Lançado o oitavo pacote de atualizações do Debian 10 GNU Linux

A comunidade Debian acaba de lançar o oitavo pacote de correções para o Debian Stable, passando agora para o Buster 10.8, confira.

 

 

 

 Debian Buster 10.8


O anúncio foi feito em 06 de Fevereiro de 2021.

 

"O projeto Debian tem o prazer de anunciar a oitava atualização de sua distribuição estável Debian 10 (codinome "buster"). Esta versão pontual adiciona principalmente correções para problemas de segurança, junto com alguns ajustes para problemas sérios. Os avisos de segurança já foram publicados separadamente e são referenciados quando disponíveis."

 

 Correção de bugs


No quadro abaixo temos os bugs corrigidos nessa atualização.


Miscellaneous Bugfixes This stable update adds a few important corrections to the following packages: Package Reason atftp Fix denial of service issue [CVE-2020-6097] base-files Update /etc/debian_version for the 10.8 point release ca-certificates Update Mozilla CA bundle to 2.40, blacklist expired "AddTrust External Root" cacti Fix SQL injection issue [CVE-2020-35701] and stored XSS issue cairo Fix mask usage in image-compositor [CVE-2020-35492] choose-mirror Update mirror list cjson Fix infinite loop in cJSON_Minify clevis Fix initramfs creation; clevis-dracut: Trigger initramfs creation upon installation cyrus-imapd Fix version comparison in cron script debian-edu-config Move host keytabs cleanup code out of gosa-modify-host into a standalone script, reducing LDAP calls to a single query debian-installer Use 4.19.0-14 Linux kernel ABI; rebuild against proposed-updates debian-installer-netboot-images Rebuild against proposed-updates debian-installer-utils Support partitions on USB UAS devices device-tree-compiler Fix segfault on "dtc -I fs /proc/device-tree" didjvu Add missing build-dependency on tzdata dovecot Fix crash when searching mailboxes containing malformed MIME messages dpdk New upstream stable release edk2 CryptoPkg/BaseCryptLib: fix NULL dereference [CVE-2019-14584] emacs Don't crash with OpenPGP User IDs with no e-mail address fcitx Fix input method support in Flatpaks file Increase name recursion depth to 50 by default geoclue-2.0 Check the maximum allowed accuracy level even for system applications; make the Mozilla API key configurable and use a Debian-specific key by default; fix display of the usage indicator gnutls28 Fix test suite error caused by expired certificate grub2 When upgrading grub-pc noninteractively, bail out if grub-install fails; explicitly check whether the target device exists before running grub-install; grub-install: Add backup and restore; don't call grub-install on fresh install of grub-pc highlight.js Fix prototype pollution [CVE-2020-26237] intel-microcode Update various microcode iproute2 Fix bugs in JSON output; fix race condition that DOSes the system when using ip netns add at boot irssi-plugin-xmpp Do not trigger the irssi core connect timeout prematurely, thus fixing STARTTLS connections libdatetime-timezone-perl Update for new tzdata version libdbd-csv-perl Fix test failure with libdbi-perl 1.642-1+deb10u2 libdbi-perl Security fix [CVE-2014-10402] libmaxminddb Fix heap-based buffer over-read [CVE-2020-28241] lttng-modules Fix build on kernel versions >= 4.19.0-10 m2crypto Fix compatibility with OpenSSL 1.1.1i and newer mini-buildd builder.py: sbuild call: set '--no-arch-all' explicitly net-snmp snmpd: Add cacheTime and execType flags to EXTEND-MIB node-ini Do not allow invalid hazardous string as section name [CVE-2020-7788] node-y18n Fix prototype pollution issue [CVE-2020-7774] nvidia-graphics-drivers New upstream release; fix possible denial of service and information disclosure [CVE-2021-1056] nvidia-graphics-drivers-legacy-390xx New upstream release; fix possible denial of service and information disclosure [CVE-2021-1056] pdns Security fixes [CVE-2019-10203 CVE-2020-17482] pepperflashplugin-nonfree Turn into a dummy package taking care of removing the previously installed plugin (no longer functional nor supported) pngcheck Fix buffer overflow [CVE-2020-27818] postgresql-11 New upstream stable release; security fixes [CVE-2020-25694 CVE-2020-25695 CVE-2020-25696] postsrsd Ensure timestamp tags aren't too long before trying to decode them [CVE-2020-35573] python-bottle Stop allowing ";" as a query-string separator [CVE-2020-28473] python-certbot Automatically use ACMEv2 API for renewals, to avoid issues with ACMEv1 API removal qxmpp Fix potential SEGFAULT on connection error silx python(3)-silx: Add dependency on python(3)-scipy slirp Fix buffer overflows [CVE-2020-7039 CVE-2020-8608] steam New upstream release systemd journal: do not trigger assertion when journal_file_close() is passed NULL tang Avoid race condition between keygen and update tzdata New upstream release; update included timezone data unzip Apply further fixes for CVE-2019-13232 wireshark Fix various crashes, infinite loops and memory leaks [CVE-2019-16319 CVE-2019-19553 CVE-2020-11647 CVE-2020-13164 CVE-2020-15466 CVE-2020-25862 CVE-2020-25863 CVE-2020-26418 CVE-2020-26421 CVE-2020-26575 CVE-2020-28030 CVE-2020-7045 CVE-2020-9428 CVE-2020-9430 CVE-2020-9431]


 Correções de segurança


No quadro abaixo temos as correções de segurança.


Security Updates This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates: Advisory ID Package DSA-4797 webkit2gtk DSA-4801 brotli DSA-4802 thunderbird DSA-4803 xorg-server DSA-4804 xen DSA-4805 trafficserver DSA-4806 minidlna DSA-4807 openssl DSA-4808 apt DSA-4809 python-apt DSA-4810 lxml DSA-4811 libxstream-java DSA-4812 xen DSA-4813 firefox-esr DSA-4814 xerces-c DSA-4815 thunderbird DSA-4816 mediawiki DSA-4817 php-pear DSA-4818 sympa DSA-4819 kitty DSA-4820 horizon DSA-4821 roundcube DSA-4822 p11-kit DSA-4823 influxdb DSA-4824 chromium DSA-4825 dovecot DSA-4827 firefox-esr DSA-4828 libxstream-java DSA-4829 coturn DSA-4830 flatpak DSA-4831 ruby-redcarpet DSA-4832 chromium DSA-4833 gst-plugins-bad1.0 DSA-4834 vlc DSA-4835 tomcat9 DSA-4837 salt DSA-4838 mutt DSA-4839 sudo DSA-4840 firefox-esr DSA-4841 slurm-llnl DSA-4843 linux-latest DSA-4843 linux-signed-amd64 DSA-4843 linux-signed-arm64 DSA-4843 linux-signed-i386 DSA-4843 linux


Fonte

 

Atualização

 

Não custa lembrar dois pontos:

 

  • Se você já tem o Debian 10 Buster instalado não precisa fazer downlaod de .iso e instalar novamente, aviso pois tem uma imbecis por ai que te induzem a essa besteira.
  • Você deve sempre atualizar o seu sistema, essa é a maior segurança dos sistemas operacionais GNU/Linux.

 

 Para atualizar execute os comandos no terminal.


Atualiza a lista de pacotes.


sudo apt update



Atualize o sistema


sudo apt full-upgrade

 

Debian atualizado.





Comentários

Postar um comentário

olá, seja bem vindo ao Linux Dicas e suporte !!

Você precisa ver isso

Todos os arquivos do blog

Mostrar mais