Debian 10220 Published by

Debian GNU/Linux 9.6 has been released



------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 9: 9.6 released press@debian.org
November 10th, 2018 https://www.debian.org/News/2018/20181110
------------------------------------------------------------------------


The Debian project is pleased to announce the sixth update of its stable
distribution Debian 9 (codename "stretch"). This point release mainly
adds corrections for security issues, along with a few adjustments for
serious problems. Security advisories have already been published
separately and are referenced where available.

Please note that the point release does not constitute a new version of
Debian 9 but only updates some of the packages included. There is no
need to throw away old "stretch" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.

New installation images will be available soon at the regular locations.

Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:

https://www.debian.org/mirror/list

Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

+---------------------------+-----------------------------------------+
| Package | Reason |
+---------------------------+-----------------------------------------+
| accerciser [1] | Fix accessing items without a |
| | compositor; fix Python console; add |
| | missing dependency on python3-xlib |
| | |
| apache2 [2] | mod_http2: Fix DoS by worker exhaustion |
| | [CVE-2018-1333] and by continuous |
| | SETTINGS [CVE-2018-11763]; |
| | mod_proxy_fcgi: Fix segfault |
| | |
| base-files [3] | Update /etc/debian_version for the |
| | point release |
| | |
| brltty [4] | Fix polkit authentication |
| | |
| canna [5] | Fix file conflict between canna-dbgsym |
| | and canna-utils-dbgsym |
| | |
| cargo [6] | New package to support Firefox ESR60 |
| | build |
| | |
| clamav [7] | New upstream release; fix HWP integer |
| | overflow, infinite loop vulnerability |
| | [CVE-2018-0360]; fix PDF object length |
| | check issue, unreasonably long time to |
| | parse relatively small file [CVE-2018- |
| | 0361]; new upstream version; fix |
| | Denial-of-Service issue [CVE-2018- |
| | 15378]; fix infinite loop in dpkg- |
| | reconfigure |
| | |
| confuse [8] | Fix an out of bound read in |
| | trim_whitespace [CVE-2018-14447] |
| | |
| debian-installer [9] | Update for -8 kernel ABI |
| | |
| debian-installer-netboot- | Rebuild for the point release |
| images [10] | |
| | |
| dnsmasq [11] | trust-anchors.conf: include latest DNS |
| | trust anchor KSK-2017 |
| | |
| dom4j [12] | Fix XML injection attack [CVE-2018- |
| | 1000632]; compile with source/target |
| | 1.5 to fix a compilation issue with |
| | String.format |
| | |
| dpdk [13] | New upstream stable release |
| | |
| dropbear [14] | Fix user enumeration vulnerability |
| | [CVE-2018-15599] |
| | |
| easytag [15] | Fix OGG corruption |
| | |
| enigmail [16] | Add compatibility with newer |
| | Thunderbird versions |
| | |
| espeakup [17] | espeakup.service: Automatically load |
| | speakup_soft on daemon startup |
| | |
| fastforward [18] | Fix segfaults on 64-bit architectures |
| | |
| firetray [19] | Add compatibility with newer |
| | Thunderbird versions |
| | |
| firmware-nonfree [20] | Fix security issues in Broadcom wifi |
| | firmware [CVE-2016-0801 CVE-2017-0561 |
| | CVE-2017-9417 CVE-2017-13077 CVE-2017- |
| | 13078 CVE-2017-13079 CVE-2017-13080 |
| | CVE-2017-13081]; re-add transitional |
| | packages for firmware-{adi,ralink} |
| | |
| fofix-dfsg [21] | Fix error at startup |
| | |
| fuse [22] | Whitelist autofs and FAT as valid |
| | mountpoint filesystems |
| | |
| ganeti [23] | Properly verify SSL certificates during |
| | VM export; sign generated certificates |
| | using SHA256 instead of SHA1; make bash |
| | completions autoloadable |
| | |
| globus-gsi- | Fix issue with voms proxy and openssl |
| credential [24] | 1.1 |
| | |
| gnupg2 [25] | Security fixes; backport functionality |
| | required for new enigmail |
| | |
| gnutls28 [26] | Fix security issues [CVE-2018-10844 |
| | CVE-2018-10845] |
| | |
| gphoto2-cffi [27] | Make python3-gphoto2cffi work again |
| | |
| grub2 [28] | grub-mknetdir: Add support for ARM64 |
| | EFI; change the default TSC calibration |
| | method to pmtimer on EFI systems |
| | |
| hdparm [29] | Only enable APM on disks that advertise |
| | it |
| | |
| https-everywhere [30] | Backport new upstream version, for |
| | compatibility with Firefox ESR 60 |
| | |
| i3-wm [31] | Fix crash upon restart when using marks |
| | |
| iipimage [32] | Fix Apache configuration |
| | |
| jhead [33] | Fix security issues [CVE-2018-17088 |
| | CVE-2018-16554] |
| | |
| lastpass-cli [34] | Backport hardcoded certificate pins |
| | from lastpass-cli 1.3.1 to reflect |
| | changes in hosted Lastpass.com service |
| | |
| ldap2zone [35] | Fix endless loop checking zone serial |
| | |
| libcgroup [36] | Fix world-accessible (and writeable) |
| | log files [CVE-2018-14348] |
| | |
| libclamunrar [37] | New upstream release |
| | |
| libdap [38] | Fix libdap-doc contents |
| | |
| libdatetime-timezone- | Update included data |
| perl [39] | |
| | |
| libgd2 [40] | Bmp: check return value in |
| | gdImageBmpPtr [CVE-2018-1000222]; fix |
| | potential infinite loop in |
| | gdImageCreateFromGifCtx [CVE-2018-5711] |
| | |
| libmail-deliverystatus- | Remove non-distributable sample spam |
| bounceparser-perl [41] | and viruses |
| | |
| libmspack [42] | Fix out-of-bounds write [CVE-2018- |
| | 18584] and acceptance of "blank" |
| | filenames [CVE-2018-18585] |
| | |
| libopenmpt [43] | Fix "up11: Out-of-bounds read loading |
| | IT / MO3 files with many pattern |
