Debian 9.5 – Listo para su descarga

Debian 9.5 – Listo para su descarga.

Como era de esperar Debian a lanzado su nueva actualización de Debian 9 Stretch, debemos decir que este nuevo lanzamiento no trae novedades que debamos considerar como importantes, pero si viene con grandes mejoras en estabilidad y seguridad, incluyendo la solución a la vulnerabilidad a Spectre V2.

Todos los parches de seguridad incluidos en esta nueva versión, ya han sido publicados como parches de seguridad.

Debian 9.5 se lanza con 100 actualizaciones de seguridad y 91 correcciones de errores.

Si ya tienes instalada la anterior versión, tan solo tienes que actualizar tu sistema. Si quieres una instalación limpia te dejo los enlaces a la versión live (probar e instalar), con descargas vía torrent.

 

Lista de corrección de errores en Debian 9.5

Package Reason
2ping Add missing dependency on python-pkg-resources
abiword Resolve binary file conflict between abiword-dbgsym and abiword-plugin-grammar-dbgsym
adminer Don’t allow connections to privileged ports [CVE-2018-7667]
animals Fix incorrect file permissions that made the game unusable
apache2 Upgrade mod_http and mod_proxy_http2 to the versions from 2.4.33, fixing segfaults, high memory usage and potential crash [CVE-2018-1302]; make the apache-htcacheclean init script actually use /etc/default/apache-htcacheclean for its config
auto-complete-el Add upstream fix for emacs25; adjust the emacs dependencies to the emacs versions in stretch; set auto-complete-el.emacsen-compat to silence installation warning
awffull Do not use removed options in /etc/cron.daily/awffull
ax25-tools Avoid segmentation fault at runtime
base-files Update for the point release
blktrace Fix buffer overflow in btt [CVE-2018-10689]
ca-certificates Update Mozilla CA bundle to version 2.22; bug fixes
camo Add missing dependency on openssl
cffi Add missing files for cffi-libffi and cffi-toolchain; add several missing dependencies
check-postgres Update testsuite to handle pg_get_indexdef() now always including the schema name
clamav New upstream version; don’t fail on recently removed config options
clustershell Add missing dependency on python-pkg-resources
debian-installer Update for -7 kernel ABI
debian-installer-netboot-images Rebuild for the point release
debian-security-support Update included data
dehydrated Fix failure to create fullchain.pem
devscripts uscan: fix the new package version regex for filenamemangle; debsign: fix bash completion; bts: support the new ftbfs tag; uscan: support HTTPS in the sf.net redirector; debcheckout: support salsa.debian.org; debdiff: sort shlibs files before comparing, reducing diff noise; uscan: actually support –copy
disc-cover Fix perl error when running disc-cover
discover Use correct type for the length parameter of the getline() call
django-xmlrpc Fix python3 dependencies
dosbox Fix crashes with core=dynamic
dpdk New upstream stable update
dpkg Fix integer overflow in deb(5) format version parser; fix directory traversal with dpkg-deb –raw-extract; add support for riscv64 CPU; do not normalize args past a passthrough stop word in Dpkg::Getopt; parse start-stop-daemon usernames and groupnames starting with digits correctly; always use the binary version for the .buildinfo filename
dput-ng Add jessie-backports-sloppy and stretch-backports targets; include ‘testing’ in the rm-managed suites and ‘oldstable’ in protected distributions; add ports-master profile; FTP: parse and use optional [:port] part for fqdn
elastix Rebuild with ITK that has been built with gcc 6
email2trac Fix detection of Trac 1.2
faad2 Fix several DoS issues via crafted MP4 files [CVE-2017-9218 CVE-2017-9219 CVE-2017-9220 CVE-2017-9221 CVE-2017-9222 CVE-2017-9223 CVE-2017-9253 CVE-2017-9254 CVE-2017-9255 CVE-2017-9256 CVE-2017-9257]
faker Add missing dependency on python-ipaddress
fastkml Add missing dependency on pkg-resources
file Avoid reading past the end of buffer [CVE-2018-10360]
freedink-dfarc Fix directory traversal in D-Mod extractor [CVE-2018-0496]
ganeti Properly verify SSL certificates during VM export
ghostscript Fix segfault with fuzzing file in gxht_thresh_image_init(); fix buffer overflow in fill_threshold_buffer [CVE-2016-10317]; pdfwrite – Guard against trying to output an infinite number [CVE-2018-10194]
git-annex Security fixes [CVE-2018-10857 CVE-2018-10859]
glx-alternatives New upstream version
gridengine Use correct paths to qmon pixmaps; fix FTBFS on armhf
intel-microcode Update included microcode, including fixes for Spectre v2 [CVE-2017-5715]
jdresolve Fix incompatibility with libnet-dns-perl in Debian 8 and later
libb64 Rebuild with PIE
libdate-holidays-de-perl Mark Reformation Day as a holiday in Niedersachsen and Bremen
libdatetime-timezone-perl Update included data
libextractor Various security fixes [CVE-2017-15266 CVE-2017-15267 CVE-2017-15600 CVE-2017-15601 CVE-2017-15602 CVE-2017-15922 CVE-2017-17440]
libipc-run-perl Fix memory leak
liblouis Fix buffer overflow [CVE-2018-11410]; fix several buffer overflows [CVE-2018-11440 CVE-2018-11577 CVE-2018-11683 CVE-2018-11684 CVE-2018-11685 2018-12085]
libosmium Output coordinate with value of -2^31 correctly; fix buffers larger than 2^32 bytes
linux New upstream stable release 4.9.110
linux-latest Update to -7 kernel ABI
llvm-toolchain-4.0 New package for rust backports; fix build on s390x
local-apt-repository Stop breaking apt when the package is removed but not purged
loook Fix handling of password protected files
miniupnpd Fix DoS [CVE-2017-1000494]
nss-pam-ldapd Increase size of hostname buffer
nvidia-graphics-drivers New upstream version
obfsproxy Don’t install the broken AppArmor profile
openldap Fix an out-of-sync issue with delta-syncrepl replication in multi-master environments; really fix upgrades when the config contains backslash-escaped special characters
openstack-debian-images Set CloudStack after OpenStack in the datasource_list, to avoid a 120s delay in cloud-init when booting a machine in an OpenStack cloud
patch Fix arbitrary command execution in ed-style patches [CVE-2018-1000156]
piglit Fix missing dependency on python-mako
postgresql-9.6 New upstream release
postgresql-common Prevent upgrading/removing server packages from stopping other major version clusters when running systemd
psad Add missing dependencies on net-tools and iproute2
pysurfer Add missing dependency on python-matplotlib
python-cluster Add missing dependency on pkg-resources
python-pyorick Fix import failure by adding missing dependency on python3-numpy
python-scruffy Add missing dependencies on pkg-resources
r-cran-mi Add missing dependency on r-cran-arm
redis Correct RunTimeDirectory -> RuntimeDirectory typo in systemd .service files
reportbug Notify the security team or LTS team about a possible regression if reporting a bug against a package containing a security fix
rustc New upstream release to support Firefox ESR
salt Fix salt-ssh minion copied over configuration from the Salt Master without adjusting permissions [CVE-2017-8109]
shared-mime-info Switch dpkg trigger to noawait, fixing upgrade issues from jessie
showq Fix prefix, so application actually works
source-highlight Fix dependency on libboost-regex-dev
starplot Fix startup crash
subversion Reject commits which would introduce hash collisions with existing data, thus addressing the SHA1/shattered issue
sus Update to new version, technically identical to SUSv4 + TC1 + TC2
systemd networkd-ndisc: Handle missing MTU gracefully; allow RemoveIPC= to be set in the unit file not only via D-Bus; nspawn: Add missing -E to getopt_long’; login: Respect –no-wall when cancelling a shutdown request
tclreadline Fix shared library build on ppc64el
thefuck Add missing dependency on pkg-resources
tinyproxy Do not stop listening after SIGHUP; fix configuration file path; add missing dependency on adduser
tlslite-ng Verify MAC even if the padding is 1 byte long
tzdata New upstream release
unison Rebuild with stretch’s ocaml
variety Fix shell injection on deleting files to trash; fix shell injection in filter and clock with specially crafted filenames; harden ImageMagick calls against potential shell injection
xapian-core Fix MSet::snippet() to escape HTML in all cases [CVE-2018-499]
xerces-c Fix Denial of Service via external DTD reference [CVE-2017-12627]; fix a regression that forced gcc to use SSE2, even on platforms that do not support it
xrdp Fix off-by-one error which could lead to crashes

 

Lista de actualizaciones de seguridad en Debian 9.5

Advisory ID Package
DSA-4010 git-annex
DSA-4064 chromium-browser
DSA-4113 libvorbis
DSA-4133 isc-dhcp
DSA-4134 util-linux
DSA-4135 samba
DSA-4136 curl
DSA-4137 libvirt
DSA-4138 mbedtls
DSA-4139 firefox-esr
DSA-4140 libvorbis
DSA-4141 libvorbisidec
DSA-4142 uwsgi
DSA-4143 firefox-esr
DSA-4144 openjdk-8
DSA-4145 gitlab
DSA-4146 plexus-utils
DSA-4148 kamailio
DSA-4150 icu
DSA-4151 librelp
DSA-4152 mupdf
DSA-4153 firefox-esr
DSA-4155 thunderbird
DSA-4156 drupal7
DSA-4157 openssl
DSA-4158 openssl1.0
DSA-4159 remctl
DSA-4160 libevt
DSA-4161 python-django
DSA-4162 irssi
DSA-4163 beep
DSA-4164 apache2
DSA-4165 ldap-account-manager
DSA-4167 sharutils
DSA-4169 pcs
DSA-4170 pjproject
DSA-4171 ruby-loofah
DSA-4172 perl
DSA-4173 r-cran-readxl
DSA-4174 corosync
DSA-4175 freeplane
DSA-4177 libsdl2-image
DSA-4178 libreoffice
DSA-4180 drupal7
DSA-4181 roundcube
DSA-4183 tor
DSA-4184 sdl-image1.2
DSA-4185 openjdk-8
DSA-4188 linux
DSA-4189 quassel
DSA-4190 jackson-databind
DSA-4191 redmine
DSA-4192 libmad
DSA-4193 wordpress
DSA-4194 lucene-solr
DSA-4195 wget
DSA-4196 linux
DSA-4197 wavpack
DSA-4198 prosody
DSA-4199 firefox-esr
DSA-4200 kwallet-pam
DSA-4201 xen
DSA-4202 curl
DSA-4203 vlc
DSA-4203 phonon-backend-vlc
DSA-4203 goldencheetah
DSA-4206 gitlab
DSA-4206 ruby-omniauth-auth0
DSA-4207 packagekit
DSA-4208 procps
DSA-4209 thunderbird
DSA-4210 xen
DSA-4211 xdg-utils
DSA-4212 git
DSA-4213 qemu
DSA-4214 zookeeper
DSA-4215 batik
DSA-4216 prosody
DSA-4217 wireshark
DSA-4218 memcached
DSA-4219 jruby
DSA-4220 firefox-esr
DSA-4221 libvncserver
DSA-4222 gnupg2
DSA-4223 gnupg1
DSA-4226 perl
DSA-4227 plexus-archiver
DSA-4228 spip
DSA-4229 strongswan
DSA-4230 redis
DSA-4231 libgcrypt20
DSA-4232 xen
DSA-4233 bouncycastle
DSA-4234 lava-server
DSA-4235 firefox-esr
DSA-4236 xen
DSA-4238 exiv2
DSA-4239 gosa
DSA-4240 php7.0
DSA-4241 libsoup2.4

 

Paquetes eliminados en Debian 9.5

Package Reason
libnet-whois-perl Broken
mlbviewer No longer works due to content provider changes
python-uniconvertor Unusable; requires unpackaged dependency
singularity-container Not security supportable
undertow Unsupportable; several security issues; alternatives exist
visionegg Unusable; requires no longer available numpy.oldnumeric

 

Debian 9.5 – Listo para su descarga
4.8 (95%) 4 Votos

4 Comentarios

  1. profetecnico
    16/07/2018
    • sololinux
      16/07/2018

Agregar comentario