Fwd: Updated Debian 11: 11.8 released

unsubscribe newsletter

---------- Forwarded message ---------
From: Donald Norwood <donald@debian.org>
Date: Sat, Oct 7, 2023 at 6:48 PM
Subject: Updated Debian 11: 11.8 released
To: <debian-announce@lists.debian.org>

------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 11: 11.8 released press@debian.org
October 7th, 2023 https://www.debian.org/News/2023/2023100702
------------------------------------------------------------------------

The Debian project is pleased to announce the eighth update of its
oldstable distribution Debian 11 (codename "bullseye"). This point
release mainly adds corrections for security issues, along with a few
adjustments for serious problems. Security advisories have already been
published separately and are referenced where available.

Please note that the point release does not constitute a new version of
Debian 11 but only updates some of the packages included. There is no
need to throw away old "bullseye" media. After installation, packages
can be upgraded to the current versions using an up-to-date Debian
mirror.

Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.

New installation images will be available soon at the regular locations.

Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:

https://www.debian.org/mirror/list

Miscellaneous Bugfixes
----------------------

This oldstable update adds a few important corrections to the following
packages:

+--------------------------+------------------------------------------+
| Package | Reason |
+--------------------------+------------------------------------------+
| adduser [1] | Fix command injection vulnerability in |
| | deluser |
| | |
| aide [2] | Fix handling of extended attributes on |
| | symlinks |
| | |
| amd64-microcode [3] | Update included microcode, including |
| | fixes for "AMD Inception" on AMD Zen4 |
| | processors [CVE-2023-20569] |
| | |
| appstream-glib [4] | Handle <em> and <code> tags in metadata |
| | |
| asmtools [5] | Backport to bullseye for future |
| | openjdk-11 builds |
| | |
| autofs [6] | Fix missing mutex unlock; do not use |
| | rpcbind for NFS4 mounts; fix regression |
| | determining reachability on dual-stack |
| | hosts |
| | |
| base-files [7] | Update for the 11.8 point release |
| | |
| batik [8] | Fix Server Side Request Forgery issues |
| | [CVE-2022-44729 CVE-2022-44730] |
| | |
| bmake [9] | Conflict with bsdowl (<< 2.2.2-1.2~) to |
| | ensure smooth upgrades |
| | |
| boxer-data [10] | Backport thunderbird compatibility fixes |
| | |
| ca-certificates- | Work around unconfigured jre during new |
| java [11] | installations |
| | |
| cairosvg [12] | Handle data: URLs in safe mode |
| | |
| cargo-mozilla [13] | New "upstream" version, to support |
| | building newer firefox-esr versions |
| | |
| clamav [14] | New upstream stable release; fix denial |
| | of service vulnerability via HFS+ parser |
| | [CVE-2023-20197] |
| | |
| cpio [15] | Fix arbitrary code execution issue |
| | [CVE-2021-38185]; replace Suggests: on |
| | libarchive1 with libarchive-dev |
| | |
| cryptmount [16] | Fix memory-initialization in command- |
| | line parser |
| | |
| cups [17] | Fix heap-based buffer overflow issues |
| | [CVE-2023-4504 CVE-2023-32324], |
| | unauthenticated access issue [CVE-2023- |
| | 32360], use-after-free issue [CVE-2023- |
| | 34241] |
| | |
| curl [18] | Fix code execution issues [CVE-2023- |
| | 27533 CVE-2023-27534], information |
| | disclosure issues [CVE-2023-27535 |
| | CVE-2023-27536 CVE-2023-28322], |
| | inappropriate connection re-use issue |
| | [CVE-2023-27538], improper certificate |
| | validation issue [CVE-2023-28321] |
| | |
| dbus [19] | New upstream stable release; fix denial |
| | of service issue [CVE-2023-34969] |
| | |
| debian-design [20] | Rebuild using newer boxer-data |
| | |
| debian-installer [21] | Increase Linux kernel ABI to 5.10.0-26; |
| | rebuild against proposed-updates |
| | |
| debian-installer- | Rebuild against proposed-updates |
| netboot-images [22] | |
| | |
| debian-parl [23] | Rebuild using newer boxer-data |
| | |
| debian-security- | Set DEB_NEXT_VER_ID=12 as bookworm is |
