Debian 11: 11.4 released

News and announcements regarding Debian. Not for support questions.
Post Reply
Message
Author
User avatar
donald
Debian Developer, Site Admin
Debian Developer, Site Admin
Posts: 317
Joined: 2021-03-30 20:08
Has thanked: 47 times
Been thanked: 53 times

Debian 11: 11.4 released

#1 Post by donald »

Code: Select all

------------------------------------------------------------------------
The Debian Project                               https://www.debian.org/
Updated Debian 11: 11.4 released                        press@debian.org
July 9th, 2022                 https://www.debian.org/News/2022/20220709
------------------------------------------------------------------------


The Debian project is pleased to announce the fourth update of its
stable distribution Debian 11 (codename "bullseye"). This point release
mainly adds corrections for security issues, along with a few
adjustments for serious problems. Security advisories have already been
published separately and are referenced where available.

Please note that the point release does not constitute a new version of
Debian 11 but only updates some of the packages included. There is no
need to throw away old "bullseye" media. After installation, packages
can be upgraded to the current versions using an up-to-date Debian
mirror.

Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.

New installation images will be available soon at the regular locations.

Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:

https://www.debian.org/mirror/list



Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

+---------------------------+-----------------------------------------+
| Package                   | Reason                                  |
+---------------------------+-----------------------------------------+
| apache2 [1]               | New upstream stable release; fix HTTP   |
|                           | request smuggling issue [CVE-2022-      |
|                           | 26377], out-of-bounds read issues       |
|                           | [CVE-2022-28330 CVE-2022-28614          |
|                           | CVE-2022-28615], denial of service      |
|                           | issues [CVE-2022-29404 CVE-2022-30522], |
|                           | possible out-of-bounds read issue       |
|                           | [CVE-2022-30556], possible IP-based     |
|                           | authentication bypass issue [CVE-2022-  |
|                           | 31813]                                  |
|                           |                                         |
| base-files [2]            | Update /etc/debian_version for the 11.4 |
|                           | point release                           |
|                           |                                         |
| bash [3]                  | Fix 1-byte buffer overflow read,        |
|                           | causing corrupted multibyte characters  |
|                           | in command substitutions                |
|                           |                                         |
| clamav [4]                | New upstream stable release; security   |
|                           | fixes [CVE-2022-20770 CVE-2022-20771    |
|                           | CVE-2022-20785 CVE-2022-20792 CVE-2022- |
|                           | 20796]                                  |
|                           |                                         |
| clementine [5]            | Add missing dependency on libqt5sql5-   |
|                           | sqlite                                  |
|                           |                                         |
| composer [6]              | Fix code injection issue [CVE-2022-     |
|                           | 24828]; update GitHub token pattern     |
|                           |                                         |
| cyrus-imapd [7]           | Ensure that all mailboxes have a        |
|                           | "uniqueid"  field, fixing upgrades to   |
|                           | version 3.6                             |
|                           |                                         |
| dbus-broker [8]           | Fix buffer overflow issue [CVE-2022-    |
|                           | 31212]                                  |
|                           |                                         |
| debian-edu-config [9]     | Accept mail from the local network sent |
|                           | to root@<mynetwork-names>; only create  |
|                           | Kerberos host and service principals if |
|                           | they don't yet exist; ensure libsss-    |
|                           | sudo is installed on Roaming            |
|                           | Workstations; fix naming and visibility |
|                           | of print queues; support krb5i on       |
|                           | Diskless Workstations; squid: prefer    |
|                           | DNSv4 lookups over DNSv6                |
|                           |                                         |
| debian-installer [10]     | Rebuild against proposed-updates;       |
|                           | increase Linux kernel ABI to 16;        |
|                           | reinstate some armel netboot targets    |
|                           | (openrd)                                |
|                           |                                         |
| debian-installer-netboot- | Rebuild against proposed-updates;       |
| images [11]               | increase Linux kernel ABI to 16;        |
|                           | reinstate some armel netboot targets    |
|                           | (openrd)                                |
|                           |                                         |
| distro-info-data [12]     | Add Ubuntu 22.10, Kinetic Kudu          |
|                           |                                         |
| docker.io [13]            | Order docker.service after              |
|                           | containerd.service to fix shutdown of   |
|                           | containers; explicitly pass the         |
|                           | containerd socket path to dockerd to    |
|                           | make sure it doesn't start containerd   |
|                           | on its own                              |
|                           |                                         |
| dpkg [14]                 | dpkg-deb: Fix unexpected end of file    |
|                           | conditions on .deb extract; libdpkg: Do |
|                           | not restrict source:* virtual fields to |
|                           | installed packages;                     |
|                           | Dpkg::Source::Package::V2: Always fix   |
|                           | the permissions for upstream tarballs   |
|                           | (regression from DSA-5147-1]            |
|                           |                                         |
| freetype [15]             | Fix buffer overflow issue [CVE-2022-    |
|                           | 27404]; fix crashes [CVE-2022-27405     |
|                           | CVE-2022-27406]                         |
|                           |                                         |
| fribidi [16]              | Fix buffer overflow issues [CVE-2022-   |
|                           | 25308 CVE-2022-25309]; fix crash        |
|                           | [CVE-2022-25310]                        |
|                           |                                         |
| ganeti [17]               | New upstream release; fix several       |
|                           | upgrade issues; fix live migration with |
|                           | QEMU 4 and  "security_model"  of        |
|                           | "user"  or  "pool"                      |
|                           |                                         |
| geeqie [18]               | Fix Ctrl click inside of a block        |
|                           | selection                               |
|                           |                                         |
| gnutls28 [19]             | Fix SSSE3 SHA384 miscalculation; fix    |
|                           | null pointer deference issue [CVE-2021- |
|                           | 4209]                                   |
