Updated Debian 11: 11.9 released
------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 11: 11.9 released press@debian.org
February 10th, 2024 https://www.debian.org/News//2024/2024021002
------------------------------------------------------------------------
The Debian project is pleased to announce the ninth update of its
oldstable distribution Debian 11 (codename "bullseye"). This point
release mainly adds corrections for security issues, along with a few
adjustments for serious problems. Security advisories have already been
published separately and are referenced where available.
Please note that the point release does not constitute a new version of
Debian 11 but only updates some of the packages included. There is no
need to throw away old "bullseye" media. After installation, packages
can be upgraded to the current versions using an up-to-date Debian
mirror.
Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.
New installation images will be available soon at the regular locations.
Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:
https://www.debian.org/mirror/list [1]
1: https://www.debian.org/News/mirror/list
Miscellaneous Bugfixes
----------------------
This oldstable update adds a few important corrections to the following
packages:
+---------------------+-------------------------------------------------------------+
| Package | Reason
|
+---------------------+-------------------------------------------------------------+
| axis [2] | Filter out unsupported protocols in the client
class |
| | ServiceFactory [CVE-2023-40743]
|
| |
|
| base-files [3] | Update for the 11.9 point release
|
| |
|
| cifs-utils [4] | Fix non-parallel builds
|
| |
|
| compton [5] | Remove recommendation of picom
|
| |
|
| conda-package- | Skip unreliable tests
|
| handling [6] |
|
| |
|
| conmon [7] | Do not hang when forwarding container stdout/stderr
with |
| | lots of output
|
| |
|
| crun [8] | Fix containers with systemd as their init system,
when |
| | using newer kernel versions
|
| |
|
| debian- | Increase Linux kernel ABI to 5.10.0-28; rebuild
against |
| installer [9] | proposed-updates
|
| |
|
| debian-installer- | Rebuild against proposed-updates
|
| netboot-images [10] |
|
| |
|
| debian-ports- | Add Debian Ports Archive Automatic Signing Key
(2025) |
| archive- |
|
| keyring [11] |
|
| |
|
| debian-security- | Mark tor, consul and xen as end-of-life; limit
samba |
| support [12] | support to non-AD DC use cases; match golang
packages with |
| | regular expression; drop version-based checking;
add |
| | chromium to security-support-ended.deb11; add tiles
and |
| | libspring-java to security-support-limited
|
| |
|
| debootstrap [13] | Backport merged-/usr support changes from trixie:
implement |
| | merged-/usr by post-merging, default to merged-/usr
for |
| | suites newer than bookworm in all profiles
|
| |
|
| distro-info [14] | Update tests for distro-info-data 0.58+deb12u1,
which |
| | adjusted Debian 7's EoL date
|
| |
|
| distro-info- | Add Ubuntu 24.04 LTS Noble Numbat; fix several End
Of Life |
| data [15] | dates
|
| |
|
| dpdk [16] | New upstream stable release
|
| |
|
| dropbear [17] | Fix security measure bypass issue [CVE-2021-36369];
fix |
| | "terrapin" attack [CVE-2023-48795]
|
| |
|
| exuberant- | Fix arbitrary command execution issue
[CVE-2022-4515] |
| ctags [18] |
|
| |
|
| filezilla [19] | Prevent "terrapin" exploit [CVE-2023-48795]
|
| |
|
| gimp [20] | Remove old versions of separately packaged dds
plugin |
| |
|
| glib2.0 [21] | Align with upstream stable fixes; fix denial of
service |
| | issues [CVE-2023-32665 CVE-2023-32611
CVE-2023-29499 |
| | CVE-2023-32636]
|
| |
|
| glibc [22] | Fix a memory corruption in "qsort()" when using
|
| | nontransitive comparison functions.
