Re: (LIVE) Re: Updated Debian 9: 9.13 released
Oh, at least I've found the Live images!
https://cdimage.debian.org/cdimage/archive/9.13.0-live/
Please link that URL to version page.
Narcis Garcia
__________
I'm using this dedicated address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
should fix this against automated addresses collectors.
El 19/7/20 a les 11:11, Narcis Garcia ha escrit:
> "New installation images will be available soon at the regular locations"
> Please, to make easy to find on releases annountements, put a link to
> this page:
> https://www.debian.org/releases/stretch/debian-installer/
>
> + Make there more explicit the IMAGES DOWNLOAD term when linking there
> to the other index:
> https://www.debian.org/releases/stretch/debian-installer/
>
> ++ Include Live ISO images.
>
> Thank you.
>
> Narcis Garcia
>
> __________
> I'm using this dedicated address because personal addresses aren't
> masked enough at this mail public archive. Public archive administrator
> should fix this against automated addresses collectors.
> El 18/7/20 a les 21:41, Laura Arjona Reina ha escrit:
>> ------------------------------------------------------------------------
>> The Debian Project https://www.debian.org/
>> Updated Debian 9: 9.13 released press@debian.org
>> July 18th, 2020 https://www.debian.org/News/2020/20200718
>> ------------------------------------------------------------------------
>>
>> The Debian project is pleased to announce the thirteenth (and final)
>> update of its oldstable distribution Debian 9 (codename "stretch"). This
>> point release mainly adds corrections for security issues, along with a
>> few adjustments for serious problems. Security advisories have already
>> been published separately and are referenced where available.
>>
>> After this point release, Debian's Security and Release Teams will no
>> longer be producing updates for Debian 9. Users wishing to continue to
>> receive security support should upgrade to Debian 10, or see
>> https://wiki.debian.org/LTS for details about the subset of
>> architectures and packages covered by the Long Term Support project.
>>
>> Please note that the point release does not constitute a new version of
>> Debian 9 but only updates some of the packages included. There is no
>> need to throw away old "stretch" media. After installation, packages can
>> be upgraded to the current versions using an up-to-date Debian mirror.
>>
>> Those who frequently install updates from security.debian.org won't have
>> to update many packages, and most such updates are included in the point
>> release.
>>
>> New installation images will be available soon at the regular locations.
>>
>> Upgrading an existing installation to this revision can be achieved by
>> pointing the package management system at one of Debian's many HTTP
>> mirrors. A comprehensive list of mirrors is available at:
>>
>> https://www.debian.org/mirror/list
>>
>>
>> Miscellaneous Bugfixes
>> ----------------------
>>
>> This oldstable update adds a few important corrections to the following
>> packages:
>>
>> +--------------------------+------------------------------------------+
>> | Package | Reason |
>> +--------------------------+------------------------------------------+
>> | acmetool [1] | Rebuild against recent golang to pick up |
>> | | security fixes |
>> | | |
>> | atril [2] | dvi: Mitigate command injection attacks |
>> | | by quoting filename [CVE-2017-1000159]; |
>> | | fix overflow checks in tiff backend |
>> | | [CVE-2019-1010006]; tiff: Handle failure |
>> | | from TIFFReadRGBAImageOriented |
>> | | [CVE-2019-11459] |
>> | | |
>> | bacula [3] | Add transitional package bacula- |
>> | | director-common, avoiding loss of /etc/ |
>> | | bacula/bacula-dir.conf when purged; make |
>> | | PID files owned by root |
>> | | |
>> | base-files [4] | Update /etc/debian_version for the point |
>> | | release |
>> | | |
>> | batik [5] | Fix server-side request forgery via |
>> | | xlink:href attributes [CVE-2019-17566] |
>> | | |
>> | c-icap-modules [6] | Support ClamAV 0.102 |
>> | | |
>> | ca-certificates [7] | Update Mozilla CA bundle to 2.40, |
