Acaba de sair o terceiro pacote de atualizações para o Debian, agora 10.3, confira os detalhes.
O anúncio foi feito no dia 8 de fevereiro de 2020, confira.
"O projeto Debian tem o prazer de anunciar a terceira atualização de sua distribuição estável Debian 10 (codinome "buster"). Esta versão pontual adiciona principalmente correções para problemas de segurança, além de alguns ajustes para problemas sérios. Os avisos de segurança já foram publicados separadamente e são referenciados quando disponíveis.
Por favor note que o lançamento do ponto não constitui uma nova versão do Debian 10, mas atualiza apenas alguns dos pacotes incluídos. Não há necessidade de jogar fora a mídia antiga "imbecil". Após a instalação, os pacotes podem ser atualizados para as versões atuais usando um espelho Debian atualizado"
Abaixo a lista de bugs corrigidos.
Package Reason
alot Remove expiration time from test suite keys, fixing build failure
atril Fix segfault when no document is loaded; fix read of uninitialised memory [CVE-2019-11459]
base-files Update for the point release
beagle Provide wrapper script instead of symlinks to JARs, making them work again
bgpdump Fix segmentation fault
boost1.67 Fix undefined behaviour leading to crashing libboost-numpy
brightd Actually compare the value read out of /sys/class/power_supply/AC/online with "0"
casacore-data-jplde Include tables up to 2040
clamav New upstream release; fix denial of service issue [CVE-2019-15961]; remove ScanOnAccess option, replacing with clamonacc
compactheader New upstream release compatible with Thunderbird 68
console-common Fix regression that led to files not being included
csh Fix segfault on eval
cups Fix memory leak in ppdOpen; fix validation of default language in ippSetValuetag [CVE-2019-2228]
cyrus-imapd Add BACKUP type to cyrus-upgrade-db, fixing upgrade issues
debian-edu-config Keep proxy settings on client if WPAD is unreachable
debian-installer Rebuild against proposed-updates; tweak mini.iso generation on arm so EFI netboot will work; update USE_UDEBS_FROM default from unstable to buster, to help users performing local builds
debian-installer-netboot-images Rebuild against proposed-updates
debian-security-support Update security support status of several packages
debos Rebuild against updated golang-github-go-debos-fakemachine
dispmua New upstream release compatible with Thunderbird 68
dkimpy New upstream stable release
dkimpy-milter Fix privilege management at startup so Unix sockets work
dpdk New upstream stable release
e2fsprogs Fix potential stack underflow in e2fsck [CVE-2019-5188]; fix use after free in e2fsck
fig2dev Allow Fig v2 text strings ending with multiple ^A [CVE-2019-19555]; reject huge arrow types causing integer overflow [CVE-2019-19746]; fix several crashes [CVE-2019-19797]
freerdp2 Fix realloc return handling [CVE-2019-17177]
freetds tds: Make sure UDT has varint set to 8 [CVE-2019-13508]
git-lfs Fix build issues with newer Go versions
gnubg Increase the size of static buffers used to build messages during program start so that the Spanish translation doesn't overflow a buffer
gnutls28 Fix interop problems with gnutls 2.x; fix parsing of certificates using RegisteredID
gtk2-engines-murrine Fix co-installability with other themes
guile-2.2 Fix build failure
libburn Fix "cdrskin multi-track burning was slow and stalled after track 1"
libcgns Fix build failure on ppc64el
libimobiledevice Properly handle partial SSL writes
libmatroska Increase shared library dependency to 1.4.7 since that version introduced new symbols
libmysofa Security fixes [CVE-2019-16091 CVE-2019-16092 CVE-2019-16093 CVE-2019-16094 CVE-2019-16095]
libole-storage-lite-perl Fix interpretation of years from 2020 onwards