|
| |
|
| gnutls28 [23] | Security fix for timing sidechannel attack
[CVE-2023-5981] |
| |
|
| imagemagick [24] | Various security fixes [CVE-2021-20241
CVE-2021-20243 |
| | CVE-2021-20244 CVE-2021-20245 CVE-2021-20246
CVE-2021-20309 |
| | CVE-2021-3574 CVE-2021-39212 CVE-2021-4219
CVE-2022-1114 |
| | CVE-2022-28463 CVE-2022-32545 CVE-2022-32546]
|
| |
|
| jqueryui [25] | Fix cross-site scripting issue [CVE-2022-31160]
|
| |
|
| knewstuff [26] | Ensure correct ProvidersUrl to fix denial of
service |
| |
|
| libdatetime- | Update included timezone data
|
| timezone-perl [27] |
|
| |
|
| libde265 [28] | Fix segmentation violation in the function
|
| | "decoder_context::process_slice_segment_header"
[CVE-2023- |
| | 27102]; fix heap buffer overflow in the function
|
| | "derive_collocated_motion_vectors"
[CVE-2023-27103]; fix |
| | buffer over-read in "pic_parameter_set::dump"
[CVE-2023- |
| | 43887]; fix buffer overflow in the
"slice_segment_header" |
| | function [CVE-2023-47471]; fix buffer overflow
issues |
| | [CVE-2023-49465 CVE-2023-49467 CVE-2023-49468]
|
| |
|
| libmateweather [29] | Update included location data; update data server
URL |
| |
|
| libpod [30] | Fix incorrect handling of supplementary groups
[CVE-2022- |
| | 2989]
|
| |
|
| libsolv [31] | Enable zstd compression support
|
| |
|
| libspreadsheet- | Fix possible memory bomb [CVE-2024-22368]; fix XML
External |
| parsexlsx-perl [32] | Entity issue [CVE-2024-23525]
|
| |
|
| linux [33] | New upstream stable release; increase ABI to 28
|
| |
|
| linux-signed- | New upstream stable release; increase ABI to 28
|
| amd64 [34] |
|
| |
|
| linux-signed- | New upstream stable release; increase ABI to 28
|
| arm64 [35] |
|
| |
|
| linux-signed- | New upstream stable release; increase ABI to 28
|
| i386 [36] |
|
| |
|
| llvm- | New backported package to support builds of newer
chromium |
| toolchain-16 [37] | versions; build-dep on "llvm-spirv" instead of
"llvm- |
| | spirv-16"
|
| |
|
| mariadb-10.5 [38] | New upstream stable release; fix denial of service
issue |
| | [CVE-2023-22084]
|
| |
|
| minizip [39] | Reject overflows of zip header fields
[CVE-2023-45853] |
| |
|
| modsecurity- | Fix protection bypass issues [CVE-2022-48279
CVE-2023- |
| apache [40] | 24021]
|
| |
|
| nftables [41] | Fix incorrect bytecode generation
|
| |
|
| node-dottie [42] | Fix prototype pollution issue [CVE-2023-26132]
|
| |
|
| node-url-parse [43] | Fix authorisation bypass issue [CVE-2022-0512]
|
| |
|
| node-xml2js [44] | Fix prototype pollution issue [CVE-2023-0842]
|
| |
|
| nvidia-graphics- | New upstream release [CVE-2023-31022]
|
| drivers [45] |
|
| |
|
| nvidia-graphics- | New upstream release [CVE-2023-31022]
|
| drivers- |
|
| tesla-470 [46] |
|
| |
|
| opendkim [47] | Properly delete Authentication-Results headers
[CVE-2022- |
| | 48521]
|
| |
|
| perl [48] | Prevent buffer overflow via illegal Unicode
property |
| | [CVE-2023-47038]
|
| |
|
| plasma-desktop [49] | Fix denial of service bug in discover
|
| |
|
| plasma- | Fix denial of service bug; fix build failure
|
| discover [50] |
|
| |
|
| postfix [51] | New upstream stable release; address SMTP smuggling
issue |
| | [CVE-2023-51764]
|
| |
|
| postgresql-13 [52] | New upstream stable release; fix SQL injection
issue |
| | [CVE-2023-39417]
|
| |
|
| postgresql- | Fix autopkgtests
|
| common [53] |
|
| |
|
| python-cogent [54] | Skip parallel tests on single-CPU systems
