Debian 10223 Published by

The fourth update of Debian GNU/Linux 10 with latest security updates and a few adjustments for serious problems is available. 



Updated Debian 10: 10.4 released

------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 10: 10.4 released press@debian.org
May 9th, 2020 https://www.debian.org/News/2020/20200509
------------------------------------------------------------------------

The Debian project is pleased to announce the fourth update of its  stable distribution Debian 10 (codename "buster"). This point release  mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

Please note that the point release does not constitute a new version of Debian 10 but only updates some of the packages included. There is no need to throw away old "buster" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release.

New installation images will be available soon at the regular locations.

Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at:

https://www.debian.org/mirror/list



Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following packages:

+---------------------------+-----------------------------------------+
| Package | Reason |
+---------------------------+-----------------------------------------+
| apt-cacher-ng [1] | Enforce secured call to the server in |
| | maintenance job triggering [CVE-2020- |
| | 5202]; allow .zst compression for |
| | tarballs; increase size of the |
| | decompression line buffer for |
| | configuration file reading |
| | |
| backuppc [2] | Pass the username to start-stop-daemon |
| | when reloading, preventing reload |
| | failures |
| | |
| base-files [3] | Update for the point release |
| | |
| brltty [4] | Reduce severity of log message to avoid |
| | generating too many messages when used |
| | with new Orca versions |
| | |
| checkstyle [5] | Fix XML External Entity injection issue |
| | [CVE-2019-9658 CVE-2019-10782] |
| | |
| choose-mirror [6] | Update included mirror list |
| | |
| clamav [7] | New upstream release [CVE-2020-3123] |
| | |
| corosync [8] | totemsrp: Reduce MTU to avoid |
| | generating oversized packets |
| | |
| corosync-qdevice [9] | Fix service startup |
| | |
| csync2 [10] | Fail HELLO command when SSL is required |
| | |
| cups [11] | Fix heap buffer overflow [CVE-2020- |
| | 3898] and "the `ippReadIO` function |
| | may under-read an extension |
| | field" [CVE-2019-8842] |
| | |
| dav4tbsync [12] | New upstream release, restoring |
| | compatibility with newer Thunderbird |
| | versions |
| | |
| debian-edu-config [13] | Add policy files for Firefox ESR and |
| | Thunderbird to fix the TLS/SSL setup |
| | |
| debian-installer [14] | Update for the 4.19.0-9 kernel ABI |
| | |
| debian-installer-netboot- | Rebuild against proposed-updates |
| images [15] | |
| | |
| debian-security- | New upstream stable release; update |
| support [16] | status of several packages; use |
| | "runuser" rather than "su" |
| | |
| distro-info-data [17] | Add Ubuntu 20.10, and likely end of |
| | support date for stretch |
| | |
| dojo [18] | Fix improper regular expression usage |
| | [CVE-2019-10785] |
| | |
| dpdk [19] | New upstream stable release |
| | |
| dtv-scan-tables [20] | New upstream snapshot; add all current |
| | German DVB-T2 muxes and the Eutelsat-5- |
| | West-A satellite |
| | |
| eas4tbsync [21] | New upstream release, restoring |
| | compatibility with newer Thunderbird |
| | versions |
| | |
| edk2 [22] | Security fixes [CVE-2019-14558 |
| | CVE-2019-14559 CVE-2019-14563 CVE-2019- |
| | 14575 CVE-2019-14586 CVE-2019-14587] |
| | |
| el-api [23] | Fix stretch to buster upgrades that |
| | involve Tomcat 8 |
| | |
| fex [24] | Fix a potential security issue in |
| | fexsrv |
| | |
| filezilla [25] | Fix untrusted search path vulnerability |
| | [CVE-2019-5429] |
| | |
| frr [26] | Fix extended next hop capability |
| | |
| fuse [27] | Remove outdated udevadm commands from |
| | post-install scripts; don't explicitly |
| | remove fuse.conf on purge |
| | |
| fuse3 [28] | Remove outdated udevadm commands from |
| | post-install scripts; don't explicitly |