libparse-win32registry-perl Fix interpretation of years from 2020 onwards
libperl4-corelibs-perl Fix interpretation of years from 2020 onwards
libsolv Fix heap buffer overflow [CVE-2019-20387]
libspreadsheet-wright-perl Fix previously unusable OpenDocument spreadsheets and passing of JSON formatting options
libtimedate-perl Fix interpretation of years from 2020 onwards
libvirt Apparmor: Allow one to run pygrub; don't render osxsave, ospke into QEMU command line; this helps newer QEMU with some configs generated by virt-install
libvncserver RFBserver: don't leak stack memory to the remote [CVE-2019-15681]; resolve a freeze during connection closure and a segmentation fault on multi-threaded VNC servers; fix issue connecting to VMWare servers; fix crashing of x11vnc when vncviewer connects
limnoria Fix remote information disclosure and possibly remote code execution in the Math plugin [CVE-2019-19010]
linux New upstream stable release
linux-latest Update for 4.19.0-8 Linux kernel ABI
linux-signed-amd64 New upstream stable release
linux-signed-arm64 New upstream stable release
linux-signed-i386 New upstream stable release
mariadb-10.3 New upstream stable release [CVE-2019-2938 CVE-2019-2974 CVE-2020-2574]
mesa Call shmget() with permission 0600 instead of 0777 [CVE-2019-5068]
mnemosyne Add missing dependency on PIL
modsecurity Fix cookie header parsing bug [CVE-2019-19886]
node-handlebars Disallow calling "helperMissing" and "blockHelperMissing" directly [CVE-2019-19919]
node-kind-of Fix type checking vulnerability in ctorName() [CVE-2019-20149]
ntpsec Fix slow DNS retries; fix ntpdate -s (syslog) to fix the if-up hook; documentation fixes
numix-gtk-theme Fix co-installability with other themes
nvidia-graphics-drivers-legacy-340xx New upstream stable release
nyancat Rebuild in a clean environment to add the systemd unit for nyancat-server
openjpeg2 Fix heap overflow [CVE-2018-21010] and integer overflow [CVE-2018-20847]
opensmtpd Warn users of change of smtpd.conf syntax (in earlier versions); install smtpctl setgid opensmtpq; handle non-zero exit code from hostname during config phase
openssh Deny (non-fatally) ipc in the seccomp sandbox, fixing failures with OpenSSL 1.1.1d and Linux < 3.19 on some architectures php-horde Fix stored cross-site scripting issue in Horde Cloud Block [CVE-2019-12095] php-horde-text-filter Fix invalid regular expressions postfix New upstream stable release postgresql-11 New upstream stable release print-manager Fix crash if CUPS returns the same ID for multiple print jobs proftpd-dfsg Fix CRL issues [CVE-2019-19270 CVE-2019-19269] pykaraoke Fix path to fonts python-evtx Fix import of "hexdump" python-internetarchive Close file after getting hash, avoiding file descriptor exhaustion python3.7 Security fixes [CVE-2019-9740 CVE-2019-9947 CVE-2019-9948 CVE-2019-10160 CVE-2019-16056 CVE-2019-16935] qtbase-opensource-src Add support for non-PPD printers and avoid silent fallback to a printer supporting PPD; fix crash when using QLabels with rich text; fix graphics tablet hover events qtwebengine-opensource-src Fix PDF parsing; disable executable stack quassel Fix quasselcore AppArmor denials when the config is saved; correct default channel for Debian; remove unnecessary NEWS file qwinff Fix crash due to incorrect file detection raspi3-firmware Fix detection of serial console with kernel 5.x ros-ros-comm Fix security issues [CVE-2019-13566 CVE-2019-13465 CVE-2019-13445] roundcube New upstream stable release; fix insecure permissions in enigma plugin [CVE-2018-1000071] schleuder Fix recognizing keywords in mails with "protected headers" and empty subject; strip non-self-signatures