Debian 9.5 – Listo para su descarga

Debian 9.5 – Listo para su descarga.

Como era de esperar Debian a lanzado su nueva actualización de Debian 9 Stretch, debemos decir que este nuevo lanzamiento no trae novedades que debamos considerar como importantes, pero si viene con grandes mejoras en estabilidad y seguridad, incluyendo la solución a la vulnerabilidad a Spectre V2.

Todos los parches de seguridad incluidos en esta nueva versión, ya han sido publicados como parches de seguridad.

Debian 9.5 se lanza con 100 actualizaciones de seguridad y 91 correcciones de errores.

Si ya tienes instalada la anterior versión, tan solo tienes que actualizar tu sistema. Si quieres una instalación limpia te dejo los enlaces a la versión live (probar e instalar), con descargas vía torrent.

 

Lista de corrección de errores en Debian 9.5

PackageReason
2pingAdd missing dependency on python-pkg-resources
abiwordResolve binary file conflict between abiword-dbgsym and abiword-plugin-grammar-dbgsym
adminerDon’t allow connections to privileged ports [CVE-2018-7667]
animalsFix incorrect file permissions that made the game unusable
apache2Upgrade mod_http and mod_proxy_http2 to the versions from 2.4.33, fixing segfaults, high memory usage and potential crash [CVE-2018-1302]; make the apache-htcacheclean init script actually use /etc/default/apache-htcacheclean for its config
auto-complete-elAdd upstream fix for emacs25; adjust the emacs dependencies to the emacs versions in stretch; set auto-complete-el.emacsen-compat to silence installation warning
awffullDo not use removed options in /etc/cron.daily/awffull
ax25-toolsAvoid segmentation fault at runtime
base-filesUpdate for the point release
blktraceFix buffer overflow in btt [CVE-2018-10689]
ca-certificatesUpdate Mozilla CA bundle to version 2.22; bug fixes
camoAdd missing dependency on openssl
cffiAdd missing files for cffi-libffi and cffi-toolchain; add several missing dependencies
check-postgresUpdate testsuite to handle pg_get_indexdef() now always including the schema name
clamavNew upstream version; don’t fail on recently removed config options
clustershellAdd missing dependency on python-pkg-resources
debian-installerUpdate for -7 kernel ABI
debian-installer-netboot-imagesRebuild for the point release
debian-security-supportUpdate included data
dehydratedFix failure to create fullchain.pem
devscriptsuscan: fix the new package version regex for filenamemangle; debsign: fix bash completion; bts: support the new ftbfs tag; uscan: support HTTPS in the sf.net redirector; debcheckout: support salsa.debian.org; debdiff: sort shlibs files before comparing, reducing diff noise; uscan: actually support –copy
disc-coverFix perl error when running disc-cover
discoverUse correct type for the length parameter of the getline() call
django-xmlrpcFix python3 dependencies
dosboxFix crashes with core=dynamic
dpdkNew upstream stable update
dpkgFix integer overflow in deb(5) format version parser; fix directory traversal with dpkg-deb –raw-extract; add support for riscv64 CPU; do not normalize args past a passthrough stop word in Dpkg::Getopt; parse start-stop-daemon usernames and groupnames starting with digits correctly; always use the binary version for the .buildinfo filename
dput-ngAdd jessie-backports-sloppy and stretch-backports targets; include ‘testing’ in the rm-managed suites and ‘oldstable’ in protected distributions; add ports-master profile; FTP: parse and use optional [:port] part for fqdn
elastixRebuild with ITK that has been built with gcc 6
email2tracFix detection of Trac 1.2
faad2Fix several DoS issues via crafted MP4 files [CVE-2017-9218 CVE-2017-9219 CVE-2017-9220 CVE-2017-9221 CVE-2017-9222 CVE-2017-9223 CVE-2017-9253 CVE-2017-9254 CVE-2017-9255 CVE-2017-9256 CVE-2017-9257]
fakerAdd missing dependency on python-ipaddress
fastkmlAdd missing dependency on pkg-resources
fileAvoid reading past the end of buffer [CVE-2018-10360]
freedink-dfarcFix directory traversal in D-Mod extractor [CVE-2018-0496]
ganetiProperly verify SSL certificates during VM export
ghostscriptFix segfault with fuzzing file in gxht_thresh_image_init(); fix buffer overflow in fill_threshold_buffer [CVE-2016-10317]; pdfwrite – Guard against trying to output an infinite number [CVE-2018-10194]