| | loops" [CVE-2018-10017] |
| | |
| libseccomp [44] | Add support for Linux 4.9 syscalls: |
| | preadv2, pwritev2, pkey_mprotect, |
| | pkey_alloc and pkey_free; add support |
| | for statx |
| | |
| libtirpc [45] | rendezvous_request: check the |
| | makefd_xprt return value [CVE-2018- |
| | 14622] |
| | |
| libx11 [46] | Fix several security isses [CVE-2018- |
| | 14598 CVE-2018-14599 CVE-2018-14600] |
| | |
| libxcursor [47] | Fix a denial of service or potentially |
| | code execution via a one-byte heap |
| | overflow [CVE-2015-9262] |
| | |
| libxml-stream-perl [48] | Provide a default CA path |
| | |
| libxml-structured- | Add missing build and runtime |
| perl [49] | dependency on libxml-parser-perl |
| | |
| linux [50] | Xen: Fix boot regression in PV domains; |
| | xen-netfront: Fix regressions; ext4: |
| | fix false negatives *and* false |
| | positives in ext4_check_descriptors(); |
| | udeb: Add virtio_console to virtio- |
| | modules; cdc_ncm: avoid padding beyond |
| | end of skb; revert "sit: reload iphdr |
| | in ipip6_rcv" ; new upstream release |
| | |
| lxcfs [51] | Revert uptime virtualization, fixing |
| | process start times |
| | |
| magicmaze [52] | Depend on fonts-isabella now that ttf- |
| | isabella is a virtual package |
| | |
| mailman [53] | Fix arbitrary text injection |
| | vulnerability in Mailman CGIs |
| | [CVE-2018-13796] |
| | |
| multipath-tools [54] | Avoid deadlock in udev triggers |
| | |
| nagstamon [55] | Address IcingaWeb2 Basic auth issue |
| | |
| network-manager [56] | libnm: Fix accessing enabled and |
| | metered properties; fix out-of-bounds |
| | heap write in dhcpv6 option handling |
| | [CVE-2018-15688] and various other |
| | issues in the sd-network based |
| | dhcp=internal plugin |
| | |
| network-manager- | libnma/pygobject: libnma/NMA must use |
| applet [57] | libnm/NM instead of legacy libraries |
| | |
| ola [58] | Fix typo in /etc/init.d/ |
| | rdm_test_server; fix filename for |
| | jquery in rdm test server static HTML |
| | files |
| | |
| opensc [59] | Fix unbounded recursion and several |
| | out-of-bounds reads or writes |
| | [CVE-2018-16391 CVE-2018-16392 |
| | CVE-2018-16393 CVE-2018-16418 CVE-2018- |
| | 16419 CVE-2018-16420 CVE-2018-16421 |
| | CVE-2018-16422 CVE-2018-16423 CVE-2018- |
| | 16424 CVE-2018-16425 CVE-2018-16426 |
| | CVE-2018-16427] |
| | |
| pkgsel [60] | Install new dependencies when safe- |
| | upgrade (default) is selected |
| | |
| publicsuffix [61] | Update included data |
| | |
| python-django [62] | Default to supporting Spatialite >= 4.2 |
| | |
| python-imaplib2 [63] | Install the correct module for Python |
| | 3; don't use TIMEOUT_MAX |
| | |
| rustc [64] | Enable building on further |
| | architectures: arm64, armel, armhf, |
| | i386, ppc64el, s390x |
| | |
| sddm [65] | Honour PAM's ambient supplemental |
| | groups; add missing utmp/wtmp/btmp |
| | handling |
| | |
| serf [66] | Fix NULL pointer dereference |
| | |
| soundconverter [67] | Fix opus vbr setting |
| | |
| spamassassin [68] | New upstream release; fix denial of |
| | service [CVE-2017-15705], remote code |
| | execution [CVE-2018-11780], code |
| | injection [CVE-2018-11781] and unsafe |
| | usage of "." in @INC [CVE-2016-1238]; |
| | fix spamd service management on package |
| | upgrades |
| | |
| spice-gtk [69] | Fix flexible array buffer overflow |
| | [CVE-2018-10873] |
| | |
| sqlcipher [70] | Avoid a crash when opening a file |
| | |
| subversion [71] | Fix a regression introduced in the |
| | fixes for SHA1 collisions, where |
| | commits would incorrectly fail with a |
| | "Filesystem is corrupt" error if the |
| | delta length is a multiple of 16K |
| | |
| systemd [72] | networkd: Do not fail |
| | manager_connect_bus() if dbus is not |
| | active yet; dhcp6: Make sure we have |
| | enough space for the DHCP6 option |
| | header [CVE-2018-15688] |
| | |
| systraq [73] | Invert logic in order to exit |
| | successfully in case /e/s/Makefile is |
| | missing |
| | |
| tomcat-native [74] | Fix OSCP responder issue that made it |
| | possible for users to authenticate with |
| | revoked certificates when using mutual |
| | TLS [CVE-2018-8019 CVE-2018-8020] |
| | |
| tor [75] | Directory authority changes: retire |
| | "Bifroest" bridge authority, in favour |
| | of "Serge" ; add an IPv6 address for |
| | the "dannenberg" directory authority |
| | |
| tzdata [76] | New upstream release |
| | |
| ublock-origin [77] | Backport new upstream version, for |
| | compatibility with Firefox ESR 60 |
| | |
| unbound [78] | Fix vulnerability in the processing of |
| | wildcard synthesized NSEC records |
| | [CVE-2017-15105] |
| | |
| vagrant [79] | Support VirtualBox 5.2 |
| | |
| vmtk [80] | python-vmtk: Add the missing dependency |
| | on python-vtk6 |
| | |
| wesnoth-1.12 [81] | Disallow loading lua bytecode via load/ |
| | dofile [CVE-2018-1999023] |
| | |
| wpa [82] | Ignore unauthenticated encrypted EAPOL- |
| | Key data [CVE-2018-14526] |
| | |
| x11vnc [83] | Fix two buffer overflows |
| | |
| xapian-core [84] | Fix glass backend bug with long-lived |
| | cursors on a table in a |
| | WritableDatabase which could |
| | incorrectly lead to |
| | DatabaseCorruptError being thrown when |
| | the database was actually OK |
| | |
| xmotd [85] | Avoid crash with hardening flags |
| | |
| xorg-server [86] | GLX: do not pick sRGB config for 32-bit |
| | RGBA visual - fixes various blending |
| | issues with kwin and Mesa >= 18.0 (i.e. |
| | Mesa from stretch-backports) |
| | |
| zutils [87] | Fix a buffer overrun in zcat [CVE-2018- |
| | 1000637] |
| | |
+---------------------------+-----------------------------------------+