| support [24] | the next release; security-support- |
| | limited: add gnupg1 |
| | |
| distro-info-data [25] | Add Debian 14 "forky" ; correct Ubuntu |
| | 23.04 release date; add Ubuntu 23.10 |
| | Mantic Minotaur; add the planned release |
| | date for Debian bookworm |
| | |
| dkimpy [26] | New upstream bugfix release |
| | |
| dpdk [27] | New upstream stable release |
| | |
| dpkg [28] | Add support for loong64 CPU; handle |
| | missing Version when formatting |
| | source:Upstream-Version; fix varbuf |
| | memory leak in pkg_source_version() |
| | |
| flameshot [29] | Disable uploads to imgur by default; fix |
| | name of d/NEWS file in previous upload |
| | |
| ghostscript [30] | Fix buffer overflow issue [CVE-2023- |
| | 38559]; try and secure the IJS server |
| | startup [CVE-2023-43115] |
| | |
| gitit [31] | Rebuild against new pandoc |
| | |
| grunt [32] | Fix race condition in symlink copying |
| | [CVE-2022-1537] |
| | |
| gss [33] | Add Breaks+Replaces: libgss0 (<< 0.1) |
| | |
| haskell-hakyll [34] | Rebuild against new pandoc |
| | |
| haskell-pandoc- | Rebuild against new pandoc |
| citeproc [35] | |
| | |
| hnswlib [36] | Fix double free in init_index when the M |
| | argument is a large integer [CVE-2023- |
| | 37365] |
| | |
| horizon [37] | Fix open redirect issue [CVE-2022-45582] |
| | |
| inetutils [38] | Check return values for set*id() |
| | functions, avoiding potential security |
| | issues [CVE-2023-40303] |
| | |
| krb5 [39] | Fix free of uninitialised pointer |
| | [CVE-2023-36054] |
| | |
| kscreenlocker [40] | Fix authentication error when using PAM |
| | |
| lacme [41] | Handle CA ready, processing and valid |
| | states correctly |
| | |
| lapack [42] | Fix eigenvector matrix |
| | |
| lemonldap-ng [43] | Fix open redirection when OIDC RP has no |
| | redirect URIs; fix Server Side Request |
| | Forgery issue [CVE-2023-44469]; fix open |
| | redirection due to incorrect escape |
| | handling |
| | |
| libapache-mod-jk [44] | Remove implicit mapping functionality, |
| | which could lead to unintended exposure |
| | of the status worker and/or bypass of |
| | security constraints [CVE-2023-41081] |
| | |
| libbsd [45] | Fix infinite loop in MD5File |
| | |
| libclamunrar [46] | New upstream stable release |
| | |
| libprelude [47] | Make Python module usable |
| | |
| libreswan [48] | Fix denial of service issue [CVE-2023- |
| | 30570] |
| | |
| libsignal-protocol- | Fix integer overflow issue [CVE-2022- |
| c [49] | 48468] |
| | |
| linux [50] | New upstream stable release |
| | |
| linux-signed-amd64 [51] | New upstream stable release |
| | |
| linux-signed-arm64 [52] | New upstream stable release |
| | |
| linux-signed-i386 [53] | New upstream stable release |
| | |
| logrotate [54] | Avoid replacement of /dev/null with a |
| | regular file if used for the state file |
| | |
| ltsp [55] | Avoid using "mv" on init symlink in |
| | order to work around overlayfs issue |
| | |
| lttng-modules [56] | Fix build issues with newer kernel |
| | versions |
| | |
| lua5.3 [57] | Fix use after free in lua_upvaluejoin |
| | (lapi.c) [CVE-2019-6706]; fix |
| | segmentation fault in getlocal and |
| | setlocal (ldebug.c) [CVE-2020-24370] |
| | |
| mariadb-10.5 [58] | New upstream bugfix release [CVE-2022- |
| | 47015] |
| | |
| mujs [59] | Security fix |
| | |
| ncurses [60] | Disallow loading of custom terminfo |
| | entries in setuid/setgid programs |
| | [CVE-2023-29491] |
| | |
| node-css-what [61] | Fix regular _expression_-based denial of |
| | service issue [CVE-2022-21222 CVE-2021- |
| | 33587] |
| | |
| node-json5 [62] | Fix prototype pollution issue [CVE-2022- |
| | 46175] |
| | |
| node-tough-cookie [63] | Security fix: prototype pollution |
| | [CVE-2023-26136] |
| | |
| nvidia-graphics- | New upstream release [CVE-2023-25515 |
| drivers [64] | CVE-2023-25516]; improve compatibility |
| | with recent kernels |
| | |
| nvidia-graphics-drivers- | New upstream release [CVE-2023-25515 |
| tesla-450 [65] | CVE-2023-25516] |
| | |
| nvidia-graphics-drivers- | New upstream bugfix release [CVE-2023- |
| tesla-470 [66] | 25515 CVE-2023-25516] |
| | |