|
| |
|
| python-django- | Avoid triggering path traversal detection in tests
|
| imagekit [55] |
|
| |
|
| python- | Fix predictable duration issue [CVE-2021-33880]
|
| websockets [56] |
|
| |
|
| pyzoltan [57] | Build on single core systems
|
| |
|
| ruby-aws-sdk- | Include VERSION file in package
|
| core [58] |
|
| |
|
| spip [59] | Fix cross-site scripting issue
|
| |
|
| swupdate [60] | Prevent acquiring root privileges through
inappropriate |
| | socket mode
|
| |
|
| symfony [61] | Ensure CodeExtension's filters properly escape
their input |
| | [CVE-2023-46734]
|
| |
|
| tar [62] | Fix boundary checking in base-256 decoder
[CVE-2022-48303], |
| | handling of extended header prefixes
[CVE-2023-39804] |
| |
|
| tinyxml [63] | Fix assertion issue [CVE-2023-34194]
|
| |
|
| tzdata [64] | Update included timezone data
|
| |
|
| unadf [65] | Fix stack buffer overflow issue [CVE-2016-1243];
fix |
| | arbitary code execution issue [CVE-2016-1244]
|
| |
|
| usb.ids [66] | Update included data list
|
| |
|
| vlfeat [67] | Fix FTBFS with newer ImageMagick
|
| |
|
| weborf [68] | Fix denial of service issue
|
| |
|
| wolfssl [69] | Fix buffer overflow issues [CVE-2022-39173
CVE-2022-42905], |
| | key disclosure issue [CVE-2022-42961], predictable
buffer |
| | in input keying material [CVE-2023-3724]
|
| |
|
| xerces-c [70] | Fix use-after-free issue [CVE-2018-1311]; fix
integer |
| | overflow issue [CVE-2023-37536]
|
| |
|
| zeromq3 [71] | Fix "fork()" detection with gcc 7; update
copyright |
| | relicense statement
|
| |
|
+---------------------+-------------------------------------------------------------+
2: https://packages.debian.org/src:axis
3: https://packages.debian.org/src:base-files
4: https://packages.debian.org/src:cifs-utils
5: https://packages.debian.org/src:compton
6: https://packages.debian.org/src:conda-package-handling
7: https://packages.debian.org/src:conmon
8: https://packages.debian.org/src:crun
9: https://packages.debian.org/src:debian-installer
10: https://packages.debian.org/src:debian-installer-netboot-images
11: https://packages.debian.org/src:debian-ports-archive-keyring
12: https://packages.debian.org/src:debian-security-support
13: https://packages.debian.org/src:debootstrap
14: https://packages.debian.org/src:distro-info
15: https://packages.debian.org/src:distro-info-data
16: https://packages.debian.org/src:dpdk
17: https://packages.debian.org/src:dropbear
18: https://packages.debian.org/src:exuberant-ctags
19: https://packages.debian.org/src:filezilla
20: https://packages.debian.org/src:gimp
21: https://packages.debian.org/src:glib2.0
22: https://packages.debian.org/src:glibc
23: https://packages.debian.org/src:gnutls28
24: https://packages.debian.org/src:imagemagick
25: https://packages.debian.org/src:jqueryui
26: https://packages.debian.org/src:knewstuff
27: https://packages.debian.org/src:libdatetime-timezone-perl
28: https://packages.debian.org/src:libde265
29: https://packages.debian.org/src:libmateweather
30: https://packages.debian.org/src:libpod
31: https://packages.debian.org/src:libsolv
32: https://packages.debian.org/src:libspreadsheet-parsexlsx-perl
33: https://packages.debian.org/src:linux
34: https://packages.debian.org/src:linux-signed-amd64
35: https://packages.debian.org/src:linux-signed-arm64
36: https://packages.debian.org/src:linux-signed-i386
