Debian 10226 Published by

Debian GNU/Linux 10.3 has been released. This is the third update of the stable release which mainly adds security updates.



------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 10: 10.3 released press@debian.org
February 8th, 2020 https://www.debian.org/News/2020/20200208
------------------------------------------------------------------------

The Debian project is pleased to announce the third update of its stable
distribution Debian 10 (codename "buster"). This point release mainly
adds corrections for security issues, along with a few adjustments for
serious problems. Security advisories have already been published
separately and are referenced where available.

Please note that the point release does not constitute a new version of
Debian 10 but only updates some of the packages included. There is no
need to throw away old "buster" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.

New installation images will be available soon at the regular locations.

Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:

https://www.debian.org/mirror/list


Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

+---------------------------+-----------------------------------------+
| Package | Reason |
+---------------------------+-----------------------------------------+
| alot?[1] | Remove expiration time from test suite |
| | keys, fixing build failure |
| | |
| atril?[2] | Fix segfault when no document is |
| | loaded; fix read of uninitialised |
| | memory [CVE-2019-11459] |
| | |
| base-files?[3] | Update for the point release |
| | |
| beagle?[4] | Provide wrapper script instead of |
| | symlinks to JARs, making them work |
| | again |
| | |
| bgpdump?[5] | Fix segmentation fault |
| | |
| boost1.67?[6] | Fix undefined behaviour leading to |
| | crashing libboost-numpy |
| | |
| brightd?[7] | Actually compare the value read out |
| | of /sys/class/power_supply/AC/online |
| | with "0" |
| | |
| casacore-data-jplde?[8] | Include tables up to 2040 |
| | |
| clamav?[9] | New upstream release; fix denial of |
| | service issue [CVE-2019-15961]; remove |
| | ScanOnAccess option, replacing with |
| | clamonacc |
| | |
| compactheader?[10] | New upstream release compatible with |
| | Thunderbird 68 |
| | |
| console-common?[11] | Fix regression that led to files not |
| | being included |
| | |
| csh?[12] | Fix segfault on eval |
| | |
| cups?[13] | Fix memory leak in ppdOpen; fix |
| | validation of default language in |
| | ippSetValuetag [CVE-2019-2228] |
| | |
| cyrus-imapd?[14] | Add BACKUP type to cyrus-upgrade-db, |
| | fixing upgrade issues |
| | |
| debian-edu-config?[15] | Keep proxy settings on client if WPAD |
| | is unreachable |
| | |
| debian-installer?[16] | Rebuild against proposed-updates; tweak |
| | mini.iso generation on arm so EFI |
| | netboot will work; update |
| | USE_UDEBS_FROM default from unstable to |
| | buster, to help users performing local |
| | builds |
| | |
| debian-installer-netboot- | Rebuild against proposed-updates |
| images?[17] | |
| | |
| debian-security- | Update security support status of |
| support?[18] | several packages |
| | |
| debos?[19] | Rebuild against updated golang-github- |
| | go-debos-fakemachine |
| | |
| dispmua?[20] | New upstream release compatible with |
| | Thunderbird 68 |
| | |
| dkimpy?[21] | New upstream stable release |
| | |
| dkimpy-milter?[22] | Fix privilege management at startup so |
| | Unix sockets work |
| | |
| dpdk?[23] | New upstream stable release |
| | |
| e2fsprogs?[24] | Fix potential stack underflow in e2fsck |
| | [CVE-2019-5188]; fix use after free in |
| | e2fsck |
| | |
| fig2dev?[25] | Allow Fig v2 text strings ending with |
| | multiple ^A [CVE-2019-19555]; reject |
| | huge arrow types causing integer |
| | overflow [CVE-2019-19746]; fix several |
| | crashes [CVE-2019-19797] |
| | |
| freerdp2?[26] | Fix realloc return handling [CVE-2019- |
| | 17177] |
| | |
| freetds?[27] | tds: Make sure UDT has varint set to 8 |
| | [CVE-2019-13508] |
| | |
| git-lfs?[28] | Fix build issues with newer Go versions |
| | |
| gnubg?[29] | Increase the size of static buffers |
| | used to build messages during program |
| | start so that the Spanish translation |
| | doesn't overflow a buffer |
| | |
| gnutls28?[30] | Fix interop problems with gnutls 2.x; |
| | fix parsing of certificates using |
| | RegisteredID |
| | |
| gtk2-engines-murrine?[31] | Fix co-installability with other themes |
| | |
| guile-2.2?[32] | Fix build failure |
| | |
| libburn?[33] | Fix "cdrskin multi-track burning was |
| | slow and stalled after track 1" |
| | |
| libcgns?[34] | Fix build failure on ppc64el |
| | |
| libimobiledevice?[35] | Properly handle partial SSL writes |
| | |
| libmatroska?[36] | Increase shared library dependency to |
| | 1.4.7 since that version introduced new |
| | symbols |
| | |
| libmysofa?[37] | Security fixes [CVE-2019-16091 |
| | CVE-2019-16092 CVE-2019-16093 CVE-2019- |
| | 16094 CVE-2019-16095] |
| | |
| libole-storage-lite- | Fix interpretation of years from 2020 |
| perl?[38] | onwards |
| | |
| libparse-win32registry- | Fix interpretation of years from 2020 |
| perl?[39] | onwards |
| | |
| libperl4-corelibs- | Fix interpretation of years from 2020 |
| perl?[40] | onwards |
| | |
| libsolv?[41] | Fix heap buffer overflow [CVE-2019- |
| | 20387] |
| | |
| libspreadsheet-wright- | Fix previously unusable OpenDocument |
| perl?[42] | spreadsheets and passing of JSON |
| | formatting options |
| | |
| libtimedate-perl?[43] | Fix interpretation of years from 2020 |
| | onwards |
| | |
| libvirt?[44] | Apparmor: Allow one to run pygrub; |
| | don't render osxsave, ospke into QEMU |
| | command line; this helps newer QEMU |
| | with some configs generated by virt- |
| | install |
| | |
| libvncserver?[45] | RFBserver: don't leak stack memory to |
| | the remote [CVE-2019-15681]; resolve a |
| | freeze during connection closure and a |
| | segmentation fault on multi-threaded |
| | VNC servers; fix issue connecting to |
| | VMWare servers; fix crashing of x11vnc |
| | when vncviewer connects |
| | |
| limnoria?[46] | Fix remote information disclosure and |
| | possibly remote code execution in the |
| | Math plugin [CVE-2019-19010] |
| | |
| linux?[47] | New upstream stable release |
| | |
| linux-latest?[48] | Update for 4.19.0-8 Linux kernel ABI |
| | |
| linux-signed-amd64?[49] | New upstream stable release |
| | |
| linux-signed-arm64?[50] | New upstream stable release |
| | |
| linux-signed-i386?[51] | New upstream stable release |
| | |
| mariadb-10.3?[52] | New upstream stable release [CVE-2019- |
| | 2938 CVE-2019-2974 CVE-2020-2574] |
| | |
| mesa?[53] | Call shmget() with permission 0600 |
| | instead of 0777 [CVE-2019-5068] |
| | |
| mnemosyne?[54] | Add missing dependency on PIL |
| | |
| modsecurity?[55] | Fix cookie header parsing bug |
| | [CVE-2019-19886] |
| | |
| node-handlebars?[56] | Disallow calling "helperMissing" and |
| | "blockHelperMissing" directly |
| | [CVE-2019-19919] |
| | |
| node-kind-of?[57] | Fix type checking vulnerability in |
| | ctorName() [CVE-2019-20149] |
| | |
| ntpsec?[58] | Fix slow DNS retries; fix ntpdate -s |
| | (syslog) to fix the if-up hook; |
| | documentation fixes |
| | |
| numix-gtk-theme?[59] | Fix co-installability with other themes |
| | |
| nvidia-graphics-drivers- | New upstream stable release |
| legacy-340xx?[60] | |
| | |
| nyancat?[61] | Rebuild in a clean environment to add |
| | the systemd unit for nyancat-server |
| | |
| openjpeg2?[62] | Fix heap overflow [CVE-2018-21010] and |
| | integer overflow [CVE-2018-20847] |
| | |
| opensmtpd?[63] | Warn users of change of smtpd.conf |
| | syntax (in earlier versions); install |
| | smtpctl setgid opensmtpq; handle non- |
| | zero exit code from hostname during |
| | config phase |
| | |
| openssh?[64] | Deny (non-fatally) ipc in the seccomp |
| | sandbox, fixing failures with OpenSSL |
| | 1.1.1d and Linux < 3.19 on some |
| | architectures |
| | |
| php-horde?[65] | Fix stored cross-site scripting issue |
| | in Horde Cloud Block [CVE-2019-12095] |
| | |
| php-horde-text- | Fix invalid regular expressions |
| filter?[66] | |
| | |
| postfix?[67] | New upstream stable release |
| | |
| postgresql-11?[68] | New upstream stable release |
| | |
| print-manager?[69] | Fix crash if CUPS returns the same ID |
| | for multiple print jobs |
| | |
| proftpd-dfsg?[70] | Fix CRL issues [CVE-2019-19270 |
| | CVE-2019-19269] |
| | |
| pykaraoke?[71] | Fix path to fonts |
| | |
| python-evtx?[72] | Fix import of "hexdump" |
| | |
| python- | Close file after getting hash, avoiding |
| internetarchive?[73] | file descriptor exhaustion |
| | |
| python3.7?[74] | Security fixes [CVE-2019-9740 CVE-2019- |
| | 9947 CVE-2019-9948 CVE-2019-10160 |
| | CVE-2019-16056 CVE-2019-16935] |
| | |
| qtbase-opensource- | Add support for non-PPD printers and |
| src?[75] | avoid silent fallback to a printer |
| | supporting PPD; fix crash when using |
| | QLabels with rich text; fix graphics |
| | tablet hover events |
| | |
| qtwebengine-opensource- | Fix PDF parsing; disable executable |
| src?[76] | stack |
| | |
| quassel?[77] | Fix quasselcore AppArmor denials when |
| | the config is saved; correct default |
| | channel for Debian; remove unnecessary |
| | NEWS file |
| | |
| qwinff?[78] | Fix crash due to incorrect file |
| | detection |
| | |
| raspi3-firmware?[79] | Fix detection of serial console with |
| | kernel 5.x |
| | |
| ros-ros-comm?[80] | Fix security issues [CVE-2019-13566 |
| | CVE-2019-13465 CVE-2019-13445] |
| | |
| roundcube?[81] | New upstream stable release; fix |
| | insecure permissions in enigma plugin |
| | [CVE-2018-1000071] |
| | |
| schleuder?[82] | Fix recognizing keywords in mails with |
| | "protected headers" and empty subject; |
| | strip non-self-signatures when |
| | refreshing or fetching keys; error if |
| | the argument provided to `refresh_keys` |
| | is not an existing list; add missing |
| | List-Id header to notification mails |
| | sent to admins; handle decryption |
| | problems gracefully; default to |
| | ASCII-8BIT encoding |
| | |
| simplesamlphp?[83] | Fix incompatibility with PHP 7.3 |
| | |
| sogo-connector?[84] | New upstream release compatible with |
| | Thunderbird 68 |
| | |
| spf-engine?[85] | Fix privilege management at startup so |
| | Unix sockets work; update documentation |
| | for TestOnly |
| | |
| sudo?[86] | Fix a (non-exploitable in buster) |
| | buffer overflow when pwfeedback is |
| | enabled and input is a not a tty |
| | [CVE-2019-18634] |
| | |
| systemd?[87] | Set fs.file-max sysctl to LONG_MAX |
| | rather than ULONG_MAX; change |
| | ownership/mode of the execution |
| | directories also for static users, |
| | ensuring that execution directories |
| | like CacheDirectory and StateDirectory |
| | are properly chowned to the user |
| | specified in User= before launching the |
| | service |
| | |
| tifffile?[88] | Fix wrapper script |
| | |
| tigervnc?[89] | Security fixes [CVE-2019-15691 |
| | CVE-2019-15692 CVE-2019-15693 CVE-2019- |
| | 15694 CVE-2019-15695] |
| | |
| tightvnc?[90] | Security fixes [CVE-2014-6053 CVE-2019- |
| | 8287 CVE-2018-20021 CVE-2018-20022 |
| | CVE-2018-20748 CVE-2018-7225 CVE-2019- |
| | 15678 CVE-2019-15679 CVE-2019-15680 |
| | CVE-2019-15681] |
| | |
| uif?[91] | Fix paths to ip(6)tables-restore in |
| | light of the migration to nftables |
| | |
| unhide?[92] | Fix stack exhaustion |
| | |
| x2goclient?[93] | Strip ~/, ~user{,/}, ${HOME}{,/} and |
| | $HOME{,/} from destination paths in SCP |
| | mode; fixes regression with newer |
| | libssh versions with fixes for |
| | CVE-2019-14889 applied |
| | |
| xmltooling?[94] | Fix race condition that could lead to |
| | crash under load |
| | |
+---------------------------+-----------------------------------------+