| openblas [67] | Fix results of DGEMM on AVX512-capable |
| | hardware, when the package has been |
| | built on pre-AVX2 hardware |
| | |
| openssh [68] | Fix remote code execution issue via a |
| | forwarded agent socket [CVE-2023-38408] |
| | |
| openssl [69] | New upstream stable release; fix denial |
| | of service issues [CVE-2023-3446 |
| | CVE-2023-3817] |
| | |
| org-mode [70] | Fix command injection vulnerability |
| | [CVE-2023-28617] |
| | |
| pandoc [71] | Fix arbitrary file write issues |
| | [CVE-2023-35936 CVE-2023-38745] |
| | |
| pev [72] | Fix buffer overflow issue [CVE-2021- |
| | 45423] |
| | |
| php-guzzlehttp-psr7 [73] | Fix improper input validation [CVE-2023- |
| | 29197] |
| | |
| php-nyholm-psr7 [74] | Fix improper input validation issue |
| | [CVE-2023-29197] |
| | |
| postgis [75] | Fix axis order regression |
| | |
| protobuf [76] | Security fixes: DoS in Java [CVE-2021- |
| | 22569]; NULL pointer dereference |
| | [CVE-2021-22570]; memory DoS [CVE-2022- |
| | 1941] |
| | |
| python2.7 [77] | Fix "parameter cloaking" issue |
| | [CVE-2021-23336], URL injection issue |
| | [CVE-2022-0391], use-after-free issue |
| | [CVE-2022-48560], XML External Entity |
| | issue [CVE-2022-48565]; improve |
| | constant-time comparisons in |
| | compare_digest() [CVE-2022-48566]; |
| | improve URL parsing [CVE-2023-24329]; |
| | prevent reading unauthenticated data on |
| | an SSLSocket [CVE-2023-40217] |
| | |
| qemu [78] | Fix infinite loop [CVE-2020-14394], NULL |
| | pointer dereference issue [CVE-2021- |
| | 20196], integer overflow issue |
| | [CVE-2021-20203], buffer overflow issues |
| | [CVE-2021-3507 CVE-2023-3180], denial of |
| | service issues [CVE-2021-3930 CVE-2023- |
| | 3301], use-after-free issue [CVE-2022- |
| | 0216], possible stack overflow and use- |
| | after-free issues [CVE-2023-0330], out- |
| | of-bounds read issue [CVE-2023-1544] |
| | |
| rar [79] | New upstream release; fix directory |
| | traversal issue [CVE-2022-30333]; fix |
| | arbitrary code execution issue |
| | [CVE-2023-40477] |
| | |
| rhonabwy [80] | Fix aesgcm buffer overflow [CVE-2022- |
| | 32096] |
| | |
| roundcube [81] | New upstream stable release; fix cross- |
| | site scripting issue [CVE-2023-43770]; |
| | Enigma: Fix initial synchronization of |
| | private keys |
| | |
| rust-cbindgen [82] | New "upstream" version, to support |
| | building newer firefox-esr versions |
| | |
| rustc-mozilla [83] | New "upstream" version, to support |
| | building newer firefox-esr versions |
| | |
| schleuder [84] | Add versioned dependency on ruby- |
| | activerecord |
| | |
| sgt-puzzles [85] | Fix various security issues in game |
| | loading [CVE-2023-24283 CVE-2023-24284 |
| | CVE-2023-24285 CVE-2023-24287 CVE-2023- |
| | 24288 CVE-2023-24291] |
| | |
| spip [86] | Several security fixes; security fix for |
| | extended authentification data filtering |
| | |
| spyder [87] | Fix broken patch in previous update |
| | |
| systemd [88] | Udev: fix creating /dev/serial/by-id/ |
| | symlinks for USB devices; fix memory |
| | leak on daemon-reload; fix a calendar |
| | spec calculation hang on DST change if |
| | TZ=Europe/Dublin |
| | |
| tang [89] | Fix race condition when creating/ |
| | rotating keys; assert restrictive |
| | permissions on key directory [CVE-2023- |
| | 1672]; make tangd-rotate-keys executable |
| | |
| testng7 [90] | Backport to oldstable for future |
| | openjdk-17 builds |
| | |
| tinyssh [91] | Work around incoming packets which don't |
| | honour max packet length |
| | |
| unrar-nonfree [92] | Fix file overwrite issue [CVE-2022- |
| | 48579]; fix remote code execution issue |
| | [CVE-2023-40477] |
| | |
| xen [93] | New upstream stable release; fix |
| | security issues [CVE-2023-20593 |
| | CVE-2023-20569 CVE-2022-40982] |
| | |
| yajl [94] | Memory leak security fix; security |
| | fixes: potential denial of service with |
| | crafted JSON file [CVE-2017-16516]; heap |
| | memory corruption when dealing with |
| | large (~2GB) inputs [CVE-2022-24795]; |
| | fix incomplete patch for CVE-2023-33460 |
| | |
+--------------------------+------------------------------------------+