37: https://packages.debian.org/src:llvm-toolchain-16
38: https://packages.debian.org/src:mariadb-10.5
39: https://packages.debian.org/src:minizip
40: https://packages.debian.org/src:modsecurity-apache
41: https://packages.debian.org/src:nftables
42: https://packages.debian.org/src:node-dottie
43: https://packages.debian.org/src:node-url-parse
44: https://packages.debian.org/src:node-xml2js
45: https://packages.debian.org/src:nvidia-graphics-drivers
46: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-470
47: https://packages.debian.org/src:opendkim
48: https://packages.debian.org/src:perl
49: https://packages.debian.org/src:plasma-desktop
50: https://packages.debian.org/src:plasma-discover
51: https://packages.debian.org/src:postfix
52: https://packages.debian.org/src:postgresql-13
53: https://packages.debian.org/src:postgresql-common
54: https://packages.debian.org/src:python-cogent
55: https://packages.debian.org/src:python-django-imagekit
56: https://packages.debian.org/src:python-websockets
57: https://packages.debian.org/src:pyzoltan
58: https://packages.debian.org/src:ruby-aws-sdk-core
59: https://packages.debian.org/src:spip
60: https://packages.debian.org/src:swupdate
61: https://packages.debian.org/src:symfony
62: https://packages.debian.org/src:tar
63: https://packages.debian.org/src:tinyxml
64: https://packages.debian.org/src:tzdata
65: https://packages.debian.org/src:unadf
66: https://packages.debian.org/src:usb.ids
67: https://packages.debian.org/src:vlfeat
68: https://packages.debian.org/src:weborf
69: https://packages.debian.org/src:wolfssl
70: https://packages.debian.org/src:xerces-c
71: https://packages.debian.org/src:zeromq3
Security Updates
----------------
This revision adds the following security updates to the oldstable
release. The Security Team has already released an advisory for each of
these updates:
+----------------+--------------------------------------+
| Advisory ID | Package |
+----------------+--------------------------------------+
| DSA-5496 [72] | firefox-esr [73] |
| | |
| DSA-5499 [74] | chromium [75] |
| | |
| DSA-5506 [76] | firefox-esr [77] |
| | |
| DSA-5508 [78] | chromium [79] |
| | |
| DSA-5509 [80] | firefox-esr [81] |
| | |
| DSA-5511 [82] | mosquitto [83] |
| | |
| DSA-5512 [84] | exim4 [85] |
| | |
| DSA-5513 [86] | thunderbird [87] |
| | |
| DSA-5514 [88] | glibc [89] |
| | |
| DSA-5515 [90] | chromium [91] |
| | |
| DSA-5516 [92] | libxpm [93] |
| | |
| DSA-5517 [94] | libx11 [95] |
| | |
| DSA-5518 [96] | libvpx [97] |
| | |
| DSA-5519 [98] | grub-efi-amd64-signed [99] |
| | |
| DSA-5519 [100] | grub-efi-arm64-signed [101] |
| | |
| DSA-5519 [102] | grub-efi-ia32-signed [103] |
| | |
| DSA-5519 [104] | grub2 [105] |
| | |
| DSA-5520 [106] | mediawiki [107] |
| | |
| DSA-5522 [108] | tomcat9 [109] |
| | |
| DSA-5523 [110] | curl [111] |
| | |
| DSA-5524 [112] | libcue [113] |
| | |
| DSA-5526 [114] | chromium [115] |
| | |
| DSA-5527 [116] | webkit2gtk [117] |
| | |
| DSA-5528 [118] | node-babel7 [119] |
| | |
| DSA-5530 [120] | ruby-rack [121] |
| | |
| DSA-5531 [122] | roundcube [123] |
| | |
| DSA-5533 [124] | gst-plugins-bad1.0 [125] |
| | |
| DSA-5534 [126] | xorg-server [127] |
| | |
| DSA-5535 [128] | firefox-esr [129] |
| | |
| DSA-5536 [130] | chromium [131] |
| | |
| DSA-5537 [132] | openjdk-11 [133] |
| | |
| DSA-5538 [134] | thunderbird [135] |
| | |
| DSA-5539 [136] | node-browserify-sign [137] |
| | |
