix post-issuance validation logic |
| | |
| libapache2-mod-auth- | Fix missing input validation leading to |
| openidc [28] | DoS [CVE-2024-24814] |
| | |
| libjwt [29] | Fix a timing side channel via strcmp() |
| | [CVE-2024-25189] |
| | |
| libkf5ksieve [30] | Prevent leaking passwords into server- |
| | side logs |
| | |
| libmicrohttpd [31] | Fix out of bounds read with crafted POST |
| | requests [CVE-2023-27371] |
| | |
| libssh2 [32] | Fix out of bounds memory check in |
| | _libssh2_packet_add [CVE-2020-22218] |
| | |
| links2 [33] | Rebuild for outdated Built-Using |
| | |
| nano [34] | Fix malicious symlink issue [CVE-2024- |
| | 5742] |
| | |
| ngircd [35] | Respect "SSLConnect" option for |
| | incoming connections; server certificate |
| | validation on server links (S2S-TLS); |
| | METADATA: Fix unsetting "cloakhost" |
| | |
| nvidia-graphics- | End support for Tesla 450 drivers; build |
| drivers [36] | libnvidia-fbc1 for arm64; upstream |
| | security fixes [CVE-2022-42265 CVE-2024- |
| | 0074 CVE-2024-0078]; new upstream stable |
| | release; security fixes [CVE-2024-0090 |
| | CVE-2024-0092]; fix build on ppc64el |
| | |
| nvidia-graphics-drivers- | Convert to transitional packages |
| tesla-450 [37] | |
| | |
| nvidia-graphics-drivers- | New upstream LTS release [CVE-2024-0074 |
| tesla-470 [38] | CVE-2024-0078 CVE-2022-42265 CVE-2024- |
| | 0090 CVE-2024-0092]; fix build on |
| | ppc64el |
| | |
| nvidia-settings [39] | New upstream bugfix release; build for |
| | ppc64el |
| | |
| org-mode [40] | Protect against unsafe remote resources |
| | [CVE-2024-30203 CVE-2024-30204 CVE-2024- |
| | 30205] |
| | |
| php-composer-xdebug- | Force system dependency loading |
| handler [41] | |
| | |
| php-doctrine- | Force system dependency loading |
| annotations [42] | |
| | |
| php-phpseclib [43] | Force system dependency loading; guard |
| | isPrime() and randomPrime() for |
| | BigInteger [CVE-2024-27354]; limit OID |
| | length in ASN1 [CVE-2024-27355]; fix |
| | BigInteger getLength() |
| | |
| php-proxy-manager [44] | Force system dependency loading |
| | |
| php-symfony- | Force system dependency loading |
| contracts [45] | |
| | |
| php-zend-code [46] | Force system dependency loading |
| | |
| phpseclib [47] | Force system dependency loading; guard |
| | isPrime() and randomPrime() for |
| | BigInteger [CVE-2024-27354]; limit OID |
| | length in ASN1 [CVE-2024-27355]; fix |
| | BigInteger getLength() |
| | |
| postfix [48] | Upstream bugfix release |
| | |
| postgresql-13 [49] | New upstream stable release |
| | |
| pypdf2 [50] | Fix quadratic runtime with malformed PDF |
| | missing xref marker [CVE-2023-36810]; |
| | fix infinite loop with crafted input |
| | [CVE-2022-24859] |
| | |
| python-aiosmtpd [51] | Fix SMTP smuggling issue [CVE-2024- |
| | 27305]; fix STARTTLS unencrypted command |
| | injection issue [CVE-2024-34083] |
| | |
| python-dnslib [52] | Validate transaction ID in client.py |
| | |
| python-idna [53] | Fix denial of service issue [CVE-2024- |
| | 3651] |
| | |
| python-stdnum [54] | Fix FTBFS when test date is not far |
| | enough in the future |
| | |
| qtbase-opensource- | Security fixes [CVE-2022-25255 CVE-2023- |
| src [55] | 24607 CVE-2023-32762 CVE-2023-32763 |
| | CVE-2023-33285 CVE-2023-34410 CVE-2023- |
| | 37369 CVE-2023-38197 CVE-2023-51714 |