1: https://packages.debian.org/src:adduser
2: https://packages.debian.org/src:aide
3: https://packages.debian.org/src:amd64-microcode
4: https://packages.debian.org/src:appstream-glib
5: https://packages.debian.org/src:asmtools
6: https://packages.debian.org/src:autofs
7: https://packages.debian.org/src:base-files
8: https://packages.debian.org/src:batik
9: https://packages.debian.org/src:bmake
10: https://packages.debian.org/src:boxer-data
11: https://packages.debian.org/src:ca-certificates-java
12: https://packages.debian.org/src:cairosvg
13: https://packages.debian.org/src:cargo-mozilla
14: https://packages.debian.org/src:clamav
15: https://packages.debian.org/src:cpio
16: https://packages.debian.org/src:cryptmount
17: https://packages.debian.org/src:cups
18: https://packages.debian.org/src:curl
19: https://packages.debian.org/src:dbus
20: https://packages.debian.org/src:debian-design
21: https://packages.debian.org/src:debian-installer
22: https://packages.debian.org/src:debian-installer-netboot-images
23: https://packages.debian.org/src:debian-parl
24: https://packages.debian.org/src:debian-security-support
25: https://packages.debian.org/src:distro-info-data
26: https://packages.debian.org/src:dkimpy
27: https://packages.debian.org/src:dpdk
28: https://packages.debian.org/src:dpkg
29: https://packages.debian.org/src:flameshot
30: https://packages.debian.org/src:ghostscript
31: https://packages.debian.org/src:gitit
32: https://packages.debian.org/src:grunt
33: https://packages.debian.org/src:gss
34: https://packages.debian.org/src:haskell-hakyll
35: https://packages.debian.org/src:haskell-pandoc-citeproc
36: https://packages.debian.org/src:hnswlib
37: https://packages.debian.org/src:horizon
38: https://packages.debian.org/src:inetutils
39: https://packages.debian.org/src:krb5
40: https://packages.debian.org/src:kscreenlocker
41: https://packages.debian.org/src:lacme
42: https://packages.debian.org/src:lapack
43: https://packages.debian.org/src:lemonldap-ng
44: https://packages.debian.org/src:libapache-mod-jk
45: https://packages.debian.org/src:libbsd
46: https://packages.debian.org/src:libclamunrar
47: https://packages.debian.org/src:libprelude
48: https://packages.debian.org/src:libreswan
49: https://packages.debian.org/src:libsignal-protocol-c
50: https://packages.debian.org/src:linux
51: https://packages.debian.org/src:linux-signed-amd64
52: https://packages.debian.org/src:linux-signed-arm64
53: https://packages.debian.org/src:linux-signed-i386
54: https://packages.debian.org/src:logrotate
55: https://packages.debian.org/src:ltsp
56: https://packages.debian.org/src:lttng-modules
57: https://packages.debian.org/src:lua5.3
58: https://packages.debian.org/src:mariadb-10.5
59: https://packages.debian.org/src:mujs
60: https://packages.debian.org/src:ncurses
61: https://packages.debian.org/src:node-css-what
62: https://packages.debian.org/src:node-json5
63: https://packages.debian.org/src:node-tough-cookie
64: https://packages.debian.org/src:nvidia-graphics-drivers
65: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-450
66: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-470
67: https://packages.debian.org/src:openblas
68: https://packages.debian.org/src:openssh
69: https://packages.debian.org/src:openssl
70: https://packages.debian.org/src:org-mode
71: https://packages.debian.org/src:pandoc
72: https://packages.debian.org/src:pev
73: https://packages.debian.org/src:php-guzzlehttp-psr7
74: https://packages.debian.org/src:php-nyholm-psr7
75: https://packages.debian.org/src:postgis
76: https://packages.debian.org/src:protobuf
77: https://packages.debian.org/src:python2.7
78: https://packages.debian.org/src:qemu
79: https://packages.debian.org/src:rar
80: https://packages.debian.org/src:rhonabwy
81: https://packages.debian.org/src:roundcube
82: https://packages.debian.org/src:rust-cbindgen
83: https://packages.debian.org/src:rustc-mozilla
84: https://packages.debian.org/src:schleuder
85: https://packages.debian.org/src:sgt-puzzles
86: https://packages.debian.org/src:spip
87: https://packages.debian.org/src:spyder
88: https://packages.debian.org/src:systemd
89: https://packages.debian.org/src:tang
90: https://packages.debian.org/src:testng7
91: https://packages.debian.org/src:tinyssh
92: https://packages.debian.org/src:unrar-nonfree
93: https://packages.debian.org/src:xen
94: https://packages.debian.org/src:yajl