| DSA-5540 [138] | jetty9 [139] |
| | |
| DSA-5542 [140] | request-tracker4 [141] |
| | |
| DSA-5543 [142] | open-vm-tools [143] |
| | |
| DSA-5544 [144] | zookeeper [145] |
| | |
| DSA-5545 [146] | vlc [147] |
| | |
| DSA-5546 [148] | chromium [149] |
| | |
| DSA-5547 [150] | pmix [151] |
| | |
| DSA-5548 [152] | openjdk-17 [153] |
| | |
| DSA-5549 [154] | trafficserver [155] |
| | |
| DSA-5550 [156] | cacti [157] |
| | |
| DSA-5551 [158] | chromium [159] |
| | |
| DSA-5554 [160] | postgresql-13 [161] |
| | |
| DSA-5556 [162] | chromium [163] |
| | |
| DSA-5557 [164] | webkit2gtk [165] |
| | |
| DSA-5558 [166] | netty [167] |
| | |
| DSA-5560 [168] | strongswan [169] |
| | |
| DSA-5561 [170] | firefox-esr [171] |
| | |
| DSA-5563 [172] | intel-microcode [173] |
| | |
| DSA-5564 [174] | gimp [175] |
| | |
| DSA-5565 [176] | gst-plugins-bad1.0 [177] |
| | |
| DSA-5566 [178] | thunderbird [179] |
| | |
| DSA-5567 [180] | tiff [181] |
| | |
| DSA-5569 [182] | chromium [183] |
| | |
| DSA-5570 [184] | nghttp2 [185] |
| | |
| DSA-5571 [186] | rabbitmq-server [187] |
| | |
| DSA-5572 [188] | roundcube [189] |
| | |
| DSA-5573 [190] | chromium [191] |
| | |
| DSA-5574 [192] | libreoffice [193] |
| | |
| DSA-5576 [194] | xorg-server [195] |
| | |
| DSA-5577 [196] | chromium [197] |
| | |
| DSA-5579 [198] | freeimage [199] |
| | |
| DSA-5581 [200] | firefox-esr [201] |
| | |
| DSA-5582 [202] | thunderbird [203] |
| | |
| DSA-5584 [204] | bluez [205] |
| | |
| DSA-5585 [206] | chromium [207] |
| | |
| DSA-5586 [208] | openssh [209] |
| | |
| DSA-5587 [210] | curl [211] |
| | |
| DSA-5588 [212] | putty [213] |
| | |
| DSA-5590 [214] | haproxy [215] |
| | |
| DSA-5591 [216] | libssh [217] |
| | |
| DSA-5592 [218] | libspreadsheet-parseexcel-perl [219] |
| | |
| DSA-5594 [220] | linux-signed-amd64 [221] |
| | |
| DSA-5594 [222] | linux-signed-arm64 [223] |
| | |
| DSA-5594 [224] | linux-signed-i386 [225] |
| | |
| DSA-5594 [226] | linux [227] |
| | |
| DSA-5595 [228] | chromium [229] |
| | |
| DSA-5597 [230] | exim4 [231] |
| | |
| DSA-5598 [232] | chromium [233] |
| | |
| DSA-5599 [234] | phpseclib [235] |
| | |
| DSA-5600 [236] | php-phpseclib [237] |
| | |
| DSA-5602 [238] | chromium [239] |
| | |
| DSA-5603 [240] | xorg-server [241] |
| | |
| DSA-5604 [242] | openjdk-11 [243] |
| | |
| DSA-5605 [244] | thunderbird [245] |
| | |
| DSA-5606 [246] | firefox-esr [247] |
| | |
| DSA-5608 [248] | gst-plugins-bad1.0 [249] |
| | |
| DSA-5613 [250] | openjdk-17 [251] |
| | |
| DSA-5614 [252] | zbar [253] |
| | |
| DSA-5615 [254] | runc [255] |
| | |
+----------------+--------------------------------------+
72: https://www.debian.org/News/security/2023/dsa-5496
73: https://packages.debian.org/src:firefox-esr
74: https://www.debian.org/News/security/2023/dsa-5499
75: https://packages.debian.org/src:chromium
76: https://www.debian.org/News/security/2023/dsa-5506
77: https://packages.debian.org/src:firefox-esr
78: https://www.debian.org/News/security/2023/dsa-5508
79: https://packages.debian.org/src:chromium
80: https://www.debian.org/News/security/2023/dsa-5509
81: https://packages.debian.org/src:firefox-esr
82: https://www.debian.org/News/security/2023/dsa-5511
83: https://packages.debian.org/src:mosquitto
84: https://www.debian.org/News/security/2023/dsa-5512
85: https://packages.debian.org/src:exim4
86: https://www.debian.org/News/security/2023/dsa-5513
