[DSA 5879-1] opensaml security update
ELA-1352-1 gnutls28 security update
ELA-1351-1 squid3 security update
Installable Debian 12.10 live ISO images are now available in GNOME, KDE, Xfce, Cinnamon, MATE, LXDE, and LXQt flavors.
Ondřej Surý has released updated PHP 8.4.5, 8.3.19, 8.2.28, and 8.1.32 packages for Debian GNU/Linux 11 (Bullseye) LTS and 12 (Bookworm) as well as PHP 8.0.30-13, 7.4.33-18, 7.3.33-24, 7.2.34-54, 7.1.33-67, 7.0.33-79, 5.6.40-81 packages with security backports.
The latest versions of PHP include fixes for bugs in BCMath, Core, DOM, FFI, FPM, GD, LDAP, LibXML, MBString, Opcache, Phar, PHPDBG, Reflection, Standard, Streams, Windows, and Zlib. These fixes address issues such as BCMUL memory leaks, broken stack overflow detection for variable compilation, unhandled match errors, fallback paths in fast_long_{add,sub}_function, OSS-Fuzz, zend_mm_heap corruption, reference counting in php_request_shutdown, imagescale with both width and height negative values, FFI parsing of pointer declaration lists, FPM, GD, LDAP, LibXML, MBString, Opcache, GLXML, MBString, Phar, PHPDBG, Reflection, standard, Streams, zlib, and zlib.
New installation images will be accessible shortly at the usual locations. To upgrade an existing installation to this revision, direct the package management system to one of the numerous HTTP mirrors provided by Debian. The stable update incorporates several significant bug fixes for the following packages: package-reason, 389-ds-base, dcmtk, dgit, djoser, dns-root-data, edk2, elpa, flightgear, gensim, glibc, golang-github-containers-buildah, intel-microcode, iptables-netflow, jinja2, joblib, lemonldap-ng, libapache-mod-jk, libeconf, librabbitmq, libtar, linux, ltt-control, lttng-modules, mariadb, monero, mozc, ndcube, nginx, node-axios, node-js-sdsl, node-postcss, node-recast, node-redis, node-rollup, openh264, php-nesbot-carbon, postgresql-15, puma, python-django, python-pycdlib, rapiddisk, rsyslog, runit-services, seqan3, and syslog.
Debian GNU/Linux 8 (Jessie) Extended LTS:
ELA-1349-1 python2.7 security update
Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1348-1 python2.7 security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1350-1 pypy security update
Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1347-1 python2.7 security update
Debian GNU/Linux 12 (Bookworm):
[DSA 5878-1] php8.2 security update
ELA-1346-1 gst-plugins-good1.0 security update
[DSA 5877-1] chromium security update
ELA-1345-1 squid security update
[DLA 4083-1] squid security update
[DLA 4084-1] libmodbus security update
[DLA 4081-1] thunderbird security update
[DLA 4080-1] libaws security update
[DLA 4082-1] ruby2.7 security update
ELA-1342-1 log4net security update
ELA-1343-1 proftpd-dfsg security update
ELA-1344-1 commons-beanutils security update
ELA-1341-1 sqlparse security update
[DLA 4079-1] openvpn security update
[DSA 5876-1] thunderbird security update
[DLA 4078-1] firefox-esr security update
[DSA 5875-1] chromium security update
ELA-1340-1 emacs24 security update
DSA 5874-1] firefox-esr security update
[DSA 5873-1] libreoffice security update
ELA-1338-1 nodejs security update
[DLA 4077-1] proftpd-dfsg security update
[DLA 4074-1] mariadb-10.5 security update
[DLA 4075-1] linux security update
[DLA 4076-1] linux-6.1 security update