Security Updates
----------------

This revision adds the following security updates to the oldstable
release. The Security Team has already released an advisory for each of
these updates:

+----------------+-----------------------------------+
| Advisory ID | Package |
+----------------+-----------------------------------+
| DSA-5394 [95] | ffmpeg [96] |
| | |
| DSA-5395 [97] | nodejs [98] |
| | |
| DSA-5396 [99] | evolution [100] |
| | |
| DSA-5396 [101] | webkit2gtk [102] |
| | |
| DSA-5397 [103] | wpewebkit [104] |
| | |
| DSA-5398 [105] | chromium [106] |
| | |
| DSA-5399 [107] | odoo [108] |
| | |
| DSA-5400 [109] | firefox-esr [110] |
| | |
| DSA-5401 [111] | postgresql-13 [112] |
| | |
| DSA-5402 [113] | linux-signed-amd64 [114] |
| | |
| DSA-5402 [115] | linux-signed-arm64 [116] |
| | |
| DSA-5402 [117] | linux-signed-i386 [118] |
| | |
| DSA-5402 [119] | linux [120] |
| | |
| DSA-5403 [121] | thunderbird [122] |
| | |
| DSA-5404 [123] | chromium [124] |
| | |
| DSA-5405 [125] | libapache2-mod-auth-openidc [126] |
| | |
| DSA-5406 [127] | texlive-bin [128] |
| | |
| DSA-5407 [129] | cups-filters [130] |
| | |
| DSA-5408 [131] | libwebp [132] |
| | |
| DSA-5409 [133] | libssh [134] |
| | |
| DSA-5410 [135] | sofia-sip [136] |
| | |
| DSA-5411 [137] | gpac [138] |
| | |
| DSA-5412 [139] | libraw [140] |
| | |
| DSA-5413 [141] | sniproxy [142] |
| | |
| DSA-5414 [143] | docker-registry [144] |
| | |
| DSA-5415 [145] | libreoffice [146] |
| | |
| DSA-5416 [147] | connman [148] |
| | |
| DSA-5417 [149] | openssl [150] |
| | |
| DSA-5418 [151] | chromium [152] |
| | |
| DSA-5419 [153] | c-ares [154] |
| | |
| DSA-5420 [155] | chromium [156] |
| | |
| DSA-5421 [157] | firefox-esr [158] |
| | |
| DSA-5422 [159] | jupyter-core [160] |
| | |
| DSA-5423 [161] | thunderbird [162] |
| | |
| DSA-5424 [163] | php7.4 [164] |
| | |
| DSA-5426 [165] | owslib [166] |
| | |
| DSA-5427 [167] | webkit2gtk [168] |
| | |
| DSA-5428 [169] | chromium [170] |
| | |
| DSA-5430 [171] | openjdk-17 [172] |
| | |
| DSA-5431 [173] | sofia-sip [174] |
| | |
| DSA-5432 [175] | xmltooling [176] |
| | |
| DSA-5433 [177] | libx11 [178] |
| | |
| DSA-5434 [179] | minidlna [180] |
| | |
| DSA-5435 [181] | trafficserver [182] |
| | |
| DSA-5436 [183] | hsqldb1.8.0 [184] |
| | |
| DSA-5437 [185] | hsqldb [186] |
| | |
| DSA-5438 [187] | asterisk [188] |
| | |
| DSA-5439 [189] | bind9 [190] |
| | |
| DSA-5440 [191] | chromium [192] |
| | |
| DSA-5441 [193] | maradns [194] |
| | |
| DSA-5442 [195] | flask [196] |
| | |
| DSA-5443 [197] | gst-plugins-base1.0 [198] |
| | |
| DSA-5444 [199] | gst-plugins-bad1.0 [200] |
| | |
| DSA-5445 [201] | gst-plugins-good1.0 [202] |
| | |
| DSA-5446 [203] | ghostscript [204] |
| | |
| DSA-5447 [205] | mediawiki [206] |
| | |
| DSA-5449 [207] | webkit2gtk [208] |
| | |
| DSA-5450 [209] | firefox-esr [210] |
| | |
| DSA-5451 [211] | thunderbird [212] |
| | |
| DSA-5452 [213] | gpac [214] |
| | |
| DSA-5453 [215] | linux-signed-amd64 [216] |
| | |
| DSA-5453 [217] | linux-signed-arm64 [218] |
| | |
| DSA-5453 [219] | linux-signed-i386 [220] |
| | |
| DSA-5453 [221] | linux [222] |
| | |
| DSA-5455 [223] | iperf3 [224] |
| | |
| DSA-5456 [225] | chromium [226] |
| | |
| DSA-5457 [227] | webkit2gtk [228] |
| | |
| DSA-5459 [229] | amd64-microcode [230] |
| | |
| DSA-5461 [231] | linux-signed-amd64 [232] |
| | |
| DSA-5461 [233] | linux-signed-arm64 [234] |
| | |
| DSA-5461 [235] | linux-signed-i386 [236] |
| | |
| DSA-5461 [237] | linux [238] |
| | |
| DSA-5463 [239] | thunderbird [240] |
| | |
| DSA-5464 [241] | firefox-esr [242] |
| | |
| DSA-5465 [243] | python-django [244] |
| | |
| DSA-5467 [245] | chromium [246] |
| | |
| DSA-5468 [247] | webkit2gtk [248] |
| | |
| DSA-5470 [249] | python-werkzeug [250] |
| | |
| DSA-5471 [251] | libhtmlcleaner-java [252] |
| | |
| DSA-5472 [253] | cjose [254] |
| | |
| DSA-5473 [255] | orthanc [256] |
| | |
| DSA-5474 [257] | intel-microcode [258] |
| | |
| DSA-5475 [259] | linux-signed-amd64 [260] |
| | |
| DSA-5475 [261] | linux-signed-arm64 [262] |
| | |
| DSA-5475 [263] | linux-signed-i386 [264] |
| | |
| DSA-5475 [265] | linux [266] |
| | |
| DSA-5476 [267] | gst-plugins-ugly1.0 [268] |
| | |
| DSA-5478 [269] | openjdk-11 [270] |
| | |
| DSA-5479 [271] | chromium [272] |
| | |
| DSA-5480 [273] | linux-signed-amd64 [274] |
| | |
| DSA-5480 [275] | linux-signed-arm64 [276] |
| | |
| DSA-5480 [277] | linux-signed-i386 [278] |
| | |
| DSA-5480 [279] | linux [280] |
| | |
| DSA-5481 [281] | fastdds [282] |
| | |
| DSA-5482 [283] | tryton-server [284] |
| | |
| DSA-5483 [285] | chromium [286] |
| | |
| DSA-5484 [287] | librsvg [288] |
| | |
| DSA-5485 [289] | firefox-esr [290] |
| | |
| DSA-5486 [291] | json-c [292] |
| | |
| DSA-5487 [293] | chromium [294] |
| | |
| DSA-5489 [295] | file [296] |
| | |
| DSA-5490 [297] | aom [298] |
| | |
| DSA-5491 [299] | chromium [300] |
| | |
| DSA-5493 [301] | open-vm-tools [302] |
| | |
| DSA-5494 [303] | mutt [304] |
| | |
| DSA-5495 [305] | frr [306] |
| | |
| DSA-5497 [307] | libwebp [308] |
| | |
| DSA-5500 [309] | flac [310] |
| | |
| DSA-5502 [311] | xorgxrdp [312] |
| | |
| DSA-5502 [313] | xrdp [314] |
| | |
| DSA-5503 [315] | netatalk [316] |
| | |
| DSA-5504 [317] | bind9 [318] |
| | |
| DSA-5505 [319] | lldpd [320] |
| | |
| DSA-5507 [321] | jetty9 [322] |
| | |
| DSA-5510 [323] | libvpx [324] |
| | |
+----------------+-----------------------------------+