87: https://packages.debian.org/src:thunderbird
88: https://www.debian.org/News/security/2023/dsa-5514
89: https://packages.debian.org/src:glibc
90: https://www.debian.org/News/security/2023/dsa-5515
91: https://packages.debian.org/src:chromium
92: https://www.debian.org/News/security/2023/dsa-5516
93: https://packages.debian.org/src:libxpm
94: https://www.debian.org/News/security/2023/dsa-5517
95: https://packages.debian.org/src:libx11
96: https://www.debian.org/News/security/2023/dsa-5518
97: https://packages.debian.org/src:libvpx
98: https://www.debian.org/News/security/2023/dsa-5519
99: https://packages.debian.org/src:grub-efi-amd64-signed
100: https://www.debian.org/News/security/2023/dsa-5519
101: https://packages.debian.org/src:grub-efi-arm64-signed
102: https://www.debian.org/News/security/2023/dsa-5519
103: https://packages.debian.org/src:grub-efi-ia32-signed
104: https://www.debian.org/News/security/2023/dsa-5519
105: https://packages.debian.org/src:grub2
106: https://www.debian.org/News/security/2023/dsa-5520
107: https://packages.debian.org/src:mediawiki
108: https://www.debian.org/News/security/2023/dsa-5522
109: https://packages.debian.org/src:tomcat9
110: https://www.debian.org/News/security/2023/dsa-5523
111: https://packages.debian.org/src:curl
112: https://www.debian.org/News/security/2023/dsa-5524
113: https://packages.debian.org/src:libcue
114: https://www.debian.org/News/security/2023/dsa-5526
115: https://packages.debian.org/src:chromium
116: https://www.debian.org/News/security/2023/dsa-5527
117: https://packages.debian.org/src:webkit2gtk
118: https://www.debian.org/News/security/2023/dsa-5528
119: https://packages.debian.org/src:node-babel7
120: https://www.debian.org/News/security/2023/dsa-5530
121: https://packages.debian.org/src:ruby-rack
122: https://www.debian.org/News/security/2023/dsa-5531
123: https://packages.debian.org/src:roundcube
124: https://www.debian.org/News/security/2023/dsa-5533
125: https://packages.debian.org/src:gst-plugins-bad1.0
126: https://www.debian.org/News/security/2023/dsa-5534
127: https://packages.debian.org/src:xorg-server
128: https://www.debian.org/News/security/2023/dsa-5535
129: https://packages.debian.org/src:firefox-esr
130: https://www.debian.org/News/security/2023/dsa-5536
131: https://packages.debian.org/src:chromium
132: https://www.debian.org/News/security/2023/dsa-5537
133: https://packages.debian.org/src:openjdk-11
134: https://www.debian.org/News/security/2023/dsa-5538
135: https://packages.debian.org/src:thunderbird
136: https://www.debian.org/News/security/2023/dsa-5539
137: https://packages.debian.org/src:node-browserify-sign
138: https://www.debian.org/News/security/2023/dsa-5540
139: https://packages.debian.org/src:jetty9
140: https://www.debian.org/News/security/2023/dsa-5542
141: https://packages.debian.org/src:request-tracker4
142: https://www.debian.org/News/security/2023/dsa-5543
143: https://packages.debian.org/src:open-vm-tools
144: https://www.debian.org/News/security/2023/dsa-5544
145: https://packages.debian.org/src:zookeeper
146: https://www.debian.org/News/security/2023/dsa-5545
147: https://packages.debian.org/src:vlc
148: https://www.debian.org/News/security/2023/dsa-5546
149: https://packages.debian.org/src:chromium
150: https://www.debian.org/News/security/2023/dsa-5547
151: https://packages.debian.org/src:pmix
152: https://www.debian.org/News/security/2023/dsa-5548
