Updated Debian 9: 9.2 released

To: debian-announce@lists.debian.org

Subject: Updated Debian 9: 9.2 released

From: Cédric Boutillier <boutil@debian.org>

Date: Sat, 7 Oct 2017 17:10:39 +0200

Message-id: <[🔎] 20171007151039.ch3w22ohhlmmp6jr@esfahan>

Mail-followup-to: debian-announce@lists.debian.org

------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 9: 9.2 released press@debian.org October 7th, 2017 https://www.debian.org/News/2017/20171007 ------------------------------------------------------------------------ The Debian project is pleased to announce the second update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations. Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list As a special case for this point release, those using the "apt-get" tool to perform the upgrade will need to ensure that the "dist-upgrade" command is used, in order to update to the latest kernel packages. Users of other tools such as "apt" and "aptitude" should use the "upgrade" command. Miscellaneous Bugfixes ---------------------- Due to an oversight while preparing the point release, the usual update to the "base-files" package to reflect the new version was unfortunately not included. An updated package will be made available via "stretch-updates" in the near future. This stable update adds a few important corrections to the following packages: +--------------------------+------------------------------------------+ | Package | Reason | +--------------------------+------------------------------------------+ | apt [1] | Fix issues in apt-daily-upgrade; fix a | | | possible crash in the mirror method | | | | | at-spi2-core [2] | Fix crash on switching windows | | | | | bareos [3] | Fix permissions of bareos-dir logrotate | | | config on upgrade; fix file corruption | | | when using SHA1 signature | | | | | bind9 [4] | Import support for DNSSEC KSK-2017 | | | | | bridge-utils [5] | Fix a problem with some vlan interfaces | | | not being created | | | | | caja [6] | Fix excessive CPU use while loading | | | background image | | | | | chrony [7] | Do not pass 'burst' command to chronyc | | | | | cross-gcc [8] | Fix outdated support for gcc 6.3.0-18 | | | | | cvxopt [9] | Remove the unneccessary and non-working | | | compatibility layer for lpx_main() | | | | | db5.3 [10] | Do not access DB_CONFIG when db_home is | | | not set [CVE-2017-10140] | | | | | dbus [11] | New upstream stable release | | | | | debian-edu-doc [12] | Merge stretch related documentation and | | | translation updates; update Debian Edu | | | Stretch manual from the wiki; replace | | | existing boot menu screenshots with | | | recent ones from the wiki | | | | | debian-installer [13] | Update Linux kernel ABI to 4 | | | | | debian-installer- | Rebuild against proposed-updates | | netboot-images [14] | | | | | | desktop-base [15] | Fix XML syntax errors in gnome wallpaper | | | description files making Joy wallpapers | | | unavailable by default; ensure postinst | | | doesn’t fail on upgrade even when an | | | incomplete theme pack is active | | | | | dns-root-data [16] | Update root.hints to 2017072601 version; | | | change the state of KSK-2017 to VALID | | | | | dnsdist [17] | Security fixes [CVE-2016-7069 CVE-2017- | | | 7557] | | | | | dnsviz [18] | Cherry-pick upstream fixes related to | | | root.hints and root.keys changes | | | | | dose3 [19] | Fix versioned provides support - | | | packages that provide the same virtual | | | package in different versions, or that | | | provide the same versioned virtual | | | package as a real package, are co- | | | installable | | | | | ecl [20] | Add missing dependency on libffi-dev | | | | | erlang-p1-tls [21] | Fix ECDH curves | | | | | evolution [22] | Fix hang on right click in composer | | | window | | | | | expect [23] | Properly check for EOF, to avoid losing | | | input | | | | | fife [24] | Fix memory leak | | | | | flatpak [25] | New upstream stable release; prevent | | | deploying files with inappropriate | | | permissions; restore compatibility with | | | libostree 2017.7 | | | | | freerdp [26] | Enable TLS >= 1.1 support | | | | | gnome-exe- | Switch to msitools' msiinfo for | | thumbnailer [27] | ProductVersion fetching, replacing the | | | insecure VBScript-based parsing | | | [CVE-2017-11421]; fix unreadable white- | | | on-white text on version labels | | | | | gnupg2 [28] | Fix dirmngr issues with broken reverse | | | DNS, assertion when using "tofu- | | | default-policy ask" , multiple issues | | | with scdaemon, avoid spurious warnings | | | when sharing a keybox with gpg >= 2.1.20 | | | | | gnutls28 [29] | Fix OCSP verification errors, especially | | | with ECDSA signatures | | | | | gosa-plugin- | Fix parent constructor calls, for | | mailaddress [30] | compatibility with PHP7 | | | | | gsoap [31] | Fix integer overflow via large XML | | | document [CVE-2017-9765] | | | | | haveged [32] | Start haveged.service after systemd- | | | tmpfiles-setup.service has been run | | | | | ipsec-tools [33] | Security fix [CVE-2016-10396] | | | | | irssi [34] | Fix null pointer dereference [CVE-2017- | | | 10965], use-after-free condition for | | | nicklist [CVE-2017-10966] | | | | | kanatest [35] | Remove DISABLE_DEPRECATED flags, they | | | cause implicit pointer conversion and | | | thus a segmentation fault on startup | | | | | kdepim [36] | Fix "send Later with Delay bypasses | | | OpenPGP" [CVE-2017-9604] | | | | | kf5-messagelib [37] | Fix "send Later with Delay bypasses | | | OpenPGP" [CVE-2017-9604] | | | | | krb5 [38] | Fix security issue where remote | | | authenticated attackers can crash the | | | KDC [CVE-2017-11368]; fix startup if | | | getaddrinfo() returns a wildcard v6 | | | address and handling of explicitly | | | specified v4 wildcard address; fix SRV | | | lookups to respect udp_preference_limit | | | | | lava-tool [39] | Add missing dependency on python- | | | simplejson | | | | | librsb [40] | Fix a few severe bugs leading to | | | numerically wrong results | | | | | libselinux [41] | Rebuild with new sbuild to fix changelog | | | date | | | | | libsolv [42] | Fix dependencies on Python 3 modules | | | | | libwpd [43] | Fix denial of service issue | | | [CVE-2017-14226] | | | | | linux [44] | New upstream stable version | | | | | linux-latest [45] | Update to 4.9.0-4 | | | | | lzma [46] | Rebuild with new sbuild to fix changelog | | | date | | | | | mailman [47] | Fix broken dependencies in | | | contrib/SpamAssassin.py | | | | | mate-power-manager [48] | Don't abort on unknown DBus signal name | | | | | mate-themes [49] | Fix font colour of URL bar in Google | | | Chrome | | | | | mate-tweak [50] | Add missing dependency on python3-gi | | | | | ncurses [51] | Fix various crash bugs in the tic | | | library and the tic binary | | | [CVE-2017-10684 CVE-2017-10685 | | | CVE-2017-11112 CVE-2017-11113 | | | CVE-2017-13728 CVE-2017-13729 | | | CVE-2017-13730 CVE-2017-13731 | | | CVE-2017-13732 CVE-2017-13734 | | | CVE-2017-13733] | | | | | nettle [52] | Rebuild with new sbuild to fix changelog | | | date | | | | | node-brace- | Fix regular expression denial of service | | expansion [53] | issue | | | | | node-dateformat [54] | Set TZ=UTC for tests to fix build | | | failure | | | | | ntp [55] | Build and install /usr/bin/sntp | | | | | nvidia-graphics- | New upstream long lived branch release | | drivers [56] | 375.82 - security fixes [CVE-2017-6257 | | | CVE-2017-6259], add support for the | | | following GPUs: GeForce GTX 1080 with | | | Max-Q Design, GeForce GTX 1070 with Max- | | | Q Design, GeForce GTX 1060 with Max-Q | | | Design; nvidia-kernel-dkms: Honor | | | parallel setting from dkms | | | | | open-vm-tools [57] | Randomly generate temporary directory | | | name [CVE-2015-5191] | | | | | opendkim [58] | Start as root and drop privileges in | | | opendkim for proper key file ownership | | | | | openldap [59] | Relax the dependency of libldap-2.4-2 on | | | libldap-common to also permit later | | | versions; fix upgrade failure when | | | olcSuffix contains a backslash; avoid | | | reading the value of the | | | LDAP_OPT_X_TLS_REQUIRE_CERT option from | | | previously freed memory; fix potential | | | endless replication loop in a multi- | | | master delta-syncrepl scenario with 3 or | | | more nodes; fix memory corruption caused | | | by calling sasl_client_init() multiple | | | times and possibly concurrently | | | | | openvpn [60] | Fix broken reconnects due to wrong push | | | digest calculation | | | | | osinfo-db [61] | Update distribution information | | | | | pcb-rnd [62] | Fix execution of code via a maliciously | | | formed design file | | | | | postfix [63] | New upstream stable version - send | | | single character variable names to | | | milters without {}; prevent MIME | | | downgrade of Postfix-generated message/ | | | delivery status; work around Berkeley DB | | | attempting to read settings from | | | "DB_CONFIG" file | | | | | python-pampy [64] | Fix dependencies on Python 3 modules | | | | | request-tracker4 [65] | Fix regression in previous security | | | release where incorrect SHA256 passwords | | | could trigger an error | | | | | ruby-gnome2 [66] | ruby- | | | {gdk3,gtksourceview2,pango,poppler}: Add | | | missing dependencies | | | | | samba [67] | Ensure SMB signing enforced [CVE-2017- | | | 12150]; keep required encryption across | | | SMB3 DFS redirects [CVE-2017-12151]; fix | | | server memory information leak over SMB1 | | | [CVE-2017-12163]; new upstream release; | | | fix libpam-winbind.prerm to be | | | multiarch-safe; add missing logrotate | | | for /var/log/samba/log.samba; fix | | | outdated DNS Root servers; fix "Non- | | | kerberos logins fails on winbind 4.X | | | when krb5_auth is configured in PAM" | | | | | smplayer [68] | Fix connections to YouTube | | | | | speech-dispatcher [69] | Make spd-conf work again | | | | | suricata [70] | Limit the number of recursive calls in | | | the DER/ASN.1 decoder to avoid stack | | | overflows | | | | | swift [71] | New upstream stable release | | | | | tbdialout [72] | Include leading plus symbol when using | | | tel: URI scheme | | | | | tiny-initramfs [73] | Add missing dependency on cpio | | | | | topal [74] | Fix misuse of sed character class syntax | | | | | torsocks [75] | Fix check_addr() to return either 0 or 1 | | | | | trace-cmd [76] | Fix segfault while processing certain | | | trace files | | | | | unbound [77] | Fix install of trust anchor when two | | | anchors are present; depend on dns-root- | | | data (>= 2017072601~) for KSK-2017 | | | | | unknown-horizons [78] | Fix memory leak | | | | | up-imapproxy [79] | Correct systemd service file | | | | | vim [80] | Fix several crashes / illegal memory | | | accesses [CVE-2017-11109] | | | | | waagent [81] | New upstream release, with support for | | | Azure Stack | | | | | webkit2gtk [82] | Upstream security and bugfix release | | | [CVE-2017-2538 CVE-2017-7052 CVE-2017- | | | 7018 CVE-2017-7030 CVE-2017-7034 | | | CVE-2017-7037 CVE-2017-7039 CVE-2017- | | | 7046 CVE-2017-7048 CVE-2017-7055 | | | CVE-2017-7056 CVE-2017-7061 CVE-2017- | | | 7064] | | | | | whois [83] | Fix whois referrals | | | for .com, .net, .jobs, .bz, .cc and .tv; | | | add several new Indian TLD servers; | | | update the list of gTLDs | | | | | wrk [84] | Fix build failures | | | | | xfonts-ayu [85] | Fix generation of bold and italic fonts | | | | | xkeyboard-config [86] | Move Indic layouts back to the main | | | layout list, enabling their use again | | | | | yadm [87] | Fix race condition which could allow | | | access to private PGP and SSH keys | | | [CVE-2017-11353] | | | | +--------------------------+------------------------------------------+ 1: https://packages.debian.org/src:apt 2: https://packages.debian.org/src:at-spi2-core 3: https://packages.debian.org/src:bareos 4: https://packages.debian.org/src:bind9 5: https://packages.debian.org/src:bridge-utils 6: https://packages.debian.org/src:caja 7: https://packages.debian.org/src:chrony 8: https://packages.debian.org/src:cross-gcc 9: https://packages.debian.org/src:cvxopt 10: https://packages.debian.org/src:db5.3 11: https://packages.debian.org/src:dbus 12: https://packages.debian.org/src:debian-edu-doc 13: https://packages.debian.org/src:debian-installer 14: https://packages.debian.org/src:debian-installer-netboot-images 15: https://packages.debian.org/src:desktop-base 16: https://packages.debian.org/src:dns-root-data 17: https://packages.debian.org/src:dnsdist 18: https://packages.debian.org/src:dnsviz 19: https://packages.debian.org/src:dose3 20: https://packages.debian.org/src:ecl 21: https://packages.debian.org/src:erlang-p1-tls 22: https://packages.debian.org/src:evolution 23: https://packages.debian.org/src:expect 24: https://packages.debian.org/src:fife 25: https://packages.debian.org/src:flatpak 26: https://packages.debian.org/src:freerdp 27: https://packages.debian.org/src:gnome-exe-thumbnailer 28: https://packages.debian.org/src:gnupg2 29: https://packages.debian.org/src:gnutls28 30: https://packages.debian.org/src:gosa-plugin-mailaddress 31: https://packages.debian.org/src:gsoap 32: https://packages.debian.org/src:haveged 33: https://packages.debian.org/src:ipsec-tools 34: https://packages.debian.org/src:irssi 35: https://packages.debian.org/src:kanatest 36: https://packages.debian.org/src:kdepim 37: https://packages.debian.org/src:kf5-messagelib 38: https://packages.debian.org/src:krb5 39: https://packages.debian.org/src:lava-tool 40: https://packages.debian.org/src:librsb 41: https://packages.debian.org/src:libselinux 42: https://packages.debian.org/src:libsolv 43: https://packages.debian.org/src:libwpd 44: https://packages.debian.org/src:linux 45: https://packages.debian.org/src:linux-latest 46: https://packages.debian.org/src:lzma 47: https://packages.debian.org/src:mailman 48: https://packages.debian.org/src:mate-power-manager 49: https://packages.debian.org/src:mate-themes 50: https://packages.debian.org/src:mate-tweak 51: https://packages.debian.org/src:ncurses 52: https://packages.debian.org/src:nettle 53: https://packages.debian.org/src:node-brace-expansion 54: https://packages.debian.org/src:node-dateformat 55: https://packages.debian.org/src:ntp 56: https://packages.debian.org/src:nvidia-graphics-drivers 57: https://packages.debian.org/src:open-vm-tools 58: https://packages.debian.org/src:opendkim 59: https://packages.debian.org/src:openldap 60: https://packages.debian.org/src:openvpn 61: https://packages.debian.org/src:osinfo-db 62: https://packages.debian.org/src:pcb-rnd 63: https://packages.debian.org/src:postfix 64: https://packages.debian.org/src:python-pampy 65: https://packages.debian.org/src:request-tracker4 66: https://packages.debian.org/src:ruby-gnome2 67: https://packages.debian.org/src:samba 68: https://packages.debian.org/src:smplayer 69: https://packages.debian.org/src:speech-dispatcher 70: https://packages.debian.org/src:suricata 71: https://packages.debian.org/src:swift 72: https://packages.debian.org/src:tbdialout 73: https://packages.debian.org/src:tiny-initramfs 