>> | | blacklist distrusted Symantec roots and |
>> | | expired "AddTrust External Root" ; |
>> | | remove e-mail only certificates |
>> | | |
>> | chasquid [8] | Rebuild against recent golang to pick up |
>> | | security fixes |
>> | | |
>> | checkstyle [9] | Fix XML External Entity injection issue |
>> | | [CVE-2019-9658 CVE-2019-10782] |
>> | | |
>> | clamav [10] | New upstream release [CVE-2020-3123]; |
>> | | security fixes [CVE-2020-3327 CVE-2020- |
>> | | 3341] |
>> | | |
>> | compactheader [11] | New upstream version, compatible with |
>> | | newer Thunderbird versions |
>> | | |
>> | cram [12] | Ignore test failures to fix build issues |
>> | | |
>> | csync2 [13] | Fail HELLO command when SSL is required |
>> | | |
>> | cups [14] | Fix heap buffer overflow [CVE-2020-3898] |
>> | | and "the `ippReadIO` function may |
>> | | under-read an extension |
>> | | field" [CVE-2019-8842] |
>> | | |
>> | dbus [15] | New upstream stable release; prevent a |
>> | | denial of service issue [CVE-2020- |
>> | | 12049]; prevent use-after-free if two |
>> | | usernames share a uid |
>> | | |
>> | debian-installer [16] | Update for the 4.9.0-13 Linux kernel ABI |
>> | | |
>> | debian-installer- | Rebuild against stretch-proposed-updates |
>> | netboot-images [17] | |
>> | | |
>> | debian-security- | Update support status of several |
>> | support [18] | packages |
>> | | |
>> | erlang [19] | Fix use of weak TLS ciphers [CVE-2020- |
>> | | 12872] |
>> | | |
>> | exiv2 [20] | Fix denial of service issue [CVE-2018- |
>> | | 16336]; fix over-restrictive fix for |
>> | | CVE-2018-10958 and CVE-2018-10999 |
>> | | |
>> | fex [21] | Security update |
>> | | |
>> | file-roller [22] | Security fix [CVE-2020-11736] |
>> | | |
>> | fwupd [23] | New upstream release; use a CNAME to |
>> | | redirect to the correct CDN for |
>> | | metadata; do not abort startup if the |
>> | | XML metadata file is invalid; add the |
>> | | Linux Foundation public GPG keys for |
>> | | firmware and metadata; raise the |
>> | | metadata limit to 10MB |
>> | | |
>> | glib-networking [24] | Return bad identity error if identity is |
>> | | unset [CVE-2020-13645] |
>> | | |
>> | gnutls28 [25] | Fix memory corruption issue [CVE-2019- |
>> | | 3829]; fix memory leak; add support for |
>> | | zero length session tickets, fix |
>> | | connection errors on TLS1.2 sessions to |
>> | | some hosting providers |
>> | | |
>> | gosa [26] | Tighten check on LDAP success/failure |
>> | | [CVE-2019-11187]; fix compatibility with |
>> | | newer PHP versions; backport several |
>> | | other patches; replace (un)serialize |
>> | | with json_encode/json_decode to mitigate |
>> | | PHP object injection [CVE-2019-14466] |
>> | | |
>> | heartbleeder [27] | Rebuild against recent golang to pick up |
>> | | security fixes |
>> | | |
>> | intel-microcode [28] | Downgrade some microcodes to previously |
>> | | released revisions, working around hangs |
>> | | on boot on Skylake-U/Y and Skylake Xeon |
>> | | E3 |
>> | | |
>> | iptables-persistent [29] | Don't fail if modprobe does |
>> | | |
>> | jackson-databind [30] | Fix multiple security issues affecting |
>> | | BeanDeserializerFactory [CVE-2020-9548 |
>> | | CVE-2020-9547 CVE-2020-9546 CVE-2020- |
>> | | 8840 CVE-2020-14195 CVE-2020-14062 |
>> | | CVE-2020-14061 CVE-2020-14060 CVE-2020- |
>> | | 11620 CVE-2020-11619 CVE-2020-11113 |
>> | | CVE-2020-11112 CVE-2020-11111 CVE-2020- |
>> | | 10969 CVE-2020-10968 CVE-2020-10673 |
>> | | CVE-2020-10672 CVE-2019-20330 CVE-2019- |
>> | | 17531 and CVE-2019-17267] |
>> | | |
>> | libbusiness-hours- | Use explicit 4 digit years, fixing build |
>> | perl [31] | and usage issues |
>> | | |
>> | libclamunrar [32] | New upstream stable release; add an |
>> | | unversioned meta-package |
>> | | |
>> | libdbi [33] | Comment out _error_handler() call again, |
>> | | fixing issues with consumers |
>> | | |
>> | libembperl-perl [34] | Handle error pages from Apache >= 2.4.40 |
>> | | |
>> | libexif [35] | Security fixes [CVE-2016-6328 CVE-2017- |
>> | | 7544 CVE-2018-20030 CVE-2020-12767 |