153: https://packages.debian.org/src:openjdk-17
154: https://www.debian.org/News/security/2023/dsa-5549
155: https://packages.debian.org/src:trafficserver
156: https://www.debian.org/News/security/2023/dsa-5550
157: https://packages.debian.org/src:cacti
158: https://www.debian.org/News/security/2023/dsa-5551
159: https://packages.debian.org/src:chromium
160: https://www.debian.org/News/security/2023/dsa-5554
161: https://packages.debian.org/src:postgresql-13
162: https://www.debian.org/News/security/2023/dsa-5556
163: https://packages.debian.org/src:chromium
164: https://www.debian.org/News/security/2023/dsa-5557
165: https://packages.debian.org/src:webkit2gtk
166: https://www.debian.org/News/security/2023/dsa-5558
167: https://packages.debian.org/src:netty
168: https://www.debian.org/News/security/2023/dsa-5560
169: https://packages.debian.org/src:strongswan
170: https://www.debian.org/News/security/2023/dsa-5561
171: https://packages.debian.org/src:firefox-esr
172: https://www.debian.org/News/security/2023/dsa-5563
173: https://packages.debian.org/src:intel-microcode
174: https://www.debian.org/News/security/2023/dsa-5564
175: https://packages.debian.org/src:gimp
176: https://www.debian.org/News/security/2023/dsa-5565
177: https://packages.debian.org/src:gst-plugins-bad1.0
178: https://www.debian.org/News/security/2023/dsa-5566
179: https://packages.debian.org/src:thunderbird
180: https://www.debian.org/News/security/2023/dsa-5567
181: https://packages.debian.org/src:tiff
182: https://www.debian.org/News/security/2023/dsa-5569
183: https://packages.debian.org/src:chromium
184: https://www.debian.org/News/security/2023/dsa-5570
185: https://packages.debian.org/src:nghttp2
186: https://www.debian.org/News/security/2023/dsa-5571
187: https://packages.debian.org/src:rabbitmq-server
188: https://www.debian.org/News/security/2023/dsa-5572
189: https://packages.debian.org/src:roundcube
190: https://www.debian.org/News/security/2023/dsa-5573
191: https://packages.debian.org/src:chromium
192: https://www.debian.org/News/security/2023/dsa-5574
193: https://packages.debian.org/src:libreoffice
194: https://www.debian.org/News/security/2023/dsa-5576
195: https://packages.debian.org/src:xorg-server
196: https://www.debian.org/News/security/2023/dsa-5577
197: https://packages.debian.org/src:chromium
198: https://www.debian.org/News/security/2023/dsa-5579
199: https://packages.debian.org/src:freeimage
200: https://www.debian.org/News/security/2023/dsa-5581
201: https://packages.debian.org/src:firefox-esr
202: https://www.debian.org/News/security/2023/dsa-5582
203: https://packages.debian.org/src:thunderbird
204: https://www.debian.org/News/security/2023/dsa-5584
205: https://packages.debian.org/src:bluez
206: https://www.debian.org/News/security/2023/dsa-5585
207: https://packages.debian.org/src:chromium
208: https://www.debian.org/News/security/2023/dsa-5586
209: https://packages.debian.org/src:openssh
210: https://www.debian.org/News/security/2023/dsa-5587
211: https://packages.debian.org/src:curl
212: https://www.debian.org/News/security/2023/dsa-5588
213: https://packages.debian.org/src:putty
214: https://www.debian.org/News/security/2023/dsa-5590
215: https://packages.debian.org/src:haproxy
216: https://www.debian.org/News/security/2023/dsa-5591
217: https://packages.debian.org/src:libssh
218: https://www.debian.org/News/security/2023/dsa-5592
