Dear atzlinux, 建议不要在邮件列表之间转发消息,如果用户有需要,会自己去订阅相关的邮件列表。
谢谢 On Tue, Jul 18, 2023 at 8:58 AM xiao shen wen(肖盛文) <[email protected]> wrote: > > Debian 12.1 将在下周发布。 > > > -------- 转发的消息 -------- > 主题: [SUA 237-1] Upcoming Debian 12 Update (12.1) > 重新发送日期: Mon, 17 Jul 2023 21:20:22 +0000 (UTC) > Resent-From: [email protected] > 日期: Mon, 17 Jul 2023 17:59:41 +0100 > From: Jonathan Wiltshire <[email protected]> <[email protected]> > 回复地址: [email protected] > 收件人: [email protected] > > > ---------------------------------------------------------------------------- > Debian Stable Updates Announcement SUA 237-1 https://www.debian.org/ > [email protected] Jonathan Wiltshire > July 17th, 2023 > > ---------------------------------------------------------------------------- > > Upcoming Debian 12 Update (12.1) > > An update to Debian 12 is scheduled for Saturday, July 22nd 2023. As of now > it will include the following bug fixes. They can be found in > "bookworm-proposed-updates", which is carried by all official mirrors. > > Please note that packages published through security.debian.org are not > listed, but will be included if possible. Some of the updates below are > also > already available through "bookworm-updates". > > Testing and feedback would be appreciated. Bugs should be filed in the > Debian Bug Tracking System, but please make the Release Team aware of them > by copying "[email protected]" > <[email protected]> on your mails. > > Miscellaneous Bugfixes > ---------------------- > > This stable update adds a few important corrections to the following > packages: > > Package Reason > ------- ------ > > aide Properly handle creating the system user; fix > child directory processing on equal match > > autofs Fix hang when using Kerberos-authenticated LDAP > > ayatana-indicator-datetime Fix playing of custom alarm sounds > > base-files Update for the point release > > bepasty Fix rendering of text uploads > > boost1.81 Add missing dependency on libboost-json1.81.0 > to libboost-json1.81-dev > > bup Correctly restore POSIX ACLs > > chromium Security update (from bookworm-security during > late freeze) > > context Enable socket in ConTeXt mtxrun > > cpdb-libs Fix a buffer overflow vulnerability > [CVE-2023-34095] > > cpp-httplib Fix CRLF injection issue [CVE-2023-26130] > > crowdsec Fix default acquis.yaml to also include the > journalctl datasource, limited to the > ssh.service unit, making sure acquisition works > even without the traditional auth.log file; > make sure an invalid datasource doesn't make > the engine error out > > cups Security fixes: use-after-free > [CVE-2023-34241]; heap buffer overflow > [CVE-2023-32324] > > cvs Configure full path to ssh > > dbus New upstream stable release; fix denial of > service issue [CVE-2023-34969]; stop trying to > take DPKG_ROOT into account, restoring copying > of systemd's /etc/machine-id in preference to > creating an entirely new machine ID > > desktop-base Remove emerald alternatives on package > uninstallation > > dh-python Re-introduce Breaks+Replaces on python2 needed > to help apt in some upgrade scenarios > > dkms Add Breaks against obsolete, incompatible > *-dkms packages > > dnf Fix default DNF const PYTHON_INSTALL_DIR > > dpdk New upstream stable release > > exim4 Fix argument parsing for ${run } expansion; fix > ${srs_encode ..} returning incorrect result > every 1024 days > > fai Fix IP address lifetime > > firefox-esr Security update (from bookworm-security during > late freeze) > > glibc Fix a buffer overflow in gmon; fix a deadlock > in getaddrinfo (__check_pf) with deferred > cancellation; fix y2038 support in strftime on > 32-bit architectures; fix corner case parsing > of /etc/gshadow which can return bad pointers, > causing segfaults in applications; fix a > deadlock in system() when called concurrently > from multiple threads; cdefs: limit definition > of fortification macros to __FORTIFY_LEVEL > 0 > to support old C90 compilers > > gnome-control-center New upstream bugfix release > > gnome-maps New upstream bugfix release > > gnome-shell New upstream bugfix release > > gnome-software New upstream release; memory leak fixes > > gosa Silence PHP 8.2 deprecation warnings; fix > missing template in default theme; fix table > styling, fixing use of debugLevel > 0 > > groonga Fix documentation links > > guestfs-tools Security update (from bookworm-security during > late freeze) > > indent Restore the ROUND_UP macro and adjust the > initial buffer size > > installation-guide Enable Indonesian translation > > kanboard Various security fixes [CVE-2023-32685 > CVE-2023-33956 CVE-2023-33968 CVE-2023-33969 > CVE-2023-33970] > > kf5-messagelib Search also for subkeys > > libmatekbd Fix memory leaks > > libnginx-mod-http-modsecurity > Binary rebuild with pcre2 > > libreoffice New upstream bugfix release > > libreswan Fix potential denial-of-service issue > [CVE-2023-30570] > > libxml2 Fix NULL pointer dereference issue > [CVE-2022-2309] > > linux New upstream stable release; netfilter: > nf_tables: do not ignore genmask when looking > up chain by id [CVE-2023-31248], prevent OOB > access in nft_byteorder_eval [CVE-2023-35001] > > linux-signed-amd64 New upstream stable release; netfilter: > nf_tables: do not ignore genmask when looking > up chain by id [CVE-2023-31248], prevent OOB > access in nft_byteorder_eval [CVE-2023-35001] > > linux-signed-arm64 New upstream stable release; netfilter: > nf_tables: do not ignore genmask when looking > up chain by id [CVE-2023-31248], prevent OOB > access in nft_byteorder_eval [CVE-2023-35001] > > linux-signed-i386 New upstream stable release; netfilter: > nf_tables: do not ignore genmask when looking > up chain by id [CVE-2023-31248], prevent OOB > access in nft_byteorder_eval [CVE-2023-35001] > > mailman3 Drop redundant cron job; handle ordering of > services when MariaDB is present > > marco Show correct window title when owned by > superuser > > mate-control-center Fix various memory leaks > > mate-power-manager Fix serveral memory leaks > > mate-session-manager Fix several memory leaks; allow clutter > backends other than x11 > > mrtg Handle relocated configuration file; > translation updates > > multipath-tools Hide underlying paths from LVM; prevent initial > service failure on new installations > > mutter New upstream bugfix release > > network-manager-strongswan Build editor component with GTK 4 support > > nfdump Return success when starting; fix segfault in > option parsing > > nftables Fix regression in set listing format > > node-openpgp-seek-bzip Correct installation of files in seek-bzip > package > > node-tough-cookie Security fix (prototype pollution) > [CVE-2023-26136] > > node-undici Security fixes: protect "Host" HTTP header from > CLRF injection [CVE-2023-23936]; potential > ReDoS on Headers.set and Headers.append > [CVE-2023-24807] > > node-webpack Security fix (cross-realm objects) > [CVE-2023-28154] > > nvidia-cuda-toolkit Update bundled openjdk-8-jre > > nvidia-graphics-drivers New upstream stable release; security fixes > [CVE-2023-25515 CVE-2023-25516] > > nvidia-graphics-drivers-tesla > New upstream stable release; security fixes > [CVE-2023-25515 CVE-2023-25516] > > nvidia-graphics-drivers-tesla-470 > New upstream stable release; security fixes > [CVE-2023-25515 CVE-2023-25516] > > nvidia-modprobe New upstream bugfix release > > nvidia-open-gpu-kernel-modules > New upstream stable release; security fixes > [CVE-2023-25515 CVE-2023-25516] > > nvidia-support Add Breaks against incompatible packages from > bullseye > > onionshare Fix installation of desktop furniture > > openvpn Fix memory leak and dangling pointer (possible > crash vector) > > pacemaker Fix regression in the resource scheduler > > postfix New upstream bugfix release; fix "postfix set- > permissions" > > proftpd-dfsg Do not enable inetd-style socket at > installation > > qemu New upstream stable release; fix USB devices > not being available to XEN HVM domUs; 9pfs: > prevent opening special files [CVE-2023-2861]; > fix reentrancy issues in the LSI controller > [CVE-2023-0330] > > request-tracker5 Fix links to documentation > > rime-cantonese Sort words and characters by frequency > > rime-luna-pinyin Install missing pinyin schema data > > samba New upstream stable release; ensure manpages > are generated during build; enable ability to > store kerberos tickets in kernel keyring; fix > build issues on armel and mipsel; fix windows > logon/trust issues with 2023-07 windows updates > > schleuder-cli Security fix (value escaping) > > smarty4 Fix arbitrary code execution issue > [CVE-2023-28447] > > spip Various security issues; security fix > (authentication data filtering) > > sra-sdk Fix installation of files in libngs-java > > sudo Fix event log format > > systemd New upstream bugfix release; new upstream > stable release > > tang Fix race condition when creating/rotating keys > [CVE-2023-1672] > > texlive-bin Disable socket in luatex by default > [CVE-2023-32668]; make installable on i386 > > unixodbc Add Breaks+Replaces against odbcinst1debian1 > > usb.ids Data update > > vm Disable byte compilation > > vte2.91 New upstream bugfix release > > xerial-sqlite-jdbc Use a UUID for connection ID [CVE-2023-32697] > > yajl Memory leak security fix; fix denial of service > issue [CVE-2017-16516], integer overflow issue > [CVE-2022-24795] > > A complete list of all accepted and rejected packages together with > rationale is on the preparation page for this revision: > > <https://release.debian.org/proposed-updates/stable.html> > <https://release.debian.org/proposed-updates/stable.html> > > If you encounter any issues, please don't hesitate to get in touch with the > Debian Release Team at "[email protected]" > <[email protected]>. > > -- > Jonathan Wiltshire [email protected] > Debian Developer http://people.debian.org/~jmw > > 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 > ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1 > > > > -- > 您收到此邮件是因为您订阅了Google网上论坛上的“广州 GNU/Linux 用户组”群组。 > 要退订此群组并停止接收此群组的电子邮件,请发送电子邮件到[email protected]。 > 要在网络上查看此讨论,请访问 > https://groups.google.com/d/msgid/gzlug/6f2fa7f2-3bf7-587e-070c-f63d16a67f82%40atzlinux.com > <https://groups.google.com/d/msgid/gzlug/6f2fa7f2-3bf7-587e-070c-f63d16a67f82%40atzlinux.com?utm_medium=email&utm_source=footer> > 。 > -- Liang Guo -- 您收到此邮件是因为您订阅了 Google 网上论坛的“广州 GNU/Linux 用户组”群组。 要退订此群组并停止接收此群组的电子邮件,请发送电子邮件到[email protected]。 要在网络上查看此讨论,请访问 https://groups.google.com/d/msgid/gzlug/CAJwrgW5Yq4kk0TWCiP_LPS_3sxjEkauM%3Dqy-E9uF8hA0Q%3Dv5JQ%40mail.gmail.com。