>> | | CVE-2020-0093]; security fixes |
>> | | [CVE-2020-13112 CVE-2020-13113 CVE-2020- |
>> | | 13114]; fix a buffer read overflow |
>> | | [CVE-2020-0182] and an unsigned integer |
>> | | overflow [CVE-2020-0198] |
>> | | |
>> | libvncserver [36] | Fix heap overflow [CVE-2019-15690] |
>> | | |
>> | linux [37] | New upstream stable release; update ABI |
>> | | to 4.9.0-13 |
>> | | |
>> | linux-latest [38] | Update for 4.9.0-13 kernel ABI |
>> | | |
>> | mariadb-10.1 [39] | New upstream stable release; security |
>> | | fixes [CVE-2020-2752 CVE-2020-2812 |
>> | | CVE-2020-2814] |
>> | | |
>> | megatools [40] | Add support for the new format of |
>> | | mega.nz links |
>> | | |
>> | mod-gnutls [41] | Avoid deprecated ciphersuites in test |
>> | | suite; fix test failures when combined |
>> | | with Apache's fix for CVE-2019-10092 |
>> | | |
>> | mongo-tools [42] | Rebuild against recent golang to pick up |
>> | | security fixes |
>> | | |
>> | neon27 [43] | Treat OpenSSL-related test failures as |
>> | | non-fatal |
>> | | |
>> | nfs-utils [44] | Fix potential file overwrite |
>> | | vulnerability [CVE-2019-3689]; don't |
>> | | make all of /var/lib/nfs owned by the |
>> | | statd user |
>> | | |
>> | nginx [45] | Fix error page request smuggling |
>> | | vulnerability [CVE-2019-20372] |
>> | | |
>> | node-url-parse [46] | Sanitize paths and hosts before parsing |
>> | | [CVE-2018-3774] |
>> | | |
>> | nvidia-graphics- | New upstream stable release; new |
>> | drivers [47] | upstream stable release; security fixes |
>> | | [CVE-2020-5963 CVE-2020-5967] |
>> | | |
>> | pcl [48] | Fix missing dependency on libvtk6-qt-dev |
>> | | |
>> | perl [49] | Fix multiple regular expression related |
>> | | security issues [CVE-2020-10543 |
>> | | CVE-2020-10878 CVE-2020-12723] |
>> | | |
>> | php-horde [50] | Fix cross-site scripting vulnerability |
>> | | [CVE-2020-8035] |
>> | | |
>> | php-horde-data [51] | Fix authenticated remote code execution |
>> | | vulnerability [CVE-2020-8518] |
>> | | |
>> | php-horde-form [52] | Fix authenticated remote code execution |
>> | | vulnerability [CVE-2020-8866] |
>> | | |
>> | php-horde-gollem [53] | Fix cross-site scripting vulnerability |
>> | | in breadcrumb output [CVE-2020-8034] |
>> | | |
>> | php-horde-trean [54] | Fix authenticated remote code execution |
>> | | vulnerability [CVE-2020-8865] |
>> | | |
>> | phpmyadmin [55] | Several security fixes [CVE-2018-19968 |
>> | | CVE-2018-19970 CVE-2018-7260 CVE-2019- |
>> | | 11768 CVE-2019-12616 CVE-2019-6798 |
>> | | CVE-2019-6799 CVE-2020-10802 CVE-2020- |
>> | | 10803 CVE-2020-10804 CVE-2020-5504] |
>> | | |
>> | postfix [56] | New upstream stable release |
>> | | |
>> | proftpd-dfsg [57] | Fix handling SSH_MSG_IGNORE packets |
>> | | |
>> | python-icalendar [58] | Fix Python3 dependencies |
>> | | |
>> | rails [59] | Fix possible cross-site scripting via |
>> | | Javascript escape helper [CVE-2020-5267] |
>> | | |
>> | rake [60] | Fix command injection vulnerability |
>> | | [CVE-2020-8130] |
>> | | |
>> | roundcube [61] | Fix cross-site scripting issue via HTML |
>> | | messages with malicious svg/namespace |
>> | | [CVE-2020-15562] |
>> | | |
>> | ruby-json [62] | Fix unsafe object creation vulnerability |
>> | | [CVE-2020-10663] |
>> | | |
>> | ruby2.3 [63] | Fix unsafe object creation vulnerability |
>> | | [CVE-2020-10663] |
>> | | |
>> | sendmail [64] | Fix finding the queue runner control |
>> | | process in "split daemon" mode, |
>> | | "NOQUEUE: connect from (null)" , removal |
>> | | failure when using BTRFS |
>> | | |
>> | sogo-connector [65] | New upstream version, compatible with |
>> | | newer Thunderbird versions |
>> | | |
>> | ssvnc [66] | Fix out-of-bounds write [CVE-2018- |
>> | | 20020], infinite loop [CVE-2018-20021], |
>> | | improper initialisation [CVE-2018- |
>> | | 20022], potential denial-of-service |
>> | | [CVE-2018-20024] |
>> | | |
>> | storebackup [67] | Fix possible privilege escalation |
>> | | vulnerability [CVE-2020-7040] |
>> | | |
>> | swt-gtk [68] | Fix missing dependency on |
>> | | libwebkitgtk-1.0-0 |
>> | | |