95: https://www.debian.org/security/2023/dsa-5394
96: https://packages.debian.org/src:ffmpeg
97: https://www.debian.org/security/2023/dsa-5395
98: https://packages.debian.org/src:nodejs
99: https://www.debian.org/security/2023/dsa-5396
100: https://packages.debian.org/src:evolution
101: https://www.debian.org/security/2023/dsa-5396
102: https://packages.debian.org/src:webkit2gtk
103: https://www.debian.org/security/2023/dsa-5397
104: https://packages.debian.org/src:wpewebkit
105: https://www.debian.org/security/2023/dsa-5398
106: https://packages.debian.org/src:chromium
107: https://www.debian.org/security/2023/dsa-5399
108: https://packages.debian.org/src:odoo
109: https://www.debian.org/security/2023/dsa-5400
110: https://packages.debian.org/src:firefox-esr
111: https://www.debian.org/security/2023/dsa-5401
112: https://packages.debian.org/src:postgresql-13
113: https://www.debian.org/security/2023/dsa-5402
114: https://packages.debian.org/src:linux-signed-amd64
115: https://www.debian.org/security/2023/dsa-5402
116: https://packages.debian.org/src:linux-signed-arm64
117: https://www.debian.org/security/2023/dsa-5402
118: https://packages.debian.org/src:linux-signed-i386
119: https://www.debian.org/security/2023/dsa-5402
120: https://packages.debian.org/src:linux
121: https://www.debian.org/security/2023/dsa-5403
122: https://packages.debian.org/src:thunderbird
123: https://www.debian.org/security/2023/dsa-5404
124: https://packages.debian.org/src:chromium
125: https://www.debian.org/security/2023/dsa-5405
126: https://packages.debian.org/src:libapache2-mod-auth-openidc
127: https://www.debian.org/security/2023/dsa-5406
128: https://packages.debian.org/src:texlive-bin
129: https://www.debian.org/security/2023/dsa-5407
130: https://packages.debian.org/src:cups-filters
131: https://www.debian.org/security/2023/dsa-5408
132: https://packages.debian.org/src:libwebp
133: https://www.debian.org/security/2023/dsa-5409
134: https://packages.debian.org/src:libssh
135: https://www.debian.org/security/2023/dsa-5410
136: https://packages.debian.org/src:sofia-sip
137: https://www.debian.org/security/2023/dsa-5411
138: https://packages.debian.org/src:gpac
139: https://www.debian.org/security/2023/dsa-5412
140: https://packages.debian.org/src:libraw
141: https://www.debian.org/security/2023/dsa-5413
142: https://packages.debian.org/src:sniproxy
143: https://www.debian.org/security/2023/dsa-5414
144: https://packages.debian.org/src:docker-registry
145: https://www.debian.org/security/2023/dsa-5415
146: https://packages.debian.org/src:libreoffice
147: https://www.debian.org/security/2023/dsa-5416
148: https://packages.debian.org/src:connman
149: https://www.debian.org/security/2023/dsa-5417
150: https://packages.debian.org/src:openssl
151: https://www.debian.org/security/2023/dsa-5418
152: https://packages.debian.org/src:chromium
153: https://www.debian.org/security/2023/dsa-5419
154: https://packages.debian.org/src:c-ares
155: https://www.debian.org/security/2023/dsa-5420
156: https://packages.debian.org/src:chromium
157: https://www.debian.org/security/2023/dsa-5421
158: https://packages.debian.org/src:firefox-esr
159: https://www.debian.org/security/2023/dsa-5422
160: https://packages.debian.org/src:jupyter-core
161: https://www.debian.org/security/2023/dsa-5423
162: https://packages.debian.org/src:thunderbird
163: https://www.debian.org/security/2023/dsa-5424
164: https://packages.debian.org/src:php7.4
165: https://www.debian.org/security/2023/dsa-5426
166: https://packages.debian.org/src:owslib
167: https://www.debian.org/security/2023/dsa-5427
168: https://packages.debian.org/src:webkit2gtk
169: https://www.debian.org/security/2023/dsa-5428
170: https://packages.debian.org/src:chromium
171: https://www.debian.org/security/2023/dsa-5430
172: https://packages.debian.org/src:openjdk-17
173: https://www.debian.org/security/2023/dsa-5431
174: https://packages.debian.org/src:sofia-sip
175: https://www.debian.org/security/2023/dsa-5432
176: https://packages.debian.org/src:xmltooling
177: https://www.debian.org/security/2023/dsa-5433
178: https://packages.debian.org/src:libx11
179: https://www.debian.org/security/2023/dsa-5434
180: https://packages.debian.org/src:minidlna
181: https://www.debian.org/security/2023/dsa-5435
182: https://packages.debian.org/src:trafficserver
183: https://www.debian.org/security/2023/dsa-5436
184: https://packages.debian.org/src:hsqldb1.8.0
185: https://www.debian.org/security/2023/dsa-5437
186: https://packages.debian.org/src:hsqldb
187: https://www.debian.org/security/2023/dsa-5438
188: https://packages.debian.org/src:asterisk
189: https://www.debian.org/security/2023/dsa-5439
190: https://packages.debian.org/src:bind9
191: https://www.debian.org/security/2023/dsa-5440
192: https://packages.debian.org/src:chromium
193: https://www.debian.org/security/2023/dsa-5441
194: https://packages.debian.org/src:maradns
195: https://www.debian.org/security/2023/dsa-5442
196: https://packages.debian.org/src:flask
197: https://www.debian.org/security/2023/dsa-5443
198: https://packages.debian.org/src:gst-plugins-base1.0
199: https://www.debian.org/security/2023/dsa-5444
200: https://packages.debian.org/src:gst-plugins-bad1.0
201: https://www.debian.org/security/2023/dsa-5445
202: https://packages.debian.org/src:gst-plugins-good1.0
203: https://www.debian.org/security/2023/dsa-5446
204: https://packages.debian.org/src:ghostscript
205: https://www.debian.org/security/2023/dsa-5447
206: https://packages.debian.org/src:mediawiki
207: https://www.debian.org/security/2023/dsa-5449
208: https://packages.debian.org/src:webkit2gtk
209: https://www.debian.org/security/2023/dsa-5450
210: https://packages.debian.org/src:firefox-esr
211: https://www.debian.org/security/2023/dsa-5451
212: https://packages.debian.org/src:thunderbird
213: https://www.debian.org/security/2023/dsa-5452
214: https://packages.debian.org/src:gpac
215: https://www.debian.org/security/2023/dsa-5453
216: https://packages.debian.org/src:linux-signed-amd64
217: https://www.debian.org/security/2023/dsa-5453
218: https://packages.debian.org/src:linux-signed-arm64
219: https://www.debian.org/security/2023/dsa-5453
220: https://packages.debian.org/src:linux-signed-i386
221: https://www.debian.org/security/2023/dsa-5453
222: https://packages.debian.org/src:linux
223: https://www.debian.org/security/2023/dsa-5455
224: https://packages.debian.org/src:iperf3
225: https://www.debian.org/security/2023/dsa-5456
226: https://packages.debian.org/src:chromium
227: https://www.debian.org/security/2023/dsa-5457
228: https://packages.debian.org/src:webkit2gtk
229: https://www.debian.org/security/2023/dsa-5459
230: https://packages.debian.org/src:amd64-microcode
231: https://www.debian.org/security/2023/dsa-5461
232: https://packages.debian.org/src:linux-signed-amd64
233: https://www.debian.org/security/2023/dsa-5461
234: https://packages.debian.org/src:linux-signed-arm64
235: https://www.debian.org/security/2023/dsa-5461
236: https://packages.debian.org/src:linux-signed-i386
237: https://www.debian.org/security/2023/dsa-5461
238: https://packages.debian.org/src:linux
239: https://www.debian.org/security/2023/dsa-5463
240: https://packages.debian.org/src:thunderbird
241: https://www.debian.org/security/2023/dsa-5464
242: https://packages.debian.org/src:firefox-esr
243: https://www.debian.org/security/2023/dsa-5465
244: https://packages.debian.org/src:python-django
245: https://www.debian.org/security/2023/dsa-5467
246: https://packages.debian.org/src:chromium
247: https://www.debian.org/security/2023/dsa-5468
248: https://packages.debian.org/src:webkit2gtk
249: https://www.debian.org/security/2023/dsa-5470
250: https://packages.debian.org/src:python-werkzeug
251: https://www.debian.org/security/2023/dsa-5471
252: https://packages.debian.org/src:libhtmlcleaner-java
253: https://www.debian.org/security/2023/dsa-5472
254: https://packages.debian.org/src:cjose
255: https://www.debian.org/security/2023/dsa-5473
256: https://packages.debian.org/src:orthanc
257: https://www.debian.org/security/2023/dsa-5474
258: https://packages.debian.org/src:intel-microcode
259: https://www.debian.org/security/2023/dsa-5475
260: https://packages.debian.org/src:linux-signed-amd64
261: https://www.debian.org/security/2023/dsa-5475
262: https://packages.debian.org/src:linux-signed-arm64
263: https://www.debian.org/security/2023/dsa-5475
264: https://packages.debian.org/src:linux-signed-i386
265: https://www.debian.org/security/2023/dsa-5475
266: https://packages.debian.org/src:linux
267: https://www.debian.org/security/2023/dsa-5476
268: https://packages.debian.org/src:gst-plugins-ugly1.0
269: https://www.debian.org/security/2023/dsa-5478
270: https://packages.debian.org/src:openjdk-11
271: https://www.debian.org/security/2023/dsa-5479
272: https://packages.debian.org/src:chromium
273: https://www.debian.org/security/2023/dsa-5480
274: https://packages.debian.org/src:linux-signed-amd64
275: https://www.debian.org/security/2023/dsa-5480
276: https://packages.debian.org/src:linux-signed-arm64
277: https://www.debian.org/security/2023/dsa-5480
278: https://packages.debian.org/src:linux-signed-i386
279: https://www.debian.org/security/2023/dsa-5480
280: https://packages.debian.org/src:linux
281: https://www.debian.org/security/2023/dsa-5481
282: https://packages.debian.org/src:fastdds
283: https://www.debian.org/security/2023/dsa-5482
284: https://packages.debian.org/src:tryton-server
285: https://www.debian.org/security/2023/dsa-5483
286: https://packages.debian.org/src:chromium
287: https://www.debian.org/security/2023/dsa-5484
288: https://packages.debian.org/src:librsvg
289: https://www.debian.org/security/2023/dsa-5485
290: https://packages.debian.org/src:firefox-esr
291: https://www.debian.org/security/2023/dsa-5486
292: https://packages.debian.org/src:json-c
293: https://www.debian.org/security/2023/dsa-5487
294: https://packages.debian.org/src:chromium
295: https://www.debian.org/security/2023/dsa-5489
296: https://packages.debian.org/src:file
297: https://www.debian.org/security/2023/dsa-5490
298: https://packages.debian.org/src:aom
299: https://www.debian.org/security/2023/dsa-5491
300: https://packages.debian.org/src:chromium
301: https://www.debian.org/security/2023/dsa-5493
302: https://packages.debian.org/src:open-vm-tools
303: https://www.debian.org/security/2023/dsa-5494
304: https://packages.debian.org/src:mutt
305: https://www.debian.org/security/2023/dsa-5495
306: https://packages.debian.org/src:frr
307: https://www.debian.org/security/2023/dsa-5497
308: https://packages.debian.org/src:libwebp
309: https://www.debian.org/security/2023/dsa-5500
310: https://packages.debian.org/src:flac
311: https://www.debian.org/security/2023/dsa-5502
312: https://packages.debian.org/src:xorgxrdp
313: https://www.debian.org/security/2023/dsa-5502
314: https://packages.debian.org/src:xrdp
315: https://www.debian.org/security/2023/dsa-5503
316: https://packages.debian.org/src:netatalk
317: https://www.debian.org/security/2023/dsa-5504
318: https://packages.debian.org/src:bind9
319: https://www.debian.org/security/2023/dsa-5505
320: https://packages.debian.org/src:lldpd
321: https://www.debian.org/security/2023/dsa-5507
322: https://packages.debian.org/src:jetty9
323: https://www.debian.org/security/2023/dsa-5510
324: https://packages.debian.org/src:libvpx

