Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Upcoming Debian 9 Update (9.6)

Here you can discuss every aspect of Debian. Note: not for support requests!
Post Reply
Message
Author
User avatar
None1975
df -h | participant
df -h | participant
Posts: 1388
Joined: 2015-11-29 18:23
Location: Russia, Kaliningrad
Has thanked: 45 times
Been thanked: 65 times

Upcoming Debian 9 Update (9.6)

#1 Post by None1975 »

Acording Debian Stable Updates Announcement SUA 151-1 an update to Debian 9 is scheduled for Saturday, November 10th, 2018. As of now it will include the following bug fixes. They can be found in "stretch-proposed-updates", which is carried by all official mirrors.
Please note that packages published through security.debian.org are not listed, but will be included if possible. Some of the updates below are also already available through "stretch-updates".
Testing and feedback would be appreciated. Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of them
by copying "debian-release@lists.debian.org" on your mails. The point release will also include a rebuild of debian-installer.
OS: Debian 12.4 Bookworm / DE: Enlightenment
Debian Wiki | DontBreakDebian, My config files on github

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Upcoming Debian 9 Update (9.6)

#2 Post by bw123 »

None1975 wrote:... As of now it will include the following bug fixes.
...
Okay, I didn't see any following bug fixes is this a prank? I think you should test it first on Sat November 10th, 2018 and I'll snag it on or after the following Sat November 17th, 2018 after reading the forum a few days. Thanks!

hint: automatic-upgrades beta test?
resigned by AI ChatGPT

Innovate
Posts: 188
Joined: 2015-12-27 01:28

Re: Upcoming Debian 9 Update (9.6)

#3 Post by Innovate »

Hope the kernel next release won't freeze the nestopia
screen like google earth enterprise again. Default one is black
Last time it was bad build than 9.4

User avatar
fred44nl
Posts: 215
Joined: 2018-07-14 08:54
Has thanked: 1 time

Re: Upcoming Debian 9 Update (9.6)

#4 Post by fred44nl »

is there a list of the packages that will be updated ??
Debian 10 - Buster on Compulab Fitlet2
Debian 12 - Bookworm on Acer Spin 1

User avatar
None1975
df -h | participant
df -h | participant
Posts: 1388
Joined: 2015-11-29 18:23
Location: Russia, Kaliningrad
Has thanked: 45 times
Been thanked: 65 times

Re: Upcoming Debian 9 Update (9.6)

#5 Post by None1975 »

bw123 wrote:Okay, I didn't see any following bug fixes is this a prank?
No.It is not.
bw123 wrote:Okay, I didn't see any following bug fixes is this a prank?
Did you subscribe to debian-stable-announce@lists.debian.org? If not, here list (it is long)

Code: Select all

Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

  Package Reason
  ------- ------

  accerciser Fix accessing items without a compositor; fix
                             Python console; add missing dependency on
                             python3-xlib

  apache2 mod_http2: Fix DoS by worker exhaustion
                             [CVE-2018-1333] and by continuous SETTINGS
                             [CVE-2018-11763]; mod_proxy_fcgi: Fix segfault

  base-files Update /etc/debian_version for the point
                             release

  brltty Fix polkit authentication

  canna Fix file conflict between canna-dbgsym and
                             canna-utils-dbgsym

  cargo New package to support Firefox ESR60 build

  clamav New upstream release; fix HWP integer overflow,
                             infinite loop vulnerability [CVE-2018-0360];
                             fix PDF object length check issue, unreasonably
                             long time to parse relatively small file
                             [CVE-2018-0361]; new upstream version; fix
                             Denial-of-Service issue [CVE-2018-15378]; fix
                             infinite loop in dpkg-reconfigure

  confuse Fix an out of bound read in trim_whitespace
                             [CVE-2018-14447]

  dnsmasq Trust-anchors.conf: include latest DNS trust
                             anchor KSK-2017

  dom4j Fix XML injection attack [CVE-2018-1000632];
                             compile with source/target 1.5 to fix a
                             compilation issue with String.format

  dpdk New upstream stable release

  dropbear Fix user enumeration vulnerability
                             [CVE-2018-15599]

  easytag Fix OGG corruption

  enigmail Add compatibility with newer Thunderbird
                             versions

  espeakup espeakup.service: Automatically load
                             speakup_soft on daemon startup

  fastforward Fix segfaults on 64-bit architectures

  firetray Add compatibility with newer Thunderbird
                             versions