| | CVE-2024-25580] |
| | |
| reportbug [56] | Fix suite name to codename mappings to |
| | reflect the bookworm release |
| | |
| rust-cbindgen-web [57] | New source package to support builds of |
| | newer Firefox ESR versions |
| | |
| rustc-web [58] | Support firefox-esr and thunderbird in |
| | bullseye for LTS |
| | |
| sendmail [59] | Fix SMTP smuggling issue [CVE-2023- |
| | 51765]; add forgotten configuration for |
| | rejecting NUL by defualt |
| | |
| symfony [60] | Force system dependency loading; |
| | DateTypeTest: ensure submitted year is |
| | accepted choice |
| | |
| systemd [61] | Meson: drop arch filtering in syscall |
| | list; unset TZ before timezone-sensitive |
| | unit tests are run |
| | |
| wpa [62] | Fix authentication bypass issue |
| | [CVE-2023-52160] |
| | |
+--------------------------+------------------------------------------+
1: https://packages.debian.org/src:allegro5
2: https://packages.debian.org/src:amavisd-new
3: https://packages.debian.org/src:bart
4: https://packages.debian.org/src:bart-cuda
5: https://packages.debian.org/src:base-files
6: https://packages.debian.org/src:cloud-init-22.4.2
7: https://packages.debian.org/src:cpu
8: https://packages.debian.org/src:curl
9: https://packages.debian.org/src:debian-installer
10: https://packages.debian.org/src:debian-installer-netboot-images
11: https://packages.debian.org/src:debsig-verify
12: https://packages.debian.org/src:deets
13: https://packages.debian.org/src:distro-info-data
14: https://packages.debian.org/src:django-mailman3
15: https://packages.debian.org/src:dns-root-data
16: https://packages.debian.org/src:emacs
17: https://packages.debian.org/src:galera-4
18: https://packages.debian.org/src:gdk-pixbuf
19: https://packages.debian.org/src:glib2.0
20: https://packages.debian.org/src:gnutls28
21: https://packages.debian.org/src:gross
22: https://packages.debian.org/src:hovercraft
23: https://packages.debian.org/src:imlib2
24: https://packages.debian.org/src:intel-microcode
25: https://packages.debian.org/src:jose
26: https://packages.debian.org/src:json-smart
27: https://packages.debian.org/src:lacme
28: https://packages.debian.org/src:libapache2-mod-auth-openidc
29: https://packages.debian.org/src:libjwt
30: https://packages.debian.org/src:libkf5ksieve
31: https://packages.debian.org/src:libmicrohttpd
32: https://packages.debian.org/src:libssh2
33: https://packages.debian.org/src:links2
34: https://packages.debian.org/src:nano
35: https://packages.debian.org/src:ngircd
36: https://packages.debian.org/src:nvidia-graphics-drivers
37: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-450
38: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-470
39: https://packages.debian.org/src:nvidia-settings
40: https://packages.debian.org/src:org-mode
41: https://packages.debian.org/src:php-composer-xdebug-handler
42: https://packages.debian.org/src:php-doctrine-annotations
43: https://packages.debian.org/src:php-phpseclib
44: https://packages.debian.org/src:php-proxy-manager
45: https://packages.debian.org/src:php-symfony-contracts
46: https://packages.debian.org/src:php-zend-code
47: https://packages.debian.org/src:phpseclib
48: https://packages.debian.org/src:postfix
49: https://packages.debian.org/src:postgresql-13
50: https://packages.debian.org/src:pypdf2
51: https://packages.debian.org/src:python-aiosmtpd