Removed packages
----------------

The following packages were removed due to circumstances beyond our
control:

+------------------------+------------------------------------------+
| Package | Reason |
+------------------------+------------------------------------------+
| atlas-cpp [325] | unstable upstream, unsuitable for Debian |
| | |
| ember-media [326] | unstable upstream, unsuitable for Debian |
| | |
| eris [327] | unstable upstream, unsuitable for Debian |
| | |
| libwfut [328] | unstable upstream, unsuitable for Debian |
| | |
| mercator [329] | unstable upstream, unsuitable for Debian |
| | |
| nomad [330] | security fixes no longer available |
| | |
| nomad-driver-lxc [331] | depends on to-be-removed nomad |
| | |
| skstream [332] | unstable upstream, unsuitable for Debian |
| | |
| varconf [333] | unstable upstream, unsuitable for Debian |
| | |
| wfmath [334] | unstable upstream, unsuitable for Debian |
| | |
+------------------------+------------------------------------------+

325: https://packages.debian.org/src:atlas-cpp
326: https://packages.debian.org/src:ember-media
327: https://packages.debian.org/src:eris
328: https://packages.debian.org/src:libwfut
329: https://packages.debian.org/src:mercator
330: https://packages.debian.org/src:nomad
331: https://packages.debian.org/src:nomad-driver-lxc
332: https://packages.debian.org/src:skstream
333: https://packages.debian.org/src:varconf
334: https://packages.debian.org/src:wfmath

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into
oldstable by the point release.

URLs
----

The complete lists of packages that have changed with this revision:

https://deb.debian.org/debian/dists/bullseye/ChangeLog

The current oldstable distribution:

https://deb.debian.org/debian/dists/oldstable/

Proposed updates to the oldstable distribution:

https://deb.debian.org/debian/dists/oldstable-proposed-updates

oldstable distribution information (release notes, errata etc.):

https://www.debian.org/releases/oldstable/

Security announcements and information:

https://www.debian.org/security/

About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.

Contact Information
-------------------

For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to <press@debian.org>, or contact the
stable release team at <debian-release@lists.debian.org>.