Lançado o Debian Buster 10.4

A comunidade Debian acaba de lançar a 4ª atualização da versão Stable o Debian Buster 10, confira.

Debian Buster 10.4

Hoje 9 de maio de 2020 a comunidade Debian anunciou a 4ª atualização do Debian Stable.

"O projeto Debian tem o prazer de anunciar a quarta atualização de sua distribuição estável Debian 10 (codinome "Buster"). Esta versão pontual adiciona principalmente correções para problemas de segurança, além de alguns ajustes para problemas sérios. Os avisos de segurança já foram publicados separadamente e são referenciados quando disponíveis."

Correção de bugs, segurança e pacotes removidos

Confira na lista abaixo a lista dos bugs corrigidos.

apt-cacher-ng Enforce secured call to the server in maintenance job triggering [CVE-2020-5202]; allow .zst compression for tarballs; increase size of the decompression line buffer for configuration file reading
backuppc Pass the username to start-stop-daemon when reloading, preventing reload failures
base-files Update for the point release
brltty Reduce severity of log message to avoid generating too many messages when used with new Orca versions
checkstyle Fix XML External Entity injection issue [CVE-2019-9658 CVE-2019-10782]
choose-mirror Update included mirror list
clamav New upstream release [CVE-2020-3123]
corosync totemsrp: Reduce MTU to avoid generating oversized packets
corosync-qdevice Fix service startup
csync2 Fail HELLO command when SSL is required
cups Fix heap buffer overflow [CVE-2020-3898] and "the `ippReadIO` function may under-read an extension field" [CVE-2019-8842]
dav4tbsync New upstream release, restoring compatibility with newer Thunderbird versions
debian-edu-config Add policy files for Firefox ESR and Thunderbird to fix the TLS/SSL setup
debian-installer Update for the 4.19.0-9 kernel ABI
debian-installer-netboot-images Rebuild against proposed-updates
debian-security-support New upstream stable release; update status of several packages; use "runuser" rather than "su"
distro-info-data Add Ubuntu 20.10, and likely end of support date for stretch
dojo Fix improper regular expression usage [CVE-2019-10785]
dpdk New upstream stable release
dtv-scan-tables New upstream snapshot; add all current German DVB-T2 muxes and the Eutelsat-5-West-A satellite
eas4tbsync New upstream release, restoring compatibility with newer Thunderbird versions
edk2 Security fixes [CVE-2019-14558 CVE-2019-14559 CVE-2019-14563 CVE-2019-14575 CVE-2019-14586 CVE-2019-14587]
el-api Fix stretch to buster upgrades that involve Tomcat 8
fex Fix a potential security issue in fexsrv
filezilla Fix untrusted search path vulnerability [CVE-2019-5429]
frr Fix extended next hop capability
fuse Remove outdated udevadm commands from post-install scripts; don't explicitly remove fuse.conf on purge
fuse3 Remove outdated udevadm commands from post-install scripts; don't explicitly remove fuse.conf on purge; fix memory leak in fuse_session_new()
golang-github-prometheus-common Extend validity of test certificates
gosa Replace (un)serialize with json_encode/json_decode to mitigate PHP object injection [CVE-2019-14466]
hbci4java Support EU directive on payment services (PSD2)
hibiscus Support EU directive on payment services (PSD2)
iputils Correct an issue in which ping would improperly exit with a failure code when there were untried addresses still available in the getaddrinfo() library call return value
ircd-hybrid Use dhparam.pem to avoid crash on startup
jekyll Allow use of ruby-i18n 0.x and 1.x
jsp-api Fix stretch to buster upgrades that involve Tomcat 8
lemonldap-ng Prevent unwanted access to administration endpoints [CVE-2019-19791]; fix the GrantSession plugin which could not prohibit logon when two factor authentication was used; fix arbitrary redirects with OIDC if redirect_uri was not used
libdatetime-timezone-perl Update included data
libreoffice Fix OpenGL slide transitions
libssh Fix possible denial of service issue when handling AES-CTR keys with OpenSSL [CVE-2020-1730]
libvncserver Fix heap overflow [CVE-2019-15690]
linux New upstream stable release
linux-latest Update kernel ABI to 4.19.0-9
linux-signed-amd64 New upstream stable release
linux-signed-arm64 New upstream stable release
linux-signed-i386 New upstream stable release
lwip Fix buffer overflow [CVE-2020-8597]
lxc-templates New upstream stable release; handle languages that are only UTF-8 encoded
manila Fix missing access permissions check [CVE-2020-9543]
megatools Add support for the new format of links
mew Fix server SSL certificate validity checking