1: https://packages.debian.org/src:accerciser
2: https://packages.debian.org/src:apache2
3: https://packages.debian.org/src:base-files
4: https://packages.debian.org/src:brltty
5: https://packages.debian.org/src:canna
6: https://packages.debian.org/src:cargo
7: https://packages.debian.org/src:clamav
8: https://packages.debian.org/src:confuse
9: https://packages.debian.org/src:debian-installer
10: https://packages.debian.org/src:debian-installer-netboot-images
11: https://packages.debian.org/src:dnsmasq
12: https://packages.debian.org/src:dom4j
13: https://packages.debian.org/src:dpdk
14: https://packages.debian.org/src:dropbear
15: https://packages.debian.org/src:easytag
16: https://packages.debian.org/src:enigmail
17: https://packages.debian.org/src:espeakup
18: https://packages.debian.org/src:fastforward
19: https://packages.debian.org/src:firetray
20: https://packages.debian.org/src:firmware-nonfree
21: https://packages.debian.org/src:fofix-dfsg
22: https://packages.debian.org/src:fuse
23: https://packages.debian.org/src:ganeti
24: https://packages.debian.org/src:globus-gsi-credential
25: https://packages.debian.org/src:gnupg2
26: https://packages.debian.org/src:gnutls28
27: https://packages.debian.org/src:gphoto2-cffi
28: https://packages.debian.org/src:grub2
29: https://packages.debian.org/src:hdparm
30: https://packages.debian.org/src:https-everywhere
31: https://packages.debian.org/src:i3-wm
32: https://packages.debian.org/src:iipimage
33: https://packages.debian.org/src:jhead
34: https://packages.debian.org/src:lastpass-cli
35: https://packages.debian.org/src:ldap2zone
36: https://packages.debian.org/src:libcgroup
37: https://packages.debian.org/src:libclamunrar
38: https://packages.debian.org/src:libdap
39: https://packages.debian.org/src:libdatetime-timezone-perl
40: https://packages.debian.org/src:libgd2
41:
https://packages.debian.org/src:libmail-deliverystatus-bounceparser-perl
42: https://packages.debian.org/src:libmspack
43: https://packages.debian.org/src:libopenmpt
44: https://packages.debian.org/src:libseccomp
45: https://packages.debian.org/src:libtirpc
46: https://packages.debian.org/src:libx11
47: https://packages.debian.org/src:libxcursor
48: https://packages.debian.org/src:libxml-stream-perl
49: https://packages.debian.org/src:libxml-structured-perl
50: https://packages.debian.org/src:linux
51: https://packages.debian.org/src:lxcfs
52: https://packages.debian.org/src:magicmaze
53: https://packages.debian.org/src:mailman
54: https://packages.debian.org/src:multipath-tools
55: https://packages.debian.org/src:nagstamon
56: https://packages.debian.org/src:network-manager
57: https://packages.debian.org/src:network-manager-applet
58: https://packages.debian.org/src:ola
59: https://packages.debian.org/src:opensc
60: https://packages.debian.org/src:pkgsel
61: https://packages.debian.org/src:publicsuffix
62: https://packages.debian.org/src:python-django
63: https://packages.debian.org/src:python-imaplib2
64: https://packages.debian.org/src:rustc
65: https://packages.debian.org/src:sddm
66: https://packages.debian.org/src:serf
67: https://packages.debian.org/src:soundconverter
68: https://packages.debian.org/src:spamassassin
69: https://packages.debian.org/src:spice-gtk
70: https://packages.debian.org/src:sqlcipher
71: https://packages.debian.org/src:subversion
72: https://packages.debian.org/src:systemd
73: https://packages.debian.org/src:systraq
74: https://packages.debian.org/src:tomcat-native
75: https://packages.debian.org/src:tor
76: https://packages.debian.org/src:tzdata
77: https://packages.debian.org/src:ublock-origin
78: https://packages.debian.org/src:unbound
79: https://packages.debian.org/src:vagrant
80: https://packages.debian.org/src:vmtk
81: https://packages.debian.org/src:wesnoth-1.12
82: https://packages.debian.org/src:wpa
83: https://packages.debian.org/src:x11vnc
84: https://packages.debian.org/src:xapian-core
85: https://packages.debian.org/src:xmotd
86: https://packages.debian.org/src:xorg-server
87: https://packages.debian.org/src:zutils

Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

+----------------+----------------------------+
| Advisory ID | Package |
+----------------+----------------------------+
| DSA-4074 [88] | imagemagick [89] |
| | |
| DSA-4103 [90] | chromium-browser [91] |
| | |
| DSA-4182 [92] | chromium-browser [93] |
| | |
| DSA-4237 [94] | chromium-browser [95] |
| | |
| DSA-4242 [96] | ruby-sprockets [97] |
| | |
| DSA-4243 [98] | cups [99] |
| | |
| DSA-4244 [100] | thunderbird [101] |
| | |
| DSA-4245 [102] | imagemagick [103] |
| | |
| DSA-4246 [104] | mailman [105] |
| | |
| DSA-4247 [106] | ruby-rack-protection [107] |
| | |
| DSA-4248 [108] | blender [109] |
| | |
| DSA-4249 [110] | ffmpeg [111] |
| | |
| DSA-4250 [112] | wordpress [113] |
| | |
| DSA-4251 [114] | vlc [115] |
| | |
| DSA-4252 [116] | znc [117] |
| | |
| DSA-4253 [118] | network-manager-vpnc [119] |
| | |
| DSA-4254 [120] | slurm-llnl [121] |
| | |
| DSA-4256 [122] | chromium-browser [123] |
| | |
| DSA-4257 [124] | fuse [125] |
| | |
| DSA-4258 [126] | ffmpeg [127] |
| | |
| DSA-4260 [128] | libmspack [129] |
| | |
| DSA-4261 [130] | vim-syntastic [131] |
| | |
| DSA-4262 [132] | symfony [133] |
| | |
| DSA-4263 [134] | cgit [135] |
| | |
| DSA-4264 [136] | python-django [137] |
| | |
| DSA-4265 [138] | xml-security-c [139] |
| | |
| DSA-4266 [140] | linux [141] |
| | |
| DSA-4267 [142] | kamailio [143] |
| | |
| DSA-4268 [144] | openjdk-8 [145] |
| | |
| DSA-4269 [146] | postgresql-9.6 [147] |
| | |
| DSA-4270 [148] | gdm3 [149] |
| | |
| DSA-4271 [150] | samba [151] |
| | |
| DSA-4272 [152] | linux [153] |
| | |
| DSA-4273 [154] | intel-microcode [155] |
| | |
| DSA-4274 [156] | xen [157] |
| | |
| DSA-4275 [158] | keystone [159] |
| | |
| DSA-4276 [160] | php-horde-image [161] |
| | |
| DSA-4277 [162] | mutt [163] |
| | |
| DSA-4278 [164] | jetty9 [165] |
| | |
| DSA-4279 [166] | linux [167] |
| | |
| DSA-4279 [168] | linux-latest [169] |
| | |
| DSA-4280 [170] | openssh [171] |
| | |
| DSA-4281 [172] | tomcat8 [173] |
| | |
| DSA-4282 [174] | trafficserver [175] |
| | |
| DSA-4283 [176] | ruby-json-jwt [177] |
| | |
| DSA-4284 [178] | lcms2 [179] |
| | |
| DSA-4285 [180] | sympa [181] |
| | |
| DSA-4286 [182] | curl [183] |
| | |
| DSA-4287 [184] | firefox-esr [185] |
| | |
| DSA-4288 [186] | ghostscript [187] |
| | |
| DSA-4289 [188] | chromium-browser [189] |
| | |
| DSA-4290 [190] | libextractor [191] |
| | |
| DSA-4291 [192] | mgetty [193] |
| | |
| DSA-4292 [194] | kamailio [195] |
| | |
| DSA-4293 [196] | discount [197] |
| | |
| DSA-4294 [198] | ghostscript [199] |
| | |
| DSA-4295 [200] | thunderbird [201] |
| | |
| DSA-4296 [202] | mbedtls [203] |
| | |
| DSA-4297 [204] | chromium-browser [205] |
| | |
| DSA-4298 [206] | hylafax [207] |
| | |
| DSA-4299 [208] | texlive-bin [209] |
| | |
| DSA-4300 [210] | libarchive-zip-perl [211] |
| | |
| DSA-4301 [212] | mediawiki [213] |
| | |
| DSA-4302 [214] | openafs [215] |
| | |
| DSA-4303 [216] | okular [217] |
| | |
| DSA-4304 [218] | firefox-esr [219] |
| | |
| DSA-4305 [220] | strongswan [221] |
| | |
| DSA-4306 [222] | python2.7 [223] |
| | |
| DSA-4307 [224] | python3.5 [225] |
| | |
| DSA-4308 [226] | linux [227] |
| | |
| DSA-4309 [228] | strongswan [229] |
| | |
| DSA-4310 [230] | firefox-esr [231] |
| | |
| DSA-4311 [232] | git [233] |
| | |
| DSA-4312 [234] | tinc [235] |
| | |
| DSA-4313 [236] | linux [237] |
| | |
| DSA-4314 [238] | net-snmp [239] |
| | |
| DSA-4315 [240] | wireshark [241] |
| | |
| DSA-4316 [242] | imagemagick [243] |
| | |
| DSA-4317 [244] | otrs2 [245] |
| | |
| DSA-4318 [246] | moin [247] |
| | |
| DSA-4319 [248] | spice [249] |
| | |
| DSA-4320 [250] | asterisk [251] |
| | |
| DSA-4321 [252] | graphicsmagick [253] |
| | |
| DSA-4322 [254] | libssh [255] |
| | |
| DSA-4323 [256] | drupal7 [257] |
| | |
| DSA-4324 [258] | firefox-esr [259] |
| | |
| DSA-4325 [260] | mosquitto [261] |
| | |
| DSA-4326 [262] | openjdk-8 [263] |
| | |
| DSA-4327 [264] | thunderbird [265] |
| | |
| DSA-4328 [266] | xorg-server [267] |
| | |
| DSA-4329 [268] | teeworlds [269] |
| | |
| DSA-4331 [270] | curl [271] |
| | |
+----------------+----------------------------+