| | remove fuse.conf on purge; fix memory |
| | leak in fuse_session_new() |
| | |
| golang-github-prometheus- | Extend validity of test certificates |
| common [29] | |
| | |
| gosa [30] | Replace (un)serialize with json_encode/ |
| | json_decode to mitigate PHP object |
| | injection [CVE-2019-14466] |
| | |
| hbci4java [31] | Support EU directive on payment |
| | services (PSD2) |
| | |
| hibiscus [32] | Support EU directive on payment |
| | services (PSD2) |
| | |
| iputils [33] | Correct an issue in which ping would |
| | improperly exit with a failure code |
| | when there were untried addresses still |
| | available in the getaddrinfo() library |
| | call return value |
| | |
| ircd-hybrid [34] | Use dhparam.pem to avoid crash on |
| | startup |
| | |
| jekyll [35] | Allow use of ruby-i18n 0.x and 1.x |
| | |
| jsp-api [36] | Fix stretch to buster upgrades that |
| | involve Tomcat 8 |
| | |
| lemonldap-ng [37] | Prevent unwanted access to |
| | administration endpoints [CVE-2019- |
| | 19791]; fix the GrantSession plugin |
| | which could not prohibit logon when two |
| | factor authentication was used; fix |
| | arbitrary redirects with OIDC if |
| | redirect_uri was not used |
| | |
| libdatetime-timezone- | Update included data |
| perl [38] | |
| | |
| libreoffice [39] | Fix OpenGL slide transitions |
| | |
| libssh [40] | Fix possible denial of service issue |
| | when handling AES-CTR keys with OpenSSL |
| | [CVE-2020-1730] |
| | |
| libvncserver [41] | Fix heap overflow [CVE-2019-15690] |
| | |
| linux [42] | New upstream stable release |
| | |
| linux-latest [43] | Update kernel ABI to 4.19.0-9 |
| | |
| linux-signed-amd64 [44] | New upstream stable release |
| | |
| linux-signed-arm64 [45] | New upstream stable release |
| | |
| linux-signed-i386 [46] | New upstream stable release |
| | |
| lwip [47] | Fix buffer overflow [CVE-2020-8597] |
| | |
| lxc-templates [48] | New upstream stable release; handle |
| | languages that are only UTF-8 encoded |
| | |
| manila [49] | Fix missing access permissions check |
| | [CVE-2020-9543] |
| | |
| megatools [50] | Add support for the new format of |
| | mega.nz links |
| | |
| mew [51] | Fix server SSL certificate validity |
| | checking |
| | |
| mew-beta [52] | Fix server SSL certificate validity |
| | checking |
| | |
| mkvtoolnix [53] | Rebuild to tighten libmatroska6v5 |
| | dependency |
| | |
| ncbi-blast+ [54] | Disable SSE4.2 support |
| | |
| node-anymatch [55] | Remove unnecessary dependencies |
| | |
| node-dot [56] | Prevent code execution after prototype |
| | pollution [CVE-2020-8141] |
| | |
| node-dot-prop [57] | Fix prototype pollution [CVE-2020-8116] |
| | |
| node-knockout [58] | Fix escaping with older Internet |
| | Explorer versions [CVE-2019-14862] |
| | |
| node-mongodb [59] | Reject invalid _bsontypes [CVE-2019- |
| | 2391 CVE-2020-7610] |
| | |
| node-yargs-parser [60] | Fix prototype pollution [CVE-2020-7608] |
| | |
| npm [61] | Fix arbitrary path access [CVE-2019- |
| | 16775 CVE-2019-16776 CVE-2019-16777] |
| | |
| nvidia-graphics- | New upstream stable release |
| drivers [62] | |
| | |
| nvidia-graphics-drivers- | New upstream stable release |
| legacy-390xx [63] | |
| | |
| nvidia-settings- | New upstream release |
| legacy-340xx [64] | |
| | |
| oar [65] | Revert to stretch behavior for |
| | Storable::dclone perl function, fixing |
| | recursion depth issues |
| | |
| opam [66] | Prefer mccs over aspcud |
| | |
| openvswitch [67] | Fix vswitchd abort when a port is added |
| | and the controller is down |
| | |
| orocos-kdl [68] | Fix string conversion with Python 3 |
| | |
| owfs [69] | Remove broken Python 3 packages |
| | |
| pango1.0 [70] | Fix crash in |
| | pango_fc_font_key_get_variations() when |
| | key is null |
| | |
| pgcli [71] | Add missing dependency on python3-pkg- |
| | resources |
| | |
| php-horde-data [72] | Fix authenticated remote code execution |
| | vulnerability [CVE-2020-8518] |
| | |
| php-horde-form [73] | Fix authenticated remote code execution |
| | vulnerability [CVE-2020-8866] |
| | |
| php-horde-trean [74] | Fix authenticated remote code execution |