74: https://packages.debian.org/src:topal 75: https://packages.debian.org/src:torsocks 76: https://packages.debian.org/src:trace-cmd 77: https://packages.debian.org/src:unbound 78: https://packages.debian.org/src:unknown-horizons 79: https://packages.debian.org/src:up-imapproxy 80: https://packages.debian.org/src:vim 81: https://packages.debian.org/src:waagent 82: https://packages.debian.org/src:webkit2gtk 83: https://packages.debian.org/src:whois 84: https://packages.debian.org/src:wrk 85: https://packages.debian.org/src:xfonts-ayu 86: https://packages.debian.org/src:xkeyboard-config 87: https://packages.debian.org/src:yadm Security Updates ---------------- This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates: +-----------------+-----------------------------+ | Advisory ID | Package | +-----------------+-----------------------------+ | DSA-3881 [88] | firefox-esr [89] | | | | | DSA-3898 [90] | expat [91] | | | | | DSA-3904 [92] | bind9 [93] | | | | | DSA-3909 [94] | samba [95] | | | | | DSA-3913 [96] | apache2 [97] | | | | | DSA-3914 [98] | imagemagick [99] | | | | | DSA-3915 [100] | ruby-mixlib-archive [101] | | | | | DSA-3916 [102] | atril [103] | | | | | DSA-3917 [104] | catdoc [105] | | | | | DSA-3919 [106] | openjdk-8 [107] | | | | | DSA-3920 [108] | qemu [109] | | | | | DSA-3921 [110] | enigmail [111] | | | | | DSA-3923 [112] | freerdp [113] | | | | | DSA-3924 [114] | varnish [115] | | | | | DSA-3925 [116] | qemu [117] | | | | | DSA-3926 [118] | chromium-browser [119] | | | | | DSA-3927 [120] | linux [121] | | | | | DSA-3928 [122] | firefox-esr [123] | | | | | DSA-3929 [124] | libsoup2.4 [125] | | | | | DSA-3930 [126] | freeradius [127] | | | | | DSA-3931 [128] | ruby-rack-cors [129] | | | | | DSA-3932 [130] | subversion [131] | | | | | DSA-3934 [132] | git [133] | | | | | DSA-3936 [134] | postgresql-9.6 [135] | | | | | DSA-3938 [136] | libgd2 [137] | | | | | DSA-3940 [138] | cvs [139] | | | | | DSA-3941 [140] | iortcw [141] | | | | | DSA-3942 [142] | supervisor [143] | | | | | DSA-3946 [144] | libmspack [145] | | | | | DSA-3947 [146] | newsbeuter [147] | | | | | DSA-3948 [148] | ioquake3 [149] | | | | | DSA-3949 [150] | augeas [151] | | | | | DSA-3950 [152] | libraw [153] | | | | | DSA-3952 [154] | libxml2 [155] | | | | | DSA-3953 [156] | aodh [157] | | | | | DSA-3955 [158] | mariadb-10.1 [159] | | | | | DSA-3956 [160] | connman [161] | | | | | DSA-3957 [162] | ffmpeg [163] | | | | | DSA-3958 [164] | fontforge [165] | | | | | DSA-3959 [166] | libgcrypt20 [167] | | | | | DSA-3961 [168] | libgd2 [169] | | | | | DSA-3962 [170] | strongswan [171] | | | | | DSA-3963 [172] | mercurial [173] | | | | | DSA-3964 [174] | asterisk [175] | | | | | DSA-3965 [176] | file [177] | | | | | DSA-3966 [178] | ruby2.3 [179] | | | | | DSA-3967 [180] | mbedtls [181] | | | | | DSA-3968 [182] | icedove [183] | | | | | DSA-3969 [184] | xen [185] | | | | | DSA-3970 [186] | emacs24 [187] | | | | | DSA-3971 [188] | tcpdump [189] | | | | | DSA-3972 [190] | bluez [191] | | | | | DSA-3973 [192] | wordpress-shibboleth [193] | | | | | DSA-3974 [194] | tomcat8 [195] | | | | | DSA-3975 [196] | emacs25 [197] | | | | | DSA-3976 [198] | freexl [199] | | | | | DSA-3977 [200] | newsbeuter [201] | | | | | DSA-3978 [202] | gdk-pixbuf [203] | | | | | DSA-3979 [204] | pyjwt [205] | | | | | DSA-3980 [206] | apache2 [207] | | | | | DSA-3982 [208] | perl [209] | | | | | DSA-3984 [210] | git [211] | | | | | DSA-3985 [212] | chromium-browser [213] | | | | | DSA-3986 [214] | ghostscript [215] | | | | | DSA-3987 [216] | firefox-esr [217] | | | | | DSA-3988 [218] | libidn2-0 [219] | | | | +-----------------+-----------------------------+ 88: https://www.debian.org/security/2017/dsa-3881 89: https://packages.debian.org/src:firefox-esr 90: https://www.debian.org/security/2017/dsa-3898 91: https://packages.debian.org/src:expat 92: https://www.debian.org/security/2017/dsa-3904 93: https://packages.debian.org/src:bind9 94: https://www.debian.org/security/2017/dsa-3909 95: https://packages.debian.org/src:samba 96: https://www.debian.org/security/2017/dsa-3913 97: https://packages.debian.org/src:apache2 98: https://www.debian.org/security/2017/dsa-3914 99: https://packages.debian.org/src:imagemagick 100: https://www.debian.org/security/2017/dsa-3915 101: https://packages.debian.org/src:ruby-mixlib-archive 102: https://www.debian.org/security/2017/dsa-3916 103: https://packages.debian.org/src:atril 104: https://www.debian.org/security/2017/dsa-3917 105: https://packages.debian.org/src:catdoc 106: https://www.debian.org/security/2017/dsa-3919 107: https://packages.debian.org/src:openjdk-8 108: https://www.debian.org/security/2017/dsa-3920 109: https://packages.debian.org/src:qemu 110: https://www.debian.org/security/2017/dsa-3921 111: https://packages.debian.org/src:enigmail 112: https://www.debian.org/security/2017/dsa-3923 113: https://packages.debian.org/src:freerdp 114: https://www.debian.org/security/2017/dsa-3924 115: https://packages.debian.org/src:varnish 116: https://www.debian.org/security/2017/dsa-3925 117: https://packages.debian.org/src:qemu 118: https://www.debian.org/security/2017/dsa-3926 119: https://packages.debian.org/src:chromium-browser 120: https://www.debian.org/security/2017/dsa-3927 121: https://packages.debian.org/src:linux 122: https://www.debian.org/security/2017/dsa-3928 123: https://packages.debian.org/src:firefox-esr 124: https://www.debian.org/security/2017/dsa-3929 125: https://packages.debian.org/src:libsoup2.4 126: https://www.debian.org/security/2017/dsa-3930 127: https://packages.debian.org/src:freeradius 128: https://www.debian.org/security/2017/dsa-3931 129: https://packages.debian.org/src:ruby-rack-cors 130: https://www.debian.org/security/2017/dsa-3932 131: https://packages.debian.org/src:subversion 132: https://www.debian.org/security/2017/dsa-3934 133: https://packages.debian.org/src:git 134: https://www.debian.org/security/2017/dsa-3936 135: https://packages.debian.org/src:postgresql-9.6 136: https://www.debian.org/security/2017/dsa-3938 137: https://packages.debian.org/src:libgd2 138: https://www.debian.org/security/2017/dsa-3940 139: https://packages.debian.org/src:cvs 140: https://www.debian.org/security/2017/dsa-3941 141: https://packages.debian.org/src:iortcw 142: https://www.debian.org/security/2017/dsa-3942 143: https://packages.debian.org/src:supervisor 144: https://www.debian.org/security/2017/dsa-3946 145: https://packages.debian.org/src:libmspack 146: https://www.debian.org/security/2017/dsa-3947 147: https://packages.debian.org/src:newsbeuter 148: https://www.debian.org/security/2017/dsa-3948 149: https://packages.debian.org/src:ioquake3 150: https://www.debian.org/security/2017/dsa-3949 151: https://packages.debian.org/src:augeas 152: https://www.debian.org/security/2017/dsa-3950 153: https://packages.debian.org/src:libraw 154: https://www.debian.org/security/2017/dsa-3952 155: https://packages.debian.org/src:libxml2 156: https://www.debian.org/security/2017/dsa-3953 157: https://packages.debian.org/src:aodh 158: https://www.debian.org/security/2017/dsa-3955 159: https://packages.debian.org/src:mariadb-10.1 160: https://www.debian.org/security/2017/dsa-3956 161: https://packages.debian.org/src:connman 162: https://www.debian.org/security/2017/dsa-3957 163: https://packages.debian.org/src:ffmpeg 164: https://www.debian.org/security/2017/dsa-3958 165: https://packages.debian.org/src:fontforge 166: https://www.debian.org/security/2017/dsa-3959 167: https://packages.debian.org/src:libgcrypt20 168: https://www.debian.org/security/2017/dsa-3961 169: https://packages.debian.org/src:libgd2 170: https://www.debian.org/security/2017/dsa-3962 171: https://packages.debian.org/src:strongswan 172: https://www.debian.org/security/2017/dsa-3963 173: https://packages.debian.org/src:mercurial 174: https://www.debian.org/security/2017/dsa-3964 175: https://packages.debian.org/src:asterisk 176: https://www.debian.org/security/2017/dsa-3965 177: https://packages.debian.org/src:file 178: https://www.debian.org/security/2017/dsa-3966 179: https://packages.debian.org/src:ruby2.3 180: https://www.debian.org/security/2017/dsa-3967 181: https://packages.debian.org/src:mbedtls 182: https://www.debian.org/security/2017/dsa-3968 183: https://packages.debian.org/src:icedove 184: https://www.debian.org/security/2017/dsa-3969 185: https://packages.debian.org/src:xen 186: https://www.debian.org/security/2017/dsa-3970 187: https://packages.debian.org/src:emacs24 188: https://www.debian.org/security/2017/dsa-3971 189: https://packages.debian.org/src:tcpdump 190: https://www.debian.org/security/2017/dsa-3972 191: https://packages.debian.org/src:bluez 192: https://www.debian.org/security/2017/dsa-3973 193: https://packages.debian.org/src:wordpress-shibboleth 194: https://www.debian.org/security/2017/dsa-3974 195: https://packages.debian.org/src:tomcat8 196: https://www.debian.org/security/2017/dsa-3975 197: https://packages.debian.org/src:emacs25 198: https://www.debian.org/security/2017/dsa-3976 199: https://packages.debian.org/src:freexl 200: https://www.debian.org/security/2017/dsa-3977 201: https://packages.debian.org/src:newsbeuter 202: https://www.debian.org/security/2017/dsa-3978 203: https://packages.debian.org/src:gdk-pixbuf 204: https://www.debian.org/security/2017/dsa-3979 205: https://packages.debian.org/src:pyjwt 206: https://www.debian.org/security/2017/dsa-3980 207: https://packages.debian.org/src:apache2 208: https://www.debian.org/security/2017/dsa-3982 209: https://packages.debian.org/src:perl 210: https://www.debian.org/security/2017/dsa-3984 211: https://packages.debian.org/src:git 212: https://www.debian.org/security/2017/dsa-3985 213: https://packages.debian.org/src:chromium-browser 214: https://www.debian.org/security/2017/dsa-3986 215: https://packages.debian.org/src:ghostscript 216: https://www.debian.org/security/2017/dsa-3987 217: https://packages.debian.org/src:firefox-esr 218: https://www.debian.org/security/2017/dsa-3988 219: https://packages.debian.org/src:libidn2-0 Removed packages ---------------- The following packages were removed due to circumstances beyond our control: +----------------+------------------------------------------+ | Package | Reason | +----------------+------------------------------------------+ | clapack [220] | Outdated and unmaintained fork of lapack | | | | +----------------+------------------------------------------+ 220: https://packages.debian.org/src:clapack Debian Installer ---------------- The installer has been updated to include the fixes incorporated into stable by the point release. URLs ---- The complete lists of packages that have changed with this revision: http://ftp.debian.org/debian/dists/stretch/ChangeLog The current stable distribution: http://ftp.debian.org/debian/dists/stable/ Proposed updates to the stable distribution: http://ftp.debian.org/debian/dists/proposed-updates stable distribution information (release notes, errata etc.): https://www.debian.org/releases/stable/ Security announcements and information: https://security.debian.org/ [221] 221: https://www.debian.org/security/ About Debian ------------ The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. Contact Information ------------------- For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.