주의: 이 번역은 원문보다 오래되었습니다.
데비안 10 업데이트: 10.7 릴리스
2020년 12월 5일
데비안 프로젝트는 안정 배포판 데비안 10 (코드명 buster
)의 7번째 업데이트를 알리게 되어 기쁩니다.
이 포인트 릴리스는 심각한 문제 조치 및 보안 이슈 수정을 주로 포함합니다.
보안 권고는 이미 개별적으로 알렸으며 가능한 곳에서 참조됩니다.
포인트 릴리스는 데비안 10 새 버전을 만드는 것이 아니며 포함된 일부 패키지만 업데이트함을 주의하세요.
옛 buster
미디어를 버릴 필요 없습니다. 설치 후, 패키지는 최신 데이안 미러에서 현재 버전으로 업그레이드 할 수 있습니다.
security.debian.org의 업데이트를 자주 설치하는 사람은 패키지를 많이 업데이트하지 않아도 되며, 해당 업데이트는 대부분 포인트 릴리스에 들어 있습니다.
새 설치 위치는 정규 위치에 곧 공개될 겁니다.
패키지 관리 시스템이 수많은 데비안 HTTP 미러 중 하나를 가리키게 해서 기존 설치를 이 개정판으로 업그레이드할 수 있습니다. 포괄적인 미러 서버 목록은 아래에 있습니다:
여러가지 버그 수정
이 안정 업데이트는 몇 중요한 수정을 아래 패키지에 추가합니다:
패키지 | 이유 |
---|---|
base-files | Update for the point release |
choose-mirror | Update mirror list |
cups | Fix 'printer-alert' invalid free |
dav4tbsync | New upstream release, compatible with newer Thunderbird versions |
debian-installer | Use 4.19.0-13 Linux kernel ABI; add grub2 to Built-Using |
debian-installer-netboot-images | Rebuild against proposed-updates |
distro-info-data | Add Ubuntu 21.04, Hirsute Hippo |
dpdk | New upstream stable release; fix remote code execution issue [CVE-2020-14374], TOCTOU issues [CVE-2020-14375], buffer overflow [CVE-2020-14376], buffer over read [CVE-2020-14377] and integer underflow [CVE-2020-14377]; fix armhf build with NEON |
eas4tbsync | New upstream release, compatible with newer Thunderbird versions |
edk2 | Fix integer overflow in DxeImageVerificationHandler [CVE-2019-14562] |
efivar | Add support for nvme-fabrics and nvme-subsystem devices; fix uninitialized variable in parse_acpi_root, avoiding possible segfault |
enigmail | Introduce migration assistant to Thunderbird's built-in GPG support |
espeak | Fix using espeak with mbrola-fr4 when mbrola-fr1 is not installed |
fastd | Fix memory leak when receiving too many invalid packets [CVE-2020-27638] |
fish | Ensure TTY options are restored on exit |
freecol | Fix XML External Entity vulnerability [CVE-2018-1000825] |
gajim-omemo | Use 12-byte IV, for better compatibility with iOS clients |
glances | Listen only on localhost by default |
iptables-persistent | Don't force-load kernel modules; improve rule flushing logic |
lacme | Use upstream certificate chain instead of an hardcoded one, easing support for new Let's Encrypt root and intermediate certificates |
libdatetime-timezone-perl | Update included data to tzdata 2020d |
libimobiledevice | Add partial support for iOS 14 |
libjpeg-turbo | Fix denial of service [CVE-2018-1152], buffer over read [CVE-2018-14498], possible remote code execution [CVE-2019-2201], buffer over read [CVE-2020-13790] |
libxml2 | Fix denial of service [CVE-2017-18258], NULL pointer dereference [CVE-2018-14404], infinite loop [CVE-2018-14567], memory leak [CVE-2019-19956 CVE-2019-20388], infinite loop [CVE-2020-7595] |
linux | New upstream stable release |
linux-latest | Update for 4.19.0-13 kernel ABI |
linux-signed-amd64 | New upstream stable release |
linux-signed-arm64 | New upstream stable release |
linux-signed-i386 | New upstream stable release |
lmod | Change architecture to any- required due to LUA_PATH and LUA_CPATH being determined at build time |
mariadb-10.3 | New upstream stable release; security fixes [CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 CVE-2020-28912] |
mutt | Ensure IMAP connection is closed after a connection error [CVE-2020-28896] |
neomutt | Ensure IMAP connection is closed after a connection error [CVE-2020-28896] |
node-object-path | Fix prototype pollution in set() [CVE-2020-15256] |
node-pathval | Fix prototype pollution [CVE-2020-7751] |
okular | Fix code execution via action link [CVE-2020-9359] |
openjdk-11 | New upstream release; fix JVM crash |
partman-auto | Increase /boot sizes in most recipes to between 512 and 768M, to better handle kernel ABI changes and larger initramfses; cap RAM size as used for swap partition calculations, resolving issues on machines with more RAM than disk space |
pcaudiolib | Cap cancellation latency to 10ms |
plinth | Apache: Disable mod_status [CVE-2020-25073] |
puma | Fix HTTP injection and HTTP smuggling issues [CVE-2020-5247 CVE-2020-5249 CVE-2020-11076 CVE-2020-11077] |
ros-ros-comm | Fix integer overflow [CVE-2020-16124] |
ruby2.5 | Fix potential HTTP request smuggling vulnerability in WEBrick [CVE-2020-25613] |
sleuthkit | Fix stack buffer overflow in yaffsfs_istat [CVE-2020-10232] |
sqlite3 | Fix division by zero [CVE-2019-16168], NULL pointer dereference [CVE-2019-19923], mishandling of NULL pathname during an update of a ZIP archive [CVE-2019-19925], mishandling of embedded NULs in filenames [CVE-2019-19959], possible crash (unwinding WITH stack) [CVE-2019-20218], integer overflow [CVE-2020-13434], segmentation fault [CVE-2020-13435], use-after-free issue [CVE-2020-13630], NULL pointer dereference [CVE-2020-13632], heap overflow [CVE-2020-15358] |
systemd | Basic/cap-list: parse/print numerical capabilities; recognise new capabilities from Linux kernel 5.8; networkd: do not generate MAC for bridge device |
tbsync | New upstream release, compatible with newer Thunderbird versions |
tcpdump | Fix untrusted input issue in the PPP printer [CVE-2020-8037] |
tigervnc | Properly store certificate exceptions in native and java VNC viewer [CVE-2020-26117] |
tor | New upstream stable release; multiple security, usability, portability, and reliability fixes |
transmission | Fix memory leak |
tzdata | New upstream release |
ublock-origin | New upstream version; split plugin to browser-specific packages |
vips | Fix use of uninitialised variable [CVE-2020-20739] |
보안 업데이트
이 리비전은 아래 보안 업데이트를 안정 릴리스에 추가합니다. 보안 팀은 각 업데이트의 권고를 이미 릴리스 했습니다:
삭제된 패키지
다음 패키지는 우리 통제 범위를 넘는 환경으로 삭제되었습니다:
패키지 | 이유 |
---|---|
freshplayerplugin | Unsupported by browsers; discontinued upstream |
nostalgy | Incompatible with newer Thunderbird versions |
sieve-extension | Incompatible with newer Thunderbird versions |
데비안 설치관리자
The installer has been updated to include the fixes incorporated into stable by the point release.
URLs
The complete lists of packages that have changed with this revision:
현재 안정 배포:
Proposed updates to the stable distribution:
안정 배포 정보 (release notes, errata etc.):
보안 알림 및 정보:
데비안은
The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian.
연락 정보
For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.