| | vulnerability [CVE-2020-8865] |
| | |
| postfix [75] | New upstream stable release; fix panic |
| | with Postfix multi-Milter configuration |
| | during MAIL FROM; fix d/init.d running |
| | change so it works with multi-instance |
| | again |
| | |
| proftpd-dfsg [76] | Fix memory access issue in keyboard- |
| | interative code in mod_sftp; properly |
| | handle DEBUG, IGNORE, DISCONNECT, and |
| | UNIMPLEMENTED messages in keyboard- |
| | interactive mode |
| | |
| puma [77] | Fix Denial of Service issue [CVE-2019- |
| | 16770] |
| | |
| purple-discord [78] | Fix crashes in ssl_nss_read |
| | |
| python-oslo.utils [79] | Fix leak of sensitive information via |
| | mistral logs [CVE-2019-3866] |
| | |
| rails [80] | Fix possible cross-site scripting via |
| | Javascript escape helper [CVE-2020- |
| | 5267] |
| | |
| rake [81] | Fix command injection vulnerability |
| | [CVE-2020-8130] |
| | |
| raspi3-firmware [82] | Fix dtb names mismatch in z50-raspi- |
| | firmware; fix boot on Raspberry Pi |
| | families 1 and 0 |
| | |
| resource-agents [83] | Fix "ethmonitor does not list |
| | interfaces without assigned IP |
| | address" ; remove no longer required |
| | xen-toolstack patch; fix non-standard |
| | usage in ZFS agent |
| | |
| rootskel [84] | Disable multiple console support if |
| | preseeding is in use |
| | |
| ruby-i18n [85] | Fix gemspec generation |
| | |
| rubygems-integration [86] | Avoid deprecation warnings when users |
| | install a newer version of Rubygems via |
| | "gem update --system" |
| | |
| schleuder [87] | Improve patch to handle encoding errors |
| | introduced in the previous version; |
| | switch default encoding to UTF-8; let |
| | x-add-key handle mails with attached, |
| | quoted-printable encoded keys; fix x- |
| | attach-listkey with mails created by |
| | Thunderbird that include protected |
| | headers |
| | |
| scilab [88] | Fix library loading with OpenJDK 11.0.7 |
| | |
| serverspec-runner [89] | Support Ruby 2.5 |
| | |
| softflowd [90] | Fix broken flow aggregation which might |
| | result in flow table overflow and 100% |
| | CPU usage |
| | |
| speech-dispatcher [91] | Fix default pulseaudio latency which |
| | triggers "scratchy" output |
| | |
| spl-linux [92] | Fix deadlock |
| | |
| sssd [93] | Fix sssd_be busy-looping when LDAP |
| | connection is intermittent |
| | |
| systemd [94] | when authorizing via PolicyKit re- |
| | resolve callback/userdata instead of |
| | caching it [CVE-2020-1712]; install 60- |
| | block.rules in udev-udeb and initramfs- |
| | tools |
| | |
| taglib [95] | Fix corruption issues with OGG files |
| | |
| tbsync [96] | New upstream release, restoring |
| | compatibility with newer Thunderbird |
| | versions |
| | |
| timeshift [97] | Fix predictable temporary directory use |
| | [CVE-2020-10174] |
| | |
| tinyproxy [98] | Only set PIDDIR, if PIDFILE is a non- |
| | zero length string |
| | |
| tzdata [99] | New upstream stable release |
| | |
| uim [100] | unregister modules that are not |
| | installed, fixing a regression in the |
| | previous upload |
| | |
| user-mode-linux [101] | Fix build failure with current stable |
| | kernels |
| | |
| vite [102] | Fix crash when there are more than 32 |
| | elements |
| | |
| waagent [103] | New upstream release; support co- |
| | installation with cloud-init |
| | |
| websocket-api [104] | Fix stretch to buster upgrades that |
| | involve Tomcat 8 |
| | |
| wpa [105] | Do not try to detect PSK mismatch |
| | during PTK rekeying; check for FT |
| | support when selecting FT suites; fix |
| | MAC randomisation issue with some cards |
| | |
| xdg-utils [106] | xdg-open: fix pcmanfm check and |
| | handling of directories with spaces in |
| | their names; xdg-screensaver: Sanitise |
| | window name before sending it over D- |
| | Bus; xdg-mime: Create config directory |
| | if it does not exist yet |
| | |
| xtrlock [107] | Fix blocking of (some) multitouch |
| | devices while locked [CVE-2016-10894] |
| | |
| zfs-linux [108] | Fix potential deadlock issues |
| | |
+---------------------------+-----------------------------------------+