219: https://packages.debian.org/src:libspreadsheet-parseexcel-perl
220: https://www.debian.org/News/security/2024/dsa-5594
221: https://packages.debian.org/src:linux-signed-amd64
222: https://www.debian.org/News/security/2024/dsa-5594
223: https://packages.debian.org/src:linux-signed-arm64
224: https://www.debian.org/News/security/2024/dsa-5594
225: https://packages.debian.org/src:linux-signed-i386
226: https://www.debian.org/News/security/2024/dsa-5594
227: https://packages.debian.org/src:linux
228: https://www.debian.org/News/security/2024/dsa-5595
229: https://packages.debian.org/src:chromium
230: https://www.debian.org/News/security/2024/dsa-5597
231: https://packages.debian.org/src:exim4
232: https://www.debian.org/News/security/2024/dsa-5598
233: https://packages.debian.org/src:chromium
234: https://www.debian.org/News/security/2024/dsa-5599
235: https://packages.debian.org/src:phpseclib
236: https://www.debian.org/News/security/2024/dsa-5600
237: https://packages.debian.org/src:php-phpseclib
238: https://www.debian.org/News/security/2024/dsa-5602
239: https://packages.debian.org/src:chromium
240: https://www.debian.org/News/security/2024/dsa-5603
241: https://packages.debian.org/src:xorg-server
242: https://www.debian.org/News/security/2024/dsa-5604
243: https://packages.debian.org/src:openjdk-11
244: https://www.debian.org/News/security/2024/dsa-5605
245: https://packages.debian.org/src:thunderbird
246: https://www.debian.org/News/security/2024/dsa-5606
247: https://packages.debian.org/src:firefox-esr
248: https://www.debian.org/News/security/2024/dsa-5608
249: https://packages.debian.org/src:gst-plugins-bad1.0
250: https://www.debian.org/News/security/2024/dsa-5613
251: https://packages.debian.org/src:openjdk-17
252: https://www.debian.org/News/security/2024/dsa-5614
253: https://packages.debian.org/src:zbar
254: https://www.debian.org/News/security/2024/dsa-5615
255: https://packages.debian.org/src:runc
Removed packages
----------------
The following obsolete package was removed from the distribution:
+----------------+--------------------------+
| Package | Reason |
+----------------+--------------------------+
| gimp-dds [256] | Integrated in gimp>=2.10 |
| | |
+----------------+--------------------------+
256: https://packages.debian.org/src:gimp-dds
Debian Installer
----------------
The installer has been updated to include the fixes incorporated into
oldstable by the point release.
URLs
----
The complete lists of packages that have changed with this revision:
https://deb.debian.org/debian/dists/bullseye/ChangeLog
The current oldstable distribution:
https://deb.debian.org/debian/dists/oldstable/
Proposed updates to the oldstable distribution:
https://deb.debian.org/debian/dists/oldstable-proposed-updates
oldstable distribution information (release notes, errata etc.):
https://www.debian.org/releases/oldstable/ [257]
257: https://www.debian.org/News/releases/oldstable/
Security announcements and information:
https://www.debian.org/security/ [258]
258: https://www.debian.org/News/security/
About Debian
------------
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.
Contact Information
-------------------
For further information, please visit the Debian web pages at
https://www.debian.org/ [259], send mail to <press@debian.org>, or
contact the stable release team at <debian-release@lists.debian.org>.
259: https://www.debian.org/News/
Reply to: