New upstream release improve compatibility with recent kernels New upstream bugfix release ĭisallow loading of custom terminfo entries in setuid/setgid programs įix regular expression-based denial of service issue įix prototype pollution issue Remove implicit mapping functionality, which could lead to unintended exposure of the status worker and/or bypass of security constraints įix denial of service issue įix integer overflow issue Īvoid replacement of /dev/null with a regular file if used for the state fileĪvoid using mv on init symlink in order to work around overlayfs issueįix build issues with newer kernel versionsįix use after free in lua_upvaluejoin (lapi.c) fix segmentation fault in getlocal and setlocal (ldebug.c) Handle CA ready, processing and valid states correctlyįix open redirection when OIDC RP has no redirect URIs fix Server Side Request Forgery issue fix open redirection due to incorrect escape handling ![]() Set DEB_NEXT_VER_ID=12 as bookworm is the next release security-support-limited: add gnupg1Īdd Debian 14 forky correct Ubuntu 23.04 release date add Ubuntu 23.10 Mantic Minotaur add the planned release date for Debian bookwormĪdd support for loong64 CPU handle missing Version when formatting source:Upstream-Version fix varbuf memory leak in pkg_source_version()ĭisable uploads to imgur by default fix name of d/NEWS file in previous uploadįix buffer overflow issue try and secure the IJS server startup įix race condition in symlink copying įix double free in init_index when the M argument is a large integer Ĭheck return values for set*id() functions, avoiding potential security issues įix free of uninitialised pointer Increase Linux kernel ABI to 5.10.0-26 rebuild against proposed-updates New upstream stable release fix denial of service issue New upstream stable release fix denial of service vulnerability via HFS+ parser įix arbitrary code execution issue replace Suggests: on libarchive1 with libarchive-devįix memory-initialization in command-line parserįix heap-based buffer overflow issues, unauthenticated access issue, use-after-free issue įix code execution issues, information disclosure issues, inappropriate connection re-use issue, improper certificate validation issue New upstream version, to support building newer firefox-esr versions Work around unconfigured jre during new installations Update included microcode, including fixes for AMD Inception on AMD Zen4 processors īackport to bullseye for future openjdk-11 buildsįix missing mutex unlock do not use rpcbind for NFS4 mounts fix regression determining reachability on dual-stack hostsįix Server Side Request Forgery issues Ĭonflict with bsdowl (<< 2.2.2-1.2~) to ensure smooth upgrades ![]() This oldstable update adds a few important corrections to the following packages: Packageįix command injection vulnerability in deluserįix handling of extended attributes on symlinks ![]() Pointing the package management system at one of Debian's many HTTP mirrors.Ī comprehensive list of mirrors is available at: Upgrading an existing installation to this revision can be achieved by New installation images will be available soon at the regular locations. To update many packages, and most such updates are Those who frequently install updates from won't have Packages can be upgraded to the current versions using an up-to-date Debian No need to throw away old bullseye media. ![]() Please note that the point release does not constitute a new version of Debianġ1 but only updates some of the packages included. Have already been published separately and are referenced where available. This point release mainly adds corrections for security issues,Īlong with a few adjustments for serious problems. Oldstable distribution Debian 11 (codename bullseye). The Debian project is pleased to announce the eighth update of its
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |