주의: 이 번역은 원문보다 오래되었습니다.
데비안 8 업데이트: 8.11 릴리스
2018년 6월 23일
데비안 프로젝트는 옛 안정 배포 데비안 8 (코드명 jessie
) 11번째(그리고 마지막) 업데이트 알리게 되어 기쁩니다.
이 포인트 릴리스는 주로 보안 문제에 따른 조정과 심각한 보안 이슈 수정을 추가했습니다.
보안 권고는 이미 별도로 게시했으며 가능한 경우 참조됩니다.
이 포인트 릴리스 이후, 데비안의 보안 및 릴리스 팀은 데비안 8 업데이트를 만들지 않을 겁니다. 보안 지원을 받기를 계속하기를 바라는 사용자는 데비안 9로 업그레이드 하거나, https://wiki.debian.org/LTS에서 LTS에서 지원되는 아키텍처와 패키지의 부분집합에 대한 상세를 봐야 할 겁니다.
The packages for some architectures for DSA 3746, DSA 3944, DSA 3968, DSA 4010, DSA 4014, DSA 4061, DSA 4075, DSA 4102, DSA 4155, DSA 4209 and DSA 4218 are not included in this point release for technical reasons. All other security updates released during the lifetime of "jessie" that have not previously been part of a point release are included in this update.
포인트 릴리스는 데비안 8의 새 버전을 구성하지 않으며
다만 포함된 패키지의 일부만 업데이트함을 주의하세요.
옛 jessie
매체를 던져버릴 필요는 없습니다.
설치 후에, 패키지는 최신 데비안 미러를 써서 현재 버전으로 업그레이드 될 수 있습니다.
Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release.
새 설치 이미지는 일반적 위치에서 곧 가능할 겁니다.
Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at:
기타 버그 수정
이 옛 안정 업데이트는 몇 중요한 수정을 아래 패키지에 추가했습니다:
패키지 | 이유 |
---|---|
adminer | Don't allow connections to privileged ports [CVE-2018-7667] |
base-files | Update for the point release |
blktrace | Fix buffer overflow in btt [CVE-2018-10689] |
bwm-ng | Explicitly build without libstatgrab support |
clamav | Security update [CVE-2017-6418 CVE-2017-6420 CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380]; fix temporary file cleanup issue; new upstream release; new upstream version |
debian-installer | Rebuild for the point release |
debian-installer-netboot-images | Rebuild for the point release |
debian-security-support | Update package data |
dh-make-perl | Support Contents file without header |
dns-root-data | Update IANA DNSSEC files to 2017-02-02 versions |
faad2 | Fix several DoS issues via crafted MP4 files [CVE-2017-9218 CVE-2017-9219 CVE-2017-9220 CVE-2017-9221 CVE-2017-9222 CVE-2017-9223 CVE-2017-9253 CVE-2017-9254 CVE-2017-9255 CVE-2017-9256 CVE-2017-9257] |
file | Avoid reading past the end of a buffer [CVE-2018-10360] |
ghostscript | Fix segfault with fuzzing file in gxht_thresh_image_init; fix buffer overflow in fill_threshold_buffer [CVE-2016-10317]; pdfwrite - Guard against trying to output an infinite number [CVE-2018-10194] |
intel-microcode | Update included microcode, including fixes for Spectre v2 [CVE-2017-5715] |
lame | Fix security issues by switching to use I/O routines from sndfile [CVE-2017-15018 CVE-2017-15045 CVE-2017-15046 CVE-2017-9869 CVE-2017-9870 CVE-2017-9871 CVE-2017-9872] |
libdatetime-timezone-perl | Update included data |
libextractor | Various security fixes [CVE-2017-15266 CVE-2017-15267 CVE-2017-15600 CVE-2017-15601 CVE-2017-15602 CVE-2017-15922 CVE-2017-17440] |
libipc-run-perl | Fix memory leak |
linux | New upstream stable release |
mactelnet | Security fix [CVE-2016-7115] |
ncurses | Fix buffer overflow in the _nc_write_entry function [CVE-2017-16879] |
nvidia-graphics-drivers | New upstream version |
nvidia-graphics-drivers-legacy-304xx | Update to latest driver |
openafs | Fix kernel module build against linux 3.16.51-3+deb8u1 kernels after security update-induced ABI changes |
openldap | Fix upgrade failure when olcSuffix contains a backslash; fix memory corruption caused by calling sasl_client_init() multiple times |
patch | Fix arbitrary command execution in ed-style patches [CVE-2018-1000156] |
postgresql-9.4 | New upstream release |
psensor | Fix directory traversal issue [CVE-2014-10073] |
python-mimeparse | Fix python3-mimeparse's dependencies |
rar | Strip statically linked rar and install the dynamically linked version instead |
reportbug | Stop CCing secure-testing-team@lists.alioth.debian.org |
sam2p | Fix multiple invalid frees and buffer-overflow vulnerabilities [CVE-2018-7487 CVE-2018-7551 CVE-2018-7552 CVE-2018-7553 CVE-2018-7554] |
slurm-llnl | Fix upgrade issue from wheezy |
soundtouch | Security fixes [CVE-2017-9258 CVE-2017-9259 CVE-2017-9260] |
subversion | Fix crashes with Perl bindings, commonly seen when using git-svn |
tzdata | Update included data |
user-mode-linux | Rebuild against current jessie kernel |
virtualbox-guest-additions-iso | Fix multiple security issues [CVE-2016-0592 CVE-2016-0495 CVE-2015-8104 CVE-2015-7183 CVE-2015-5307 CVE-2015-7183 CVE-2015-4813 CVE-2015-4896 CVE-2015-3456] |
xerces-c | Fix Denial of Service via external DTD reference [CVE-2017-12627] |
zsh | Rebuild against libraries currently in jessie |
보안 업데이트
이 리비전은 아래 보안 업데이트를 안정 릴리스에 추가합니다. 보안 팀은 이미 이 업데이트 각각에 대한 경보를 이미 냈습니다:
삭제된 패키지
아래 패키지들은 우리의 통제를 넘어서 삭제되었습니다:
Package | Reason |
---|---|
dolibarr | Too much work to maintain it properly in Debian |
electrum | No longer able to connect to the network |
jirc | Broken with jessie's libpoe-filter-xml-perl |
nvidia-graphics-modules | License problem; incompatible with current kernel ABI |
openstreetmap-client | Broken |
redmine | No longer security supported |
redmine-plugin-pretend | Depends on redmine |
redmine-plugin-recaptcha | Depends on redmine |
redmine-recaptcha | Depends on redmine |
youtube-dl | Incompatible YouTube API changes |
Debian Installer
The installer has been updated to include the fixes incorporated into oldstable by the point release.
URLs
The complete lists of packages that have changed with this revision:
The current oldstable distribution:
Proposed updates to the oldstable distribution:
oldstable distribution information (release notes, errata etc.):
Security announcements and information:
데비안은
The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian.
연락
For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.