88: https://www.debian.org/security/2017/dsa-4074
89: https://packages.debian.org/src:imagemagick
90: https://www.debian.org/security/2018/dsa-4103
91: https://packages.debian.org/src:chromium-browser
92: https://www.debian.org/security/2018/dsa-4182
93: https://packages.debian.org/src:chromium-browser
94: https://www.debian.org/security/2018/dsa-4237
95: https://packages.debian.org/src:chromium-browser
96: https://www.debian.org/security/2018/dsa-4242
97: https://packages.debian.org/src:ruby-sprockets
98: https://www.debian.org/security/2018/dsa-4243
99: https://packages.debian.org/src:cups
100: https://www.debian.org/security/2018/dsa-4244
101: https://packages.debian.org/src:thunderbird
102: https://www.debian.org/security/2018/dsa-4245
103: https://packages.debian.org/src:imagemagick
104: https://www.debian.org/security/2018/dsa-4246
105: https://packages.debian.org/src:mailman
106: https://www.debian.org/security/2018/dsa-4247
107: https://packages.debian.org/src:ruby-rack-protection
108: https://www.debian.org/security/2018/dsa-4248
109: https://packages.debian.org/src:blender
110: https://www.debian.org/security/2018/dsa-4249
111: https://packages.debian.org/src:ffmpeg
112: https://www.debian.org/security/2018/dsa-4250
113: https://packages.debian.org/src:wordpress
114: https://www.debian.org/security/2018/dsa-4251
115: https://packages.debian.org/src:vlc
116: https://www.debian.org/security/2018/dsa-4252
117: https://packages.debian.org/src:znc
118: https://www.debian.org/security/2018/dsa-4253
119: https://packages.debian.org/src:network-manager-vpnc
120: https://www.debian.org/security/2018/dsa-4254
121: https://packages.debian.org/src:slurm-llnl
122: https://www.debian.org/security/2018/dsa-4256
123: https://packages.debian.org/src:chromium-browser
124: https://www.debian.org/security/2018/dsa-4257
125: https://packages.debian.org/src:fuse
126: https://www.debian.org/security/2018/dsa-4258
127: https://packages.debian.org/src:ffmpeg
128: https://www.debian.org/security/2018/dsa-4260
129: https://packages.debian.org/src:libmspack
130: https://www.debian.org/security/2018/dsa-4261
131: https://packages.debian.org/src:vim-syntastic
132: https://www.debian.org/security/2018/dsa-4262
133: https://packages.debian.org/src:symfony
134: https://www.debian.org/security/2018/dsa-4263
135: https://packages.debian.org/src:cgit
136: https://www.debian.org/security/2018/dsa-4264
137: https://packages.debian.org/src:python-django
138: https://www.debian.org/security/2018/dsa-4265
139: https://packages.debian.org/src:xml-security-c
140: https://www.debian.org/security/2018/dsa-4266
141: https://packages.debian.org/src:linux
142: https://www.debian.org/security/2018/dsa-4267
143: https://packages.debian.org/src:kamailio
144: https://www.debian.org/security/2018/dsa-4268
145: https://packages.debian.org/src:openjdk-8
146: https://www.debian.org/security/2018/dsa-4269
147: https://packages.debian.org/src:postgresql-9.6
148: https://www.debian.org/security/2018/dsa-4270
149: https://packages.debian.org/src:gdm3
150: https://www.debian.org/security/2018/dsa-4271
151: https://packages.debian.org/src:samba
152: https://www.debian.org/security/2018/dsa-4272
153: https://packages.debian.org/src:linux
154: https://www.debian.org/security/2018/dsa-4273
155: https://packages.debian.org/src:intel-microcode
156: https://www.debian.org/security/2018/dsa-4274
157: https://packages.debian.org/src:xen
158: https://www.debian.org/security/2018/dsa-4275
159: https://packages.debian.org/src:keystone
160: https://www.debian.org/security/2018/dsa-4276
161: https://packages.debian.org/src:php-horde-image
162: https://www.debian.org/security/2018/dsa-4277
163: https://packages.debian.org/src:mutt
164: https://www.debian.org/security/2018/dsa-4278
165: https://packages.debian.org/src:jetty9
166: https://www.debian.org/security/2018/dsa-4279
167: https://packages.debian.org/src:linux
168: https://www.debian.org/security/2018/dsa-4279
169: https://packages.debian.org/src:linux-latest
170: https://www.debian.org/security/2018/dsa-4280
171: https://packages.debian.org/src:openssh
172: https://www.debian.org/security/2018/dsa-4281
173: https://packages.debian.org/src:tomcat8
174: https://www.debian.org/security/2018/dsa-4282
175: https://packages.debian.org/src:trafficserver
176: https://www.debian.org/security/2018/dsa-4283
177: https://packages.debian.org/src:ruby-json-jwt
178: https://www.debian.org/security/2018/dsa-4284
179: https://packages.debian.org/src:lcms2