git-annexSecurity fixes [CVE-2018-10857 CVE-2018-10859]
glx-alternativesNew upstream version
gridengineUse correct paths to qmon pixmaps; fix FTBFS on armhf
intel-microcodeUpdate included microcode, including fixes for Spectre v2 [CVE-2017-5715]
jdresolveFix incompatibility with libnet-dns-perl in Debian 8 and later
libb64Rebuild with PIE
libdate-holidays-de-perlMark Reformation Day as a holiday in Niedersachsen and Bremen
libdatetime-timezone-perlUpdate included data
libextractorVarious security fixes [CVE-2017-15266 CVE-2017-15267 CVE-2017-15600 CVE-2017-15601 CVE-2017-15602 CVE-2017-15922 CVE-2017-17440]
libipc-run-perlFix memory leak
liblouisFix buffer overflow [CVE-2018-11410]; fix several buffer overflows [CVE-2018-11440 CVE-2018-11577 CVE-2018-11683 CVE-2018-11684 CVE-2018-11685 2018-12085]
libosmiumOutput coordinate with value of -2^31 correctly; fix buffers larger than 2^32 bytes
linuxNew upstream stable release 4.9.110
linux-latestUpdate to -7 kernel ABI
llvm-toolchain-4.0New package for rust backports; fix build on s390x
local-apt-repositoryStop breaking apt when the package is removed but not purged
loookFix handling of password protected files
miniupnpdFix DoS [CVE-2017-1000494]
nss-pam-ldapdIncrease size of hostname buffer
nvidia-graphics-driversNew upstream version
obfsproxyDon’t install the broken AppArmor profile
openldapFix an out-of-sync issue with delta-syncrepl replication in multi-master environments; really fix upgrades when the config contains backslash-escaped special characters
openstack-debian-imagesSet CloudStack after OpenStack in the datasource_list, to avoid a 120s delay in cloud-init when booting a machine in an OpenStack cloud
patchFix arbitrary command execution in ed-style patches [CVE-2018-1000156]
piglitFix missing dependency on python-mako
postgresql-9.6New upstream release
postgresql-commonPrevent upgrading/removing server packages from stopping other major version clusters when running systemd
psadAdd missing dependencies on net-tools and iproute2
pysurferAdd missing dependency on python-matplotlib
python-clusterAdd missing dependency on pkg-resources
python-pyorickFix import failure by adding missing dependency on python3-numpy
python-scruffyAdd missing dependencies on pkg-resources
r-cran-miAdd missing dependency on r-cran-arm
redisCorrect RunTimeDirectory -> RuntimeDirectory typo in systemd .service files
reportbugNotify the security team or LTS team about a possible regression if reporting a bug against a package containing a security fix
rustcNew upstream release to support Firefox ESR
saltFix salt-ssh minion copied over configuration from the Salt Master without adjusting permissions [CVE-2017-8109]
shared-mime-infoSwitch dpkg trigger to noawait, fixing upgrade issues from jessie
showqFix prefix, so application actually works
source-highlightFix dependency on libboost-regex-dev
starplotFix startup crash
subversionReject commits which would introduce hash collisions with existing data, thus addressing the SHA1/shattered issue
susUpdate to new version, technically identical to SUSv4 + TC1 + TC2
systemdnetworkd-ndisc: Handle missing MTU gracefully; allow RemoveIPC= to be set in the unit file not only via D-Bus; nspawn: Add missing -E to getopt_long’; login: Respect –no-wall when cancelling a shutdown request
tclreadlineFix shared library build on ppc64el
thefuckAdd missing dependency on pkg-resources
tinyproxyDo not stop listening after SIGHUP; fix configuration file path; add missing dependency on adduser
tlslite-ngVerify MAC even if the padding is 1 byte long
tzdataNew upstream release
unisonRebuild with stretch’s ocaml
varietyFix shell injection on deleting files to trash; fix shell injection in filter and clock with specially crafted filenames; harden ImageMagick calls against potential shell injection
xapian-coreFix MSet::snippet() to escape HTML in all cases [CVE-2018-499]
xerces-cFix Denial of Service via external DTD reference [CVE-2017-12627]; fix a regression that forced gcc to use SSE2, even on platforms that do not support it
xrdpFix off-by-one error which could lead to crashes