when refreshing or fetching keys; error if the argument provided to `refresh_keys` is not an existing list; add missing List-Id header to notification mails sent to admins; handle decryption problems gracefully; default to ASCII-8BIT encoding simplesamlphp Fix incompatibility with PHP 7.3 sogo-connector New upstream release compatible with Thunderbird 68 spf-engine Fix privilege management at startup so Unix sockets work; update documentation for TestOnly sudo Fix a (non-exploitable in buster) buffer overflow when pwfeedback is enabled and input is a not a tty [CVE-2019-18634] systemd Set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX; change ownership/mode of the execution directories also for static users, ensuring that execution directories like CacheDirectory and StateDirectory are properly chowned to the user specified in User= before launching the service tifffile Fix wrapper script tigervnc Security fixes [CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695] tightvnc Security fixes [CVE-2014-6053 CVE-2019-8287 CVE-2018-20021 CVE-2018-20022 CVE-2018-20748 CVE-2018-7225 CVE-2019-15678 CVE-2019-15679 CVE-2019-15680 CVE-2019-15681] uif Fix paths to ip(6)tables-restore in light of the migration to nftables unhide Fix stack exhaustion x2goclient Strip ~/, ~user{,/}, ${HOME}{,/} and $HOME{,/} from destination paths in SCP mode; fixes regression with newer libssh versions with fixes for CVE-2019-14889 applied xmltooling Fix race condition that could lead to crash under load
Abaixo as correções de segurança.
Security Updates
This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates:
Advisory ID Package
DSA-4546 openjdk-11
DSA-4563 webkit2gtk
DSA-4564 linux
DSA-4564 linux-signed-i386
DSA-4564 linux-signed-arm64
DSA-4564 linux-signed-amd64
DSA-4565 intel-microcode
DSA-4566 qemu
DSA-4567 dpdk
DSA-4568 postgresql-common
DSA-4569 ghostscript
DSA-4570 mosquitto
DSA-4571 enigmail
DSA-4571 thunderbird
DSA-4572 slurm-llnl
DSA-4573 symfony
DSA-4575 chromium
DSA-4577 haproxy
DSA-4578 libvpx
DSA-4579 nss
DSA-4580 firefox-esr
DSA-4581 git
DSA-4582 davical
DSA-4583 spip
DSA-4584 spamassassin
DSA-4585 thunderbird
DSA-4586 ruby2.5
DSA-4588 python-ecdsa
DSA-4589 debian-edu-config
DSA-4590 cyrus-imapd
DSA-4591 cyrus-sasl2
DSA-4592 mediawiki
DSA-4593 freeimage
DSA-4595 debian-lan-config
DSA-4597 netty
DSA-4598 python-django
DSA-4599 wordpress
DSA-4600 firefox-esr
DSA-4601 ldm
DSA-4602 xen
DSA-4603 thunderbird
DSA-4604 cacti
DSA-4605 openjdk-11
DSA-4606 chromium
DSA-4607 openconnect
DSA-4608 tiff
DSA-4609 python-apt
DSA-4610 webkit2gtk
DSA-4611 opensmtpd
DSA-4612 prosody-modules
DSA-4613 libidn2
DSA-4615 spamassassin
Abaixo os pacote removidos do repositório.
Removed packages
The following packages were removed due to circumstances beyond our control:
Package Reason
caml-crush [armel] Unbuildable due to lack of ocaml-native-compilers
firetray Incompatible with current Thunderbird versions
koji Security issues
python-lamson Broken by changes in python-daemon
radare2 Security issues; upstream do not offer stable support
radare2-cutter Depends on to-be-removed radare2
Para atualizar o seu sistema basta executar os comandos abaixo no terminal.
atualize a lista de pacotes.
Atualize o sistema.
Ai está o Debian 10.3.
Fonte
Debian 10.3
O anúncio foi feito no dia 8 de fevereiro de 2020, confira.
"O projeto Debian tem o prazer de anunciar a terceira atualização de sua distribuição estável Debian 10 (codinome "buster"). Esta versão pontual adiciona principalmente correções para problemas de segurança, além de alguns ajustes para problemas sérios. Os avisos de segurança já foram publicados separadamente e são referenciados quando disponíveis.