  firmware-nonfree Fix security issues in Broadcom wifi firmware
                             [CVE-2016-0801 CVE-2017-0561 CVE-2017-9417
                             CVE-2017-13077 CVE-2017-13078 CVE-2017-13079
                             CVE-2017-13080 CVE-2017-13081]; re-add
                             transitional packages for firmware-{adi,ralink}

  fofix-dfsg Fix error at startup

  fuse Whitelist autofs and FAT as valid mountpoint
                             filesystems

  ganeti Properly verify SSL certificates during VM
                             export; sign generated certificates using
                             SHA256 instead of SHA1; make bash completions
                             autoloadable

  globus-gsi-credential Fix issue with voms proxy and openssl 1.1

  gnupg2 Security fixes; backport functionality required
                             for new enigmail

  gnutls28 Fix security issues [CVE-2018-10844
                             CVE-2018-10845]

  gphoto2-cffi Make python3-gphoto2cffi work again

  grub2 grub-mknetdir: Add support for ARM64 EFI;
                             change the default TSC calibration method to
                             pmtimer on EFI systems

  hdparm Only enable APM on disks that advertise it

  https-everywhere Backport new upstream version, for
                             compatibility with Firefox ESR 60

  i3-wm Fix crash upon restart when using marks

  iipimage Fix Apache configuration

  jhead Fix security issues [CVE-2018-17088
                             CVE-2018-16554]

  lastpass-cli Backport hardcoded certificate pins from
                             lastpass-cli 1.3.1 to reflect changes in hosted
                             Lastpass.com service

  ldap2zone Fix endless loop checking zone serial

  libcgroup Fix world-accessible (and writeable) log files
                             [CVE-2018-14348]

  libclamunrar New upstream release

  libdap Fix libdap-doc contents

  libdatetime-timezone-perl Update included data

  libgd2 Bmp: check return value in gdImageBmpPtr
                             [CVE-2018-1000222]; fix potential infinite loop
                             in gdImageCreateFromGifCtx [CVE-2018-5711]

  libmail-deliverystatus- Remove non-distributable sample spam and
  bounceparser-perl viruses

  libmspack Fix out-of-bounds write [CVE-2018-18584] and
                             acceptance of "blank" filenames
                             [CVE-2018-18585]

  libopenmpt Fix "up11: Out-of-bounds read loading IT / MO3
                             files with many pattern loops" [CVE-2018-10017]

  libseccomp Add support for Linux 4.9 syscalls: preadv2,
                             pwritev2, pkey_mprotect, pkey_alloc and
                             pkey_free; add support for statx

  libtirpc rendezvous_request: check the makefd_xprt
                             return value [CVE-2018-14622]

  libx11 Fix several security isses [CVE-2018-14598
                             CVE-2018-14599 CVE-2018-14600]

  libxcursor Fix a denial of service or potentially code
                             execution via a one-byte heap overflow
                             [CVE-2015-9262]

  libxml-stream-perl Provide a default CA path

  libxml-structured-perl Add missing build and runtime dependency on
                             libxml-parser-perl

  linux Xen: Fix boot regression in PV domains; xen-
                             netfront: Fix regressions; ext4: fix false
                             negatives *and* false positives in
                             ext4_check_descriptors(); udeb: Add
                             virtio_console to virtio-modules; cdc_ncm:
                             avoid padding beyond end of skb; revert "sit:
                             reload iphdr in ipip6_rcv"; new upstream
                             release

  lxcfs Revert uptime virtualization, fixing process
                             start times

  magicmaze Depend on fonts-isabella now that ttf-isabella
                             is a virtual package

  mailman Fix arbitrary text injection vulnerability in
                             Mailman CGIs [CVE-2018-13796]

  multipath-tools Avoid deadlock in udev triggers

  nagstamon Address IcingaWeb2 Basic auth issue

  network-manager libnm: Fix accessing enabled and metered
                             properties; fix out-of-bounds heap write in
                             dhcpv6 option handling [CVE-2018-15688] and
                             various other issues in the sd-network based
                             dhcp=internal plugin

  network-manager-applet libnma/pygobject: libnma/NMA must use libnm/NM
                             instead of legacy libraries

  ola Fix typo in /etc/init.d/rdm_test_server; fix
                             filename for jquery in rdm test server static
                             HTML files

