O Debian 10 Buster será a próxima versão LTS do sistema e portanto continua recebendo suporte e é hora de o atualizar, confira.
Debian 10 Buster
O Debian 10.0 foi lançado em 6 de Julho de 2019 e acumula 12 pacotes de correções de bugs e falhas criticas de segurança.
Ele será a próxima versão LTS iniciada em Julho, 2022 até Junho de 2024 quando terá seu tempo de suporte estendido por mais 5 anos indo até 2029.
Debian GNU Linux 10.12 Buster
O anúncio foi feito em 26 de Março de 2022.
"O projeto Debian tem o prazer de anunciar a décima segunda atualização de sua distribuição mais antiga Debian 10 (codinome "buster"). Esta versão pontual adiciona principalmente correções para problemas de segurança, juntamente com alguns ajustes para problemas sérios. Os avisos de segurança já foram publicados separadamente e são referenciados quando disponíveis"
Destaque para o OpenSSL
A atualização do OpenSSL fornecida nesta versão pontual inclui uma alteração para garantir que o algoritmo de assinatura solicitado seja compatível com o nível de segurança ativo.
Correções de bugs
apache-log4j1.2 Resolve security issues [CVE-2021-4104 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307], by removing support for the JMSSink, JDBCAppender, JMSAppender and Apache Chainsaw modules
apache-log4j2 Fix remote code execution issue [CVE-2021-44832]
atftp Fix information leak issue [CVE-2021-46671]
base-files Update for the 10.12 point release
beads Rebuild against updated cimg to fix multiple heap buffer overflows [CVE-2020-25693]
btrbk Fix regression in the update for CVE-2021-38173
cargo-mozilla New package, backported from Debian 11, to help build new rust versions
chrony Allow reading the chronyd configuration file that timemaster(8) generates
cimg Fix heap buffer overflow issues [CVE-2020-25693]
clamav New upstream stable release; fix denial of service issue [CVE-2022-20698]
cups Fix "an input validation issue might allow a malicious application to read restricted memory" [CVE-2020-10001]
debian-installer Rebuild against oldstable-proposed-updates; update kernel ABI to -20
debian-installer-netboot-images Rebuild against oldstable-proposed-updates
detox Fix processing of large files on ARM architectures
evolution-data-server Fix crash on malformed server reponse [CVE-2020-16117]
flac Fix out of bounds read issue [CVE-2020-0499]
gerbv Fix code execution issue [CVE-2021-40391]
glibc Import several fixes from upstream's stable branch; simplify the check for supported kernel versions, as 2.x kernels are no longer supported; support installation on kernels with a release number greater than 255
gmp Fix integer and buffer overflow issue [CVE-2021-43618]
graphicsmagick Fix buffer overflow issue [CVE-2020-12672]
htmldoc Fix out-of-bounds read issue [CVE-2022-0534], buffer overflow issues [CVE-2021-43579 CVE-2021-40985]
http-parser Resolve inadvertent ABI break
icu Fix "pkgdata" utility
intel-microcode Update included microcode; mitigate some security issues [CVE-2020-8694 CVE-2020-8695 CVE-2021-0127 CVE-2021-0145 CVE-2021-0146 CVE-2021-33120]
jbig2dec Fix buffer overflow issue [CVE-2020-12268]
jtharness New upstream version to support builds of newer OpenJDK-11 versions
jtreg New upstream version to support builds of newer OpenJDK-11 versions
lemonldap-ng Fix auth process in password-testing plugins [CVE-2021-20874]; add recommends on gsfonts, fixing captcha
leptonlib Fix denial of service issue [CVE-2020-36277], buffer over-read issues [CVE-2020-36278 CVE-2020-36279 CVE-2020-36280 CVE-2020-36281]
libdatetime-timezone-perl Update included data
libencode-perl Fix a memory leak in Encode.xs
libetpan Fix STARTTLS response injection issue [CVE-2020-15953]
libextractor Fix invalid read issue [CVE-2019-15531]
libjackson-json-java Fix code execution issues [CVE-2017-15095 CVE-2017-7525], XML external entity issues [CVE-2019-10172]
libmodbus Fix out of bound read issues [CVE-2019-14462 CVE-2019-14463]
libpcap Check PHB header length before using it to allocate memory [CVE-2019-15165]
libsdl1.2 Properly handle input focus events; fix buffer overflow issues [CVE-2019-13616 CVE-2019-7637], buffer over-read issues [CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7638]
libxml2 Fix use-after-free issue [CVE-2022-23308]
linux New upstream stable release; [rt] Update to 4.19.233-rt105; increase ABI to 20
linux-latest Update to 4.19.0-20 ABI
linux-signed-amd64 New upstream stable release; [rt] Update to 4.19.233-rt105; increase ABI to 20
linux-signed-arm64 New upstream stable release; [rt] Update to 4.19.233-rt105; increase ABI to 20
linux-signed-i386 New upstream stable release; [rt] Update to 4.19.233-rt105; increase ABI to 20
llvm-toolchain-11 New package, backported from Debian 11, to help build new rust versions
lxcfs Fix misreporting of swap usage
mailman Fix cross-site scripting issue [CVE-2021-43331]; fix "a list moderator can crack the list admin password encrypted in a CSRF token" [CVE-2021-43332]; fix potential CSRF attack against a list admin from a list member or moderator [CVE-2021-44227]; fix regressions in fixes for CVE-2021-42097 and CVE-2021-44227
mariadb-10.3 New upstream stable release; security fixes [CVE-2021-35604 CVE-2021-46659 CVE-2021-46661 CVE-2021-46662 CVE-2021-46663 CVE-2021-46664 CVE-2021-46665 CVE-2021-46667 CVE-2021-46668 CVE-2022-24048 CVE-2022-24050 CVE-2022-24051 CVE-2022-24052]
node-getobject Fix prototype pollution issue [CVE-2020-28282]
opensc Fix out-of-bounds access issues [CVE-2019-15945 CVE-2019-15946], crash due to read of unknown memory [CVE-2019-19479], double free issue [CVE-2019-20792], buffer overflow issues [CVE-2020-26570 CVE-2020-26571 CVE-2020-26572]
openscad Fix buffer overflows in STL parser [CVE-2020-28599 CVE-2020-28600]
openssl New upstream release
php-illuminate-database Fix query binding issue [CVE-2021-21263], SQL injection issue when used with Microsoft SQL Server
phpliteadmin Fix cross-site scripting issue [CVE-2021-46709]
plib Fix integer overflow issue [CVE-2021-38714]
privoxy Fix memory leak [CVE-2021-44540] and cross-site scripting issue [CVE-2021-44543]
publicsuffix Update included data
python-virtualenv Avoid attempting to install pkg_resources from PyPI
raptor2 Fix out of bounds array access issue [CVE-2020-25713]
ros-ros-comm Fix denial of service issue [CVE-2021-37146]
rsyslog Fix heap overflow issues [CVE-2019-17041 CVE-2019-17042]
ruby-httpclient Use system certificate store
rust-cbindgen New upstream stable release to support builds of newer firefox-esr and thunderbird versions
rustc-mozilla New source package to support building of newer firefox-esr and thunderbird versions
s390-dasd Stop passing deprecated -f option to dasdfmt
spip Fix cross-site scripting issue
tzdata Update data for Fiji and Palestine
vim Fix ability to execute code while in restricted mode [CVE-2019-20807], buffer overflow issues [CVE-2021-3770 CVE-2021-3778 CVE-2021-3875], use after free issue [CVE-2021-3796]; remove accidentally included patch
wavpack Fix use of uninitialized values [CVE-2019-1010317 CVE-2019-1010319]
weechat Fix several denial of service issues [CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 CVE-2021-40516]
wireshark Fix several security issues in dissectors [CVE-2021-22207 CVE-2021-22235 CVE-2021-39921 CVE-2021-39922 CVE-2021-39923 CVE-2021-39924 CVE-2021-39928 CVE-2021-39929]
xterm Fix buffer overflow issue [CVE-2022-24130]
zziplib Fix denial of service issue [CVE-2020-18442]
Correções de segurança
Advisory ID Package
DSA-4513 samba
DSA-4982 apache2
DSA-4983 neutron
DSA-4985 wordpress
DSA-4986 tomcat9
DSA-4987 squashfs-tools
DSA-4989 strongswan
DSA-4990 ffmpeg
DSA-4991 mailman
DSA-4993 php7.3
DSA-4994 bind9
DSA-4995 webkit2gtk
DSA-4997 tiff
DSA-5000 openjdk-11
DSA-5001 redis
DSA-5004 libxstream-java
DSA-5005 ruby-kaminari
DSA-5006 postgresql-11
DSA-5010 libxml-security-java
DSA-5011 salt
DSA-5013 roundcube
DSA-5014 icu
DSA-5015 samba
DSA-5016 nss
DSA-5018 python-babel
DSA-5019 wireshark
DSA-5020 apache-log4j2
DSA-5021 mediawiki
DSA-5022 apache-log4j2
DSA-5023 modsecurity-apache
DSA-5024 apache-log4j2
DSA-5027 xorg-server
DSA-5028 spip
DSA-5029 sogo
DSA-5030 webkit2gtk
DSA-5032 djvulibre
DSA-5035 apache2
DSA-5036 sphinxsearch
DSA-5037 roundcube
DSA-5038 ghostscript
DSA-5039 wordpress
DSA-5040 lighttpd
DSA-5043 lxml
DSA-5047 prosody
DSA-5051 aide
DSA-5052 usbview
DSA-5053 pillow
DSA-5056 strongswan
DSA-5057 openjdk-11
DSA-5059 policykit-1
DSA-5060 webkit2gtk
DSA-5062 nss
DSA-5063 uriparser
DSA-5065 ipython
DSA-5066 ruby2.5
DSA-5071 samba
DSA-5072 debian-edu-config
DSA-5073 expat
DSA-5075 minetest
DSA-5076 h2database
DSA-5078 zsh
DSA-5081 redis
DSA-5083 webkit2gtk
DSA-5085 expat
DSA-5087 cyrus-sasl2
DSA-5088 varnish
DSA-5093 spip
DSA-5096 linux-latest
DSA-5096 linux-signed-amd64
DSA-5096 linux-signed-arm64
DSA-5096 linux-signed-i386
DSA-5096 linux
DSA-5098 tryton-server
DSA-5099 tryton-proteus
DSA-5100 nbd
DSA-5101 libphp-adodb
DSA-5103 openssl
DSA-5105 bind9
Instalação
Confira a versão atual do seu Debian.
Para receber o pacote de correções abra o terminal e execute.
Atualize a lista de pacotes.
Atualize o sistema para a versão 10.12
Ai está o Debian 10.12.
Comentários
Postar um comentário
olá, seja bem vindo ao Linux Dicas e suporte !!