52: https://packages.debian.org/src:python-dnslib
53: https://packages.debian.org/src:python-idna
54: https://packages.debian.org/src:python-stdnum
55: https://packages.debian.org/src:qtbase-opensource-src
56: https://packages.debian.org/src:reportbug
57: https://packages.debian.org/src:rust-cbindgen-web
58: https://packages.debian.org/src:rustc-web
59: https://packages.debian.org/src:sendmail
60: https://packages.debian.org/src:symfony
61: https://packages.debian.org/src:systemd
62: https://packages.debian.org/src:wpa
Security Updates
----------------
This revision adds the following security updates to the oldstable
release. The Security Team has already released an advisory for each of
these updates:
+----------------+---------------------------+
| Advisory ID | Package |
+----------------+---------------------------+
| DSA-5146 [63] | puma [64] |
| | |
| DSA-5360 [65] | emacs [66] |
| | |
| DSA-5575 [67] | webkit2gtk [68] |
| | |
| DSA-5580 [69] | webkit2gtk [70] |
| | |
| DSA-5596 [71] | asterisk [72] |
| | |
| DSA-5616 [73] | ruby-sanitize [74] |
| | |
| DSA-5618 [75] | webkit2gtk [76] |
| | |
| DSA-5619 [77] | libgit2 [78] |
| | |
| DSA-5620 [79] | unbound [80] |
| | |
| DSA-5621 [81] | bind9 [82] |
| | |
| DSA-5622 [83] | postgresql-13 [84] |
| | |
| DSA-5624 [85] | edk2 [86] |
| | |
| DSA-5625 [87] | engrampa [88] |
| | |
| DSA-5627 [89] | firefox-esr [90] |
| | |
| DSA-5628 [91] | imagemagick [92] |
| | |
| DSA-5630 [93] | thunderbird [94] |
| | |
| DSA-5631 [95] | iwd [96] |
| | |
| DSA-5632 [97] | composer [98] |
| | |
| DSA-5635 [99] | yard [100] |
| | |
| DSA-5637 [101] | squid [102] |
| | |
| DSA-5638 [103] | libuv1 [104] |
| | |
| DSA-5640 [105] | openvswitch [106] |
| | |
| DSA-5641 [107] | fontforge [108] |
| | |
| DSA-5643 [109] | firefox-esr [110] |
| | |
| DSA-5644 [111] | thunderbird [112] |
| | |
| DSA-5645 [113] | firefox-esr [114] |
| | |
| DSA-5646 [115] | cacti [116] |
| | |
| DSA-5647 [117] | samba [118] |
| | |
| DSA-5650 [119] | util-linux [120] |
| | |
| DSA-5651 [121] | mediawiki [122] |
| | |
| DSA-5652 [123] | py7zr [124] |
| | |
| DSA-5653 [125] | gtkwave [126] |
| | |
| DSA-5657 [127] | xorg-server [128] |
| | |
| DSA-5659 [129] | trafficserver [130] |
| | |
| DSA-5660 [131] | php7.4 [132] |
| | |
| DSA-5662 [133] | apache2 [134] |
| | |
| DSA-5663 [135] | firefox-esr [136] |
| | |
| DSA-5664 [137] | jetty9 [138] |
| | |
| DSA-5666 [139] | flatpak [140] |
| | |
| DSA-5667 [141] | tomcat9 [142] |
| | |
| DSA-5669 [143] | guix [144] |
| | |
| DSA-5670 [145] | thunderbird [146] |
| | |
| DSA-5671 [147] | openjdk-11 [148] |
| | |
| DSA-5672 [149] | openjdk-17 [150] |
| | |
| DSA-5673 [151] | glibc [152] |
| | |
| DSA-5678 [153] | glibc [154] |
| | |
| DSA-5679 [155] | less [156] |
| | |
| DSA-5681 [157] | linux-signed-amd64 [158] |
| | |
| DSA-5681 [159] | linux-signed-arm64 [160] |
| | |
| DSA-5681 [161] | linux-signed-i386 [162] |
| | |
| DSA-5681 [163] | linux [164] |
| | |
| DSA-5682 [165] | glib2.0 [166] |
| | |
| DSA-5682 [167] | gnome-shell [168] |
| | |
| DSA-5684 [169] | webkit2gtk [170] |
| | |
| DSA-5685 [171] | wordpress [172] |
| | |
| DSA-5686 [173] | dav1d [174] |
| | |
| DSA-5688 [175] | atril [176] |
| | |
| DSA-5690 [177] | libreoffice [178] |
| | |
| DSA-5691 [179] | firefox-esr [180] |
| | |
| DSA-5692 [181] | ghostscript [182] |
| | |