Por favor note que o lançamento do ponto não constitui uma nova versão do Debian 10, mas atualiza apenas alguns dos pacotes incluídos. Não há necessidade de jogar fora a mídia antiga "imbecil". Após a instalação, os pacotes podem ser atualizados para as versões atuais usando um espelho Debian atualizado"
Correções
Abaixo a lista de bugs corrigidos.
Package Reason
alot Remove expiration time from test suite keys, fixing build failure
atril Fix segfault when no document is loaded; fix read of uninitialised memory [CVE-2019-11459]
base-files Update for the point release
beagle Provide wrapper script instead of symlinks to JARs, making them work again
bgpdump Fix segmentation fault
boost1.67 Fix undefined behaviour leading to crashing libboost-numpy
brightd Actually compare the value read out of /sys/class/power_supply/AC/online with "0"
casacore-data-jplde Include tables up to 2040
clamav New upstream release; fix denial of service issue [CVE-2019-15961]; remove ScanOnAccess option, replacing with clamonacc
compactheader New upstream release compatible with Thunderbird 68
console-common Fix regression that led to files not being included
csh Fix segfault on eval
cups Fix memory leak in ppdOpen; fix validation of default language in ippSetValuetag [CVE-2019-2228]
cyrus-imapd Add BACKUP type to cyrus-upgrade-db, fixing upgrade issues
debian-edu-config Keep proxy settings on client if WPAD is unreachable
debian-installer Rebuild against proposed-updates; tweak mini.iso generation on arm so EFI netboot will work; update USE_UDEBS_FROM default from unstable to buster, to help users performing local builds
debian-installer-netboot-images Rebuild against proposed-updates
debian-security-support Update security support status of several packages
debos Rebuild against updated golang-github-go-debos-fakemachine
dispmua New upstream release compatible with Thunderbird 68
dkimpy New upstream stable release
dkimpy-milter Fix privilege management at startup so Unix sockets work
dpdk New upstream stable release
e2fsprogs Fix potential stack underflow in e2fsck [CVE-2019-5188]; fix use after free in e2fsck
fig2dev Allow Fig v2 text strings ending with multiple ^A [CVE-2019-19555]; reject huge arrow types causing integer overflow [CVE-2019-19746]; fix several crashes [CVE-2019-19797]
freerdp2 Fix realloc return handling [CVE-2019-17177]
freetds tds: Make sure UDT has varint set to 8 [CVE-2019-13508]
git-lfs Fix build issues with newer Go versions
gnubg Increase the size of static buffers used to build messages during program start so that the Spanish translation doesn't overflow a buffer
gnutls28 Fix interop problems with gnutls 2.x; fix parsing of certificates using RegisteredID
gtk2-engines-murrine Fix co-installability with other themes
guile-2.2 Fix build failure
libburn Fix "cdrskin multi-track burning was slow and stalled after track 1"
libcgns Fix build failure on ppc64el
libimobiledevice Properly handle partial SSL writes
libmatroska Increase shared library dependency to 1.4.7 since that version introduced new symbols
libmysofa Security fixes [CVE-2019-16091 CVE-2019-16092 CVE-2019-16093 CVE-2019-16094 CVE-2019-16095]
libole-storage-lite-perl Fix interpretation of years from 2020 onwards
libparse-win32registry-perl Fix interpretation of years from 2020 onwards
libperl4-corelibs-perl Fix interpretation of years from 2020 onwards
libsolv Fix heap buffer overflow [CVE-2019-20387]
libspreadsheet-wright-perl Fix previously unusable OpenDocument spreadsheets and passing of JSON formatting options
libtimedate-perl Fix interpretation of years from 2020 onwards
libvirt Apparmor: Allow one to run pygrub; don't render osxsave, ospke into QEMU command line; this helps newer QEMU with some configs generated by virt-install
libvncserver RFBserver: don't leak stack memory to the remote [CVE-2019-15681]; resolve a freeze during connection closure and a segmentation fault on multi-threaded VNC servers; fix issue connecting to VMWare servers; fix crashing of x11vnc when vncviewer connects
limnoria Fix remote information disclosure and possibly remote code execution in the Math plugin [CVE-2019-19010]
linux New upstream stable release
linux-latest Update for 4.19.0-8 Linux kernel ABI