|                           |                                         |
| golang-github-            | Fix null pointer dereference caused by  |
| russellhaering-           | crafted XML signatures [CVE-2020-7711]  |
| goxmldsig [20]            |                                         |
|                           |                                         |
| grunt [21]                | Fix path traversal issue [CVE-2022-     |
|                           | 0436]                                   |
|                           |                                         |
| hdmi2usb-mode-switch [22] | udev: Add a suffix to /dev/video device |
|                           | nodes to disambiguate them; move udev   |
|                           | rules to priority 70, to come after 60- |
|                           | persistent-v4l.rules                    |
|                           |                                         |
| hexchat [23]              | Add missing dependency on python3-cffi- |
|                           | backend                                 |
|                           |                                         |
| htmldoc [24]              | Fix infinite loop [CVE-2022-24191],     |
|                           | integer overflow issues [CVE-2022-      |
|                           | 27114] and heap buffer overflow issue   |
|                           | [CVE-2022-28085]                        |
|                           |                                         |
| knot-resolver [25]        | Fix possible assertion failure in NSEC3 |
|                           | edge-case [CVE-2021-40083]              |
|                           |                                         |
| libapache2-mod-auth-      | New upstream stable release; fix open   |
| openidc [26]              | redirect issue [CVE-2021-39191]; fix    |
|                           | crash on reload / restart               |
|                           |                                         |
| libintl-perl [27]         | Really install gettext_xs.pm            |
|                           |                                         |
| libsdl2 [28]              | Avoid out-of-bounds read while loading  |
|                           | malformed BMP file [CVE-2021-33657],    |
|                           | and during YUV to RGB conversion        |
|                           |                                         |
| libtgowt [29]             | New upstream stable release, to support |
|                           | newer telegram-desktop                  |
|                           |                                         |
| linux [30]                | New upstream stable release; increase   |
|                           | ABI to 16                               |
|                           |                                         |
| linux-signed-amd64 [31]   | New upstream stable release; increase   |
|                           | ABI to 16                               |
|                           |                                         |
| linux-signed-arm64 [32]   | New upstream stable release; increase   |
|                           | ABI to 16                               |
|                           |                                         |
| linux-signed-i386 [33]    | New upstream stable release; increase   |
|                           | ABI to 16                               |
|                           |                                         |
| logrotate [34]            | Skip locking if state file is world-    |
|                           | readable [CVE-2022-1348]; make          |
|                           | configuration parsing stricter in order |
|                           | to avoid parsing foreign files such as  |
|                           | core dumps                              |
|                           |                                         |
| lxc [35]                  | Update default GPG key server, fixing   |
|                           | creating of containers using the        |
|                           | "download"  template                    |
|                           |                                         |
| minidlna [36]             | Validate HTTP requests to protect       |
|                           | against DNS rebinding attacks           |
|                           | [CVE-2022-26505]                        |
|                           |                                         |
| mutt [37]                 | Fix uudecode buffer overflow issue      |
|                           | [CVE-2022-1328]                         |
|                           |                                         |
| nano [38]                 | Several bug fixes, including fixes for  |
|                           | crashes                                 |
|                           |                                         |
| needrestart [39]          | Make cgroup detection for services and  |
|                           | user sessions cgroup v2 aware           |
|                           |                                         |
| network-manager [40]      | New upstream stable release             |
|                           |                                         |
| nginx [41]                | Fix crash when libnginx-mod-http-lua is |
|                           | loaded and init_worker_by_lua* is used; |
|                           | mitigate application layer protocol     |
|                           | content confusion attack in the Mail    |
|                           | module [CVE-2021-3618]                  |
|                           |                                         |
| node-ejs [42]             | Fix server-side template injection      |
|                           | issue [CVE-2022-29078]                  |
|                           |                                         |
| node-eventsource [43]     | Strip sensitive headers on redirect to  |
|                           | different origin [CVE-2022-1650]        |
|                           |                                         |
| node-got [44]             | Don't allow redirection to Unix socket  |
|                           | [CVE-2022-33987]                        |
|                           |                                         |
| node-mermaid [45]         | Fix cross-site scripting issues         |
|                           | [CVE-2021-23648 CVE-2021-43861]         |
|                           |                                         |
| node-minimist [46]        | Fix prototype pollution issue           |
|                           | [CVE-2021-44906]                        |
|                           |                                         |
| node-moment [47]          | Fix path traversal issue [CVE-2022-     |
|                           | 24785]                                  |
|                           |                                         |
| node-node-forge [48]      | Fix signature verification issues       |
|                           | [CVE-2022-24771 CVE-2022-24772          |
|                           | CVE-2022-24773]                         |
|                           |                                         |
| node-raw-body [49]        | Fix potential denial of service issue   |
|                           | in node-express, by using node-iconv-   |
|                           | lite rather than node-iconv             |
|                           |                                         |
| node-sqlite3 [50]         | Fix denial of service issue [CVE-2022-  |
|                           | 21227]                                  |
|                           |                                         |
| node-url-parse [51]       | Fix authentication bypass issues        |
|                           | [CVE-2022-0686 CVE-2022-0691]           |
|                           |                                         |
| nvidia-cuda-toolkit [52]  | Use OpenJDK8 snapshots for amd64 and    |
|                           | ppc64el; check usability of the java    |
|                           | binary; nsight-compute: Move the        |
|                           | 'sections' folder to a multiarch        |
|                           | location; fix nvidia-openjdk-8-jre      |
|                           | version ordering                        |
|                           |                                         |
| nvidia-graphics-          | New upstream release; switch to         |
| drivers [53]              | upstream 470 tree; fix denial of        |
|                           | service issues [CVE-2022-21813          |
|                           | CVE-2022-21814]; fix out-of-bounds      |
|                           | write issue [CVE-2022-28181], out-of-   |
|                           | bounds read issue [CVE-2022-28183],     |
|                           | denial of service issues [CVE-2022-     |
|                           | 28184 CVE-2022-28191 CVE-2022-28192]    |
|                           |                                         |
| nvidia-graphics-drivers-  | New upstream release; fix out-of-bound  |
| legacy-390xx [54]         | write issues [CVE-2022-28181 CVE-2022-  |
|                           | 28185]                                  |
|                           |                                         |
| nvidia-graphics-drivers-  | New upstream stable release             |
| tesla-418 [55]            |                                         |
|                           |                                         |
| nvidia-graphics-drivers-  | New upstream stable release; fix out-   |
| tesla-450 [56]            | of-bounds write issues [CVE-2022-28181  |
|                           | CVE-2022-28185], denial of service      |
|                           | issue [CVE-2022-28192]                  |
|                           |                                         |
| nvidia-graphics-drivers-  | New upstream stable release             |
| tesla-460 [57]            |                                         |
|                           |                                         |
| nvidia-graphics-drivers-  | New package, switching Tesla support to |
| tesla-470 [58]            | upstream 470 tree; fix out-of-bounds    |
|                           | write issue [CVE-2022-28181], out-of-   |
|                           | bounds read issue [CVE-2022-28183],     |
|                           | denial of service issues [CVE-2022-     |
|                           | 28184 CVE-2022-28191 CVE-2022-28192]    |
|                           |                                         |
| nvidia-persistenced [59]  | New upstream release; switch to         |
|                           | upstream 470 tree                       |
|                           |                                         |
| nvidia-settings [60]      | New upstream release; switch to         |
|                           | upstream 470 tree                       |
|                           |                                         |
| nvidia-settings-          | New package, switching Tesla support to |
| tesla-470 [61]            | upstream 470 tree                       |
|                           |                                         |
| nvidia-xconfig [62]       | New upstream release                    |
|                           |                                         |
| openssh [63]              | seccomp: add pselect6_time64 syscall on |
|                           | 32-bit architectures                    |
|                           |                                         |
| orca [64]                 | Fix usage with webkitgtk 2.36           |
|                           |                                         |
| php-guzzlehttp-psr7 [65]  | Fix improper header parsing [CVE-2022-  |
|                           | 24775]                                  |
|                           |                                         |
| phpmyadmin [66]           | Fix some SQL queries generating a       |
|                           | server error                            |
|                           |                                         |
| postfix [67]              | New upstream stable release; do not     |
|                           | override user set default_transport in  |
|                           | postinst; if-up.d: do not error out if  |
|                           | postfix can't send mail yet             |
|                           |                                         |
| procmail [68]             | Fix null pointer dereference            |
|                           |                                         |
| python-scrapy [69]        | Don't send authentication data with all |
|                           | requests [CVE-2021-41125]; don't expose |
|                           | cookies cross-domain when redirecting   |
|                           | [CVE-2022-0577]                         |
|                           |                                         |
| ruby-net-ssh [70]         | Fix authentication against systems      |
|                           | using OpenSSH 8.8                       |
|                           |                                         |
| runc [71]                 | Honour seccomp defaultErrnoRet; do not  |
|                           | set inheritable capabilities [CVE-2022- |
|                           | 29162]                                  |
|                           |                                         |
| samba [72]                | Fix winbind start failure when  "allow  |
|                           | trusted domains = no"  is used; fix MIT |
|                           | Kerberos authentication; fix share      |
|                           | escape issue via mkdir race condition   |
|                           | [CVE-2021-43566]; fix possible serious  |
|                           | data corruption issue due to Windows    |
|                           | client cache poisoning; fix             |
|                           | installation on non-systemd systems     |
|                           |                                         |
| tcpdump [73]              | Update AppArmor profile to allow access |
|                           | to *.cap files, and handle numerical    |
|                           | suffix in filenames added by -W         |
|                           |                                         |
| telegram-desktop [74]     | New upstream stable release, restoring  |
|                           | functionality                           |
|                           |                                         |
| tigervnc [75]             | Fix GNOME desktop start up when using   |
|                           | tigervncserver@.service; fix colour     |
|                           | display when vncviewer and X11 server   |
|                           | use different endianness                |
|                           |                                         |
| twisted [76]              | Fix information disclosure issue with   |
|                           | cross-domain redirects [CVE-2022-       |
|                           | 21712], denial of service issue during  |
|                           | SSH handshakes [CVE-2022-21716], HTTP   |
|                           | request smuggling issues [CVE-2022-     |
|                           | 24801]                                  |
|                           |                                         |
| tzdata [77]               | Update timezone data for Palestine;     |
|                           | update leap second list                 |
|                           |                                         |
| ublock-origin [78]        | New upstream stable release             |
|                           |                                         |
| unrar-nonfree [79]        | Fix directory traversal issue           |
|                           | [CVE-2022-30333]                        |
|                           |                                         |
| usb.ids [80]              | New upstream release; update included   |
|                           | data                                    |
|                           |                                         |
| wireless-regdb [81]       | New upstream release; remove diversion  |
|                           | added by the installer, ensuring that   |
|                           | files from the package are used         |
|                           |                                         |
+---------------------------+-----------------------------------------+