1: https://packages.debian.org/src:alot
2: https://packages.debian.org/src:atril
3: https://packages.debian.org/src:base-files
4: https://packages.debian.org/src:beagle
5: https://packages.debian.org/src:bgpdump
6: https://packages.debian.org/src:boost1.67
7: https://packages.debian.org/src:brightd
8: https://packages.debian.org/src:casacore-data-jplde
9: https://packages.debian.org/src:clamav
10: https://packages.debian.org/src:compactheader
11: https://packages.debian.org/src:console-common
12: https://packages.debian.org/src:csh
13: https://packages.debian.org/src:cups
14: https://packages.debian.org/src:cyrus-imapd
15: https://packages.debian.org/src:debian-edu-config
16: https://packages.debian.org/src:debian-installer
17: https://packages.debian.org/src:debian-installer-netboot-images
18: https://packages.debian.org/src:debian-security-support
19: https://packages.debian.org/src:debos
20: https://packages.debian.org/src:dispmua
21: https://packages.debian.org/src:dkimpy
22: https://packages.debian.org/src:dkimpy-milter
23: https://packages.debian.org/src:dpdk
24: https://packages.debian.org/src:e2fsprogs
25: https://packages.debian.org/src:fig2dev
26: https://packages.debian.org/src:freerdp2
27: https://packages.debian.org/src:freetds
28: https://packages.debian.org/src:git-lfs
29: https://packages.debian.org/src:gnubg
30: https://packages.debian.org/src:gnutls28
31: https://packages.debian.org/src:gtk2-engines-murrine
32: https://packages.debian.org/src:guile-2.2
33: https://packages.debian.org/src:libburn
34: https://packages.debian.org/src:libcgns
35: https://packages.debian.org/src:libimobiledevice
36: https://packages.debian.org/src:libmatroska
37: https://packages.debian.org/src:libmysofa
38: https://packages.debian.org/src:libole-storage-lite-perl
39: https://packages.debian.org/src:libparse-win32registry-perl
40: https://packages.debian.org/src:libperl4-corelibs-perl
41: https://packages.debian.org/src:libsolv
42: https://packages.debian.org/src:libspreadsheet-wright-perl
43: https://packages.debian.org/src:libtimedate-perl
44: https://packages.debian.org/src:libvirt
45: https://packages.debian.org/src:libvncserver
46: https://packages.debian.org/src:limnoria
47: https://packages.debian.org/src:linux
48: https://packages.debian.org/src:linux-latest
49: https://packages.debian.org/src:linux-signed-amd64
50: https://packages.debian.org/src:linux-signed-arm64
51: https://packages.debian.org/src:linux-signed-i386
52: https://packages.debian.org/src:mariadb-10.3
53: https://packages.debian.org/src:mesa
54: https://packages.debian.org/src:mnemosyne
55: https://packages.debian.org/src:modsecurity
56: https://packages.debian.org/src:node-handlebars
57: https://packages.debian.org/src:node-kind-of
58: https://packages.debian.org/src:ntpsec
59: https://packages.debian.org/src:numix-gtk-theme
60: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-340xx
61: https://packages.debian.org/src:nyancat
62: https://packages.debian.org/src:openjpeg2
63: https://packages.debian.org/src:opensmtpd
64: https://packages.debian.org/src:openssh
65: https://packages.debian.org/src:php-horde
66: https://packages.debian.org/src:php-horde-text-filter
67: https://packages.debian.org/src:postfix
68: https://packages.debian.org/src:postgresql-11
69: https://packages.debian.org/src:print-manager
70: https://packages.debian.org/src:proftpd-dfsg
71: https://packages.debian.org/src:pykaraoke
72: https://packages.debian.org/src:python-evtx
73: https://packages.debian.org/src:python-internetarchive
74: https://packages.debian.org/src:python3.7
75: https://packages.debian.org/src:qtbase-opensource-src
76: https://packages.debian.org/src:qtwebengine-opensource-src
77: https://packages.debian.org/src:quassel
78: https://packages.debian.org/src:qwinff
79: https://packages.debian.org/src:raspi3-firmware
80: https://packages.debian.org/src:ros-ros-comm
81: https://packages.debian.org/src:roundcube
82: https://packages.debian.org/src:schleuder
83: https://packages.debian.org/src:simplesamlphp
84: https://packages.debian.org/src:sogo-connector
85: https://packages.debian.org/src:spf-engine
86: https://packages.debian.org/src:sudo
87: https://packages.debian.org/src:systemd
88: https://packages.debian.org/src:tifffile
89: https://packages.debian.org/src:tigervnc
90: https://packages.debian.org/src:tightvnc
91: https://packages.debian.org/src:uif
92: https://packages.debian.org/src:unhide
93: https://packages.debian.org/src:x2goclient
94: https://packages.debian.org/src:xmltooling

Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

+----------------+--------------------------+
| Advisory ID | Package |
+----------------+--------------------------+
| DSA-4546?[95] | openjdk-11?[96] |
| | |
| DSA-4563?[97] | webkit2gtk?[98] |
| | |
| DSA-4564?[99] | linux?[100] |
| | |
| DSA-4564?[101] | linux-signed-i386?[102] |
| | |
| DSA-4564?[103] | linux-signed-arm64?[104] |
| | |
| DSA-4564?[105] | linux-signed-amd64?[106] |
| | |
| DSA-4565?[107] | intel-microcode?[108] |
| | |
| DSA-4566?[109] | qemu?[110] |
| | |
| DSA-4567?[111] | dpdk?[112] |
| | |
| DSA-4568?[113] | postgresql-common?[114] |
| | |
| DSA-4569?[115] | ghostscript?[116] |
| | |
| DSA-4570?[117] | mosquitto?[118] |
| | |
| DSA-4571?[119] | enigmail?[120] |
| | |
| DSA-4571?[121] | thunderbird?[122] |
| | |
| DSA-4572?[123] | slurm-llnl?[124] |
| | |
| DSA-4573?[125] | symfony?[126] |
| | |
| DSA-4575?[127] | chromium?[128] |
| | |
| DSA-4577?[129] | haproxy?[130] |
| | |
| DSA-4578?[131] | libvpx?[132] |
| | |
| DSA-4579?[133] | nss?[134] |
| | |
| DSA-4580?[135] | firefox-esr?[136] |
| | |
| DSA-4581?[137] | git?[138] |
| | |
| DSA-4582?[139] | davical?[140] |
| | |
| DSA-4583?[141] | spip?[142] |
| | |
| DSA-4584?[143] | spamassassin?[144] |
| | |
| DSA-4585?[145] | thunderbird?[146] |
| | |
| DSA-4586?[147] | ruby2.5?[148] |
| | |
| DSA-4588?[149] | python-ecdsa?[150] |
| | |
| DSA-4589?[151] | debian-edu-config?[152] |
| | |
| DSA-4590?[153] | cyrus-imapd?[154] |
| | |
| DSA-4591?[155] | cyrus-sasl2?[156] |
| | |
| DSA-4592?[157] | mediawiki?[158] |
| | |
| DSA-4593?[159] | freeimage?[160] |
| | |
| DSA-4595?[161] | debian-lan-config?[162] |
| | |
| DSA-4597?[163] | netty?[164] |
| | |
| DSA-4598?[165] | python-django?[166] |
| | |
| DSA-4599?[167] | wordpress?[168] |
| | |
| DSA-4600?[169] | firefox-esr?[170] |
| | |
| DSA-4601?[171] | ldm?[172] |
| | |
| DSA-4602?[173] | xen?[174] |
| | |
| DSA-4603?[175] | thunderbird?[176] |
| | |
| DSA-4604?[177] | cacti?[178] |
| | |
| DSA-4605?[179] | openjdk-11?[180] |
| | |
| DSA-4606?[181] | chromium?[182] |
| | |
| DSA-4607?[183] | openconnect?[184] |
| | |
| DSA-4608?[185] | tiff?[186] |
| | |
| DSA-4609?[187] | python-apt?[188] |
| | |
| DSA-4610?[189] | webkit2gtk?[190] |
| | |
| DSA-4611?[191] | opensmtpd?[192] |
| | |
| DSA-4612?[193] | prosody-modules?[194] |
| | |
| DSA-4613?[195] | libidn2?[196] |
| | |
| DSA-4615?[197] | spamassassin?[198] |
| | |
+----------------+--------------------------+