1: https://packages.debian.org/src:apt-cacher-ng
2: https://packages.debian.org/src:backuppc
3: https://packages.debian.org/src:base-files
4: https://packages.debian.org/src:brltty
5: https://packages.debian.org/src:checkstyle
6: https://packages.debian.org/src:choose-mirror
7: https://packages.debian.org/src:clamav
8: https://packages.debian.org/src:corosync
9: https://packages.debian.org/src:corosync-qdevice
10: https://packages.debian.org/src:csync2
11: https://packages.debian.org/src:cups
12: https://packages.debian.org/src:dav4tbsync
13: https://packages.debian.org/src:debian-edu-config
14: https://packages.debian.org/src:debian-installer
15: https://packages.debian.org/src:debian-installer-netboot-images
16: https://packages.debian.org/src:debian-security-support
17: https://packages.debian.org/src:distro-info-data
18: https://packages.debian.org/src:dojo
19: https://packages.debian.org/src:dpdk
20: https://packages.debian.org/src:dtv-scan-tables
21: https://packages.debian.org/src:eas4tbsync
22: https://packages.debian.org/src:edk2
23: https://packages.debian.org/src:el-api
24: https://packages.debian.org/src:fex
25: https://packages.debian.org/src:filezilla
26: https://packages.debian.org/src:frr
27: https://packages.debian.org/src:fuse
28: https://packages.debian.org/src:fuse3
29: https://packages.debian.org/src:golang-github-prometheus-common
30: https://packages.debian.org/src:gosa
31: https://packages.debian.org/src:hbci4java
32: https://packages.debian.org/src:hibiscus
33: https://packages.debian.org/src:iputils
34: https://packages.debian.org/src:ircd-hybrid
35: https://packages.debian.org/src:jekyll
36: https://packages.debian.org/src:jsp-api
37: https://packages.debian.org/src:lemonldap-ng
38: https://packages.debian.org/src:libdatetime-timezone-perl
39: https://packages.debian.org/src:libreoffice
40: https://packages.debian.org/src:libssh
41: https://packages.debian.org/src:libvncserver
42: https://packages.debian.org/src:linux
43: https://packages.debian.org/src:linux-latest
44: https://packages.debian.org/src:linux-signed-amd64
45: https://packages.debian.org/src:linux-signed-arm64
46: https://packages.debian.org/src:linux-signed-i386
47: https://packages.debian.org/src:lwip
48: https://packages.debian.org/src:lxc-templates
49: https://packages.debian.org/src:manila
50: https://packages.debian.org/src:megatools
51: https://packages.debian.org/src:mew
52: https://packages.debian.org/src:mew-beta
53: https://packages.debian.org/src:mkvtoolnix
54: https://packages.debian.org/src:ncbi-blast+
55: https://packages.debian.org/src:node-anymatch
56: https://packages.debian.org/src:node-dot
57: https://packages.debian.org/src:node-dot-prop
58: https://packages.debian.org/src:node-knockout
59: https://packages.debian.org/src:node-mongodb
60: https://packages.debian.org/src:node-yargs-parser
61: https://packages.debian.org/src:npm
62: https://packages.debian.org/src:nvidia-graphics-drivers
63: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-390xx
64: https://packages.debian.org/src:nvidia-settings-legacy-340xx
65: https://packages.debian.org/src:oar
66: https://packages.debian.org/src:opam
67: https://packages.debian.org/src:openvswitch
68: https://packages.debian.org/src:orocos-kdl
69: https://packages.debian.org/src:owfs
70: https://packages.debian.org/src:pango1.0
71: https://packages.debian.org/src:pgcli
72: https://packages.debian.org/src:php-horde-data
73: https://packages.debian.org/src:php-horde-form
74: https://packages.debian.org/src:php-horde-trean
75: https://packages.debian.org/src:postfix
76: https://packages.debian.org/src:proftpd-dfsg
77: https://packages.debian.org/src:puma
78: https://packages.debian.org/src:purple-discord
79: https://packages.debian.org/src:python-oslo.utils
80: https://packages.debian.org/src:rails
81: https://packages.debian.org/src:rake
82: https://packages.debian.org/src:raspi3-firmware
83: https://packages.debian.org/src:resource-agents
84: https://packages.debian.org/src:rootskel
85: https://packages.debian.org/src:ruby-i18n
86: https://packages.debian.org/src:rubygems-integration
87: https://packages.debian.org/src:schleuder
88: https://packages.debian.org/src:scilab
89: https://packages.debian.org/src:serverspec-runner
90: https://packages.debian.org/src:softflowd
91: https://packages.debian.org/src:speech-dispatcher
92: https://packages.debian.org/src:spl-linux
93: https://packages.debian.org/src:sssd
94: https://packages.debian.org/src:systemd
95: https://packages.debian.org/src:taglib
96: https://packages.debian.org/src:tbsync
97: https://packages.debian.org/src:timeshift
98: https://packages.debian.org/src:tinyproxy
99: https://packages.debian.org/src:tzdata
100: https://packages.debian.org/src:uim
101: https://packages.debian.org/src:user-mode-linux
102: https://packages.debian.org/src:vite
103: https://packages.debian.org/src:waagent
104: https://packages.debian.org/src:websocket-api
105: https://packages.debian.org/src:wpa
106: https://packages.debian.org/src:xdg-utils
107: https://packages.debian.org/src:xtrlock
108: https://packages.debian.org/src:zfs-linux

Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

+----------------+-----------------------------+
| Advisory ID | Package |
+----------------+-----------------------------+
| DSA-4616 [109] | qemu [110] |
| | |
| DSA-4617 [111] | qtbase-opensource-src [112] |
| | |
| DSA-4618 [113] | libexif [114] |
| | |
| DSA-4619 [115] | libxmlrpc3-java [116] |
| | |
| DSA-4620 [117] | firefox-esr [118] |
| | |
| DSA-4623 [119] | postgresql-11 [120] |
| | |
| DSA-4624 [121] | evince [122] |
| | |
| DSA-4625 [123] | thunderbird [124] |
| | |
| DSA-4627 [125] | webkit2gtk [126] |
| | |
| DSA-4629 [127] | python-django [128] |
| | |
| DSA-4630 [129] | python-pysaml2 [130] |
| | |
| DSA-4631 [131] | pillow [132] |
| | |
| DSA-4632 [133] | ppp [134] |
| | |
| DSA-4633 [135] | curl [136] |
| | |
| DSA-4634 [137] | opensmtpd [138] |
| | |
| DSA-4635 [139] | proftpd-dfsg [140] |
| | |
| DSA-4636 [141] | python-bleach [142] |
| | |
| DSA-4637 [143] | network-manager-ssh [144] |
| | |
| DSA-4638 [145] | chromium [146] |
| | |
| DSA-4639 [147] | firefox-esr [148] |
| | |
| DSA-4640 [149] | graphicsmagick [150] |
| | |
| DSA-4641 [151] | webkit2gtk [152] |
| | |
| DSA-4642 [153] | thunderbird [154] |
| | |
| DSA-4643 [155] | python-bleach [156] |
| | |
| DSA-4644 [157] | tor [158] |
| | |
| DSA-4645 [159] | chromium [160] |
| | |
| DSA-4646 [161] | icu [162] |
| | |
| DSA-4647 [163] | bluez [164] |
| | |
| DSA-4648 [165] | libpam-krb5 [166] |
| | |
| DSA-4649 [167] | haproxy [168] |
| | |
| DSA-4650 [169] | qbittorrent [170] |
| | |
| DSA-4651 [171] | mediawiki [172] |
| | |
| DSA-4652 [173] | gnutls28 [174] |
| | |
| DSA-4653 [175] | firefox-esr [176] |
| | |
| DSA-4654 [177] | chromium [178] |
| | |
| DSA-4655 [179] | firefox-esr [180] |
| | |
| DSA-4656 [181] | thunderbird [182] |
| | |
| DSA-4657 [183] | git [184] |
| | |
| DSA-4658 [185] | webkit2gtk [186] |
| | |
| DSA-4659 [187] | git [188] |
| | |
| DSA-4660 [189] | awl [190] |
| | |
| DSA-4661 [191] | openssl [192] |
| | |
| DSA-4663 [193] | python-reportlab [194] |
| | |
| DSA-4664 [195] | mailman [196] |
| | |
| DSA-4665 [197] | qemu [198] |
| | |
| DSA-4666 [199] | openldap [200] |
| | |
| DSA-4667 [201] | linux-signed-amd64 [202] |
| | |
| DSA-4667 [203] | linux-signed-arm64 [204] |
| | |
| DSA-4667 [205] | linux-signed-i386 [206] |
| | |
| DSA-4667 [207] | linux [208] |
| | |
| DSA-4669 [209] | nodejs [210] |
| | |
| DSA-4671 [211] | vlc [212] |
| | |
| DSA-4672 [213] | trafficserver [214] |
| | |
+----------------+-----------------------------+

109: https://www.debian.org/security/2020/dsa-4616
110: https://packages.debian.org/src:qemu
111: https://www.debian.org/security/2020/dsa-4617
112: https://packages.debian.org/src:qtbase-opensource-src
113: https://www.debian.org/security/2020/dsa-4618
114: https://packages.debian.org/src:libexif
115: https://www.debian.org/security/2020/dsa-4619
116: https://packages.debian.org/src:libxmlrpc3-java
117: https://www.debian.org/security/2020/dsa-4620
118: https://packages.debian.org/src:firefox-esr
119: https://www.debian.org/security/2020/dsa-4623
120: https://packages.debian.org/src:postgresql-11
121: https://www.debian.org/security/2020/dsa-4624
122: https://packages.debian.org/src:evince
123: https://www.debian.org/security/2020/dsa-4625
124: https://packages.debian.org/src:thunderbird
125: https://www.debian.org/security/2020/dsa-4627
126: https://packages.debian.org/src:webkit2gtk
127: https://www.debian.org/security/2020/dsa-4629
128: https://packages.debian.org/src:python-django
129: https://www.debian.org/security/2020/dsa-4630
130: https://packages.debian.org/src:python-pysaml2
131: https://www.debian.org/security/2020/dsa-4631
132: https://packages.debian.org/src:pillow
133: https://www.debian.org/security/2020/dsa-4632
134: https://packages.debian.org/src:ppp
135: https://www.debian.org/security/2020/dsa-4633
136: https://packages.debian.org/src:curl
137: https://www.debian.org/security/2020/dsa-4634
138: https://packages.debian.org/src:opensmtpd
139: https://www.debian.org/security/2020/dsa-4635
140: https://packages.debian.org/src:proftpd-dfsg
141: https://www.debian.org/security/2020/dsa-4636
142: https://packages.debian.org/src:python-bleach
143: https://www.debian.org/security/2020/dsa-4637
144: https://packages.debian.org/src:network-manager-ssh
145: https://www.debian.org/security/2020/dsa-4638
146: https://packages.debian.org/src:chromium
147: https://www.debian.org/security/2020/dsa-4639
148: https://packages.debian.org/src:firefox-esr
149: https://www.debian.org/security/2020/dsa-4640
150: https://packages.debian.org/src:graphicsmagick
151: https://www.debian.org/security/2020/dsa-4641
152: https://packages.debian.org/src:webkit2gtk
153: https://www.debian.org/security/2020/dsa-4642
154: https://packages.debian.org/src:thunderbird
155: https://www.debian.org/security/2020/dsa-4643
156: https://packages.debian.org/src:python-bleach
157: https://www.debian.org/security/2020/dsa-4644
158: https://packages.debian.org/src:tor
159: https://www.debian.org/security/2020/dsa-4645
160: https://packages.debian.org/src:chromium
161: https://www.debian.org/security/2020/dsa-4646
162: https://packages.debian.org/src:icu
163: https://www.debian.org/security/2020/dsa-4647
164: https://packages.debian.org/src:bluez
165: https://www.debian.org/security/2020/dsa-4648
166: https://packages.debian.org/src:libpam-krb5
167: https://www.debian.org/security/2020/dsa-4649
168: https://packages.debian.org/src:haproxy
169: https://www.debian.org/security/2020/dsa-4650
170: https://packages.debian.org/src:qbittorrent
171: https://www.debian.org/security/2020/dsa-4651
172: https://packages.debian.org/src:mediawiki
173: https://www.debian.org/security/2020/dsa-4652
174: https://packages.debian.org/src:gnutls28
175: https://www.debian.org/security/2020/dsa-4653
176: https://packages.debian.org/src:firefox-esr
177: https://www.debian.org/security/2020/dsa-4654
178: https://packages.debian.org/src:chromium
179: https://www.debian.org/security/2020/dsa-4655
180: https://packages.debian.org/src:firefox-esr
181: https://www.debian.org/security/2020/dsa-4656
182: https://packages.debian.org/src:thunderbird
183: https://www.debian.org/security/2020/dsa-4657
184: https://packages.debian.org/src:git
185: https://www.debian.org/security/2020/dsa-4658
186: https://packages.debian.org/src:webkit2gtk
187: https://www.debian.org/security/2020/dsa-4659
188: https://packages.debian.org/src:git
189: https://www.debian.org/security/2020/dsa-4660
190: https://packages.debian.org/src:awl
191: https://www.debian.org/security/2020/dsa-4661
192: https://packages.debian.org/src:openssl
193: https://www.debian.org/security/2020/dsa-4663
194: https://packages.debian.org/src:python-reportlab
195: https://www.debian.org/security/2020/dsa-4664
196: https://packages.debian.org/src:mailman
197: https://www.debian.org/security/2020/dsa-4665
198: https://packages.debian.org/src:qemu
199: https://www.debian.org/security/2020/dsa-4666
200: https://packages.debian.org/src:openldap
201: https://www.debian.org/security/2020/dsa-4667
202: https://packages.debian.org/src:linux-signed-amd64
203: https://www.debian.org/security/2020/dsa-4667
204: https://packages.debian.org/src:linux-signed-arm64
205: https://www.debian.org/security/2020/dsa-4667
206: https://packages.debian.org/src:linux-signed-i386
207: https://www.debian.org/security/2020/dsa-4667
208: https://packages.debian.org/src:linux
209: https://www.debian.org/security/2020/dsa-4669
210: https://packages.debian.org/src:nodejs
211: https://www.debian.org/security/2020/dsa-4671
212: https://packages.debian.org/src:vlc
213: https://www.debian.org/security/2020/dsa-4672
214: https://packages.debian.org/src:trafficserver