 

Lista de actualizaciones de seguridad en Debian 9.5

Advisory IDPackage
DSA-4010git-annex
DSA-4064chromium-browser
DSA-4113libvorbis
DSA-4133isc-dhcp
DSA-4134util-linux
DSA-4135samba
DSA-4136curl
DSA-4137libvirt
DSA-4138mbedtls
DSA-4139firefox-esr
DSA-4140libvorbis
DSA-4141libvorbisidec
DSA-4142uwsgi
DSA-4143firefox-esr
DSA-4144openjdk-8
DSA-4145gitlab
DSA-4146plexus-utils
DSA-4148kamailio
DSA-4150icu
DSA-4151librelp
DSA-4152mupdf
DSA-4153firefox-esr
DSA-4155thunderbird
DSA-4156drupal7
DSA-4157openssl
DSA-4158openssl1.0
DSA-4159remctl
DSA-4160libevt
DSA-4161python-django
DSA-4162irssi
DSA-4163beep
DSA-4164apache2
DSA-4165ldap-account-manager
DSA-4167sharutils
DSA-4169pcs
DSA-4170pjproject
DSA-4171ruby-loofah
DSA-4172perl
DSA-4173r-cran-readxl
DSA-4174corosync
DSA-4175freeplane
DSA-4177libsdl2-image
DSA-4178libreoffice
DSA-4180drupal7
DSA-4181roundcube
DSA-4183tor
DSA-4184sdl-image1.2
DSA-4185openjdk-8
DSA-4188linux
DSA-4189quassel
DSA-4190jackson-databind
DSA-4191redmine
DSA-4192libmad
DSA-4193wordpress
DSA-4194lucene-solr
DSA-4195wget
DSA-4196linux
DSA-4197wavpack
DSA-4198prosody
DSA-4199firefox-esr
DSA-4200kwallet-pam
DSA-4201xen
DSA-4202curl
DSA-4203vlc
DSA-4203phonon-backend-vlc
DSA-4203goldencheetah
DSA-4206gitlab
DSA-4206ruby-omniauth-auth0
DSA-4207packagekit
DSA-4208procps
DSA-4209thunderbird
DSA-4210xen
DSA-4211xdg-utils
DSA-4212git
DSA-4213qemu
DSA-4214zookeeper
DSA-4215batik
DSA-4216prosody
DSA-4217wireshark
DSA-4218memcached
DSA-4219jruby
DSA-4220firefox-esr
DSA-4221libvncserver
DSA-4222gnupg2
DSA-4223gnupg1
DSA-4226perl
DSA-4227plexus-archiver
DSA-4228spip
DSA-4229strongswan
DSA-4230redis
DSA-4231libgcrypt20
DSA-4232xen
DSA-4233bouncycastle
DSA-4234lava-server
DSA-4235firefox-esr
DSA-4236xen
DSA-4238exiv2
DSA-4239gosa
DSA-4240php7.0
DSA-4241libsoup2.4

 

Paquetes eliminados en Debian 9.5

PackageReason
libnet-whois-perlBroken
mlbviewerNo longer works due to content provider changes
python-uniconvertorUnusable; requires unpackaged dependency
singularity-containerNot security supportable
undertowUnsupportable; several security issues; alternatives exist
visioneggUnusable; requires no longer available numpy.oldnumeric

 

Debian 9.5 – Listo para su descarga
4.8 (95%) 4 Votos

4 Comentarios

  1. profetecnico
    16/07/2018
    • sololinux
      16/07/2018

Agregar comentario