  opensc Fix unbounded recursion and several out-of-
                             bounds reads or writes [CVE-2018-16391
                             CVE-2018-16392 CVE-2018-16393 CVE-2018-16418
                             CVE-2018-16419 CVE-2018-16420 CVE-2018-16421
                             CVE-2018-16422 CVE-2018-16423 CVE-2018-16424
                             CVE-2018-16425 CVE-2018-16426 CVE-2018-16427]

  pkgsel Install new dependencies when safe-upgrade
                             (default) is selected

  postgrey Create /var/run/postgrey if it does not exist

  publicsuffix Update included data

  python-django Default to supporting Spatialite >= 4.2

  python-imaplib2 Install the correct module for Python 3; don't
                             use TIMEOUT_MAX

  rustc Enable building on further architectures:
                             arm64, armel, armhf, i386, ppc64el, s390x

  sddm Honour PAM's ambient supplemental groups; add
                             missing utmp/wtmp/btmp handling

  serf Fix NULL pointer dereference

  soundconverter Fix opus vbr setting

  spamassassin New upstream release; fix denial of service
                             [CVE-2017-15705], remote code execution
                             [CVE-2018-11780], code injection
                             [CVE-2018-11781] and unsafe usage of "." in
                             @INC [CVE-2016-1238]; fix spamd service
                             management on package upgrades

  spice-gtk Fix flexible array buffer overflow
                             [CVE-2018-10873]

  sqlcipher Avoid a crash when opening a file

  subversion Fix a regression introduced in the fixes for
                             SHA1 collisions, where commits would
                             incorrectly fail with a "Filesystem is corrupt"
                             error if the delta length is a multiple of 16K

  systemd Networkd: Do not fail manager_connect_bus() if
                             dbus is not active yet; dhcp6: Make sure we
                             have enough space for the DHCP6 option header
                             [CVE-2018-15688]

  systraq Invert logic in order to exit successfully in
                             case /e/s/Makefile is missing

  tomcat-native Fix OSCP responder issue that made it possible
                             for users to authenticate with revoked
                             certificates when using mutual TLS
                             [CVE-2018-8019 CVE-2018-8020]

  tor Directory authority changes: retire "Bifroest"
                             bridge authority, in favour of "Serge"; add an
                             IPv6 address for the "dannenberg" directory
                             authority

  tzdata New upstream release

  ublock-origin Backport new upstream version, for
                             compatibility with Firefox ESR 60

  unbound Fix vulnerability in the processing of wildcard
                             synthesized NSEC records [CVE-2017-15105]

  vagrant Support VirtualBox 5.2

  vmtk Python-vmtk: Add the missing dependency on
                             python-vtk6

  wesnoth-1.12 Disallow loading lua bytecode via load/dofile
                             [CVE-2018-1999023]

  wpa Ignore unauthenticated encrypted EAPOL-Key data
                             [CVE-2018-14526]

  x11vnc Fix two buffer overflows

  xapian-core Fix glass backend bug with long-lived cursors
                             on a table in a WritableDatabase which could
                             incorrectly lead to DatabaseCorruptError being
                             thrown when the database was actually OK

  xmotd Avoid crash with hardening flags

  xorg-server GLX: do not pick sRGB config for 32-bit RGBA
                             visual - fixes various blending issues with
                             kwin and Mesa >= 18.0 (i.e. Mesa from stretch-
                             backports)

  zutils Fix a buffer overrun in zcat [CVE-2018-1000637]


A complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:

  <https://release.debian.org/proposed-updates/stable.html>


Removed packages
----------------

The following packages will be removed due to circumstances beyond our
control:

  Package Reason
  ------- ------

  adblock-plus-element- Incompatible with newer firefox-esr versions
  hiding-helper

  all-in-one-sidebar Incompatible with newer firefox-esr versions

  autofill-forms Incompatible with newer firefox-esr versions

  automatic-save-folder Incompatible with newer firefox-esr versions

  classic-theme-restorer Incompatible with newer firefox-esr versions

  colorfultabs Incompatible with newer firefox-esr versions

  custom-tab-width Incompatible with newer firefox-esr versions

  dactyl Incompatible with newer firefox-esr versions

  downthemall Incompatible with newer firefox-esr versions

  dvips-fontdata-n2bk Empty package

  firebug Incompatible with newer firefox-esr versions

  firegestures Incompatible with newer firefox-esr versions

  firexpath Incompatible with newer firefox-esr versions

  flashgot Incompatible with newer firefox-esr versions

  form-history-control Incompatible with newer firefox-esr versions

  foxyproxy Incompatible with newer firefox-esr versions

  gitlab Open security issues, hard to backport fixes

  greasemonkey Incompatible with newer firefox-esr versions

  intel-processor-trace Only useful on Intel architectures
  [s390x]

