Debian 10225 Published by

The fourth update of Debian GNU/Linux 9 has been released



------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 9: 9.4 released press@debian.org
March 10th, 2018 https://www.debian.org/News/2018/20180310
------------------------------------------------------------------------

The Debian project is pleased to announce the fourth update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release.

New installation images will be available soon at the regular locations.

Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at:

https://www.debian.org/mirror/list



Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following packages:

+-------------------------+-------------------------------------------+
| Package | Reason |
+-------------------------+-------------------------------------------+
| acme-tiny [1] | Fix outdated version of the subscriber |
| | agreement |
| | |
| activity-log- | Add missing dependency on python- |
| manager [2] | zeitgeist |
| | |
| agenda.app [3] | Fix creation of tasks and appointments |
| | |
| apparmor [4] | Move the features file to /usr/share/ |
| | apparmor-features; pin the AppArmor |
| | feature set to Stretch's kernel |
| | |
| auto-apt-proxy [5] | Move apt configuration away on removal, |
| | and put it back on reinstalls |
| | |
| bareos [6] | Fix backups failing with "No Volume name |
| | given" |
| | |
| base-files [7] | Update for the point release |
| | |
| cappuccino [8] | Add missing dependency on gir1.2-gtk-3.0 |
| | |
| cerealizer [9] | Fix Python3 dependencies |
| | |
| clamav [10] | New upstream release; security update |
| | [CVE-2017-6418 CVE-2017-6420 CVE-2017- |
| | 12374 CVE-2017-12375 CVE-2017-12376 |
| | CVE-2017-12377 CVE-2017-12378 CVE-2017- |
| | 12379 CVE-2017-12380] |
| | |
| cron [11] | Properly transition system jobs to |
| | system_cronjob_t SELinux context and stop |
| | relying on refpolicy specific identifiers |
| | |
| cups [12] | Fix execution of arbitrary IPP commands |
| | by sending POST requests to the CUPS |
| | daemon in conjunction with DNS rebinding |
| | [CVE-2017-18190] |
| | |
| dbus [13] | New upstream release; raise file |
| | descriptor limit sooner, fixing a |
| | regression in local DoS fix |
| | |
| debian-edu-config [14] | Pre-configure Chromium Webbrowser system- |
| | wide to auto-detect the http proxy |
| | settings via WPAD; allow joining of |
| | Windows 10 clients to the Samba NT4-style |
| | domain |
| | |
| debian-installer [15] | Bump Linux kernel version from 4.9.0-4 to |
| | 4.9.0-6 |
| | |
| debian-installer- | Update to 20170615+deb9u3 images, from |
| netboot-images [16] | stretch-proposed-updates |
| | |
| directfb [17] | Fix architecture-based filter to actually |
| | install drivers |
| | |
| dpdk [18] | Update to new stable point release |
| | |
| espeakup [19] | udeb: fix case where card 0 does not have |
| | an id or where cards have non-contiguous |
| | indexes; use English by default; use card |
| | id in installed system to avoid issues |
| | with card detection ordering |
| | |
| exam [20] | Fix Python3 dependencies |
| | |
| flatpak [21] | New upstream release; fix a D-Bus |
| | filtering bypass in flatpak-dbus-proxy; |
| | ignore unrecognised permission strings, |
| | instead of failing; do not allow legacy |
| | eavesdropping on the D-Bus session bus |
| | |
| fuse-zip [22] | Fix writeback fail with libzip 1.0 |
| | |
| glade [23] | Fix possible infinite loop |
| | |
| glibc [24] | Do not update /etc/nsswitch.conf when its |
| | content already matches the default; |
| | debian/script.in/nohwcap.sh: always check |