linux-signed-amd64 New upstream stable release
linux-signed-arm64 New upstream stable release
linux-signed-i386 New upstream stable release
mariadb-10.3 New upstream stable release [CVE-2019-2938 CVE-2019-2974 CVE-2020-2574]
mesa Call shmget() with permission 0600 instead of 0777 [CVE-2019-5068]
mnemosyne Add missing dependency on PIL
modsecurity Fix cookie header parsing bug [CVE-2019-19886]
node-handlebars Disallow calling "helperMissing" and "blockHelperMissing" directly [CVE-2019-19919]
node-kind-of Fix type checking vulnerability in ctorName() [CVE-2019-20149]
ntpsec Fix slow DNS retries; fix ntpdate -s (syslog) to fix the if-up hook; documentation fixes
numix-gtk-theme Fix co-installability with other themes
nvidia-graphics-drivers-legacy-340xx New upstream stable release
nyancat Rebuild in a clean environment to add the systemd unit for nyancat-server
openjpeg2 Fix heap overflow [CVE-2018-21010] and integer overflow [CVE-2018-20847]
opensmtpd Warn users of change of smtpd.conf syntax (in earlier versions); install smtpctl setgid opensmtpq; handle non-zero exit code from hostname during config phase
openssh Deny (non-fatally) ipc in the seccomp sandbox, fixing failures with OpenSSL 1.1.1d and Linux < 3.19 on some architectures php-horde Fix stored cross-site scripting issue in Horde Cloud Block [CVE-2019-12095] php-horde-text-filter Fix invalid regular expressions postfix New upstream stable release postgresql-11 New upstream stable release print-manager Fix crash if CUPS returns the same ID for multiple print jobs proftpd-dfsg Fix CRL issues [CVE-2019-19270 CVE-2019-19269] pykaraoke Fix path to fonts python-evtx Fix import of "hexdump" python-internetarchive Close file after getting hash, avoiding file descriptor exhaustion python3.7 Security fixes [CVE-2019-9740 CVE-2019-9947 CVE-2019-9948 CVE-2019-10160 CVE-2019-16056 CVE-2019-16935] qtbase-opensource-src Add support for non-PPD printers and avoid silent fallback to a printer supporting PPD; fix crash when using QLabels with rich text; fix graphics tablet hover events qtwebengine-opensource-src Fix PDF parsing; disable executable stack quassel Fix quasselcore AppArmor denials when the config is saved; correct default channel for Debian; remove unnecessary NEWS file qwinff Fix crash due to incorrect file detection raspi3-firmware Fix detection of serial console with kernel 5.x ros-ros-comm Fix security issues [CVE-2019-13566 CVE-2019-13465 CVE-2019-13445] roundcube New upstream stable release; fix insecure permissions in enigma plugin [CVE-2018-1000071] schleuder Fix recognizing keywords in mails with "protected headers" and empty subject; strip non-self-signatures when refreshing or fetching keys; error if the argument provided to `refresh_keys` is not an existing list; add missing List-Id header to notification mails sent to admins; handle decryption problems gracefully; default to ASCII-8BIT encoding simplesamlphp Fix incompatibility with PHP 7.3 sogo-connector New upstream release compatible with Thunderbird 68 spf-engine Fix privilege management at startup so Unix sockets work; update documentation for TestOnly sudo Fix a (non-exploitable in buster) buffer overflow when pwfeedback is enabled and input is a not a tty [CVE-2019-18634] systemd Set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX; change ownership/mode of the execution directories also for static users, ensuring that execution directories like CacheDirectory and StateDirectory are properly chowned to the user specified in User= before launching the service tifffile Fix wrapper script tigervnc Security fixes [CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695] tightvnc Security fixes [CVE-2014-6053 CVE-2019-8287 CVE-2018-20021 CVE-2018-20022 CVE-2018-20748 CVE-2018-7225 CVE-2019-15678 CVE-2019-15679 CVE-2019-15680 CVE-2019-15681] uif Fix paths to ip(6)tables-restore in light of the migration to nftables unhide Fix stack exhaustion x2goclient Strip ~/, ~user{,/}, ${HOME}{,/} and $HOME{,/} from destination paths in SCP mode; fixes regression with newer libssh versions with fixes for CVE-2019-14889 applied xmltooling Fix race condition that could lead to crash under load
Abaixo as correções de segurança.