180: https://www.debian.org/security/2018/dsa-4285
181: https://packages.debian.org/src:sympa
182: https://www.debian.org/security/2018/dsa-4286
183: https://packages.debian.org/src:curl
184: https://www.debian.org/security/2018/dsa-4287
185: https://packages.debian.org/src:firefox-esr
186: https://www.debian.org/security/2018/dsa-4288
187: https://packages.debian.org/src:ghostscript
188: https://www.debian.org/security/2018/dsa-4289
189: https://packages.debian.org/src:chromium-browser
190: https://www.debian.org/security/2018/dsa-4290
191: https://packages.debian.org/src:libextractor
192: https://www.debian.org/security/2018/dsa-4291
193: https://packages.debian.org/src:mgetty
194: https://www.debian.org/security/2018/dsa-4292
195: https://packages.debian.org/src:kamailio
196: https://www.debian.org/security/2018/dsa-4293
197: https://packages.debian.org/src:discount
198: https://www.debian.org/security/2018/dsa-4294
199: https://packages.debian.org/src:ghostscript
200: https://www.debian.org/security/2018/dsa-4295
201: https://packages.debian.org/src:thunderbird
202: https://www.debian.org/security/2018/dsa-4296
203: https://packages.debian.org/src:mbedtls
204: https://www.debian.org/security/2018/dsa-4297
205: https://packages.debian.org/src:chromium-browser
206: https://www.debian.org/security/2018/dsa-4298
207: https://packages.debian.org/src:hylafax
208: https://www.debian.org/security/2018/dsa-4299
209: https://packages.debian.org/src:texlive-bin
210: https://www.debian.org/security/2018/dsa-4300
211: https://packages.debian.org/src:libarchive-zip-perl
212: https://www.debian.org/security/2018/dsa-4301
213: https://packages.debian.org/src:mediawiki
214: https://www.debian.org/security/2018/dsa-4302
215: https://packages.debian.org/src:openafs
216: https://www.debian.org/security/2018/dsa-4303
217: https://packages.debian.org/src:okular
218: https://www.debian.org/security/2018/dsa-4304
219: https://packages.debian.org/src:firefox-esr
220: https://www.debian.org/security/2018/dsa-4305
221: https://packages.debian.org/src:strongswan
222: https://www.debian.org/security/2018/dsa-4306
223: https://packages.debian.org/src:python2.7
224: https://www.debian.org/security/2018/dsa-4307
225: https://packages.debian.org/src:python3.5
226: https://www.debian.org/security/2018/dsa-4308
227: https://packages.debian.org/src:linux
228: https://www.debian.org/security/2018/dsa-4309
229: https://packages.debian.org/src:strongswan
230: https://www.debian.org/security/2018/dsa-4310
231: https://packages.debian.org/src:firefox-esr
232: https://www.debian.org/security/2018/dsa-4311
233: https://packages.debian.org/src:git
234: https://www.debian.org/security/2018/dsa-4312
235: https://packages.debian.org/src:tinc
236: https://www.debian.org/security/2018/dsa-4313
237: https://packages.debian.org/src:linux
238: https://www.debian.org/security/2018/dsa-4314
239: https://packages.debian.org/src:net-snmp
240: https://www.debian.org/security/2018/dsa-4315
241: https://packages.debian.org/src:wireshark
242: https://www.debian.org/security/2018/dsa-4316
243: https://packages.debian.org/src:imagemagick
244: https://www.debian.org/security/2018/dsa-4317
245: https://packages.debian.org/src:otrs2
246: https://www.debian.org/security/2018/dsa-4318
247: https://packages.debian.org/src:moin
248: https://www.debian.org/security/2018/dsa-4319
249: https://packages.debian.org/src:spice
250: https://www.debian.org/security/2018/dsa-4320
251: https://packages.debian.org/src:asterisk
252: https://www.debian.org/security/2018/dsa-4321
253: https://packages.debian.org/src:graphicsmagick
254: https://www.debian.org/security/2018/dsa-4322
255: https://packages.debian.org/src:libssh
256: https://www.debian.org/security/2018/dsa-4323
257: https://packages.debian.org/src:drupal7
258: https://www.debian.org/security/2018/dsa-4324
259: https://packages.debian.org/src:firefox-esr
260: https://www.debian.org/security/2018/dsa-4325
261: https://packages.debian.org/src:mosquitto
262: https://www.debian.org/security/2018/dsa-4326
263: https://packages.debian.org/src:openjdk-8
264: https://www.debian.org/security/2018/dsa-4327
265: https://packages.debian.org/src:thunderbird
266: https://www.debian.org/security/2018/dsa-4328
267: https://packages.debian.org/src:xorg-server
268: https://www.debian.org/security/2018/dsa-4329
269: https://packages.debian.org/src:teeworlds
270: https://www.debian.org/security/2018/dsa-4331
271: https://packages.debian.org/src:curl