| | for all optimized packages as multiarch |
| | allows one to install foreign |
| | architectures; avoid use-after-free read |
| | access in clntudp_call [CVE-2017-12133]; |
| | define collation for Malayalam chillu |
| | characters and correct collation of U |
| | +0D36 and U+0D37 Malayalam characters; |
| | fix invalid cast in group merging |
| | affecting ppc64 and s390x; fix |
| | compatibility with Intel C++ __regcall |
| | calling convention; install the libc- |
| | otherbuild postinst and postrm in the |
| | libc6-i686 transitional package, to make |
| | sure /etc/ld.so.nohwcap is correctly |
| | removed after an upgrade |
| | |
| global [25] | Gozilla: quote URLs before passing them |
| | to BROWSER [CVE-2017-17531] |
| | |
| gnumail [26] | Stop linking to OpenSSL |
| | |
| golang-github-go-ldap- | Require explicit intention for empty |
| ldap [27] | password |
| | |
| gosa-plugin- | Fix deprecated constructor call |
| pwreset [28] | |
| | |
| grilo-plugins [29] | Fix Radio France source |
| | |
| hdf5 [30] | Fix javahelper invocation |
| | |
| inputlirc [31] | Include input-event-codes.h instead of |
| | input.h, fixing build failure |
| | |
| intercal [32] | Recompile with PIE |
| | |
| java-atk-wrapper [33] | Fix iterator initialization; fix missing |
| | reference for children |
| | |
| kildclient [34] | Drop support for user-defined browsers |
| | [CVE-2017-17511] |
| | |
| libdate-holidays-de- | Mark Reformation Day as a holiday in |
| perl [35] | Hamburg and Schleswig-Holstein from 2018 |
| | onwards |
| | |
| libdatetime-timezone- | New upstream version |
| perl [36] | |
| | |
| libhibernate-validator- | Fix potential privilege escalation by |
| java [37] | circumventing security manager |
| | permissions [CVE-2017-7536] |
| | |
| libperlx-assert- | Add missing dependencies on libkeyword- |
| perl [38] | simple-perl, libdevel-declare-perl |
| | |
| libreoffice [39] | Let FunctionAccess execute WEBSERVICE; |
| | use the right error code on WEBSERVICE() |
| | failures |
| | |
| libvhdi [40] | Add missing Python3 dependency |
| | |
| libvirt [41] | QEMU: shared disks with cache=directsync |
| | should be safe for migration; avoid |
| | denial of service reading from QEMU |
| | monitor [CVE-2018-5748] |
| | |
| linux [42] | New upstream version |
| | |
| lxc [43] | Fix the creation of testing and unstable |
| | containers by including "iproute2" |
| | rather than "iproute" |
| | |
| mapproxy [44] | Fix Cross Site Scripting (XSS) issue in |
| | demo service [CVE-2017-1000426] |
| | |
| mosquitto [45] | Fix persistence file being world-readable |
| | [CVE-2017-9868] |
| | |
| mpi4py [46] | Support current version of libmpi |
| | |
| ncurses [47] | Fix buffer overflow in the |
| | _nc_write_entry function [CVE-2017-16879] |
| | |
| needrestart [48] | Fix switching to list mode if debconf is |
| | run non-interactively |
| | |
| ntp [49] | Increase stack size to at least 32kB |
| | |
| nvidia-graphics- | New upstream release |
| drivers- | |
| legacy-304xx [50] | |
| | |
| nvidia-graphics- | New upstream release |
| drivers- | |
| legacy-340xx [51] | |
| | |
| nvidia-modprobe [52] | New upstream release; run setuid(0) |
| | before forking modprobe to preserve |
| | privileges through shell invocations and |
| | recursive modprobe calls |
| | |
| nvidia- | New upstream release |
| persistenced [53] | |
| | |
| nvidia-settings [54] | New upstream release; fix a bug that |
| | prevented changes to stereo eye |
| | assignment from getting applied from the |
| | nvidia-settings control panel |
| | |
| nvidia-xconfig [55] | New upstream release; fix a regression |