>> | tinyproxy [69] | Create PID file before dropping |
>> | | privileges to non-root account |
>> | | [CVE-2017-11747] |
>> | | |
>> | tzdata [70] | New upstream stable release |
>> | | |
>> | websockify [71] | Fix missing dependency on python{3,}- |
>> | | pkg-resources |
>> | | |
>> | wpa [72] | Fix AP mode PMF disconnection protection |
>> | | bypass [CVE-2019-16275]; fix MAC |
>> | | randomisation issues with some cards |
>> | | |
>> | xdg-utils [73] | Sanitise window name before sending it |
>> | | over D-Bus; correctly handle directories |
>> | | with names containing spaces; create the |
>> | | "applications" directory if needed |
>> | | |
>> | xml-security-c [74] | Fix length calculation in the concat |
>> | | method |
>> | | |
>> | xtrlock [75] | Fix blocking of (some) multitouch |
>> | | devices while locked [CVE-2016-10894] |
>> | | |
>> +--------------------------+------------------------------------------+
>>
>> 1: https://packages.debian.org/src:acmetool
>> 2: https://packages.debian.org/src:atril
>> 3: https://packages.debian.org/src:bacula
>> 4: https://packages.debian.org/src:base-files
>> 5: https://packages.debian.org/src:batik
>> 6: https://packages.debian.org/src:c-icap-modules
>> 7: https://packages.debian.org/src:ca-certificates
>> 8: https://packages.debian.org/src:chasquid
>> 9: https://packages.debian.org/src:checkstyle
>> 10: https://packages.debian.org/src:clamav
>> 11: https://packages.debian.org/src:compactheader
>> 12: https://packages.debian.org/src:cram
>> 13: https://packages.debian.org/src:csync2
>> 14: https://packages.debian.org/src:cups
>> 15: https://packages.debian.org/src:dbus
>> 16: https://packages.debian.org/src:debian-installer
>> 17: https://packages.debian.org/src:debian-installer-netboot-images
>> 18: https://packages.debian.org/src:debian-security-support
>> 19: https://packages.debian.org/src:erlang
>> 20: https://packages.debian.org/src:exiv2
>> 21: https://packages.debian.org/src:fex
>> 22: https://packages.debian.org/src:file-roller
>> 23: https://packages.debian.org/src:fwupd
>> 24: https://packages.debian.org/src:glib-networking
>> 25: https://packages.debian.org/src:gnutls28
>> 26: https://packages.debian.org/src:gosa
>> 27: https://packages.debian.org/src:heartbleeder
>> 28: https://packages.debian.org/src:intel-microcode
>> 29: https://packages.debian.org/src:iptables-persistent
>> 30: https://packages.debian.org/src:jackson-databind
>> 31: https://packages.debian.org/src:libbusiness-hours-perl
>> 32: https://packages.debian.org/src:libclamunrar
>> 33: https://packages.debian.org/src:libdbi
>> 34: https://packages.debian.org/src:libembperl-perl
>> 35: https://packages.debian.org/src:libexif
>> 36: https://packages.debian.org/src:libvncserver
>> 37: https://packages.debian.org/src:linux
>> 38: https://packages.debian.org/src:linux-latest
>> 39: https://packages.debian.org/src:mariadb-10.1
>> 40: https://packages.debian.org/src:megatools
>> 41: https://packages.debian.org/src:mod-gnutls
>> 42: https://packages.debian.org/src:mongo-tools
>> 43: https://packages.debian.org/src:neon27
>> 44: https://packages.debian.org/src:nfs-utils
>> 45: https://packages.debian.org/src:nginx
>> 46: https://packages.debian.org/src:node-url-parse
>> 47: https://packages.debian.org/src:nvidia-graphics-drivers
>> 48: https://packages.debian.org/src:pcl
>> 49: https://packages.debian.org/src:perl
>> 50: https://packages.debian.org/src:php-horde
>> 51: https://packages.debian.org/src:php-horde-data
>> 52: https://packages.debian.org/src:php-horde-form
>> 53: https://packages.debian.org/src:php-horde-gollem
>> 54: https://packages.debian.org/src:php-horde-trean
>> 55: https://packages.debian.org/src:phpmyadmin
>> 56: https://packages.debian.org/src:postfix
>> 57: https://packages.debian.org/src:proftpd-dfsg
>> 58: https://packages.debian.org/src:python-icalendar
>> 59: https://packages.debian.org/src:rails
>> 60: https://packages.debian.org/src:rake
>> 61: https://packages.debian.org/src:roundcube
>> 62: https://packages.debian.org/src:ruby-json
>> 63: https://packages.debian.org/src:ruby2.3
>> 64: https://packages.debian.org/src:sendmail
