Debian 10 更新:10.2 發佈
2019年11月16日
Debian 項目很高興地宣佈對 Debian 10 穩定版的第二次更新(發行版代號 buster
)。此次小版本更新主要添加了對安全問題的修正補丁,以及為一些嚴重問題所作的調整。安全通告已單獨發佈,並會在適當的情況下予以引用。
請注意,此更新並不是 Debian 10 的新版本,它僅更新了所包含的一些套件。沒有必要丟棄舊的buster
的安裝介質。在安裝之後,只需使用最新的 Debian 映射站台更新舊的套件即可。
經常從 security.debian.org 安裝更新的使用者將不必更新許多套件,因本更新中包含了 security.debian.org 的大多數更新。
新的安裝映射站台即將於常規的位置予以提供。
只需令套件管理系統指向 Debian 的許多 HTTP 映射站台之一,您便能夠把已有的系統升級至本次更新版本。詳盡的映射站台列表可以在以下網址處獲得:
雜項錯誤修正
此穩定版更新為以下套件添加了一些重要的修正:
套件 | 原因 |
---|---|
aegisub | Fix crash when selecting a language from the bottom of the Spell checker languagelist; fix crash when right-clicking in the subtitles text box |
akonadi | Fix various crashes / deadlock issues |
base-files | Update /etc/debian_version for the point release |
capistrano | Fix failure to remove old releases when there were too many |
cron | 停止使用過時的 SELinux API |
cyrus-imapd | Fix data loss on upgrade from version 3.0.0 or earlier |
debian-edu-config | Handle newer Firefox ESR configuration files; add post-up stanza to /etc/network/interfaces eth0 entry conditionally |
debian-installer | 修復使用 EFI 引導的 netboot 映像時在 hidpi 顯示器上出現的不可讀字型 |
debian-installer-netboot-images | Rebuild against proposed-updates |
distro-info-data | Add Ubuntu 20.04 LTS, Focal Fossa |
dkimpy-milter | 新上游穩定釋出版本; fix sysvinit support; catch more ASCII encoding errors to improve resilience against bad data; fix message extraction so that signing in the same pass through the milter as verifying works correctly |
emacs | Update the EPLA packaging key |
fence-agents | Fix incomplete removal of fence_amt_ws |
flatpak | 新上游穩定釋出版本 |
flightcrew | Security fixes [CVE-2019-13032 CVE-2019-13241] |
fonts-noto-cjk | 修復中文環境下在現代瀏覽器中 Noto CJK 字型的過於激進的字型選擇問題 |
freetype | Properly handle phantom points for variable hinted fonts |
gdb | Rebuild against new libbabeltrace, with higher version number to avoid conflict with earlier upload |
glib2.0 | Ensure libdbus clients can authenticate with a GDBusServer like the one in ibus |
gnome-shell | 新上游穩定釋出版本; fix truncation of long messages in Shell-modal dialogs; avoid crash on reallocation of dead actors |
gnome-sound-recorder | Fix crash when selecting a recording |
gnustep-base | Disable gdomap daemon that was accidentally enabled on upgrades from stretch |
graphite-web | Remove unused send_emailfunction [CVE-2017-18638]; avoid hourly error in cron when there is no whisper database |
inn2 | Fix negotiation of DHE ciphersuites |
libapache-mod-auth-kerb | Fix use after free bug leading to crash |
libdate-holidays-de-perl | Mark International Childrens Day (Sep 20th) as a holiday in Thuringia from 2019 onwards |
libdatetime-timezone-perl | Update included data |
libofx | Fix null pointer dereference issue [CVE-2019-9656] |
libreoffice | Fix the postgresql driver with PostgreSQL 12 |
libsixel | Fix several security issues [CVE-2018-19756 CVE-2018-19757 CVE-2018-19759 CVE-2018-19761 CVE-2018-19762 CVE-2018-19763 CVE-2019-3573 CVE-2019-3574] |
libxslt | Fix dangling pointer in xsltCopyText [CVE-2019-18197] |
lucene-solr | Disable obsolete call to ContextHandler in solr-jetty9.xml; fix Jetty permissions on SOLR index |
mariadb-10.3 | 新上游穩定釋出版本 |
modsecurity-crs | Fix PHP script upload rules [CVE-2019-13464] |
mutter | 新上游穩定釋出版本 |
ncurses | Fix several security issues [CVE-2019-17594 CVE-2019-17595] and other issues in tic |
ndppd | Avoid world writable PID file, that was breaking daemon init scripts |
network-manager | Fix file permissions for /var/lib/NetworkManager/secret_keyand /var/lib/NetworkManager |
node-fstream | Fix arbitrary file overwrite issue [CVE-2019-13173] |
node-set-value | Fix prototype pollution [CVE-2019-10747] |
node-yarnpkg | Force using HTTPS for regular registries |
nx-libs | Fix regressions introduced in previous upload, affecting x2go |
open-vm-tools | Fix memory leaks and error handling |
openvswitch | Update debian/ifupdown.sh to allow setting-up the MTU; fix Python dependencies to use Python 3 |
picard | Update translations to fix crash with Spanish locale |
plasma-applet-redshift-control | Fix manual mode when used with redshift versions above 1.12 |
postfix | 新上游穩定釋出版本; work around poor TCP loopback performance |
python-cryptography | Fix test suite failures when built against newer OpenSSL versions; fix a memory leak triggerable when parsing x509 certificate extensions like AIA |
python-flask-rdf | Add Depends on python{3,}-rdflib |
python-oslo.messaging | 新上游穩定釋出版本; fix switch connection destination when a rabbitmq cluster node disappears |
python-werkzeug | Ensure Docker containers have unique debugger PINs [CVE-2019-14806] |
python2.7 | Fix several security issues [CVE-2018-20852 CVE-2019-10160 CVE-2019-16056 CVE-2019-16935 CVE-2019-9740 CVE-2019-9947] |
quota | Fix rpc.rquotad spinning at 100% CPU |
rpcbind | Allow remote calls to be enabled at run-time |
shelldap | Repair SASL authentications, add a 'sasluser' option |
sogo | Fix display of PGP-signed e-mails |
spf-engine | 新上游穩定釋出版本; fix sysvinit support |
standardskriver | Fix deprecation warning from config.RawConfigParser; use external ipcommand rather than deprecated ifconfigcommand |
swi-prolog | Use HTTPS when contacting upstream pack servers |
systemd | core: never propagate reload failure to service result; fix sync_file_range failures in nspawn containers on arm, ppc; fix RootDirectory not working when used in combination with User; ensure that access controls on systemd-resolved's D-Bus interface are enforced correctly [CVE-2019-15718]; fix StopWhenUnneeded=true for mount units; make MountFlags=shared work again |
tmpreaper | Prevent breaking of systemd services that use PrivateTmp=true |
trapperkeeper-webserver-jetty9-clojure | Restore SSL compatibility with newer Jetty versions |
tzdata | 新上游發行版本 |
ublock-origin | 新上游版本,與 Firefox ESR68 兼容 |
uim | Resurrect libuim-data as a transitional package, fixing some issues after upgrades to buster |
vanguards | 新上游穩定釋出版本; prevent a reload of tor's configuration via SIGHUP causing a denial-of-service for vanguards protections |
安全更新
此修訂版本將以下安全更新添加到了穩定發行版本中。安全團隊已經分別為這些更新發布了通告:
刪除的套件
由於我們無法控制的情況,以下套件已被刪除:
套件 | 原因 |
---|---|
firefox-esr | [armel] 由於 nodejs 構建依賴的緣故不再受支持 |
Debian 安裝器
安裝器已經更新,以配合發佈時包含在穩定版本中的修正內容。
鏈接
此修訂版本中有更改的套件的完整列表:
當前穩定發行版:
擬議的穩定發行版更新:
穩定發行版信息(發行說明,勘誤等):
安全公告及信息:
關於 Debian
Debian 項目是一個自由軟體開發者組織,這些志願者為製作完全自由免費的 Debian 作業系統而自願貢獻時間和精力。
聯繫信息
更多信息,請訪問 Debian 主頁 https://www.debian.org/、發送郵件至 <press@debian.org> ,或聯繫穩定版本發佈團隊 <debian-release@lists.debian.org>。