Removed packages
----------------

The following packages were removed due to circumstances beyond our
control:

+----------------------------------+----------------------------------+
| Package | Reason |
+----------------------------------+----------------------------------+
| adblock-plus-element-hiding- | Incompatible with newer firefox- |
| helper [272] | esr versions |
| | |
| all-in-one-sidebar [273] | Incompatible with newer firefox- |
| | esr versions |
| | |
| autofill-forms [274] | Incompatible with newer firefox- |
| | esr versions |
| | |
| automatic-save-folder [275] | Incompatible with newer firefox- |
| | esr versions |
| | |
| classic-theme-restorer [276] | Incompatible with newer firefox- |
| | esr versions |
| | |
| colorfultabs [277] | Incompatible with newer firefox- |
| | esr versions |
| | |
| custom-tab-width [278] | Incompatible with newer firefox- |
| | esr versions |
| | |
| dactyl [279] | Incompatible with newer firefox- |
| | esr versions |
| | |
| downthemall [280] | Incompatible with newer firefox- |
| | esr versions |
| | |
| dvips-fontdata-n2bk [281] | Empty package |
| | |
| firebug [282] | Incompatible with newer firefox- |
| | esr versions |
| | |
| firegestures [283] | Incompatible with newer firefox- |
| | esr versions |
| | |
| firexpath [284] | Incompatible with newer firefox- |
| | esr versions |
| | |
| flashgot [285] | Incompatible with newer firefox- |
| | esr versions |
| | |
| form-history-control [286] | Incompatible with newer firefox- |
| | esr versions |
| | |
| foxyproxy [287] | Incompatible with newer firefox- |
| | esr versions |
| | |
| gitlab [288] | Open security issues, hard to |
| | backport fixes |
| | |
| greasemonkey [289] | Incompatible with newer firefox- |
| | esr versions |
| | |
| intel-processor-trace [290] | [s390x] Only useful on Intel |
| | architectures |
| | |
| itsalltext [291] | Incompatible with newer firefox- |
| | esr versions |
| | |
| knot-resolver [292] | Security issues |
| | |
| lightbeam [293] | Incompatible with newer firefox- |
| | esr versions |
| | |
| livehttpheaders [294] | Incompatible with newer firefox- |
| | esr versions |
| | |
| lyz [295] | Incompatible with newer firefox- |
| | esr versions |
| | |
| npapi-vlc [296] | Incompatible with newer firefox- |
| | esr versions |
| | |
| nukeimage [297] | Incompatible with newer firefox- |
| | esr versions |
| | |
| openinbrowser [298] | Incompatible with newer firefox- |
| | esr versions |
| | |
| perspectives-extension [299] | Incompatible with newer firefox- |
| | esr versions |
| | |
| pwdhash [300] | Incompatible with newer firefox- |
| | esr versions |
| | |
| python-facebook [301] | Broken due to upstream changes |
| | |
| python-tvrage [302] | Useless after tvrage.com |
| | shutdown |
| | |
| reloadevery [303] | Incompatible with newer firefox- |
| | esr versions |
| | |
| sage-extension [304] | Incompatible with newer firefox- |
| | esr versions |
| | |
| scrapbook [305] | Incompatible with newer firefox- |
| | esr versions |
| | |
| self-destructing-cookies [306] | Incompatible with newer firefox- |
| | esr versions |
| | |
| spdy-indicator [307] | Incompatible with newer firefox- |
| | esr versions |
| | |
| status-4-evar [308] | Incompatible with newer firefox- |
| | esr versions |
| | |
| stylish [309] | Incompatible with newer firefox- |
| | esr versions |
| | |
| tabmixplus [310] | Incompatible with newer firefox- |
| | esr versions |
| | |
| tree-style-tab [311] | Incompatible with newer firefox- |
| | esr versions |
| | |
| ubiquity-extension [312] | Incompatible with newer firefox- |
| | esr versions |
| | |
| uppity [313] | Incompatible with newer firefox- |
| | esr versions |
| | |
| useragentswitcher [314] | Incompatible with newer firefox- |
| | esr versions |
| | |
| video-without-flash [315] | Incompatible with newer firefox- |
| | esr versions |
| | |
| webdeveloper [316] | Incompatible with newer firefox- |
| | esr versions |
| | |
| xul-ext-monkeysphere [317] | Incompatible with newer firefox- |
| | esr versions |
| | |
+----------------------------------+----------------------------------+

272: https://packages.debian.org/src:adblock-plus-element-hiding-helper
273: https://packages.debian.org/src:all-in-one-sidebar
274: https://packages.debian.org/src:autofill-forms
275: https://packages.debian.org/src:automatic-save-folder
276: https://packages.debian.org/src:classic-theme-restorer
277: https://packages.debian.org/src:colorfultabs
278: https://packages.debian.org/src:custom-tab-width
279: https://packages.debian.org/src:dactyl
280: https://packages.debian.org/src:downthemall
281: https://packages.debian.org/src:dvips-fontdata-n2bk
282: https://packages.debian.org/src:firebug
283: https://packages.debian.org/src:firegestures
284: https://packages.debian.org/src:firexpath
285: https://packages.debian.org/src:flashgot
286: https://packages.debian.org/src:form-history-control
287: https://packages.debian.org/src:foxyproxy
288: https://packages.debian.org/src:gitlab
289: https://packages.debian.org/src:greasemonkey
290: https://packages.debian.org/src:intel-processor-trace
291: https://packages.debian.org/src:itsalltext
292: https://packages.debian.org/src:knot-resolver
293: https://packages.debian.org/src:lightbeam
294: https://packages.debian.org/src:livehttpheaders
295: https://packages.debian.org/src:lyz
296: https://packages.debian.org/src:npapi-vlc
297: https://packages.debian.org/src:nukeimage
298: https://packages.debian.org/src:openinbrowser
299: https://packages.debian.org/src:perspectives-extension
300: https://packages.debian.org/src:pwdhash
301: https://packages.debian.org/src:python-facebook
302: https://packages.debian.org/src:python-tvrage
303: https://packages.debian.org/src:reloadevery
304: https://packages.debian.org/src:sage-extension
305: https://packages.debian.org/src:scrapbook
306: https://packages.debian.org/src:self-destructing-cookies
307: https://packages.debian.org/src:spdy-indicator
308: https://packages.debian.org/src:status-4-evar
309: https://packages.debian.org/src:stylish
310: https://packages.debian.org/src:tabmixplus
311: https://packages.debian.org/src:tree-style-tab
312: https://packages.debian.org/src:ubiquity-extension
313: https://packages.debian.org/src:uppity
314: https://packages.debian.org/src:useragentswitcher
315: https://packages.debian.org/src:video-without-flash
316: https://packages.debian.org/src:webdeveloper
317: https://packages.debian.org/src:xul-ext-monkeysphere

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into
stable by the point release.


URLs
----

The complete lists of packages that have changed with this revision:

http://ftp.debian.org/debian/dists/stretch/ChangeLog


The current stable distribution:

http://ftp.debian.org/debian/dists/stable/


Proposed updates to the stable distribution:

http://ftp.debian.org/debian/dists/proposed-updates


stable distribution information (release notes, errata etc.):

https://www.debian.org/releases/stable/


Security announcements and information:

https://security.debian.org/ [318]

318: https://www.debian.org/security/
  Debian GNU/Linux 9.6 released