| | that prevented nvidia-xconfig from |
| | querying some GPUs, e.g. when running |
| | `nvidia-xconfig -a` |
| | |
| ocfs2-tools [56] | Migrate from using rcS to standard |
| | runlevels |
| | |
| opendmarc [57] | Update opendmarc service file so changes |
| | in opendmarc.conf are used |
| | |
| openssh [58] | Fix "in read-only mode, sftp-server was |
| | incorrectly permitting creation of zero- |
| | length files" [CVE-2017-15906] |
| | |
| osinfo-db [59] | Update included data |
| | |
| pdns-recursor [60] | Rebuild against publicsuffix |
| | 20171028.2055-0+deb9u1 |
| | |
| postfix [61] | New upstream bugfix release; don't log |
| | warnings that some restriction returns |
| | OK, when the access map DISCARD feature |
| | is in effect; add missing dynamicmaps |
| | support in the Postfix sendmail command; |
| | fix sending to some sites with "TLSA 2 X |
| | X" records |
| | |
| postgresql-9.6 [62] | New upstream version |
| | |
| publicsuffix [63] | Update included data |
| | |
| python-evtx [64] | Fix missing Python3 dependency |
| | |
| python-hacking [65] | Fix Python3 dependencies |
| | |
| python-hkdf [66] | Fix Python3 dependencies |
| | |
| python-mimeparse [67] | Fix Python3 dependencies |
| | |
| python-pyperclip [68] | Fix Python3 dependencies |
| | |
| python-spake2 [69] | Fix Python3 dependencies |
| | |
| qtpass [70] | Fix insecure built-in password generator |
| | [CVE-2017-18021] |
| | |
| quota [71] | Prevent quotacheck from running into an |
| | endless loop |
| | |
| reportbug [72] | Don't send mail to secure-testing- |
| | team@lists.alioth.debian.org any more |
| | |
| rpy [73] | Rebuild against r-base 3.3 |
| | |
| ruby-redis-store [74] | Allow unsafe objects to be loaded from |
| | redis [CVE-2017-1000248] |
| | |
| salt [75] | Fix directory traversal vulnerability on |
| | salt-master via crafted minion IDs |
| | [CVE-2017-12791], directory traversal |
| | vulnerability in minion id validation in |
| | SaltStack [CVE-2017-14695], remote Denial |
| | of Service with a specially crafted |
| | authentication request [CVE-2017-14696]; |
| | check if data[return] is dict type |
| | |
| slic3r [76] | Patch "use lib" line in all installed |
| | binaries; workaround missing |
| | GL_MULTISAMPLE macro; fix importing |
| | binary STLs on big-endian architectures |
| | |
| soundtouch [77] | Security fixes [CVE-2017-9258 CVE-2017- |
| | 9259 CVE-2017-9260] |
| | |
| systemd [78] | networkd: Handle MTU field in IPv6 RA; |
| | add a linker script to help prevent |
| | symbol collisions, particularly with PAM |
| | modules; resolved: Fix loop on packets |
| | with pseudo dns types [CVE-2017-15908]; |
| | machinectl: Don't output "No machines." |
| | with --no-legend option |
| | |
| tzdata [79] | New upstream version |
| | |
| ust [80] | Fix loading of Python agent library |
| | |
| uwsgi [81] | Fix stack-based buffer overflow in |
| | uwsgi_expand_path function [CVE-2018- |
| | 6758] |
| | |
| vagrant [82] | Download boxes from app.vagrantcloud.com |
| | instead of the deprecated |
| | atlas.hashicorp.com |
| | |
| vdirsyncer [83] | Fix discovery of Google contacts |
| | |
| virt-what [84] | Unbreak virt detection on arm/aarch64 |
| | |
| w3m [85] | Fix stack overflow [CVE-2018-6196], null |
| | deref [CVE-2018-6197], /tmp file races |
| | [CVE-2018-6198] |
| | |
| waagent [86] | New upstream version |
| | |
| webkit2gtk [87] | New upstream stable release |
| | |
| xchain [88] | Fix dependency on "wish" |
| | |
| xrdp [89] | Fix security issue [CVE-2017-16927]; fix |
| | high CPU load on ssl_tls_accept |
| | |
+-------------------------+-------------------------------------------+