mew-beta Fix server SSL certificate validity checking
mkvtoolnix Rebuild to tighten libmatroska6v5 dependency
ncbi-blast+ Disable SSE4.2 support
node-anymatch Remove unnecessary dependencies
node-dot Prevent code execution after prototype pollution [CVE-2020-8141]
node-dot-prop Fix prototype pollution [CVE-2020-8116]
node-knockout Fix escaping with older Internet Explorer versions [CVE-2019-14862]
node-mongodb Reject invalid _bsontypes [CVE-2019-2391 CVE-2020-7610]
node-yargs-parser Fix prototype pollution [CVE-2020-7608]
npm Fix arbitrary path access [CVE-2019-16775 CVE-2019-16776 CVE-2019-16777]
nvidia-graphics-drivers New upstream stable release
nvidia-graphics-drivers-legacy-390xx New upstream stable release
nvidia-settings-legacy-340xx New upstream release
oar Revert to stretch behavior for Storable::dclone perl function, fixing recursion depth issues
opam Prefer mccs over aspcud
openvswitch Fix vswitchd abort when a port is added and the controller is down
orocos-kdl Fix string conversion with Python 3
owfs Remove broken Python 3 packages
pango1.0 Fix crash in pango_fc_font_key_get_variations() when key is null
pgcli Add missing dependency on python3-pkg-resources
php-horde-data Fix authenticated remote code execution vulnerability [CVE-2020-8518]
php-horde-form Fix authenticated remote code execution vulnerability [CVE-2020-8866]
php-horde-trean Fix authenticated remote code execution vulnerability [CVE-2020-8865]
postfix New upstream stable release; fix panic with Postfix multi-Milter configuration during MAIL FROM; fix d/init.d running change so it works with multi-instance again
proftpd-dfsg Fix memory access issue in keyboard-interative code in mod_sftp; properly handle DEBUG, IGNORE, DISCONNECT, and UNIMPLEMENTED messages in keyboard-interactive mode
puma Fix Denial of Service issue [CVE-2019-16770]
purple-discord Fix crashes in ssl_nss_read
python-oslo.utils Fix leak of sensitive information via mistral logs [CVE-2019-3866]
rails Fix possible cross-site scripting via Javascript escape helper [CVE-2020-5267]
rake Fix command injection vulnerability [CVE-2020-8130]
raspi3-firmware Fix dtb names mismatch in z50-raspi-firmware; fix boot on Raspberry Pi families 1 and 0
resource-agents Fix "ethmonitor does not list interfaces without assigned IP address"; remove no longer required xen-toolstack patch; fix non-standard usage in ZFS agent
rootskel Disable multiple console support if preseeding is in use
ruby-i18n Fix gemspec generation
rubygems-integration Avoid deprecation warnings when users install a newer version of Rubygems via "gem update --system"
schleuder Improve patch to handle encoding errors introduced in the previous version; switch default encoding to UTF-8; let x-add-key handle mails with attached, quoted-printable encoded keys; fix x-attach-listkey with mails created by Thunderbird that include protected headers
scilab Fix library loading with OpenJDK 11.0.7
serverspec-runner Support Ruby 2.5
softflowd Fix broken flow aggregation which might result in flow table overflow and 100% CPU usage
speech-dispatcher Fix default pulseaudio latency which triggers "scratchy" output
spl-linux Fix deadlock
sssd Fix sssd_be busy-looping when LDAP connection is intermittent
systemd when authorizing via PolicyKit re-resolve callback/userdata instead of caching it [CVE-2020-1712]; install 60-block.rules in udev-udeb and initramfs-tools
taglib Fix corruption issues with OGG files
tbsync New upstream release, restoring compatibility with newer Thunderbird versions
timeshift Fix predictable temporary directory use [CVE-2020-10174]
tinyproxy Only set PIDDIR, if PIDFILE is a non-zero length string
tzdata New upstream stable release
uim unregister modules that are not installed, fixing a regression in the previous upload
user-mode-linux Fix build failure with current stable kernels
vite Fix crash when there are more than 32 elements
waagent New upstream release; support co-installation with cloud-init
websocket-api Fix stretch to buster upgrades that involve Tomcat 8
wpa Do not try to detect PSK mismatch during PTK rekeying; check for FT support when selecting FT suites; fix MAC randomisation issue with some cards
xdg-utils xdg-open: fix pcmanfm check and handling of directories with spaces in their names; xdg-screensaver: Sanitise window name before sending it over D-Bus; xdg-mime: Create config directory if it does not exist yet
xtrlock Fix blocking of (some) multitouch devices while locked [CVE-2016-10894]
zfs-linux Fix potential deadlock issues

Confira na lista abaixo a lista das correções de segurança.

DSA-4616 qemu
DSA-4617 qtbase-opensource-src
DSA-4618 libexif
DSA-4619 libxmlrpc3-java
DSA-4620 firefox-esr
DSA-4623 postgresql-11
DSA-4624 evince
DSA-4625 thunderbird
DSA-4627 webkit2gtk
DSA-4629 python-django
DSA-4630 python-pysaml2
DSA-4631 pillow
DSA-4632 ppp
DSA-4633 curl
DSA-4634 opensmtpd
DSA-4635 proftpd-dfsg
DSA-4636 python-bleach
DSA-4637 network-manager-ssh
DSA-4638 chromium
DSA-4639 firefox-esr
DSA-4640 graphicsmagick
DSA-4641 webkit2gtk
DSA-4642 thunderbird
DSA-4643 python-bleach
DSA-4644 tor
DSA-4645 chromium
DSA-4646 icu
DSA-4647 bluez
DSA-4648 libpam-krb5
DSA-4649 haproxy
DSA-4650 qbittorrent
DSA-4651 mediawiki
DSA-4652 gnutls28
DSA-4653 firefox-esr
DSA-4654 chromium
DSA-4655 firefox-esr
DSA-4656 thunderbird
DSA-4657 git
DSA-4658 webkit2gtk
DSA-4659 git
DSA-4660 awl
DSA-4661 openssl
DSA-4663 python-reportlab
DSA-4664 mailman
DSA-4665 qemu
DSA-4666 openldap
DSA-4667 linux-signed-amd64
DSA-4667 linux-signed-arm64
DSA-4667 linux-signed-i386
DSA-4667 linux
DSA-4669 nodejs
DSA-4671 vlc
DSA-4672 trafficserver

Confira na lista abaixo a lista dos pacotes removidos.

getlive Broken due to Hotmail changes
gplaycli Broken by Google API changes
kerneloops Upstream service no longer available
lambda-align2 [arm64 armel armhf i386 mips64el ppc64el s390x] Broken on non-amd64 architectures
libmicrodns Security issues
libperlspeak-perl Security issues; unmaintained
quotecolors Incompatible with newer Thunderbird versions
torbirdy Incompatible with newer Thunderbird versions
ugene Non-free; fails to build
yahoo2mbox Broken for several years


Para atualizar o seu Debian 10.3 para o 10.4 de os comandos abaixo no terminal.

Atualize a lista de pacotes.

sudo apt update

Atualize o sistema operacional.

sudo apt full-upgrade

Debian Buster atualizado.

3 comentários:

  1. dei os comandos e diz zero atualizações, ainda com debian 10.3, talvez venha pra mim nas próximas semanas!!!

    1. Repositório quebrado, arrume.

    2. consegui arrumar dei esse comando: sudo rm /var/lib/apt/lists/* -vf e depois update e consegui instalar a versão 10.4. cat /etc/debian_version 10.4!!!!