>> 65: https://packages.debian.org/src:sogo-connector
>> 66: https://packages.debian.org/src:ssvnc
>> 67: https://packages.debian.org/src:storebackup
>> 68: https://packages.debian.org/src:swt-gtk
>> 69: https://packages.debian.org/src:tinyproxy
>> 70: https://packages.debian.org/src:tzdata
>> 71: https://packages.debian.org/src:websockify
>> 72: https://packages.debian.org/src:wpa
>> 73: https://packages.debian.org/src:xdg-utils
>> 74: https://packages.debian.org/src:xml-security-c
>> 75: https://packages.debian.org/src:xtrlock
>>
>> Security Updates
>> ----------------
>>
>> This revision adds the following security updates to the oldstable
>> release. The Security Team has already released an advisory for each of
>> these updates:
>>
>> +----------------+----------------------------+
>> | Advisory ID | Package |
>> +----------------+----------------------------+
>> | DSA-4005 [76] | openjfx [77] |
>> | | |
>> | DSA-4255 [78] | ant [79] |
>> | | |
>> | DSA-4352 [80] | chromium-browser [81] |
>> | | |
>> | DSA-4379 [82] | golang-1.7 [83] |
>> | | |
>> | DSA-4380 [84] | golang-1.8 [85] |
>> | | |
>> | DSA-4395 [86] | chromium [87] |
>> | | |
>> | DSA-4421 [88] | chromium [89] |
>> | | |
>> | DSA-4616 [90] | qemu [91] |
>> | | |
>> | DSA-4617 [92] | qtbase-opensource-src [93] |
>> | | |
>> | DSA-4618 [94] | libexif [95] |
>> | | |
>> | DSA-4619 [96] | libxmlrpc3-java [97] |
>> | | |
>> | DSA-4620 [98] | firefox-esr [99] |
>> | | |
>> | DSA-4621 [100] | openjdk-8 [101] |
>> | | |
>> | DSA-4622 [102] | postgresql-9.6 [103] |
>> | | |
>> | DSA-4624 [104] | evince [105] |
>> | | |
>> | DSA-4625 [106] | thunderbird [107] |
>> | | |
>> | DSA-4628 [108] | php7.0 [109] |
>> | | |
>> | DSA-4629 [110] | python-django [111] |
>> | | |
>> | DSA-4630 [112] | python-pysaml2 [113] |
>> | | |
>> | DSA-4631 [114] | pillow [115] |
>> | | |
>> | DSA-4632 [116] | ppp [117] |
>> | | |
>> | DSA-4633 [118] | curl [119] |
>> | | |
>> | DSA-4634 [120] | opensmtpd [121] |
>> | | |
>> | DSA-4635 [122] | proftpd-dfsg [123] |
>> | | |
>> | DSA-4637 [124] | network-manager-ssh [125] |
>> | | |
>> | DSA-4639 [126] | firefox-esr [127] |
>> | | |
>> | DSA-4640 [128] | graphicsmagick [129] |
>> | | |
>> | DSA-4642 [130] | thunderbird [131] |
>> | | |
>> | DSA-4646 [132] | icu [133] |
>> | | |
>> | DSA-4647 [134] | bluez [135] |
>> | | |
>> | DSA-4648 [136] | libpam-krb5 [137] |
>> | | |
>> | DSA-4650 [138] | qbittorrent [139] |
>> | | |
>> | DSA-4653 [140] | firefox-esr [141] |
>> | | |
>> | DSA-4655 [142] | firefox-esr [143] |
>> | | |
>> | DSA-4656 [144] | thunderbird [145] |
>> | | |
>> | DSA-4657 [146] | git [147] |
>> | | |
>> | DSA-4659 [148] | git [149] |
>> | | |
>> | DSA-4660 [150] | awl [151] |
>> | | |
>> | DSA-4663 [152] | python-reportlab [153] |
>> | | |
>> | DSA-4664 [154] | mailman [155] |
>> | | |
>> | DSA-4666 [156] | openldap [157] |
>> | | |
>> | DSA-4668 [158] | openjdk-8 [159] |
>> | | |
>> | DSA-4670 [160] | tiff [161] |
>> | | |
>> | DSA-4671 [162] | vlc [163] |
>> | | |
>> | DSA-4673 [164] | tomcat8 [165] |
>> | | |
>> | DSA-4674 [166] | roundcube [167] |
>> | | |
>> | DSA-4675 [168] | graphicsmagick [169] |
>> | | |
>> | DSA-4676 [170] | salt [171] |
>> | | |
>> | DSA-4677 [172] | wordpress [173] |
>> | | |
>> | DSA-4678 [174] | firefox-esr [175] |
>> | | |
>> | DSA-4683 [176] | thunderbird [177] |
>> | | |
>> | DSA-4685 [178] | apt [179] |
>> | | |
>> | DSA-4686 [180] | apache-log4j1.2 [181] |
>> | | |
>> | DSA-4687 [182] | exim4 [183] |
>> | | |
>> | DSA-4688 [184] | dpdk [185] |
>> | | |
>> | DSA-4689 [186] | bind9 [187] |
>> | | |
>> | DSA-4692 [188] | netqmail [189] |
>> | | |
>> | DSA-4693 [190] | drupal7 [191] |
>> | | |
>> | DSA-4695 [192] | firefox-esr [193] |
>> | | |
>> | DSA-4698 [194] | linux [195] |
>> | | |
>> | DSA-4700 [196] | roundcube [197] |
>> | | |
>> | DSA-4701 [198] | intel-microcode [199] |
>> | | |
>> | DSA-4702 [200] | thunderbird [201] |
>> | | |
>> | DSA-4703 [202] | mysql-connector-java [203] |
>> | | |
>> | DSA-4704 [204] | vlc [205] |
>> | | |
>> | DSA-4705 [206] | python-django [207] |
>> | | |