    1: https://packages.debian.org/src:apache2
    2: https://packages.debian.org/src:base-files
    3: https://packages.debian.org/src:bash
    4: https://packages.debian.org/src:clamav
    5: https://packages.debian.org/src:clementine
    6: https://packages.debian.org/src:composer
    7: https://packages.debian.org/src:cyrus-imapd
    8: https://packages.debian.org/src:dbus-broker
    9: https://packages.debian.org/src:debian-edu-config
   10: https://packages.debian.org/src:debian-installer
   11: https://packages.debian.org/src:debian-installer-netboot-images
   12: https://packages.debian.org/src:distro-info-data
   13: https://packages.debian.org/src:docker.io
   14: https://packages.debian.org/src:dpkg
   15: https://packages.debian.org/src:freetype
   16: https://packages.debian.org/src:fribidi
   17: https://packages.debian.org/src:ganeti
   18: https://packages.debian.org/src:geeqie
   19: https://packages.debian.org/src:gnutls28
   20: https://packages.debian.org/src:golang-github-russellhaering-goxmldsig
   21: https://packages.debian.org/src:grunt
   22: https://packages.debian.org/src:hdmi2usb-mode-switch
   23: https://packages.debian.org/src:hexchat
   24: https://packages.debian.org/src:htmldoc
   25: https://packages.debian.org/src:knot-resolver
   26: https://packages.debian.org/src:libapache2-mod-auth-openidc
   27: https://packages.debian.org/src:libintl-perl
   28: https://packages.debian.org/src:libsdl2
   29: https://packages.debian.org/src:libtgowt
   30: https://packages.debian.org/src:linux
   31: https://packages.debian.org/src:linux-signed-amd64
   32: https://packages.debian.org/src:linux-signed-arm64
   33: https://packages.debian.org/src:linux-signed-i386
   34: https://packages.debian.org/src:logrotate
   35: https://packages.debian.org/src:lxc
   36: https://packages.debian.org/src:minidlna
   37: https://packages.debian.org/src:mutt
   38: https://packages.debian.org/src:nano
   39: https://packages.debian.org/src:needrestart
   40: https://packages.debian.org/src:network-manager
   41: https://packages.debian.org/src:nginx
   42: https://packages.debian.org/src:node-ejs
   43: https://packages.debian.org/src:node-eventsource
   44: https://packages.debian.org/src:node-got
   45: https://packages.debian.org/src:node-mermaid
   46: https://packages.debian.org/src:node-minimist
   47: https://packages.debian.org/src:node-moment
   48: https://packages.debian.org/src:node-node-forge
   49: https://packages.debian.org/src:node-raw-body
   50: https://packages.debian.org/src:node-sqlite3
   51: https://packages.debian.org/src:node-url-parse
   52: https://packages.debian.org/src:nvidia-cuda-toolkit
   53: https://packages.debian.org/src:nvidia-graphics-drivers
   54: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-390xx
   55: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-418
   56: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-450
   57: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-460
   58: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-470
   59: https://packages.debian.org/src:nvidia-persistenced
   60: https://packages.debian.org/src:nvidia-settings
   61: https://packages.debian.org/src:nvidia-settings-tesla-470
   62: https://packages.debian.org/src:nvidia-xconfig
   63: https://packages.debian.org/src:openssh
   64: https://packages.debian.org/src:orca
   65: https://packages.debian.org/src:php-guzzlehttp-psr7
   66: https://packages.debian.org/src:phpmyadmin
   67: https://packages.debian.org/src:postfix
   68: https://packages.debian.org/src:procmail
   69: https://packages.debian.org/src:python-scrapy
   70: https://packages.debian.org/src:ruby-net-ssh
   71: https://packages.debian.org/src:runc
   72: https://packages.debian.org/src:samba
   73: https://packages.debian.org/src:tcpdump
   74: https://packages.debian.org/src:telegram-desktop
   75: https://packages.debian.org/src:tigervnc
   76: https://packages.debian.org/src:twisted
   77: https://packages.debian.org/src:tzdata
   78: https://packages.debian.org/src:ublock-origin
   79: https://packages.debian.org/src:unrar-nonfree
   80: https://packages.debian.org/src:usb.ids
   81: https://packages.debian.org/src:wireless-regdb

Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

+----------------+--------------------------+
| Advisory ID    | Package                  |
+----------------+--------------------------+
| DSA-4999 [82]  | asterisk [83]            |
|                |                          |
| DSA-5026 [84]  | firefox-esr [85]         |
|                |                          |
| DSA-5034 [86]  | thunderbird [87]         |
|                |                          |
| DSA-5044 [88]  | firefox-esr [89]         |
|                |                          |
| DSA-5045 [90]  | thunderbird [91]         |
|                |                          |
| DSA-5069 [92]  | firefox-esr [93]         |
|                |                          |
| DSA-5074 [94]  | thunderbird [95]         |
|                |                          |
| DSA-5086 [96]  | thunderbird [97]         |
|                |                          |
| DSA-5090 [98]  | firefox-esr [99]         |
|                |                          |
| DSA-5094 [100] | thunderbird [101]        |
|                |                          |
| DSA-5097 [102] | firefox-esr [103]        |
|                |                          |
| DSA-5106 [104] | thunderbird [105]        |
|                |                          |
| DSA-5107 [106] | php-twig [107]           |
|                |                          |
| DSA-5108 [108] | tiff [109]               |
|                |                          |
| DSA-5110 [110] | chromium [111]           |
|                |                          |
| DSA-5111 [112] | zlib [113]               |
|                |                          |
| DSA-5112 [114] | chromium [115]           |
|                |                          |
| DSA-5113 [116] | firefox-esr [117]        |
|                |                          |
| DSA-5114 [118] | chromium [119]           |
|                |                          |
| DSA-5115 [120] | webkit2gtk [121]         |
|                |                          |
| DSA-5116 [122] | wpewebkit [123]          |
|                |                          |
| DSA-5117 [124] | xen [125]                |
|                |                          |
| DSA-5118 [126] | thunderbird [127]        |
|                |                          |
| DSA-5119 [128] | subversion [129]         |
|                |                          |
| DSA-5120 [130] | chromium [131]           |
|                |                          |
| DSA-5121 [132] | chromium [133]           |
|                |                          |
| DSA-5122 [134] | gzip [135]               |
|                |                          |
| DSA-5123 [136] | xz-utils [137]           |
|                |                          |
| DSA-5124 [138] | ffmpeg [139]             |
|                |                          |
| DSA-5125 [140] | chromium [141]           |
|                |                          |
| DSA-5127 [142] | linux-signed-amd64 [143] |
|                |                          |
| DSA-5127 [144] | linux-signed-arm64 [145] |
|                |                          |
| DSA-5127 [146] | linux-signed-i386 [147]  |
|                |                          |
| DSA-5127 [148] | linux [149]              |
|                |                          |
| DSA-5128 [150] | openjdk-17 [151]         |
|                |                          |
| DSA-5129 [152] | firefox-esr [153]        |
|                |                          |
| DSA-5130 [154] | dpdk [155]               |
|                |                          |
| DSA-5131 [156] | openjdk-11 [157]         |
|                |                          |
| DSA-5132 [158] | ecdsautils [159]         |
|                |                          |
| DSA-5133 [160] | qemu [161]               |
|                |                          |
| DSA-5134 [162] | chromium [163]           |
|                |                          |
| DSA-5136 [164] | postgresql-13 [165]      |
|                |                          |
| DSA-5137 [166] | needrestart [167]        |
|                |                          |
| DSA-5138 [168] | waitress [169]           |
|                |                          |
| DSA-5139 [170] | openssl [171]            |
|                |                          |
| DSA-5140 [172] | openldap [173]           |
|                |                          |
| DSA-5141 [174] | thunderbird [175]        |
|                |                          |
| DSA-5142 [176] | libxml2 [177]            |
|                |                          |
| DSA-5143 [178] | firefox-esr [179]        |
|                |                          |
| DSA-5145 [180] | lrzip [181]              |
|                |                          |
| DSA-5147 [182] | dpkg [183]               |
|                |                          |
| DSA-5148 [184] | chromium [185]           |
|                |                          |
| DSA-5149 [186] | cups [187]               |
|                |                          |
| DSA-5150 [188] | rsyslog [189]            |
|                |                          |
| DSA-5151 [190] | smarty3 [191]            |
|                |                          |
| DSA-5152 [192] | spip [193]               |
|                |                          |
| DSA-5153 [194] | trafficserver [195]      |
|                |                          |
| DSA-5154 [196] | webkit2gtk [197]         |
|                |                          |
| DSA-5155 [198] | wpewebkit [199]          |
|                |                          |
| DSA-5156 [200] | firefox-esr [201]        |
|                |                          |
| DSA-5157 [202] | cifs-utils [203]         |
|                |                          |
| DSA-5158 [204] | thunderbird [205]        |
|                |                          |
| DSA-5159 [206] | python-bottle [207]      |
|                |                          |
| DSA-5160 [208] | ntfs-3g [209]            |
|                |                          |
| DSA-5161 [210] | linux-signed-amd64 [211] |
|                |                          |
| DSA-5161 [212] | linux-signed-arm64 [213] |
|                |                          |
| DSA-5161 [214] | linux-signed-i386 [215]  |
|                |                          |
| DSA-5161 [216] | linux [217]              |
|                |                          |
| DSA-5162 [218] | containerd [219]         |
|                |                          |
| DSA-5163 [220] | chromium [221]           |
|                |                          |
| DSA-5164 [222] | exo [223]                |
|                |                          |
| DSA-5165 [224] | vlc [225]                |
|                |                          |
| DSA-5166 [226] | slurm-wlm [227]          |
|                |                          |
| DSA-5167 [228] | firejail [229]           |
|                |                          |
| DSA-5168 [230] | chromium [231]           |
|                |                          |
| DSA-5169 [232] | openssl [233]            |
|                |                          |
| DSA-5171 [234] | squid [235]              |
|                |                          |
| DSA-5172 [236] | firefox-esr [237]        |
|                |                          |
| DSA-5174 [238] | gnupg2 [239]             |
|                |                          |
+----------------+--------------------------+