| DSA-5693 [183] | thunderbird [184] |
| | |
| DSA-5695 [185] | webkit2gtk [186] |
| | |
| DSA-5698 [187] | ruby-rack [188] |
| | |
| DSA-5700 [189] | python-pymysql [190] |
| | |
| DSA-5702 [191] | gst-plugins-base1.0 [192] |
| | |
| DSA-5703 [193] | linux-signed-amd64 [194] |
| | |
| DSA-5703 [195] | linux-signed-arm64 [196] |
| | |
| DSA-5703 [197] | linux-signed-i386 [198] |
| | |
| DSA-5703 [199] | linux [200] |
| | |
| DSA-5704 [201] | pillow [202] |
| | |
| DSA-5707 [203] | vlc [204] |
| | |
| DSA-5709 [205] | firefox-esr [206] |
| | |
| DSA-5711 [207] | thunderbird [208] |
| | |
| DSA-5713 [209] | libndp [210] |
| | |
| DSA-5714 [211] | roundcube [212] |
| | |
| DSA-5715 [213] | composer [214] |
| | |
+----------------+---------------------------+
63: https://www.debian.org/security/2022/dsa-5146
64: https://packages.debian.org/src:puma
65: https://www.debian.org/security/2023/dsa-5360
66: https://packages.debian.org/src:emacs
67: https://www.debian.org/security/2023/dsa-5575
68: https://packages.debian.org/src:webkit2gtk
69: https://www.debian.org/security/2023/dsa-5580
70: https://packages.debian.org/src:webkit2gtk
71: https://www.debian.org/security/2024/dsa-5596
72: https://packages.debian.org/src:asterisk
73: https://www.debian.org/security/2024/dsa-5616
74: https://packages.debian.org/src:ruby-sanitize
75: https://www.debian.org/security/2024/dsa-5618
76: https://packages.debian.org/src:webkit2gtk
77: https://www.debian.org/security/2024/dsa-5619
78: https://packages.debian.org/src:libgit2
79: https://www.debian.org/security/2024/dsa-5620
80: https://packages.debian.org/src:unbound
81: https://www.debian.org/security/2024/dsa-5621
82: https://packages.debian.org/src:bind9
83: https://www.debian.org/security/2024/dsa-5622
84: https://packages.debian.org/src:postgresql-13
85: https://www.debian.org/security/2024/dsa-5624
86: https://packages.debian.org/src:edk2
87: https://www.debian.org/security/2024/dsa-5625
88: https://packages.debian.org/src:engrampa
89: https://www.debian.org/security/2024/dsa-5627
90: https://packages.debian.org/src:firefox-esr
91: https://www.debian.org/security/2024/dsa-5628
92: https://packages.debian.org/src:imagemagick
93: https://www.debian.org/security/2024/dsa-5630
94: https://packages.debian.org/src:thunderbird
95: https://www.debian.org/security/2024/dsa-5631
96: https://packages.debian.org/src:iwd
97: https://www.debian.org/security/2024/dsa-5632
98: https://packages.debian.org/src:composer
99: https://www.debian.org/security/2024/dsa-5635
100: https://packages.debian.org/src:yard
101: https://www.debian.org/security/2024/dsa-5637
102: https://packages.debian.org/src:squid
103: https://www.debian.org/security/2024/dsa-5638
104: https://packages.debian.org/src:libuv1
105: https://www.debian.org/security/2024/dsa-5640
106: https://packages.debian.org/src:openvswitch
107: https://www.debian.org/security/2024/dsa-5641
108: https://packages.debian.org/src:fontforge
109: https://www.debian.org/security/2024/dsa-5643
110: https://packages.debian.org/src:firefox-esr
111: https://www.debian.org/security/2024/dsa-5644
112: https://packages.debian.org/src:thunderbird
113: https://www.debian.org/security/2024/dsa-5645
114: https://packages.debian.org/src:firefox-esr
115: https://www.debian.org/security/2024/dsa-5646
116: https://packages.debian.org/src:cacti
117: https://www.debian.org/security/2024/dsa-5647
118: https://packages.debian.org/src:samba
119: https://www.debian.org/security/2024/dsa-5650
120: https://packages.debian.org/src:util-linux
121: https://www.debian.org/security/2024/dsa-5651
122: https://packages.debian.org/src:mediawiki
123: https://www.debian.org/security/2024/dsa-5652
124: https://packages.debian.org/src:py7zr
125: https://www.debian.org/security/2024/dsa-5653
126: https://packages.debian.org/src:gtkwave
127: https://www.debian.org/security/2024/dsa-5657
128: https://packages.debian.org/src:xorg-server
129: https://www.debian.org/security/2024/dsa-5659
130: https://packages.debian.org/src:trafficserver
131: https://www.debian.org/security/2024/dsa-5660
132: https://packages.debian.org/src:php7.4
133: https://www.debian.org/security/2024/dsa-5662
134: https://packages.debian.org/src:apache2
135: https://www.debian.org/security/2024/dsa-5663
136: https://packages.debian.org/src:firefox-esr
137: https://www.debian.org/security/2024/dsa-5664
138: https://packages.debian.org/src:jetty9
139: https://www.debian.org/security/2024/dsa-5666
140: https://packages.debian.org/src:flatpak
141: https://www.debian.org/security/2024/dsa-5667
142: https://packages.debian.org/src:tomcat9
143: https://www.debian.org/security/2024/dsa-5669
144: https://packages.debian.org/src:guix
145: https://www.debian.org/security/2024/dsa-5670
146: https://packages.debian.org/src:thunderbird
147: https://www.debian.org/security/2024/dsa-5671
148: https://packages.debian.org/src:openjdk-11
149: https://www.debian.org/security/2024/dsa-5672
150: https://packages.debian.org/src:openjdk-17
151: https://www.debian.org/security/2024/dsa-5673
152: https://packages.debian.org/src:glibc
153: https://www.debian.org/security/2024/dsa-5678
154: https://packages.debian.org/src:glibc
155: https://www.debian.org/security/2024/dsa-5679
156: https://packages.debian.org/src:less
157: https://www.debian.org/security/2024/dsa-5681
158: https://packages.debian.org/src:linux-signed-amd64
159: https://www.debian.org/security/2024/dsa-5681
160: https://packages.debian.org/src:linux-signed-arm64
161: https://www.debian.org/security/2024/dsa-5681
162: https://packages.debian.org/src:linux-signed-i386
163: https://www.debian.org/security/2024/dsa-5681
164: https://packages.debian.org/src:linux
165: https://www.debian.org/security/2024/dsa-5682
166: https://packages.debian.org/src:glib2.0
167: https://www.debian.org/security/2024/dsa-5682
168: https://packages.debian.org/src:gnome-shell
169: https://www.debian.org/security/2024/dsa-5684
170: https://packages.debian.org/src:webkit2gtk
171: https://www.debian.org/security/2024/dsa-5685
172: https://packages.debian.org/src:wordpress
173: https://www.debian.org/security/2024/dsa-5686
174: https://packages.debian.org/src:dav1d
175: https://www.debian.org/security/2024/dsa-5688
176: https://packages.debian.org/src:atril
177: https://www.debian.org/security/2024/dsa-5690
178: https://packages.debian.org/src:libreoffice
179: https://www.debian.org/security/2024/dsa-5691
180: https://packages.debian.org/src:firefox-esr
181: https://www.debian.org/security/2024/dsa-5692
182: https://packages.debian.org/src:ghostscript
183: https://www.debian.org/security/2024/dsa-5693
184: https://packages.debian.org/src:thunderbird