95: https://www.debian.org/security/2019/dsa-4546
96: https://packages.debian.org/src:openjdk-11
97: https://www.debian.org/security/2019/dsa-4563
98: https://packages.debian.org/src:webkit2gtk
99: https://www.debian.org/security/2019/dsa-4564
100: https://packages.debian.org/src:linux
101: https://www.debian.org/security/2019/dsa-4564
102: https://packages.debian.org/src:linux-signed-i386
103: https://www.debian.org/security/2019/dsa-4564
104: https://packages.debian.org/src:linux-signed-arm64
105: https://www.debian.org/security/2019/dsa-4564
106: https://packages.debian.org/src:linux-signed-amd64
107: https://www.debian.org/security/2019/dsa-4565
108: https://packages.debian.org/src:intel-microcode
109: https://www.debian.org/security/2019/dsa-4566
110: https://packages.debian.org/src:qemu
111: https://www.debian.org/security/2019/dsa-4567
112: https://packages.debian.org/src:dpdk
113: https://www.debian.org/security/2019/dsa-4568
114: https://packages.debian.org/src:postgresql-common
115: https://www.debian.org/security/2019/dsa-4569
116: https://packages.debian.org/src:ghostscript
117: https://www.debian.org/security/2019/dsa-4570
118: https://packages.debian.org/src:mosquitto
119: https://www.debian.org/security/2019/dsa-4571
120: https://packages.debian.org/src:enigmail
121: https://www.debian.org/security/2019/dsa-4571
122: https://packages.debian.org/src:thunderbird
123: https://www.debian.org/security/2019/dsa-4572
124: https://packages.debian.org/src:slurm-llnl
125: https://www.debian.org/security/2019/dsa-4573
126: https://packages.debian.org/src:symfony
127: https://www.debian.org/security/2019/dsa-4575
128: https://packages.debian.org/src:chromium
129: https://www.debian.org/security/2019/dsa-4577
130: https://packages.debian.org/src:haproxy
131: https://www.debian.org/security/2019/dsa-4578
132: https://packages.debian.org/src:libvpx
133: https://www.debian.org/security/2019/dsa-4579
134: https://packages.debian.org/src:nss
135: https://www.debian.org/security/2019/dsa-4580
136: https://packages.debian.org/src:firefox-esr
137: https://www.debian.org/security/2019/dsa-4581
138: https://packages.debian.org/src:git
139: https://www.debian.org/security/2019/dsa-4582
140: https://packages.debian.org/src:davical
141: https://www.debian.org/security/2019/dsa-4583
142: https://packages.debian.org/src:spip
143: https://www.debian.org/security/2019/dsa-4584
144: https://packages.debian.org/src:spamassassin
145: https://www.debian.org/security/2019/dsa-4585
146: https://packages.debian.org/src:thunderbird
147: https://www.debian.org/security/2019/dsa-4586
148: https://packages.debian.org/src:ruby2.5
149: https://www.debian.org/security/2019/dsa-4588
150: https://packages.debian.org/src:python-ecdsa
151: https://www.debian.org/security/2019/dsa-4589
152: https://packages.debian.org/src:debian-edu-config
153: https://www.debian.org/security/2019/dsa-4590
154: https://packages.debian.org/src:cyrus-imapd
155: https://www.debian.org/security/2019/dsa-4591
156: https://packages.debian.org/src:cyrus-sasl2
157: https://www.debian.org/security/2019/dsa-4592
158: https://packages.debian.org/src:mediawiki
159: https://www.debian.org/security/2019/dsa-4593
160: https://packages.debian.org/src:freeimage
161: https://www.debian.org/security/2019/dsa-4595
162: https://packages.debian.org/src:debian-lan-config
163: https://www.debian.org/security/2020/dsa-4597
164: https://packages.debian.org/src:netty
165: https://www.debian.org/security/2020/dsa-4598
166: https://packages.debian.org/src:python-django
167: https://www.debian.org/security/2020/dsa-4599
168: https://packages.debian.org/src:wordpress
169: https://www.debian.org/security/2020/dsa-4600
170: https://packages.debian.org/src:firefox-esr
171: https://www.debian.org/security/2020/dsa-4601
172: https://packages.debian.org/src:ldm
173: https://www.debian.org/security/2020/dsa-4602
174: https://packages.debian.org/src:xen
175: https://www.debian.org/security/2020/dsa-4603
176: https://packages.debian.org/src:thunderbird
177: https://www.debian.org/security/2020/dsa-4604
178: https://packages.debian.org/src:cacti
179: https://www.debian.org/security/2020/dsa-4605
180: https://packages.debian.org/src:openjdk-11
181: https://www.debian.org/security/2020/dsa-4606
182: https://packages.debian.org/src:chromium
183: https://www.debian.org/security/2020/dsa-4607
184: https://packages.debian.org/src:openconnect
185: https://www.debian.org/security/2020/dsa-4608
186: https://packages.debian.org/src:tiff
187: https://www.debian.org/security/2020/dsa-4609
188: https://packages.debian.org/src:python-apt
189: https://www.debian.org/security/2020/dsa-4610
190: https://packages.debian.org/src:webkit2gtk
191: https://www.debian.org/security/2020/dsa-4611
192: https://packages.debian.org/src:opensmtpd
193: https://www.debian.org/security/2020/dsa-4612
194: https://packages.debian.org/src:prosody-modules
195: https://www.debian.org/security/2020/dsa-4613
196: https://packages.debian.org/src:libidn2
197: https://www.debian.org/security/2020/dsa-4615
198: https://packages.debian.org/src:spamassassin