Removed packages
----------------

The following packages were removed due to circumstances beyond our control:

+-------------------------+--------------------------------------------+
| Package | Reason |
+-------------------------+--------------------------------------------+
| getlive [215] | Broken due to Hotmail changes |
| | |
| gplaycli [216] | Broken by Google API changes |
| | |
| kerneloops [217] | Upstream service no longer available |
| | |
| lambda-align2 [218] | [arm64 armel armhf i386 mips64el ppc64el |
| | s390x] Broken on non-amd64 architectures |
| | |
| libmicrodns [219] | Security issues |
| | |
| libperlspeak-perl [220] | Security issues; unmaintained |
| | |
| quotecolors [221] | Incompatible with newer Thunderbird |
| | versions |
| | |
| torbirdy [222] | Incompatible with newer Thunderbird |
| | versions |
| | |
| ugene [223] | Non-free; fails to build |
| | |
| yahoo2mbox [224] | Broken for several years |
| | |
+-------------------------+--------------------------------------------+

215: https://packages.debian.org/src:getlive
216: https://packages.debian.org/src:gplaycli
217: https://packages.debian.org/src:kerneloops
218: https://packages.debian.org/src:lambda-align2
219: https://packages.debian.org/src:libmicrodns
220: https://packages.debian.org/src:libperlspeak-perl
221: https://packages.debian.org/src:quotecolors
222: https://packages.debian.org/src:torbirdy
223: https://packages.debian.org/src:ugene
224: https://packages.debian.org/src:yahoo2mbox

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into stable by the point release.


URLs
----

The complete lists of packages that have changed with this revision:

http://ftp.debian.org/debian/dists/buster/ChangeLog


The current stable distribution:

http://ftp.debian.org/debian/dists/stable/


Proposed updates to the stable distribution:

http://ftp.debian.org/debian/dists/proposed-updates


stable distribution information (release notes, errata etc.):

https://www.debian.org/releases/stable/


Security announcements and information:

https://www.debian.org/security/



About Debian
------------

The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian.

Debiangnu10