------------------------------------------------------------------------- Debian Stable Updates Announcement SUA 121-1 https://www.debian.org/ debian-release@lists.debian.org Adam D. Barratt July 17th, 2017 ------------------------------------------------------------------------- Upcoming Debian 9 Update (9.1) An update to Debian 9 is scheduled for Saturday, July 22nd, 2017. As of now it will include the following bug fixes. They can be found in "stretch-proposed-updates", which is carried by all official mirrors. Please note that packages published through security.debian.org are not listed, but will be included if possible. Testing and feedback would be appreciated. Bugs should be filed in the Debian Bug Tracking System, but please make the Release Team aware of them by copying "debian-release@lists.debian.org" on your mails. The point release will also include a rebuild of debian-installer. Miscellaneous Bugfixes ---------------------- This stable update adds a few important corrections to the following packages: Package Reason 3dchess Reduce wasteful CPU consumption adwaita-icon-theme Fix malformed send-to-symbolic icon anope Fix incorrect mail-transport-agent relationship apt Reset failure reason when connection was successful, so later errors are reported as such and not as "connection failure" warnings; http: A response with Content-Length: 0 has no content, so don't try to read it; use port from SRV record instead of initial port avogadro Update eigen3 patches base-files Update for the 9.1 point release c-ares Security fix [CVE-2017-1000381] debian-edu-doc Update Debian Edu Stretch manual from the wiki; update translations debsecan Add support for stretch and buster; Python needs https_proxy for proxy configuration with https:// URLs debian-installer Rebuild against proposed-updates debian-installer-netboot- Rebuild against proposed-updates images devscripts debchange: target stretch-backports with --bpo; support $codename{,-{proposed-updates,security}}; bts: add support for the new "a11y" tag dgit Multiple bugfixes dovecot Fix syntax errors when sending Solr queries dwarfutils Security fixes [CVE-2017-9052 CVE-2017-9053 CVE-2017-9054 CVE-2017-9055 CVE-2017-9998] fpc Fix conversion from local time to UTC galternatives Fix blank window when displaying properties geolinks Fix python3 dependencies gnats gnats-user: do not fail to purge if /var/lib/gnats/gnats-db is not empty gnome-settings-daemon Do not add the "US" keyboard layout by default for new users, for some reason, this layout was preferred over the system configured one on the first login; preserve NumLock state between sessions by default gnuplot Fix memory corruption vulnerability gnutls28 Fix breakage with AES-GCM in-place encryption and decryption on aarch64 grub-installer Fix support for systems with a large number of disks intel-microcode Update included microcode libclamunrar Fix arbitrary memory write [CVE-2012-6706] libopenmpt Security fixes: out-of-bounds read while loading a malfomed PLM file; arbitrary code execution by a crafted PSM file [CVE-2017-11311]; various security fixes libquicktime Security fixes [CVE-2017-9122 CVE-2017-9123 CVE-2017-9124 CVE-2017-9125 CVE-2017-9126 CVE-2017-9127 CVE-2017-9128] linux-latest Revert changes to debug symbol meta-packages nagios-nrpe Restore previous SSL defaults nvidia-graphics-drivers Bump Pre-Depends: nvidia-installer-cleanup to (>= 20151021) for smoother upgrades from jessie octave-ocs Fix loading package functions open-iscsi Speed up Debian Installer when iSCSI is not used openssh Fix incoming compression statistics openstack-debian-images Also add security updates for non wheezy/jessie os-prober EFI - look for "dos" instead of "msdos" osinfo-db Improve support for Stretch and Jessie partman-base Protect the firmware area on all mmcblk devices (and not only on mmcblk0) from being clobbered during guided partitioning pdns-recursor Add 2017 DNSSEC root key perl Backport various Getopt-Long fixes from upstream 2.49..2.51; backport upstream patch fixing regexp "Malformed UTF-8 character"; apply upstream base.pm no-dot-in-inc fix phpunit Security fix: arbitrary PHP code execution via HTTP POST protozero Fix data_view equality operator pulseaudio Fix copyright file pykde4 Drop bindings for plasma webview bindings; they're obsolete and non-functional python-colorlog Fix python3 dependencies python-imaplib2 Fix python3 dependencies python-plumbum Fix python3 dependencies qgis Fix missing Breaks/Replaces against python-qgis-common request-tracker4 Handle configuration permissions correctly following RT_SiteConfig.d changes retext Backport upstream fix for crash in XSettings code; fix syntax in appdata XML file rkhunter Disable remote updates [CVE-2017-7480] socat Fix signals leading to possible 100% CPU usage squashfs-tools Fix corruption of large files; fix rare race condition systemd Fix out-of-bounds write in systemd-resolved [CVE-2017-9445]; be truly quiet in systemctl -q is-enabled; improve RLIMIT_NOFILE handling; debian/extra/rules: Use updated U2F ruleset thermald Add Broadwell-GT3E and Kabylake support unrar-nonfree Add bound checks for VMSF_DELTA, VMSF_RGB and VMSF_AUDIO paramters [CVE-2012-6706] win32-loader Replace all mirror urls with deb.debian.org; drop bz2 compression for source A complete list of all accepted and rejected packages together with rationale is on the preparation page for this revision: <https://release.debian.org/proposed-updates/stable.html> If you encounter any issues, please don't hesitate to get in touch with the Debian Release Team at "debian-release@lists.debian.org".
Attachment:
signature.asc
Description: This is a digitally signed message part