   82: https://www.debian.org/security/2021/dsa-4999
   83: https://packages.debian.org/src:asterisk
   84: https://www.debian.org/security/2021/dsa-5026
   85: https://packages.debian.org/src:firefox-esr
   86: https://www.debian.org/security/2022/dsa-5034
   87: https://packages.debian.org/src:thunderbird
   88: https://www.debian.org/security/2022/dsa-5044
   89: https://packages.debian.org/src:firefox-esr
   90: https://www.debian.org/security/2022/dsa-5045
   91: https://packages.debian.org/src:thunderbird
   92: https://www.debian.org/security/2022/dsa-5069
   93: https://packages.debian.org/src:firefox-esr
   94: https://www.debian.org/security/2022/dsa-5074
   95: https://packages.debian.org/src:thunderbird
   96: https://www.debian.org/security/2022/dsa-5086
   97: https://packages.debian.org/src:thunderbird
   98: https://www.debian.org/security/2022/dsa-5090
   99: https://packages.debian.org/src:firefox-esr
  100: https://www.debian.org/security/2022/dsa-5094
  101: https://packages.debian.org/src:thunderbird
  102: https://www.debian.org/security/2022/dsa-5097
  103: https://packages.debian.org/src:firefox-esr
  104: https://www.debian.org/security/2022/dsa-5106
  105: https://packages.debian.org/src:thunderbird
  106: https://www.debian.org/security/2022/dsa-5107
  107: https://packages.debian.org/src:php-twig
  108: https://www.debian.org/security/2022/dsa-5108
  109: https://packages.debian.org/src:tiff
  110: https://www.debian.org/security/2022/dsa-5110
  111: https://packages.debian.org/src:chromium
  112: https://www.debian.org/security/2022/dsa-5111
  113: https://packages.debian.org/src:zlib
  114: https://www.debian.org/security/2022/dsa-5112
  115: https://packages.debian.org/src:chromium
  116: https://www.debian.org/security/2022/dsa-5113
  117: https://packages.debian.org/src:firefox-esr
  118: https://www.debian.org/security/2022/dsa-5114
  119: https://packages.debian.org/src:chromium
  120: https://www.debian.org/security/2022/dsa-5115
  121: https://packages.debian.org/src:webkit2gtk
  122: https://www.debian.org/security/2022/dsa-5116
  123: https://packages.debian.org/src:wpewebkit
  124: https://www.debian.org/security/2022/dsa-5117
  125: https://packages.debian.org/src:xen
  126: https://www.debian.org/security/2022/dsa-5118
  127: https://packages.debian.org/src:thunderbird
  128: https://www.debian.org/security/2022/dsa-5119
  129: https://packages.debian.org/src:subversion
  130: https://www.debian.org/security/2022/dsa-5120
  131: https://packages.debian.org/src:chromium
  132: https://www.debian.org/security/2022/dsa-5121
  133: https://packages.debian.org/src:chromium
  134: https://www.debian.org/security/2022/dsa-5122
  135: https://packages.debian.org/src:gzip
  136: https://www.debian.org/security/2022/dsa-5123
  137: https://packages.debian.org/src:xz-utils
  138: https://www.debian.org/security/2022/dsa-5124
  139: https://packages.debian.org/src:ffmpeg
  140: https://www.debian.org/security/2022/dsa-5125
  141: https://packages.debian.org/src:chromium
  142: https://www.debian.org/security/2022/dsa-5127
  143: https://packages.debian.org/src:linux-signed-amd64
  144: https://www.debian.org/security/2022/dsa-5127
  145: https://packages.debian.org/src:linux-signed-arm64
  146: https://www.debian.org/security/2022/dsa-5127
  147: https://packages.debian.org/src:linux-signed-i386
  148: https://www.debian.org/security/2022/dsa-5127
  149: https://packages.debian.org/src:linux
  150: https://www.debian.org/security/2022/dsa-5128
  151: https://packages.debian.org/src:openjdk-17
  152: https://www.debian.org/security/2022/dsa-5129
  153: https://packages.debian.org/src:firefox-esr
  154: https://www.debian.org/security/2022/dsa-5130
  155: https://packages.debian.org/src:dpdk
  156: https://www.debian.org/security/2022/dsa-5131
  157: https://packages.debian.org/src:openjdk-11
  158: https://www.debian.org/security/2022/dsa-5132
  159: https://packages.debian.org/src:ecdsautils
  160: https://www.debian.org/security/2022/dsa-5133