Removed packages
----------------

The following packages were removed due to circumstances beyond our
control:

+----------------------+-----------------------------------------------+
| Package | Reason |
+----------------------+-----------------------------------------------+
| caml-crush?[199] | [armel] Unbuildable due to lack of ocaml- |
| | native-compilers |
| | |
| firetray?[200] | Incompatible with current Thunderbird |
| | versions |
| | |
| koji?[201] | Security issues |
| | |
| python-lamson?[202] | Broken by changes in python-daemon |
| | |
| radare2?[203] | Security issues; upstream do not offer stable |
| | support |
| | |
| radare2-cutter?[204] | Depends on to-be-removed radare2 |
| | |
+----------------------+-----------------------------------------------+

199: https://packages.debian.org/src:caml-crush
200: https://packages.debian.org/src:firetray
201: https://packages.debian.org/src:koji
202: https://packages.debian.org/src:python-lamson
203: https://packages.debian.org/src:radare2
204: https://packages.debian.org/src:radare2-cutter

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into
stable by the point release.

URLs
----

The complete lists of packages that have changed with this revision:

http://ftp.debian.org/debian/dists/buster/ChangeLog

The current stable distribution:

http://ftp.debian.org/debian/dists/stable/

Proposed updates to the stable distribution:

http://ftp.debian.org/debian/dists/proposed-updates

stable distribution information (release notes, errata etc.):

https://www.debian.org/releases/stable/

Security announcements and information:

https://www.debian.org/security/


About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.

Contact Information
-------------------

For further information, please visit the Debian web pages at
https://www.debian.org/, send mail to , or contact the
stable release team at .

Debian10