  itsalltext Incompatible with newer firefox-esr versions

  knot-resolver Security issues

  lightbeam Incompatible with newer firefox-esr versions

  livehttpheaders Incompatible with newer firefox-esr versions

  lyz Incompatible with newer firefox-esr versions

  npapi-vlc Incompatible with newer firefox-esr versions

  nukeimage Incompatible with newer firefox-esr versions

  openinbrowser Incompatible with newer firefox-esr versions

  perspectives-extension Incompatible with newer firefox-esr versions

  pwdhash Incompatible with newer firefox-esr versions

  python-facebook Broken due to upstream changes

  python-tvrage Useless after tvrage.com shutdown

  reloadevery Incompatible with newer firefox-esr versions

  sage-extension Incompatible with newer firefox-esr versions

  scrapbook Incompatible with newer firefox-esr versions

  self-destructing-cookies Incompatible with newer firefox-esr versions

  spdy-indicator Incompatible with newer firefox-esr versions

  status-4-evar Incompatible with newer firefox-esr versions

  stylish Incompatible with newer firefox-esr versions

  tabmixplus Incompatible with newer firefox-esr versions

  tree-style-tab Incompatible with newer firefox-esr versions

  ubiquity-extension Incompatible with newer firefox-esr versions

  uppity Incompatible with newer firefox-esr versions

  useragentswitcher Incompatible with newer firefox-esr versions

  video-without-flash Incompatible with newer firefox-esr versions

  webdeveloper Incompatible with newer firefox-esr versions

  xul-ext-monkeysphere Incompatible with newer firefox-esr versions

OS: Debian 12.4 Bookworm / DE: Enlightenment
Debian Wiki | DontBreakDebian, My config files on github

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Upcoming Debian 9 Update (9.6)

#6 Post by bw123 »

Thanks for the info, I found the announcement the other day on one of the lists. Don't have it handy right now.

I saw that we're getting a webext-ublock-origin backported for firefox, that's good.
resigned by AI ChatGPT

User avatar
None1975
df -h | participant
df -h | participant
Posts: 1388
Joined: 2015-11-29 18:23
Location: Russia, Kaliningrad
Has thanked: 45 times
Been thanked: 65 times

Re: Upcoming Debian 9 Update (9.6)

#7 Post by None1975 »

Trouble free update. As usual.
Image
OS: Debian 12.4 Bookworm / DE: Enlightenment
Debian Wiki | DontBreakDebian, My config files on github

User avatar
fred44nl
Posts: 215
Joined: 2018-07-14 08:54
Has thanked: 1 time

Re: Upcoming Debian 9 Update (9.6)

#8 Post by fred44nl »

None1975 wrote:Trouble free update. As usual.
can't agree more :)
Debian 10 - Buster on Compulab Fitlet2
Debian 12 - Bookworm on Acer Spin 1

User avatar
mike acker
Posts: 131
Joined: 2017-06-28 21:23

Re: Upcoming Debian 9 Update (9.6)

#9 Post by mike acker »

fred44nl wrote:
None1975 wrote:Trouble free update. As usual.
can't agree more :)
me too :D
Viva la Resistencia

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Upcoming Debian 9 Update (9.6)

#10 Post by bw123 »

Same here. I did a lot of reading, but in the end the update was very non-eventful, except the webext-ublock-origin plugin I mentioned is like...wow man. I think this will take awhile to figure out. Looks like it may be able to replace noscript also with some effort. The per site script blocker is not available in the stretch ver, https://github.com/gorhill/uBlock/wiki/ ... e-switches
resigned by AI ChatGPT

kevinthefixer
Posts: 190
Joined: 2018-05-05 22:30

Re: Upcoming Debian 9 Update (9.6)

#11 Post by kevinthefixer »

It does seem there's been quite a lot of updates in the year or so I've been using Stretch, but only one has caused any trouble for me (the kernel update that caused slow boots for some). It was inconvenient but not a real problem, and was fixed in a matter of days (five if I recall correctly). I consider that a pretty good track record.

Post Reply