  161: https://packages.debian.org/src:qemu
  162: https://www.debian.org/security/2022/dsa-5134
  163: https://packages.debian.org/src:chromium
  164: https://www.debian.org/security/2022/dsa-5136
  165: https://packages.debian.org/src:postgresql-13
  166: https://www.debian.org/security/2022/dsa-5137
  167: https://packages.debian.org/src:needrestart
  168: https://www.debian.org/security/2022/dsa-5138
  169: https://packages.debian.org/src:waitress
  170: https://www.debian.org/security/2022/dsa-5139
  171: https://packages.debian.org/src:openssl
  172: https://www.debian.org/security/2022/dsa-5140
  173: https://packages.debian.org/src:openldap
  174: https://www.debian.org/security/2022/dsa-5141
  175: https://packages.debian.org/src:thunderbird
  176: https://www.debian.org/security/2022/dsa-5142
  177: https://packages.debian.org/src:libxml2
  178: https://www.debian.org/security/2022/dsa-5143
  179: https://packages.debian.org/src:firefox-esr
  180: https://www.debian.org/security/2022/dsa-5145
  181: https://packages.debian.org/src:lrzip
  182: https://www.debian.org/security/2022/dsa-5147
  183: https://packages.debian.org/src:dpkg
  184: https://www.debian.org/security/2022/dsa-5148
  185: https://packages.debian.org/src:chromium
  186: https://www.debian.org/security/2022/dsa-5149
  187: https://packages.debian.org/src:cups
  188: https://www.debian.org/security/2022/dsa-5150
  189: https://packages.debian.org/src:rsyslog
  190: https://www.debian.org/security/2022/dsa-5151
  191: https://packages.debian.org/src:smarty3
  192: https://www.debian.org/security/2022/dsa-5152
  193: https://packages.debian.org/src:spip
  194: https://www.debian.org/security/2022/dsa-5153
  195: https://packages.debian.org/src:trafficserver
  196: https://www.debian.org/security/2022/dsa-5154
  197: https://packages.debian.org/src:webkit2gtk
  198: https://www.debian.org/security/2022/dsa-5155
  199: https://packages.debian.org/src:wpewebkit
  200: https://www.debian.org/security/2022/dsa-5156
  201: https://packages.debian.org/src:firefox-esr
  202: https://www.debian.org/security/2022/dsa-5157
  203: https://packages.debian.org/src:cifs-utils
  204: https://www.debian.org/security/2022/dsa-5158
  205: https://packages.debian.org/src:thunderbird
  206: https://www.debian.org/security/2022/dsa-5159
  207: https://packages.debian.org/src:python-bottle
  208: https://www.debian.org/security/2022/dsa-5160
  209: https://packages.debian.org/src:ntfs-3g
  210: https://www.debian.org/security/2022/dsa-5161
  211: https://packages.debian.org/src:linux-signed-amd64
  212: https://www.debian.org/security/2022/dsa-5161
  213: https://packages.debian.org/src:linux-signed-arm64
  214: https://www.debian.org/security/2022/dsa-5161
  215: https://packages.debian.org/src:linux-signed-i386
  216: https://www.debian.org/security/2022/dsa-5161
  217: https://packages.debian.org/src:linux
  218: https://www.debian.org/security/2022/dsa-5162
  219: https://packages.debian.org/src:containerd
  220: https://www.debian.org/security/2022/dsa-5163
  221: https://packages.debian.org/src:chromium
  222: https://www.debian.org/security/2022/dsa-5164
  223: https://packages.debian.org/src:exo
  224: https://www.debian.org/security/2022/dsa-5165
  225: https://packages.debian.org/src:vlc
  226: https://www.debian.org/security/2022/dsa-5166
  227: https://packages.debian.org/src:slurm-wlm
  228: https://www.debian.org/security/2022/dsa-5167
  229: https://packages.debian.org/src:firejail
  230: https://www.debian.org/security/2022/dsa-5168
  231: https://packages.debian.org/src:chromium
  232: https://www.debian.org/security/2022/dsa-5169
  233: https://packages.debian.org/src:openssl
  234: https://www.debian.org/security/2022/dsa-5171
  235: https://packages.debian.org/src:squid
  236: https://www.debian.org/security/2022/dsa-5172
  237: https://packages.debian.org/src:firefox-esr
  238: https://www.debian.org/security/2022/dsa-5174
  239: https://packages.debian.org/src:gnupg2