>> | DSA-4706 [208] | drupal7 [209] |
>> | | |
>> | DSA-4707 [210] | mutt [211] |
>> | | |
>> | DSA-4711 [212] | coturn [213] |
>> | | |
>> | DSA-4713 [214] | firefox-esr [215] |
>> | | |
>> | DSA-4715 [216] | imagemagick [217] |
>> | | |
>> | DSA-4717 [218] | php7.0 [219] |
>> | | |
>> | DSA-4718 [220] | thunderbird [221] |
>> | | |
>> +----------------+----------------------------+
>>
>> 76: https://www.debian.org/security/2017/dsa-4005
>> 77: https://packages.debian.org/src:openjfx
>> 78: https://www.debian.org/security/2018/dsa-4255
>> 79: https://packages.debian.org/src:ant
>> 80: https://www.debian.org/security/2018/dsa-4352
>> 81: https://packages.debian.org/src:chromium-browser
>> 82: https://www.debian.org/security/2019/dsa-4379
>> 83: https://packages.debian.org/src:golang-1.7
>> 84: https://www.debian.org/security/2019/dsa-4380
>> 85: https://packages.debian.org/src:golang-1.8
>> 86: https://www.debian.org/security/2019/dsa-4395
>> 87: https://packages.debian.org/src:chromium
>> 88: https://www.debian.org/security/2019/dsa-4421
>> 89: https://packages.debian.org/src:chromium
>> 90: https://www.debian.org/security/2020/dsa-4616
>> 91: https://packages.debian.org/src:qemu
>> 92: https://www.debian.org/security/2020/dsa-4617
>> 93: https://packages.debian.org/src:qtbase-opensource-src
>> 94: https://www.debian.org/security/2020/dsa-4618
>> 95: https://packages.debian.org/src:libexif
>> 96: https://www.debian.org/security/2020/dsa-4619
>> 97: https://packages.debian.org/src:libxmlrpc3-java
>> 98: https://www.debian.org/security/2020/dsa-4620
>> 99: https://packages.debian.org/src:firefox-esr
>> 100: https://www.debian.org/security/2020/dsa-4621
>> 101: https://packages.debian.org/src:openjdk-8
>> 102: https://www.debian.org/security/2020/dsa-4622
>> 103: https://packages.debian.org/src:postgresql-9.6
>> 104: https://www.debian.org/security/2020/dsa-4624
>> 105: https://packages.debian.org/src:evince
>> 106: https://www.debian.org/security/2020/dsa-4625
>> 107: https://packages.debian.org/src:thunderbird
>> 108: https://www.debian.org/security/2020/dsa-4628
>> 109: https://packages.debian.org/src:php7.0
>> 110: https://www.debian.org/security/2020/dsa-4629
>> 111: https://packages.debian.org/src:python-django
>> 112: https://www.debian.org/security/2020/dsa-4630
>> 113: https://packages.debian.org/src:python-pysaml2
>> 114: https://www.debian.org/security/2020/dsa-4631
>> 115: https://packages.debian.org/src:pillow
>> 116: https://www.debian.org/security/2020/dsa-4632
>> 117: https://packages.debian.org/src:ppp
>> 118: https://www.debian.org/security/2020/dsa-4633
>> 119: https://packages.debian.org/src:curl
>> 120: https://www.debian.org/security/2020/dsa-4634
>> 121: https://packages.debian.org/src:opensmtpd
>> 122: https://www.debian.org/security/2020/dsa-4635
>> 123: https://packages.debian.org/src:proftpd-dfsg
>> 124: https://www.debian.org/security/2020/dsa-4637
>> 125: https://packages.debian.org/src:network-manager-ssh
>> 126: https://www.debian.org/security/2020/dsa-4639
>> 127: https://packages.debian.org/src:firefox-esr
>> 128: https://www.debian.org/security/2020/dsa-4640
>> 129: https://packages.debian.org/src:graphicsmagick
>> 130: https://www.debian.org/security/2020/dsa-4642
>> 131: https://packages.debian.org/src:thunderbird
>> 132: https://www.debian.org/security/2020/dsa-4646
>> 133: https://packages.debian.org/src:icu
>> 134: https://www.debian.org/security/2020/dsa-4647
>> 135: https://packages.debian.org/src:bluez
>> 136: https://www.debian.org/security/2020/dsa-4648
>> 137: https://packages.debian.org/src:libpam-krb5
>> 138: https://www.debian.org/security/2020/dsa-4650
>> 139: https://packages.debian.org/src:qbittorrent
>> 140: https://www.debian.org/security/2020/dsa-4653
>> 141: https://packages.debian.org/src:firefox-esr
>> 142: https://www.debian.org/security/2020/dsa-4655
>> 143: https://packages.debian.org/src:firefox-esr
>> 144: https://www.debian.org/security/2020/dsa-4656
>> 145: https://packages.debian.org/src:thunderbird
>> 146: https://www.debian.org/security/2020/dsa-4657
>> 147: https://packages.debian.org/src:git