1: https://packages.debian.org/src:acme-tiny
2: https://packages.debian.org/src:activity-log-manager
3: https://packages.debian.org/src:agenda.app
4: https://packages.debian.org/src:apparmor
5: https://packages.debian.org/src:auto-apt-proxy
6: https://packages.debian.org/src:bareos
7: https://packages.debian.org/src:base-files
8: https://packages.debian.org/src:cappuccino
9: https://packages.debian.org/src:cerealizer
10: https://packages.debian.org/src:clamav
11: https://packages.debian.org/src:cron
12: https://packages.debian.org/src:cups
13: https://packages.debian.org/src:dbus
14: https://packages.debian.org/src:debian-edu-config
15: https://packages.debian.org/src:debian-installer
16: https://packages.debian.org/src:debian-installer-netboot-images
17: https://packages.debian.org/src:directfb
18: https://packages.debian.org/src:dpdk
19: https://packages.debian.org/src:espeakup
20: https://packages.debian.org/src:exam
21: https://packages.debian.org/src:flatpak
22: https://packages.debian.org/src:fuse-zip
23: https://packages.debian.org/src:glade
24: https://packages.debian.org/src:glibc
25: https://packages.debian.org/src:global
26: https://packages.debian.org/src:gnumail
27: https://packages.debian.org/src:golang-github-go-ldap-ldap
28: https://packages.debian.org/src:gosa-plugin-pwreset
29: https://packages.debian.org/src:grilo-plugins
30: https://packages.debian.org/src:hdf5
31: https://packages.debian.org/src:inputlirc
32: https://packages.debian.org/src:intercal
33: https://packages.debian.org/src:java-atk-wrapper
34: https://packages.debian.org/src:kildclient
35: https://packages.debian.org/src:libdate-holidays-de-perl
36: https://packages.debian.org/src:libdatetime-timezone-perl
37: https://packages.debian.org/src:libhibernate-validator-java
38: https://packages.debian.org/src:libperlx-assert-perl
39: https://packages.debian.org/src:libreoffice
40: https://packages.debian.org/src:libvhdi
41: https://packages.debian.org/src:libvirt
42: https://packages.debian.org/src:linux
43: https://packages.debian.org/src:lxc
44: https://packages.debian.org/src:mapproxy
45: https://packages.debian.org/src:mosquitto
46: https://packages.debian.org/src:mpi4py
47: https://packages.debian.org/src:ncurses
48: https://packages.debian.org/src:needrestart
49: https://packages.debian.org/src:ntp
50: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-304xx
51: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-340xx
52: https://packages.debian.org/src:nvidia-modprobe
53: https://packages.debian.org/src:nvidia-persistenced
54: https://packages.debian.org/src:nvidia-settings
55: https://packages.debian.org/src:nvidia-xconfig
56: https://packages.debian.org/src:ocfs2-tools
57: https://packages.debian.org/src:opendmarc
58: https://packages.debian.org/src:openssh
59: https://packages.debian.org/src:osinfo-db
60: https://packages.debian.org/src:pdns-recursor
61: https://packages.debian.org/src:postfix
62: https://packages.debian.org/src:postgresql-9.6
63: https://packages.debian.org/src:publicsuffix
64: https://packages.debian.org/src:python-evtx
65: https://packages.debian.org/src:python-hacking
66: https://packages.debian.org/src:python-hkdf
67: https://packages.debian.org/src:python-mimeparse
68: https://packages.debian.org/src:python-pyperclip
69: https://packages.debian.org/src:python-spake2
70: https://packages.debian.org/src:qtpass
71: https://packages.debian.org/src:quota
72: https://packages.debian.org/src:reportbug
73: https://packages.debian.org/src:rpy
74: https://packages.debian.org/src:ruby-redis-store
75: https://packages.debian.org/src:salt
76: https://packages.debian.org/src:slic3r
77: https://packages.debian.org/src:soundtouch
78: https://packages.debian.org/src:systemd
79: https://packages.debian.org/src:tzdata
80: https://packages.debian.org/src:ust
81: https://packages.debian.org/src:uwsgi
82: https://packages.debian.org/src:vagrant
83: https://packages.debian.org/src:vdirsyncer
84: https://packages.debian.org/src:virt-what
85: https://packages.debian.org/src:w3m
86: https://packages.debian.org/src:waagent
87: https://packages.debian.org/src:webkit2gtk
88: https://packages.debian.org/src:xchain
89: https://packages.debian.org/src:xrdp

Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

+----------------+------------------------+
| Advisory ID | Package |
+----------------+------------------------+
| DSA-4054 [90] | tor [91] |
| | |
| DSA-4055 [92] | heimdal [93] |
| | |
| DSA-4056 [94] | nova [95] |
| | |
| DSA-4057 [96] | erlang [97] |
| | |
| DSA-4058 [98] | optipng [99] |
| | |
| DSA-4059 [100] | libxcursor [101] |
| | |
| DSA-4060 [102] | wireshark [103] |
| | |
| DSA-4061 [104] | thunderbird [105] |
| | |
| DSA-4062 [106] | firefox-esr [107] |
| | |
| DSA-4063 [108] | pdns-recursor [109] |
| | |
| DSA-4065 [110] | openssl1.0 [111] |
| | |
| DSA-4066 [112] | otrs2 [113] |
| | |
| DSA-4067 [114] | openafs [115] |
| | |
| DSA-4068 [116] | rsync [117] |
| | |
| DSA-4069 [118] | otrs2 [119] |
| | |
| DSA-4070 [120] | enigmail [121] |
| | |
| DSA-4071 [122] | sensible-utils [123] |
| | |
| DSA-4072 [124] | bouncycastle [125] |
| | |
| DSA-4073 [126] | linux [127] |
| | |
| DSA-4075 [128] | thunderbird [129] |
| | |
| DSA-4076 [130] | asterisk [131] |
| | |
| DSA-4077 [132] | gimp [133] |
| | |
| DSA-4078 [134] | linux [135] |
| | |
| DSA-4078 [136] | linux-latest [137] |
| | |
| DSA-4079 [138] | poppler [139] |
| | |
| DSA-4080 [140] | php7.0 [141] |
| | |
| DSA-4083 [142] | poco [143] |
| | |
| DSA-4084 [144] | gifsicle [145] |
| | |
| DSA-4086 [146] | libxml2 [147] |
| | |
| DSA-4087 [148] | transmission [149] |
| | |
| DSA-4088 [150] | gdk-pixbuf [151] |
| | |
| DSA-4089 [152] | bind9 [153] |
| | |
| DSA-4090 [154] | wordpress [155] |
| | |
| DSA-4092 [156] | awstats [157] |
| | |
| DSA-4093 [158] | openocd [159] |
| | |
| DSA-4094 [160] | smarty3 [161] |
| | |
| DSA-4095 [162] | gcab [163] |
| | |
| DSA-4096 [164] | firefox-esr [165] |
| | |
| DSA-4097 [166] | poppler [167] |
| | |
| DSA-4098 [168] | curl [169] |
| | |
| DSA-4099 [170] | ffmpeg [171] |
| | |
| DSA-4100 [172] | tiff [173] |
| | |
| DSA-4101 [174] | wireshark [175] |
| | |
| DSA-4102 [176] | thunderbird [177] |
| | |
| DSA-4104 [178] | p7zip [179] |
| | |
| DSA-4105 [180] | mpv [181] |
| | |
| DSA-4106 [182] | libtasn1-6 [183] |
| | |
| DSA-4107 [184] | django-anymail [185] |
| | |
| DSA-4108 [186] | mailman [187] |
| | |
| DSA-4109 [188] | ruby-omniauth [189] |
| | |
| DSA-4110 [190] | exim4 [191] |
| | |
| DSA-4111 [192] | libreoffice [193] |
| | |
| DSA-4112 [194] | xen [195] |
| | |
| DSA-4114 [196] | jackson-databind [197] |
| | |
| DSA-4115 [198] | quagga [199] |
| | |
| DSA-4116 [200] | plasma-workspace [201] |
| | |
| DSA-4118 [202] | tomcat-native [203] |
| | |
| DSA-4120 [204] | linux-latest [205] |
| | |
| DSA-4120 [206] | linux [207] |
| | |
| DSA-4121 [208] | gcc-6 [209] |
| | |
| DSA-4122 [210] | squid3 [211] |
| | |
| DSA-4123 [212] | drupal7 [213] |
| | |
| DSA-4124 [214] | lucene-solr [215] |
| | |
| DSA-4125 [216] | wavpack [217] |
| | |
| DSA-4126 [218] | xmltooling [219] |
| | |
| DSA-4127 [220] | simplesamlphp [221] |
| | |
| DSA-4128 [222] | trafficserver [223] |
| | |
| DSA-4129 [224] | freexl [225] |
| | |
| DSA-4130 [226] | dovecot [227] |
| | |
| DSA-4131 [228] | xen [229] |
| | |
| DSA-4132 [230] | libvpx [231] |
| | |
+----------------+------------------------+