Removed packages
----------------

The following packages were removed due to circumstances beyond our
control:

+---------------------+-------------------------------+
| Package             | Reason                        |
+---------------------+-------------------------------+
| elog [240]          | Unmaintained; security issues |
|                     |                               |
| python-hbmqtt [241] | Unamintained and broken       |
|                     |                               |
+---------------------+-------------------------------+

  240: https://packages.debian.org/src:elog
  241: https://packages.debian.org/src:python-hbmqtt

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into
stable by the point release.


URLs
----

The complete lists of packages that have changed with this revision:

https://deb.debian.org/debian/dists/bullseye/ChangeLog


The current stable distribution:

https://deb.debian.org/debian/dists/stable/


Proposed updates to the stable distribution:

https://deb.debian.org/debian/dists/proposed-updates


stable distribution information (release notes, errata etc.):

https://www.debian.org/releases/stable/


Security announcements and information:

https://www.debian.org/security/



About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.


Contact Information
-------------------

For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to <press@debian.org>, or contact the
stable release team at <debian-release@lists.debian.org>.

canci
Posts: 2278
Joined: 2006-09-24 11:28
Has thanked: 61 times
Been thanked: 79 times

Re: Debian 11: 11.4 released

#2 Post by canci »

Time to reflash my emergency USB key :)
🍥

Asus VivoBook X421DA D413DA 1.0
Debian GNU/Linux 11 (bullseye) x86_64 Kernel 5.10
sway on Wayland
AMD Ryzen 7 3700U with Radeon Vega Mobile Gfx (Picasso)
8 GB RAM, 512GB NVMe drive

Post Reply