Security Updates
This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates:
Advisory ID Package
DSA-4546 openjdk-11
DSA-4563 webkit2gtk
DSA-4564 linux
DSA-4564 linux-signed-i386
DSA-4564 linux-signed-arm64
DSA-4564 linux-signed-amd64
DSA-4565 intel-microcode
DSA-4566 qemu
DSA-4567 dpdk
DSA-4568 postgresql-common
DSA-4569 ghostscript
DSA-4570 mosquitto
DSA-4571 enigmail
DSA-4571 thunderbird
DSA-4572 slurm-llnl
DSA-4573 symfony
DSA-4575 chromium
DSA-4577 haproxy
DSA-4578 libvpx
DSA-4579 nss
DSA-4580 firefox-esr
DSA-4581 git
DSA-4582 davical
DSA-4583 spip
DSA-4584 spamassassin
DSA-4585 thunderbird
DSA-4586 ruby2.5
DSA-4588 python-ecdsa
DSA-4589 debian-edu-config
DSA-4590 cyrus-imapd
DSA-4591 cyrus-sasl2
DSA-4592 mediawiki
DSA-4593 freeimage
DSA-4595 debian-lan-config
DSA-4597 netty
DSA-4598 python-django
DSA-4599 wordpress
DSA-4600 firefox-esr
DSA-4601 ldm
DSA-4602 xen
DSA-4603 thunderbird
DSA-4604 cacti
DSA-4605 openjdk-11
DSA-4606 chromium
DSA-4607 openconnect
DSA-4608 tiff
DSA-4609 python-apt
DSA-4610 webkit2gtk
DSA-4611 opensmtpd
DSA-4612 prosody-modules
DSA-4613 libidn2
DSA-4615 spamassassin
Abaixo os pacote removidos do repositório.
Removed packages
The following packages were removed due to circumstances beyond our control:
Package Reason
caml-crush [armel] Unbuildable due to lack of ocaml-native-compilers
firetray Incompatible with current Thunderbird versions
koji Security issues
python-lamson Broken by changes in python-daemon
radare2 Security issues; upstream do not offer stable support
radare2-cutter Depends on to-be-removed radare2
Atualizar
Para atualizar o seu sistema basta executar os comandos abaixo no terminal.
atualize a lista de pacotes.
sudo apt update
Atualize o sistema.
sudo apt full-upgrade
Ai está o Debian 10.3.
Fonte
Maravilha, o REI DA ESTABILIDADE só melhorou ainda mais.
ResponderExcluirsim
ExcluirExiste a possibilidade de fazer um remaster do debian 10 apenas em linha de comando (sem interface gráfica) caso sim, como seria o comando de instalação? Uma vez que o calamares irá reclamar da falta do X display?
ResponderExcluirGrato desde já pela atenção
Sim, instale o remaster manualmente sem o calamares, o remaster tem o gerador de iso e o instalador por linha de comando.
ExcluirSe puder me informar o comando que instala o sistema via CLI, ficarei muito agradecido
ExcluirMano é só baixar o remaster, remova o calamares das dependências , reempacote o .deb e instale. Nesse processo vc ira visualizar os arquivos e portanto ira vc mesmo descobrir como fazer.Por fim é só dar o comando na live remaster-installer e o instalador texto será aberto.
Excluir