185: https://www.debian.org/security/2024/dsa-5695
186: https://packages.debian.org/src:webkit2gtk
187: https://www.debian.org/security/2024/dsa-5698
188: https://packages.debian.org/src:ruby-rack
189: https://www.debian.org/security/2024/dsa-5700
190: https://packages.debian.org/src:python-pymysql
191: https://www.debian.org/security/2024/dsa-5702
192: https://packages.debian.org/src:gst-plugins-base1.0
193: https://www.debian.org/security/2024/dsa-5703
194: https://packages.debian.org/src:linux-signed-amd64
195: https://www.debian.org/security/2024/dsa-5703
196: https://packages.debian.org/src:linux-signed-arm64
197: https://www.debian.org/security/2024/dsa-5703
198: https://packages.debian.org/src:linux-signed-i386
199: https://www.debian.org/security/2024/dsa-5703
200: https://packages.debian.org/src:linux
201: https://www.debian.org/security/2024/dsa-5704
202: https://packages.debian.org/src:pillow
203: https://www.debian.org/security/2024/dsa-5707
204: https://packages.debian.org/src:vlc
205: https://www.debian.org/security/2024/dsa-5709
206: https://packages.debian.org/src:firefox-esr
207: https://www.debian.org/security/2024/dsa-5711
208: https://packages.debian.org/src:thunderbird
209: https://www.debian.org/security/2024/dsa-5713
210: https://packages.debian.org/src:libndp
211: https://www.debian.org/security/2024/dsa-5714
212: https://packages.debian.org/src:roundcube
213: https://www.debian.org/security/2024/dsa-5715
214: https://packages.debian.org/src:composer
Removed packages
----------------
The following packages were removed due to circumstances beyond our
control:
+-----------------------------+------------------------------------+
| Package | Reason |
+-----------------------------+------------------------------------+
| phppgadmin [215] | Security issues |
| | |
| pytest-salt-factories [216] | Only needed for to-be-removed salt |
| | |
| pytest-testinfra [217] | Only needed for to-be-removed salt |
| | |
| salt [218] | Unsupportable, unmaintained |
| | |
| snort [219] | Security concerns, unmaintained |
| | |
+-----------------------------+------------------------------------+
215: https://packages.debian.org/src:phppgadmin
216: https://packages.debian.org/src:pytest-salt-factories
217: https://packages.debian.org/src:pytest-testinfra
218: https://packages.debian.org/src:salt
219: https://packages.debian.org/src:snort
Debian Installer
----------------
The installer has been updated to include the fixes incorporated into
oldstable by the point release.
URLs
----
The complete lists of packages that have changed with this revision:
https://deb.debian.org/debian/dists/bullseye/ChangeLog
The current oldstable distribution:
https://deb.debian.org/debian/dists/oldstable/
Proposed updates to the oldstable distribution:
https://deb.debian.org/debian/dists/oldstable-proposed-updates
oldstable distribution information (release notes, errata etc.):
https://www.debian.org/releases/oldstable/
Security announcements and information:
https://www.debian.org/security/
About Debian
------------
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.
Contact Information
-------------------
For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to <press@debian.org>, or contact the
stable release team at <debian-release@lists.debian.org>.
Attachment:
signature.asc
Description: This is a digitally signed message part