90: https://www.debian.org/security/2017/dsa-4054
91: https://packages.debian.org/src:tor
92: https://www.debian.org/security/2017/dsa-4055
93: https://packages.debian.org/src:heimdal
94: https://www.debian.org/security/2017/dsa-4056
95: https://packages.debian.org/src:nova
96: https://www.debian.org/security/2017/dsa-4057
97: https://packages.debian.org/src:erlang
98: https://www.debian.org/security/2017/dsa-4058
99: https://packages.debian.org/src:optipng
100: https://www.debian.org/security/2017/dsa-4059
101: https://packages.debian.org/src:libxcursor
102: https://www.debian.org/security/2017/dsa-4060
103: https://packages.debian.org/src:wireshark
104: https://www.debian.org/security/2017/dsa-4061
105: https://packages.debian.org/src:thunderbird
106: https://www.debian.org/security/2017/dsa-4062
107: https://packages.debian.org/src:firefox-esr
108: https://www.debian.org/security/2017/dsa-4063
109: https://packages.debian.org/src:pdns-recursor
110: https://www.debian.org/security/2017/dsa-4065
111: https://packages.debian.org/src:openssl1.0
112: https://www.debian.org/security/2017/dsa-4066
113: https://packages.debian.org/src:otrs2
114: https://www.debian.org/security/2017/dsa-4067
115: https://packages.debian.org/src:openafs
116: https://www.debian.org/security/2017/dsa-4068
117: https://packages.debian.org/src:rsync
118: https://www.debian.org/security/2017/dsa-4069
119: https://packages.debian.org/src:otrs2
120: https://www.debian.org/security/2017/dsa-4070
121: https://packages.debian.org/src:enigmail
122: https://www.debian.org/security/2017/dsa-4071
123: https://packages.debian.org/src:sensible-utils
124: https://www.debian.org/security/2017/dsa-4072
125: https://packages.debian.org/src:bouncycastle
126: https://www.debian.org/security/2017/dsa-4073
127: https://packages.debian.org/src:linux
128: https://www.debian.org/security/2017/dsa-4075
129: https://packages.debian.org/src:thunderbird
130: https://www.debian.org/security/2017/dsa-4076
131: https://packages.debian.org/src:asterisk
132: https://www.debian.org/security/2017/dsa-4077
133: https://packages.debian.org/src:gimp
134: https://www.debian.org/security/2018/dsa-4078
135: https://packages.debian.org/src:linux
136: https://www.debian.org/security/2018/dsa-4078
137: https://packages.debian.org/src:linux-latest
138: https://www.debian.org/security/2018/dsa-4079
139: https://packages.debian.org/src:poppler
140: https://www.debian.org/security/2018/dsa-4080
141: https://packages.debian.org/src:php7.0
142: https://www.debian.org/security/2018/dsa-4083
143: https://packages.debian.org/src:poco
144: https://www.debian.org/security/2018/dsa-4084
145: https://packages.debian.org/src:gifsicle
146: https://www.debian.org/security/2018/dsa-4086
147: https://packages.debian.org/src:libxml2
148: https://www.debian.org/security/2018/dsa-4087
149: https://packages.debian.org/src:transmission
150: https://www.debian.org/security/2018/dsa-4088
151: https://packages.debian.org/src:gdk-pixbuf
152: https://www.debian.org/security/2018/dsa-4089
153: https://packages.debian.org/src:bind9
154: https://www.debian.org/security/2018/dsa-4090
155: https://packages.debian.org/src:wordpress
156: https://www.debian.org/security/2018/dsa-4092
157: https://packages.debian.org/src:awstats
158: https://www.debian.org/security/2018/dsa-4093
159: https://packages.debian.org/src:openocd
160: https://www.debian.org/security/2018/dsa-4094
161: https://packages.debian.org/src:smarty3
162: https://www.debian.org/security/2018/dsa-4095
163: https://packages.debian.org/src:gcab
164: https://www.debian.org/security/2018/dsa-4096
165: https://packages.debian.org/src:firefox-esr
166: https://www.debian.org/security/2018/dsa-4097
167: https://packages.debian.org/src:poppler
168: https://www.debian.org/security/2018/dsa-4098
169: https://packages.debian.org/src:curl
170: https://www.debian.org/security/2018/dsa-4099
171: https://packages.debian.org/src:ffmpeg
172: https://www.debian.org/security/2018/dsa-4100
173: https://packages.debian.org/src:tiff
174: https://www.debian.org/security/2018/dsa-4101
175: https://packages.debian.org/src:wireshark
176: https://www.debian.org/security/2018/dsa-4102
177: https://packages.debian.org/src:thunderbird
178: https://www.debian.org/security/2018/dsa-4104
179: https://packages.debian.org/src:p7zip
180: https://www.debian.org/security/2018/dsa-4105
181: https://packages.debian.org/src:mpv
182: https://www.debian.org/security/2018/dsa-4106
183: https://packages.debian.org/src:libtasn1-6
184: https://www.debian.org/security/2018/dsa-4107
185: https://packages.debian.org/src:django-anymail
186: https://www.debian.org/security/2018/dsa-4108
187: https://packages.debian.org/src:mailman
188: https://www.debian.org/security/2018/dsa-4109
189: https://packages.debian.org/src:ruby-omniauth
190: https://www.debian.org/security/2018/dsa-4110
191: https://packages.debian.org/src:exim4
192: https://www.debian.org/security/2018/dsa-4111
193: https://packages.debian.org/src:libreoffice
194: https://www.debian.org/security/2018/dsa-4112
195: https://packages.debian.org/src:xen
196: https://www.debian.org/security/2018/dsa-4114
197: https://packages.debian.org/src:jackson-databind
198: https://www.debian.org/security/2018/dsa-4115
199: https://packages.debian.org/src:quagga
200: https://www.debian.org/security/2018/dsa-4116
201: https://packages.debian.org/src:plasma-workspace
202: https://www.debian.org/security/2018/dsa-4118
203: https://packages.debian.org/src:tomcat-native
204: https://www.debian.org/security/2018/dsa-4120
205: https://packages.debian.org/src:linux-latest
206: https://www.debian.org/security/2018/dsa-4120
207: https://packages.debian.org/src:linux
208: https://www.debian.org/security/2018/dsa-4121
209: https://packages.debian.org/src:gcc-6
210: https://www.debian.org/security/2018/dsa-4122
211: https://packages.debian.org/src:squid3
212: https://www.debian.org/security/2018/dsa-4123
213: https://packages.debian.org/src:drupal7
214: https://www.debian.org/security/2018/dsa-4124
215: https://packages.debian.org/src:lucene-solr
216: https://www.debian.org/security/2018/dsa-4125
217: https://packages.debian.org/src:wavpack
218: https://www.debian.org/security/2018/dsa-4126
219: https://packages.debian.org/src:xmltooling
220: https://www.debian.org/security/2018/dsa-4127
221: https://packages.debian.org/src:simplesamlphp
222: https://www.debian.org/security/2018/dsa-4128
223: https://packages.debian.org/src:trafficserver
224: https://www.debian.org/security/2018/dsa-4129
225: https://packages.debian.org/src:freexl
226: https://www.debian.org/security/2018/dsa-4130
227: https://packages.debian.org/src:dovecot
228: https://www.debian.org/security/2018/dsa-4131
229: https://packages.debian.org/src:xen
230: https://www.debian.org/security/2018/dsa-4132
231: https://packages.debian.org/src:libvpx

Removed packages
----------------

The following packages were removed due to circumstances beyond our control:

+-----------------+-------------------------------------------------+
| Package | Reason |
+-----------------+-------------------------------------------------+
| dolibarr [232] | Too much work to maintain it properly in Debian |
| | |
| electrum [233] | Security issues; broken due to upstream changes |
| | |
| jirc [234] | Broken with stretch's libpoe-filter-xml-perl |
| | |
| pgmodeler [235] | Incompatible with stretch's Postgresql |
| | |
| seelablet [236] | Abandoned upstream; broken |
| | |
+-----------------+-------------------------------------------------+

232: https://packages.debian.org/src:dolibarr
233: https://packages.debian.org/src:electrum
234: https://packages.debian.org/src:jirc
235: https://packages.debian.org/src:pgmodeler
236: https://packages.debian.org/src:seelablet

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into stable by the point release.


URLs
----

The complete lists of packages that have changed with this revision:

http://ftp.debian.org/debian/dists/stretch/ChangeLog


The current stable distribution:

http://ftp.debian.org/debian/dists/stable/


Proposed updates to the stable distribution:

http://ftp.debian.org/debian/dists/proposed-updates


stable distribution information (release notes, errata etc.):

https://www.debian.org/releases/stable/


Security announcements and information:

https://security.debian.org/ [237]

237: https://www.debian.org/security/


About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.
  Debian GNU/Linux 9.4 released