>> 148: https://www.debian.org/security/2020/dsa-4659
>> 149: https://packages.debian.org/src:git
>> 150: https://www.debian.org/security/2020/dsa-4660
>> 151: https://packages.debian.org/src:awl
>> 152: https://www.debian.org/security/2020/dsa-4663
>> 153: https://packages.debian.org/src:python-reportlab
>> 154: https://www.debian.org/security/2020/dsa-4664
>> 155: https://packages.debian.org/src:mailman
>> 156: https://www.debian.org/security/2020/dsa-4666
>> 157: https://packages.debian.org/src:openldap
>> 158: https://www.debian.org/security/2020/dsa-4668
>> 159: https://packages.debian.org/src:openjdk-8
>> 160: https://www.debian.org/security/2020/dsa-4670
>> 161: https://packages.debian.org/src:tiff
>> 162: https://www.debian.org/security/2020/dsa-4671
>> 163: https://packages.debian.org/src:vlc
>> 164: https://www.debian.org/security/2020/dsa-4673
>> 165: https://packages.debian.org/src:tomcat8
>> 166: https://www.debian.org/security/2020/dsa-4674
>> 167: https://packages.debian.org/src:roundcube
>> 168: https://www.debian.org/security/2020/dsa-4675
>> 169: https://packages.debian.org/src:graphicsmagick
>> 170: https://www.debian.org/security/2020/dsa-4676
>> 171: https://packages.debian.org/src:salt
>> 172: https://www.debian.org/security/2020/dsa-4677
>> 173: https://packages.debian.org/src:wordpress
>> 174: https://www.debian.org/security/2020/dsa-4678
>> 175: https://packages.debian.org/src:firefox-esr
>> 176: https://www.debian.org/security/2020/dsa-4683
>> 177: https://packages.debian.org/src:thunderbird
>> 178: https://www.debian.org/security/2020/dsa-4685
>> 179: https://packages.debian.org/src:apt
>> 180: https://www.debian.org/security/2020/dsa-4686
>> 181: https://packages.debian.org/src:apache-log4j1.2
>> 182: https://www.debian.org/security/2020/dsa-4687
>> 183: https://packages.debian.org/src:exim4
>> 184: https://www.debian.org/security/2020/dsa-4688
>> 185: https://packages.debian.org/src:dpdk
>> 186: https://www.debian.org/security/2020/dsa-4689
>> 187: https://packages.debian.org/src:bind9
>> 188: https://www.debian.org/security/2020/dsa-4692
>> 189: https://packages.debian.org/src:netqmail
>> 190: https://www.debian.org/security/2020/dsa-4693
>> 191: https://packages.debian.org/src:drupal7
>> 192: https://www.debian.org/security/2020/dsa-4695
>> 193: https://packages.debian.org/src:firefox-esr
>> 194: https://www.debian.org/security/2020/dsa-4698
>> 195: https://packages.debian.org/src:linux
>> 196: https://www.debian.org/security/2020/dsa-4700
>> 197: https://packages.debian.org/src:roundcube
>> 198: https://www.debian.org/security/2020/dsa-4701
>> 199: https://packages.debian.org/src:intel-microcode
>> 200: https://www.debian.org/security/2020/dsa-4702
>> 201: https://packages.debian.org/src:thunderbird
>> 202: https://www.debian.org/security/2020/dsa-4703
>> 203: https://packages.debian.org/src:mysql-connector-java
>> 204: https://www.debian.org/security/2020/dsa-4704
>> 205: https://packages.debian.org/src:vlc
>> 206: https://www.debian.org/security/2020/dsa-4705
>> 207: https://packages.debian.org/src:python-django
>> 208: https://www.debian.org/security/2020/dsa-4706
>> 209: https://packages.debian.org/src:drupal7
>> 210: https://www.debian.org/security/2020/dsa-4707
>> 211: https://packages.debian.org/src:mutt
>> 212: https://www.debian.org/security/2020/dsa-4711
>> 213: https://packages.debian.org/src:coturn
>> 214: https://www.debian.org/security/2020/dsa-4713
>> 215: https://packages.debian.org/src:firefox-esr
>> 216: https://www.debian.org/security/2020/dsa-4715
>> 217: https://packages.debian.org/src:imagemagick
>> 218: https://www.debian.org/security/2020/dsa-4717
>> 219: https://packages.debian.org/src:php7.0
>> 220: https://www.debian.org/security/2020/dsa-4718
>> 221: https://packages.debian.org/src:thunderbird
>>
>> Removed packages
>> ----------------
>>
>> The following packages were removed due to circumstances beyond our
>> control:
>>
>> +------------------------------+---------------------------------------+
>> | Package | Reason |
>> +------------------------------+---------------------------------------+
>> | certificatepatrol [222] | Incompatible with newer Firefox ESR |
>> | | versions |
>> | | |
>> | colorediffs-extension [223] | Incompatible with newer Thunderbird |
>> | | versions |
>> | | |
>> | dynalogin [224] | Depends on to-be-removed simpleid |
>> | | |
>> | enigmail [225] | Incompatible with newer Thunderbird |
>> | | versions |
>> | | |
>> | firefox-esr [226] | [armel] No longer supported (requires |
>> | | nodejs) |
>> | | |
>> | firefox-esr [226] | [mips mipsel mips64el] No longer |
>> | | supported (needs newer rustc) |
>> | | |
>> | getlive [227] | Broken due to Hotmail changes |
>> | | |
>> | gplaycli [228] | Broken by Google API changes |
>> | | |
>> | kerneloops [229] | Upstream service no longer available |
>> | | |
>> | libmicrodns [230] | Security issues |
>> | | |
>> | libperlspeak-perl [231] | Security issues; unmaintained |
>> | | |
>> | mathematica-fonts [232] | Relies on unavailable download |
>> | | location |
>> | | |
>> | pdns-recursor [233] | Security issues; unsupported |
>> | | |
>> | predictprotein [234] | Depends on to-be-removed profphd |
>> | | |
>> | profphd [235] | Unusable |
>> | | |
>> | quotecolors [236] | Incompatible with newer Thunderbird |
>> | | versions |
>> | | |
>> | selenium-firefoxdriver [237] | Incompatible with newer Firefox ESR |
>> | | versions |
>> | | |
>> | simpleid [238] | Does not work with PHP7 |
>> | | |
>> | simpleid-ldap [239] | Depends on to-be-removed simpleid |
>> | | |
>> | torbirdy [240] | Incompatible with newer Thunderbird |
>> | | versions |
>> | | |
>> | weboob [241] | Unmaintained; already removed from |
>> | | later releases |
>> | | |
>> | yahoo2mbox [242] | Broken for several years |
>> | | |
>> +------------------------------+---------------------------------------+
>>
>> 222: https://packages.debian.org/src:certificatepatrol
>> 223: https://packages.debian.org/src:colorediffs-extension
>> 224: https://packages.debian.org/src:dynalogin
>> 225: https://packages.debian.org/src:enigmail
>> 226: https://packages.debian.org/src:firefox-esr
>> 227: https://packages.debian.org/src:getlive
>> 228: https://packages.debian.org/src:gplaycli
>> 229: https://packages.debian.org/src:kerneloops
>> 230: https://packages.debian.org/src:libmicrodns
>> 231: https://packages.debian.org/src:libperlspeak-perl
>> 232: https://packages.debian.org/src:mathematica-fonts
>> 233: https://packages.debian.org/src:pdns-recursor
>> 234: https://packages.debian.org/src:predictprotein
>> 235: https://packages.debian.org/src:profphd
>> 236: https://packages.debian.org/src:quotecolors
>> 237: https://packages.debian.org/src:selenium-firefoxdriver
>> 238: https://packages.debian.org/src:simpleid
>> 239: https://packages.debian.org/src:simpleid-ldap
>> 240: https://packages.debian.org/src:torbirdy
>> 241: https://packages.debian.org/src:weboob
>> 242: https://packages.debian.org/src:yahoo2mbox
>>
>> Debian Installer
>> ----------------
>>
>> The installer has been updated to include the fixes incorporated into
>> oldstable by the point release.
>>
>>
>> URLs
>> ----
>>
>> The complete lists of packages that have changed with this revision:
>>
>> http://ftp.debian.org/debian/dists/stretch/ChangeLog
>>
>>
>> The current oldstable distribution:
>>
>> http://ftp.debian.org/debian/dists/oldstable/
>>
>>
>> Proposed updates to the oldstable distribution:
>>
>> http://ftp.debian.org/debian/dists/oldstable-proposed-updates
>>
>>
>> oldstable distribution information (release notes, errata etc.):
>>
>> https://www.debian.org/releases/oldstable/
>>
>>
>> Security announcements and information:
>>
>> https://www.debian.org/security/
>>
>>
>> About Debian
>> ------------
>>
>> The Debian Project is an association of Free Software developers who
>> volunteer their time and effort in order to produce the completely free
>> operating system Debian.
>>
>>
>> Contact Information
>> -------------------
>>
>> For further information, please visit the Debian web pages at
>> https://www.debian.org/, send mail to <press@debian.org>, or contact the
>> stable release team at <debian-release@lists.debian.org>.
>>
>
Reply to: