------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 11: 11.3 released press@debian.org March 26th, 2022 https://www.debian.org/News/2022/20220326 ------------------------------------------------------------------------ The Debian project is pleased to announce the third update of its stable distribution Debian 11 (codename "bullseye"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 11 but only updates some of the packages included. There is no need to throw away old "bullseye" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations. Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list Miscellaneous Bugfixes ---------------------- This stable update adds a few important corrections to the following packages: +--------------------------+------------------------------------------+ | Package | Reason | +--------------------------+------------------------------------------+ | apache-log4j1.2 [1] | Resolve security issues [CVE-2021-4104 | | | CVE-2022-23302 CVE-2022-23305 CVE-2022- | | | 23307], by removing support for the | | | JMSSink, JDBCAppender, JMSAppender and | | | Apache Chainsaw modules | | | | | apache-log4j2 [2] | Fix remote code execution issue | | | [CVE-2021-44832] | | | | | apache2 [3] | New upstream release; fix crash due to | | | random memory read [CVE-2022-22719]; fix | | | HTTP request smuggling issue [CVE-2022- | | | 22720]; fix out-of-bounds write issues | | | [CVE-2022-22721 CVE-2022-23943] | | | | | atftp [4] | Fix information leak issue [CVE-2021- | | | 46671] | | | | | base-files [5] | Update for the 11.3 point release | | | | | bible-kjv [6] | Fix off-by-one-error in search | | | | | chrony [7] | Allow reading the chronyd configuration | | | file that timemaster(8) generates | | | | | cinnamon [8] | Fix crash when adding an online account | | | with login | | | | | clamav [9] | New upstream stable release; fix denial | | | of service issue [CVE-2022-20698] | | | | | cups-filters [10] | Apparmor: allow reading from Debian | | | Edu's cups-browsed configuration file | | | | | dask.distributed [11] | Fix undesired listening of workers on | | | public interfaces [CVE-2021-42343]; fix | | | compatibility with Python 3.9 | | | | | debian-installer [12] | Rebuild against proposed-updates; update | | | Linux kernel ABI to 5.10.0-13 | | | | | debian-installer- | Rebuild against proposed-updates | | netboot-images [13] | | | | | | debian-ports-archive- | Add "Debian Ports Archive Automatic | | keyring [14] | Signing Key (2023)" ; move the | | | 2021 signing key to the removed keyring | | | | | django-allauth [15] | Fix OpenID support | | | | | djbdns [16] | Raise the axfrdns, dnscache, and tinydns | | | data limit | | | | | dpdk [17] | New upstream stable release | | | | | e2guardian [18] | Fix missing SSL certificate validation | | | issue [CVE-2021-44273] | | | | | epiphany-browser [19] | Work around a bug in GLib, fixing a UI | | | process crash | | | | | espeak-ng [20] | Drop spurious 50ms delay while | | | processing events | | | | | espeakup [21] | debian/espeakup.service: Protect | | | espeakup from system overloads | | | | | fcitx5-chinese- | fcitx5-table: add missing dependencies | | addons [22] | on fcitx5-module-pinyinhelper and | | | fcitx5-module-punctuation | | | | | flac [23] | Fix out-of-bounds write issue [CVE-2021- | | | 0561] | | | | | freerdp2 [24] | Disable additional debug logging | | | | | galera-3 [25] | New upstream release | | | | | galera-4 [26] | New upstream release | | | | | gbonds [27] | Use Treasury API for redemption data | | | | | glewlwyd [28] | Fix possible privilege escalation | | | | | glibc [29] | Fix bad conversion from ISO-2022-JP-3 | | | with iconv [CVE-2021-43396]; fix buffer | | | overflow issues [CVE-2022-23218 | | | CVE-2022-23219]; fix use-after-free | | | issue [CVE-2021-33574]; stop replacing | | | older versions of /etc/nsswitch.conf; | | | simplify the check for supported kernel | | | versions, as 2.x kernels are no longer | | | supported; support installation on | | | kernels with a release number greater | | | than 255 | | | | | glx-alternatives [30] | After initial setup of the diversions, | | | install a minimal alternative to the | | | diverted files so that libraries are not | | | missing until glx-alternative-mesa | | | processes its triggers | | | | | gnupg2 [31] | scd: Fix CCID driver for SCM SPR332/ | | | SPR532; avoid network interaction in | | | generator, which can lead to hangs | | | | | gnuplot [32] | Fix division by zero [CVE-2021-44917] | | | | | golang-1.15 [33] | Fix IsOnCurve for big.Int values that | | | are not valid coordinates [CVE-2022- | | | 23806]; math/big: prevent large memory | | | consumption in Rat.SetString [CVE-2022- | | | 23772]; cmd/go: prevent branches from | | | materializing into versions [CVE-2022- | | | 23773]; fix stack exhaustion compiling | | | deeply nested expressions [CVE-2022- | | | 24921] | | | | | golang-github- | Update seccomp support to enable use of | | containers-common [34] | newer kernel versions | | | | | golang-github- | Update seccomp support to enable use of | | opencontainers- | newer kernel versions | | specs [35] | | | | | | gtk+3.0 [36] | Fix missing search results when using | | | NFS; prevent Wayland clipboard handling | | | from locking up in certain corner cases; | | | improve printing to mDNS-discovered | | | printers | | | | | heartbeat [37] | Fix creation of /run/heartbeat on | | | systems using systemd | | | | | htmldoc [38] | Fix out-of-bounds read issue [CVE-2022- | | | 0534] | | | | | installation-guide [39] | Update documentation and translations | | | | | intel-microcode [40] | Update included microcode; mitigate some | | | security issues [CVE-2020-8694 CVE-2020- | | | 8695 CVE-2021-0127 CVE-2021-0145 | | | CVE-2021-0146 CVE-2021-33120] | | | | | ldap2zone [41] | Use "mktemp" rather than the | | | deprecated "tempfile" , avoiding | | | warnings | | | | | lemonldap-ng [42] | Fix auth process in password-testing | | | plugins [CVE-2021-40874] | | | | | libarchive [43] | Fix extracting hardlinks to symlinks; | | | fix handling of symlink ACLs [CVE-2021- | | | 23177]; never follow symlinks when | | | setting file flags [CVE-2021-31566] | | | | | libdatetime-timezone- | Update included data | | perl [44] | | | | | | libgdal-grass [45] | Rebuild against grass 7.8.5-1+deb11u1 | | | | | libpod [46] | Update seccomp support to enable use of | | | newer kernel versions | | | | | libxml2 [47] | Fix use-after-free issue [CVE-2022- | | | 23308] | | | | | linux [48] | New upstream stable release; [rt] Update | | | to 5.10.106-rt64; increase ABI to 13 | | | | | linux-signed-amd64 [49] | New upstream stable release; [rt] Update | | | to 5.10.106-rt64; increase ABI to 13 | | | | | linux-signed-arm64 [50] | New upstream stable release; [rt] Update | | | to 5.10.106-rt64; increase ABI to 13 | | | | | linux-signed-i386 [51] | New upstream stable release; [rt] Update | | | to 5.10.106-rt64; increase ABI to 13 | | | | | mariadb-10.5 [52] | New upstream release; security fixes | | | [CVE-2021-35604 CVE-2021-46659 CVE-2021- | | | 46661 CVE-2021-46662 CVE-2021-46663 | | | CVE-2021-46664 CVE-2021-46665 CVE-2021- | | | 46667 CVE-2021-46668 CVE-2022-24048 | | | CVE-2022-24050 CVE-2022-24051 CVE-2022- | | | 24052] | | | | | mpich [53] | Add Breaks: on older versions of | | | libmpich1.0-dev, resolving some upgrade | | | issues | | | | | mujs [54] | Fix buffer overflow issue [CVE-2021- | | | 45005] | | | | | mutter [55] | Backport various fixes from upstream's | | | stable branch | | | | | node-cached-path- | Fix prototype pollution issue [CVE-2021- | | relative [56] | 23518] | | | | | node-fetch [57] | Don't forward secure headers to third | | | party domains [CVE-2022-0235] | | | | | node-follow- | Don't send Cookie header across domains | | redirects [58] | [CVE-2022-0155]; don't send confidential | | | headers across schemes [CVE-2022-0536] | | | | | node-markdown-it [59] | Fix regular expression-based denial of | | | service issue [CVE-2022-21670] | | | | | node-nth-check [60] | Fix regular expression-based denial of | | | service issue [CVE-2021-3803] | | | | | node-prismjs [61] | Escape markup in command line output | | | [CVE-2022-23647]; update minified files | | | to ensure that Regular Expression Denial | | | of Service issue is resolved [CVE-2021- | | | 3801] | | | | | node-trim-newlines [62] | Fix regular expression-based denial of | | | service issue [CVE-2021-33623] | | | | | nvidia-cuda-toolkit [63] | cuda-gdb: Disable non-functional python | | | support causing segmentation faults; use | | | a snapshot of openjdk-8-jre (8u312-b07- | | | 1) | | | | | nvidia-graphics-drivers- | New upstream release; fix denial of | | tesla-450 [64] | service issues [CVE-2022-21813 CVE-2022- | | | 21814]; nvidia-kernel-support: Provide / | | | etc/modprobe.d/nvidia-options.conf as a | | | template | | | | | nvidia-modprobe [65] | New upstream release | | | | | openboard [66] | Fix application icon | | | | | openssl [67] | New upstream release; fix armv8 pointer | | | authentication | | | | | openvswitch [68] | Fix use-after-free issue [CVE-2021- | | | 36980]; fix installation of libofproto | | | | | ostree [69] | Fix compatibility with eCryptFS; avoid | | | infinite recursion when recovering from | | | certain errors; mark commits as partial | | | before downloading; fix an assertion | | | failure when using a backport or local | | | build of GLib >= 2.71; fix the ability | | | to fetch OSTree content from paths | | | containing non-URI characters (such as | | | backslashes) or non-ASCII | | | | | pdb2pqr [70] | Fix compatibility of propka with Python | | | 3.8 or above | | | | | php-crypt-gpg [71] | Prevent additional options being passed | | | to GPG [CVE-2022-24953] | | | | | php-laravel- | Fix cross-site scripting issue | | framework [72] | [CVE-2021-43808], missing blocking of | | | executable content upload [CVE-2021- | | | 43617] | | | | | phpliteadmin [73] | Fix cross-site scripting issue | | | [CVE-2021-46709] | | | | | prips [74] | Fix infinite wrapping if a range reaches | | | 255.255.255.255; fix CIDR output with | | | addresses that differ in their first bit | | | | | pypy3 [75] | Fix build failures by removing | | | extraneous #endif from import.h | | | | | python-django [76] | Fix denial of service issue [CVE-2021- | | | 45115], information disclosure issue | | | [CVE-2021-45116], directory traversal | | | issue [CVE-2021-45452]; fix a traceback | | | around the handling of RequestSite/ | | | get_current_site() due to a circular | | | import | | | | | python-pip [77] | Avoid a race-condition when using zip- | | | imported dependencies | | | | | rust-cbindgen [78] | New upstream stable release to support | | | builds of newer firefox-esr and | | | thunderbird versions | | | | | s390-dasd [79] | Stop passing deprecated -f option to | | | dasdfmt | | | | | schleuder [80] | Migrate boolean values to integers, if | | | the ActiveRecord SQLite3 connection | | | adapter is in use, restoring | | | functionality | | | | | sphinx-bootstrap- | Fix search functionality | | theme [81] | | | | | | spip [82] | Fix several cross-site scripting issues | | | | | symfony [83] | Fix CVE injection issue [CVE-2021-41270] | | | | | systemd [84] | Fix uncontrolled recursion in systemd- | | | tmpfiles [CVE-2021-3997]; demote | | | systemd-timesyncd from Depends to | | | Recommends, removing a dependency cycle; | | | fix failure to bind mount a directory | | | into a container using machinectl; fix | | | regression in udev resulting in long | | | delays when processing partitions with | | | the same label; fix a regression when | | | using systemd-networkd in an | | | unprivileged LXD container | | | | | sysvinit [85] | Fix parsing of "shutdown +0" ; clarify | | | that when called with a "time" | | | shutdown will not exit | | | | | tasksel [86] | Install CUPS for all *-desktop tasks, as | | | task-print-service no longer exists | | | | | usb.ids [87] | Update included data | | | | | weechat [88] | Fix denial of service issue [CVE-2021- | | | 40516] | | | | | wolfssl [89] | Fix several issues related to OCSP- | | | handling [CVE-2021-3336 CVE-2021-37155 | | | CVE-2021-38597] and TLS1.3 support | | | [CVE-2021-44718 CVE-2022-25638 CVE-2022- | | | 25640] | | | | | xserver-xorg-video- | Fix SIGILL crash on non-SSE2 CPUs | | intel [90] | | | | | | xterm [91] | Fix buffer overflow issue [CVE-2022- | | | 24130] | | | | | zziplib [92] | Fix denial of service issue [CVE-2020- | | | 18442] | | | | +--------------------------+------------------------------------------+ 1: https://packages.debian.org/src:apache-log4j1.2 2: https://packages.debian.org/src:apache-log4j2 3: https://packages.debian.org/src:apache2 4: https://packages.debian.org/src:atftp 5: https://packages.debian.org/src:base-files 6: https://packages.debian.org/src:bible-kjv 7: https://packages.debian.org/src:chrony 8: https://packages.debian.org/src:cinnamon 9: https://packages.debian.org/src:clamav 10: https://packages.debian.org/src:cups-filters 11: https://packages.debian.org/src:dask.distributed 12: https://packages.debian.org/src:debian-installer 13: https://packages.debian.org/src:debian-installer-netboot-images 14: https://packages.debian.org/src:debian-ports-archive-keyring 15: https://packages.debian.org/src:django-allauth 16: https://packages.debian.org/src:djbdns 17: https://packages.debian.org/src:dpdk 18: https://packages.debian.org/src:e2guardian 19: https://packages.debian.org/src:epiphany-browser 20: https://packages.debian.org/src:espeak-ng 21: https://packages.debian.org/src:espeakup 22: https://packages.debian.org/src:fcitx5-chinese-addons 23: https://packages.debian.org/src:flac 24: https://packages.debian.org/src:freerdp2 25: https://packages.debian.org/src:galera-3 26: https://packages.debian.org/src:galera-4 27: https://packages.debian.org/src:gbonds 28: https://packages.debian.org/src:glewlwyd 29: https://packages.debian.org/src:glibc 30: https://packages.debian.org/src:glx-alternatives 31: https://packages.debian.org/src:gnupg2 32: https://packages.debian.org/src:gnuplot 33: https://packages.debian.org/src:golang-1.15 34: https://packages.debian.org/src:golang-github-containers-common 35: https://packages.debian.org/src:golang-github-opencontainers-specs 36: https://packages.debian.org/src:gtk+3.0 37: https://packages.debian.org/src:heartbeat 38: https://packages.debian.org/src:htmldoc 39: https://packages.debian.org/src:installation-guide 40: https://packages.debian.org/src:intel-microcode 41: https://packages.debian.org/src:ldap2zone 42: https://packages.debian.org/src:lemonldap-ng 43: https://packages.debian.org/src:libarchive 44: https://packages.debian.org/src:libdatetime-timezone-perl 45: https://packages.debian.org/src:libgdal-grass 46: https://packages.debian.org/src:libpod 47: https://packages.debian.org/src:libxml2 48: https://packages.debian.org/src:linux 49: https://packages.debian.org/src:linux-signed-amd64 50: https://packages.debian.org/src:linux-signed-arm64 51: https://packages.debian.org/src:linux-signed-i386 52: https://packages.debian.org/src:mariadb-10.5 53: https://packages.debian.org/src:mpich 54: https://packages.debian.org/src:mujs 55: https://packages.debian.org/src:mutter 56: https://packages.debian.org/src:node-cached-path-relative 57: https://packages.debian.org/src:node-fetch 58: https://packages.debian.org/src:node-follow-redirects 59: https://packages.debian.org/src:node-markdown-it 60: https://packages.debian.org/src:node-nth-check 61: https://packages.debian.org/src:node-prismjs 62: https://packages.debian.org/src:node-trim-newlines 63: https://packages.debian.org/src:nvidia-cuda-toolkit 64: https://packages.debian.org/src:nvidia-graphics-drivers-tesla-450 65: https://packages.debian.org/src:nvidia-modprobe 66: https://packages.debian.org/src:openboard 67: https://packages.debian.org/src:openssl 68: https://packages.debian.org/src:openvswitch 69: https://packages.debian.org/src:ostree 70: https://packages.debian.org/src:pdb2pqr 71: https://packages.debian.org/src:php-crypt-gpg 72: https://packages.debian.org/src:php-laravel-framework 73: https://packages.debian.org/src:phpliteadmin 74: https://packages.debian.org/src:prips 75: https://packages.debian.org/src:pypy3 76: https://packages.debian.org/src:python-django 77: https://packages.debian.org/src:python-pip 78: https://packages.debian.org/src:rust-cbindgen 79: https://packages.debian.org/src:s390-dasd 80: https://packages.debian.org/src:schleuder 81: https://packages.debian.org/src:sphinx-bootstrap-theme 82: https://packages.debian.org/src:spip 83: https://packages.debian.org/src:symfony 84: https://packages.debian.org/src:systemd 85: https://packages.debian.org/src:sysvinit 86: https://packages.debian.org/src:tasksel 87: https://packages.debian.org/src:usb.ids 88: https://packages.debian.org/src:weechat 89: https://packages.debian.org/src:wolfssl 90: https://packages.debian.org/src:xserver-xorg-video-intel 91: https://packages.debian.org/src:xterm 92: https://packages.debian.org/src:zziplib Security Updates ---------------- This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates: +----------------+--------------------------+ | Advisory ID | Package | +----------------+--------------------------+ | DSA-5000 [93] | openjdk-11 [94] | | | | | DSA-5001 [95] | redis [96] | | | | | DSA-5012 [97] | openjdk-17 [98] | | | | | DSA-5021 [99] | mediawiki [100] | | | | | DSA-5023 [101] | modsecurity-apache [102] | | | | | DSA-5024 [103] | apache-log4j2 [104] | | | | | DSA-5025 [105] | tang [106] | | | | | DSA-5027 [107] | xorg-server [108] | | | | | DSA-5028 [109] | spip [110] | | | | | DSA-5029 [111] | sogo [112] | | | | | DSA-5030 [113] | webkit2gtk [114] | | | | | DSA-5031 [115] | wpewebkit [116] | | | | | DSA-5033 [117] | fort-validator [118] | | | | | DSA-5035 [119] | apache2 [120] | | | | | DSA-5037 [121] | roundcube [122] | | | | | DSA-5038 [123] | ghostscript [124] | | | | | DSA-5039 [125] | wordpress [126] | | | | | DSA-5040 [127] | lighttpd [128] | | | | | DSA-5041 [129] | cfrpki [130] | | | | | DSA-5042 [131] | epiphany-browser [132] | | | | | DSA-5043 [133] | lxml [134] | | | | | DSA-5046 [135] | chromium [136] | | | | | DSA-5047 [137] | prosody [138] | | | | | DSA-5048 [139] | libreswan [140] | | | | | DSA-5049 [141] | flatpak-builder [142] | | | | | DSA-5049 [143] | flatpak [144] | | | | | DSA-5050 [145] | linux-signed-amd64 [146] | | | | | DSA-5050 [147] | linux-signed-arm64 [148] | | | | | DSA-5050 [149] | linux-signed-i386 [150] | | | | | DSA-5050 [151] | linux [152] | | | | | DSA-5051 [153] | aide [154] | | | | | DSA-5052 [155] | usbview [156] | | | | | DSA-5053 [157] | pillow [158] | | | | | DSA-5054 [159] | chromium [160] | | | | | DSA-5055 [161] | util-linux [162] | | | | | DSA-5056 [163] | strongswan [164] | | | | | DSA-5057 [165] | openjdk-11 [166] | | | | | DSA-5058 [167] | openjdk-17 [168] | | | | | DSA-5059 [169] | policykit-1 [170] | | | | | DSA-5060 [171] | webkit2gtk [172] | | | | | DSA-5061 [173] | wpewebkit [174] | | | | | DSA-5062 [175] | nss [176] | | | | | DSA-5063 [177] | uriparser [178] | | | | | DSA-5064 [179] | python-nbxmpp [180] | | | | | DSA-5065 [181] | ipython [182] | | | | | DSA-5067 [183] | ruby2.7 [184] | | | | | DSA-5068 [185] | chromium [186] | | | | | DSA-5070 [187] | cryptsetup [188] | | | | | DSA-5071 [189] | samba [190] | | | | | DSA-5072 [191] | debian-edu-config [192] | | | | | DSA-5073 [193] | expat [194] | | | | | DSA-5075 [195] | minetest [196] | | | | | DSA-5076 [197] | h2database [198] | | | | | DSA-5077 [199] | librecad [200] | | | | | DSA-5078 [201] | zsh [202] | | | | | DSA-5079 [203] | chromium [204] | | | | | DSA-5080 [205] | snapd [206] | | | | | DSA-5081 [207] | redis [208] | | | | | DSA-5082 [209] | php7.4 [210] | | | | | DSA-5083 [211] | webkit2gtk [212] | | | | | DSA-5084 [213] | wpewebkit [214] | | | | | DSA-5085 [215] | expat [216] | | | | | DSA-5087 [217] | cyrus-sasl2 [218] | | | | | DSA-5088 [219] | varnish [220] | | | | | DSA-5089 [221] | chromium [222] | | | | | DSA-5091 [223] | containerd [224] | | | | | DSA-5092 [225] | linux-signed-amd64 [226] | | | | | DSA-5092 [227] | linux-signed-arm64 [228] | | | | | DSA-5092 [229] | linux-signed-i386 [230] | | | | | DSA-5092 [231] | linux [232] | | | | | DSA-5093 [233] | spip [234] | | | | | DSA-5095 [235] | linux-signed-amd64 [236] | | | | | DSA-5095 [237] | linux-signed-arm64 [238] | | | | | DSA-5095 [239] | linux-signed-i386 [240] | | | | | DSA-5095 [241] | linux [242] | | | | | DSA-5098 [243] | tryton-server [244] | | | | | DSA-5099 [245] | tryton-proteus [246] | | | | | DSA-5100 [247] | nbd [248] | | | | | DSA-5101 [249] | libphp-adodb [250] | | | | | DSA-5102 [251] | haproxy [252] | | | | | DSA-5103 [253] | openssl [254] | | | | | DSA-5104 [255] | chromium [256] | | | | | DSA-5105 [257] | bind9 [258] | | | | +----------------+--------------------------+ 93: https://www.debian.org/security/2021/dsa-5000 94: https://packages.debian.org/src:openjdk-11 95: https://www.debian.org/security/2021/dsa-5001 96: https://packages.debian.org/src:redis 97: https://www.debian.org/security/2021/dsa-5012 98: https://packages.debian.org/src:openjdk-17 99: https://www.debian.org/security/2021/dsa-5021 100: https://packages.debian.org/src:mediawiki 101: https://www.debian.org/security/2021/dsa-5023 102: https://packages.debian.org/src:modsecurity-apache 103: https://www.debian.org/security/2021/dsa-5024 104: https://packages.debian.org/src:apache-log4j2 105: https://www.debian.org/security/2021/dsa-5025 106: https://packages.debian.org/src:tang 107: https://www.debian.org/security/2021/dsa-5027 108: https://packages.debian.org/src:xorg-server 109: https://www.debian.org/security/2021/dsa-5028 110: https://packages.debian.org/src:spip 111: https://www.debian.org/security/2021/dsa-5029 112: https://packages.debian.org/src:sogo 113: https://www.debian.org/security/2021/dsa-5030 114: https://packages.debian.org/src:webkit2gtk 115: https://www.debian.org/security/2021/dsa-5031 116: https://packages.debian.org/src:wpewebkit 117: https://www.debian.org/security/2021/dsa-5033 118: https://packages.debian.org/src:fort-validator 119: https://www.debian.org/security/2022/dsa-5035 120: https://packages.debian.org/src:apache2 121: https://www.debian.org/security/2022/dsa-5037 122: https://packages.debian.org/src:roundcube 123: https://www.debian.org/security/2022/dsa-5038 124: https://packages.debian.org/src:ghostscript 125: https://www.debian.org/security/2022/dsa-5039 126: https://packages.debian.org/src:wordpress 127: https://www.debian.org/security/2022/dsa-5040 128: https://packages.debian.org/src:lighttpd 129: https://www.debian.org/security/2022/dsa-5041 130: https://packages.debian.org/src:cfrpki 131: https://www.debian.org/security/2022/dsa-5042 132: https://packages.debian.org/src:epiphany-browser 133: https://www.debian.org/security/2022/dsa-5043 134: https://packages.debian.org/src:lxml 135: https://www.debian.org/security/2022/dsa-5046 136: https://packages.debian.org/src:chromium 137: https://www.debian.org/security/2022/dsa-5047 138: https://packages.debian.org/src:prosody 139: https://www.debian.org/security/2022/dsa-5048 140: https://packages.debian.org/src:libreswan 141: https://www.debian.org/security/2022/dsa-5049 142: https://packages.debian.org/src:flatpak-builder 143: https://www.debian.org/security/2022/dsa-5049 144: https://packages.debian.org/src:flatpak 145: https://www.debian.org/security/2022/dsa-5050 146: https://packages.debian.org/src:linux-signed-amd64 147: https://www.debian.org/security/2022/dsa-5050 148: https://packages.debian.org/src:linux-signed-arm64 149: https://www.debian.org/security/2022/dsa-5050 150: https://packages.debian.org/src:linux-signed-i386 151: https://www.debian.org/security/2022/dsa-5050 152: https://packages.debian.org/src:linux 153: https://www.debian.org/security/2022/dsa-5051 154: https://packages.debian.org/src:aide 155: https://www.debian.org/security/2022/dsa-5052 156: https://packages.debian.org/src:usbview 157: https://www.debian.org/security/2022/dsa-5053 158: https://packages.debian.org/src:pillow 159: https://www.debian.org/security/2022/dsa-5054 160: https://packages.debian.org/src:chromium 161: https://www.debian.org/security/2022/dsa-5055 162: https://packages.debian.org/src:util-linux 163: https://www.debian.org/security/2022/dsa-5056 164: https://packages.debian.org/src:strongswan 165: https://www.debian.org/security/2022/dsa-5057 166: https://packages.debian.org/src:openjdk-11 167: https://www.debian.org/security/2022/dsa-5058 168: https://packages.debian.org/src:openjdk-17 169: https://www.debian.org/security/2022/dsa-5059 170: https://packages.debian.org/src:policykit-1 171: https://www.debian.org/security/2022/dsa-5060 172: https://packages.debian.org/src:webkit2gtk 173: https://www.debian.org/security/2022/dsa-5061 174: https://packages.debian.org/src:wpewebkit 175: https://www.debian.org/security/2022/dsa-5062 176: https://packages.debian.org/src:nss 177: https://www.debian.org/security/2022/dsa-5063 178: https://packages.debian.org/src:uriparser 179: https://www.debian.org/security/2022/dsa-5064 180: https://packages.debian.org/src:python-nbxmpp 181: https://www.debian.org/security/2022/dsa-5065 182: https://packages.debian.org/src:ipython 183: https://www.debian.org/security/2022/dsa-5067 184: https://packages.debian.org/src:ruby2.7 185: https://www.debian.org/security/2022/dsa-5068 186: https://packages.debian.org/src:chromium 187: https://www.debian.org/security/2022/dsa-5070 188: https://packages.debian.org/src:cryptsetup 189: https://www.debian.org/security/2022/dsa-5071 190: https://packages.debian.org/src:samba 191: https://www.debian.org/security/2022/dsa-5072 192: https://packages.debian.org/src:debian-edu-config 193: https://www.debian.org/security/2022/dsa-5073 194: https://packages.debian.org/src:expat 195: https://www.debian.org/security/2022/dsa-5075 196: https://packages.debian.org/src:minetest 197: https://www.debian.org/security/2022/dsa-5076 198: https://packages.debian.org/src:h2database 199: https://www.debian.org/security/2022/dsa-5077 200: https://packages.debian.org/src:librecad 201: https://www.debian.org/security/2022/dsa-5078 202: https://packages.debian.org/src:zsh 203: https://www.debian.org/security/2022/dsa-5079 204: https://packages.debian.org/src:chromium 205: https://www.debian.org/security/2022/dsa-5080 206: https://packages.debian.org/src:snapd 207: https://www.debian.org/security/2022/dsa-5081 208: https://packages.debian.org/src:redis 209: https://www.debian.org/security/2022/dsa-5082 210: https://packages.debian.org/src:php7.4 211: https://www.debian.org/security/2022/dsa-5083 212: https://packages.debian.org/src:webkit2gtk 213: https://www.debian.org/security/2022/dsa-5084 214: https://packages.debian.org/src:wpewebkit 215: https://www.debian.org/security/2022/dsa-5085 216: https://packages.debian.org/src:expat 217: https://www.debian.org/security/2022/dsa-5087 218: https://packages.debian.org/src:cyrus-sasl2 219: https://www.debian.org/security/2022/dsa-5088 220: https://packages.debian.org/src:varnish 221: https://www.debian.org/security/2022/dsa-5089 222: https://packages.debian.org/src:chromium 223: https://www.debian.org/security/2022/dsa-5091 224: https://packages.debian.org/src:containerd 225: https://www.debian.org/security/2022/dsa-5092 226: https://packages.debian.org/src:linux-signed-amd64 227: https://www.debian.org/security/2022/dsa-5092 228: https://packages.debian.org/src:linux-signed-arm64 229: https://www.debian.org/security/2022/dsa-5092 230: https://packages.debian.org/src:linux-signed-i386 231: https://www.debian.org/security/2022/dsa-5092 232: https://packages.debian.org/src:linux 233: https://www.debian.org/security/2022/dsa-5093 234: https://packages.debian.org/src:spip 235: https://www.debian.org/security/2022/dsa-5095 236: https://packages.debian.org/src:linux-signed-amd64 237: https://www.debian.org/security/2022/dsa-5095 238: https://packages.debian.org/src:linux-signed-arm64 239: https://www.debian.org/security/2022/dsa-5095 240: https://packages.debian.org/src:linux-signed-i386 241: https://www.debian.org/security/2022/dsa-5095 242: https://packages.debian.org/src:linux 243: https://www.debian.org/security/2022/dsa-5098 244: https://packages.debian.org/src:tryton-server 245: https://www.debian.org/security/2022/dsa-5099 246: https://packages.debian.org/src:tryton-proteus 247: https://www.debian.org/security/2022/dsa-5100 248: https://packages.debian.org/src:nbd 249: https://www.debian.org/security/2022/dsa-5101 250: https://packages.debian.org/src:libphp-adodb 251: https://www.debian.org/security/2022/dsa-5102 252: https://packages.debian.org/src:haproxy 253: https://www.debian.org/security/2022/dsa-5103 254: https://packages.debian.org/src:openssl 255: https://www.debian.org/security/2022/dsa-5104 256: https://packages.debian.org/src:chromium 257: https://www.debian.org/security/2022/dsa-5105 258: https://packages.debian.org/src:bind9 Removed packages ---------------- The following packages were removed due to circumstances beyond our control: +----------------------------+------------------+ | Package | Reason | +----------------------------+------------------+ | angular-maven-plugin [259] | No longer useful | | | | | minify-maven-plugin [260] | No longer useful | | | | +----------------------------+------------------+ 259: https://packages.debian.org/src:angular-maven-plugin 260: https://packages.debian.org/src:minify-maven-plugin Debian Installer ---------------- The installer has been updated to include the fixes incorporated into stable by the point release. URLs ---- The complete lists of packages that have changed with this revision: https://deb.debian.org/debian/dists/bullseye/ChangeLog The current stable distribution: https://deb.debian.org/debian/dists/stable/ Proposed updates to the stable distribution: https://deb.debian.org/debian/dists/proposed-updates stable distribution information (release notes, errata etc.): https://www.debian.org/releases/stable/ Security announcements and information: https://www.debian.org/security/ About Debian ------------ The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. Contact Information ------------------- For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature