주의: 이 번역은 원문보다 오래되었습니다.
데비안 11 업데이트: 11.6 나옴
2022년 12월 17일
데비안 프로젝트는 데비안 11 (codename bullseye
)의 여섯번째 업데이드를 알려드리게 되어 기쁩니다 .
이 포인트(point) 릴리스는 몇몇 심각한 문제의 조치 및 보안 이슈와 관련된 수정을 주로 담고 있습니다.
보안 권고는 이미 개별적으로 공개되었고 활용 가능한 곳에서 참조될 수 있습니다.
포인트 릴리스는 데비안 11의 새 버전을 만드는 것이 아니며, 포함된 일부 패키지만 업데이트 한다는 것을 주의하세요.
이전 버전의 bullseye
미디어를 버릴 필요 없습니다.
설치 후, 최신 데비안 미러를 이용하여 패키지를 현재 버전으로 업그레이드 할 수 있습니다.
security.debian.org의 업데이트를 자주 설치하는 사람들은 패키지를 많이 업데이트하지 않아도 되며, 해당 업데이트는 대부분 포인트 릴리스에 포함되어있습니다.
새 설치 이미지는 정규 위치(다운로드 페이지, ftp 서버 등)에 곧 공개될 겁니다
패키지 관리 시스템이 수많은 데비안 HTTP 미러 중 하나를 가리키게 해서 기존 설치를 이 개정판으로 업그레이드할 수 있습니다. 포괄적인 미러 서버 목록:
기타 버그 고침
이 안정(stable) 업데이트는 아래 패키지에 몇몇 중요한 수정을 했습니다:
패키지 | 까닭 |
---|---|
awstats | Fix cross site scripting issue [CVE-2022-46391] |
base-files | Update /etc/debian_version for the 11.6 point release |
binfmt-support | Run binfmt-support.service after systemd-binfmt.service |
clickhouse | Fix out-of-bounds read issues [CVE-2021-42387 CVE-2021-42388], buffer overflow issues [CVE-2021-43304 CVE-2021-43305] |
containerd | CRI plugin: Fix goroutine leak during Exec [CVE-2022-23471] |
core-async-clojure | Fix build failures in test suite |
dcfldd | Fix SHA1 output on big-endian architectures |
debian-installer | Rebuild against proposed-updates; increase Linux kernel ABI to 5.10.0-20 |
debian-installer-netboot-images | Rebuild against proposed-updates |
debmirror | Add non-free-firmware to the default section list |
distro-info-data | Add Ubuntu 23.04, Lunar Lobster; update Debian ELTS end dates; correct Debian 8 (jessie) release date |
dojo | Fix prototype pollution issue [CVE-2021-23450] |
dovecot-fts-xapian | Generate dependency on dovecot ABI version in use during build |
efitools | Fix intermittent build failure due to incorrect dependency in makefile |
evolution | Move Google Contacts addressbooks to CalDAV since the Google Contacts API has been turned off |
evolution-data-server | Move Google Contacts addressbooks to CalDAV since the Google Contacts API has been turned off; fix compatibility with Gmail OAuth changes |
evolution-ews | Fix retrieval of user certificates belonging to contacts |
g810-led | Control device access with uaccess instead of making everything world-writable [CVE-2022-46338] |
glibc | Fix regression in wmemchr and wcslen on CPUs that have AVX2 but not BMI2 (e.g. Intel Haswell) |
golang-github-go-chef-chef | Fix intermittent test failure |
grub-efi-amd64-signed | Don't strip Xen binaries, so they work again; include fonts in the memdisk build for EFI images; fix bug in core file code so errors are handled better; bump Debian SBAT level to 4 |
grub-efi-arm64-signed | Don't strip Xen binaries, so they work again; include fonts in the memdisk build for EFI images; fix bug in core file code so errors are handled better; bump Debian SBAT level to 4 |
grub-efi-ia32-signed | Don't strip Xen binaries, so they work again; include fonts in the memdisk build for EFI images; fix bug in core file code so errors are handled better; bump Debian SBAT level to 4 |
grub2 | Don't strip Xen binaries, so they work again; include fonts in the memdisk build for EFI images; fix bug in core file code so errors are handled better; bump Debian SBAT level to 4 |
hydrapaper | Add missing dependeny on python3-pil |
isoquery | Fix test failure caused by a French translation change in the iso-codes package |
jtreg6 | New package, required to build newer openjdk-11 versions |
lemonldap-ng | Improve session destroy propagation [CVE-2022-37186] |
leptonlib | Fix divide-by-zero [CVE-2022-38266] |
libapache2-mod-auth-mellon | Fix open redirect issue [CVE-2021-3639] |
libbluray | Fix BD-J support with recent Oracle Java updates |
libconfuse | Fix a heap-based buffer over-read in cfg_tilde_expand [CVE-2022-40320] |
libdatetime-timezone-perl | Update included data |
libtasn1-6 | Fix out-of-bounds read issue [CVE-2021-46848] |
libvncserver | Fix memory leak [CVE-2020-29260]; support larger screen sizes |
linux | New upstream stable release; increase ABI to 20; [rt] Update to 5.10.158-rt77 |
linux-signed-amd64 | New upstream stable release; increase ABI to 20; [rt] Update to 5.10.158-rt77 |
linux-signed-arm64 | New upstream stable release; increase ABI to 20; [rt] Update to 5.10.158-rt77 |
linux-signed-i386 | New upstream stable release; increase ABI to 20; [rt] Update to 5.10.158-rt77 |
mariadb-10.5 | New upstream stable release; security fixes [CVE-2018-25032 CVE-2021-46669 CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380 CVE-2022-27381 CVE-2022-27382 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386 CVE-2022-27387 CVE-2022-27444 CVE-2022-27445 CVE-2022-27446 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449 CVE-2022-27451 CVE-2022-27452 CVE-2022-27455 CVE-2022-27456 CVE-2022-27457 CVE-2022-27458 CVE-2022-32081 CVE-2022-32082 CVE-2022-32083 CVE-2022-32084 CVE-2022-32085 CVE-2022-32086 CVE-2022-32087 CVE-2022-32088 CVE-2022-32089 CVE-2022-32091] |
mod-wsgi | Drop X-Client-IP header when it is not a trusted header [CVE-2022-2255] |
mplayer | Fix several security issues [CVE-2022-38850 CVE-2022-38851 CVE-2022-38855 CVE-2022-38858 CVE-2022-38860 CVE-2022-38861 CVE-2022-38863 CVE-2022-38864 CVE-2022-38865 CVE-2022-38866] |
mutt | Fix gpgme crash when listing keys in a public key block, and public key block listing for old versions of gpgme |
nano | Fix crashes and a potential data loss issue |
nftables | Fix off-by-one / double free error |
node-hawk | Parse URLs using stdlib [CVE-2022-29167] |
node-loader-utils | Fix prototype pollution issue [CVE-2022-37599 CVE-2022-37601], regular expression-based denial of service issue [CVE-2022-37603] |
node-minimatch | Improve protection against regular expression-based denial of service [CVE-2022-3517]; fix regression in patch for CVE-2022-3517 |
node-qs | Fix prototype pollution issue [CVE-2022-24999] |
node-xmldom | Fix prototype pollution issue [CVE-2022-37616]; prevent insertion of non-well-formed nodes [CVE-2022-39353] |
nvidia-graphics-drivers | New upstream release; security fixes [CVE-2022-34670 CVE-2022-34674 CVE-2022-34675 CVE-2022-34677 CVE-2022-34679 CVE-2022-34680 CVE-2022-34682 CVE-2022-42254 CVE-2022-42255 CVE-2022-42256 CVE-2022-42257 CVE-2022-42258 CVE-2022-42259 CVE-2022-42260 CVE-2022-42261 CVE-2022-42262 CVE-2022-42263 CVE-2022-42264] |
nvidia-graphics-drivers-legacy-390xx | New upstream release; security fixes [CVE-2022-34670 CVE-2022-34674 CVE-2022-34675 CVE-2022-34677 CVE-2022-34680 CVE-2022-42257 CVE-2022-42258 CVE-2022-42259] |
nvidia-graphics-drivers-tesla-450 | New upstream release; security fixes [CVE-2022-34670 CVE-2022-34674 CVE-2022-34675 CVE-2022-34677 CVE-2022-34679 CVE-2022-34680 CVE-2022-34682 CVE-2022-42254 CVE-2022-42256 CVE-2022-42257 CVE-2022-42258 CVE-2022-42259 CVE-2022-42260 CVE-2022-42261 CVE-2022-42262 CVE-2022-42263 CVE-2022-42264] |
nvidia-graphics-drivers-tesla-470 | New upstream release; security fixes [CVE-2022-34670 CVE-2022-34674 CVE-2022-34675 CVE-2022-34677 CVE-2022-34679 CVE-2022-34680 CVE-2022-34682 CVE-2022-42254 CVE-2022-42255 CVE-2022-42256 CVE-2022-42257 CVE-2022-42258 CVE-2022-42259 CVE-2022-42260 CVE-2022-42261 CVE-2022-42262 CVE-2022-42263 CVE-2022-42264] |
omnievents | Add missing dependency on libjs-jquery to the omnievents-doc package |
onionshare | Fix denial of service issue [CVE-2022-21689], HTML injection issue [CVE-2022-21690] |
openvpn-auth-radius | Support verify-client-cert directive |
postfix | New upstream stable release |
postgresql-13 | New upstream stable release |
powerline-gitstatus | Fix command injection via malicious repository config [CVE-2022-42906] |
pysubnettree | Fix module build |
speech-dispatcher | Reduce espeak buffer size to avoid synth artifacts |
spf-engine | Fix pyspf-milter failing to start due to an invalid import statement |
tinyexr | Fix heap overflow issues [CVE-2022-34300 CVE-2022-38529] |
tinyxml | Fix infinite loop [CVE-2021-42260] |
tzdata | Update data for Fiji, Mexico and Palestine; update leap seconds list |
virglrenderer | Fix out-of-bounds write issue [CVE-2022-0135] |
x2gothinclient | Make the x2gothinclient-minidesktop package provide the lightdm-greeter virtual package |
xfig | Fix buffer overflow issue [CVE-2021-40241] |
보안 업데이트
이 개정판은 아래의 보안 업데이트를 안정(stable) 릴리스에 추가합니다. 보안팀은 각 업데이트에 대해서 이미 권고사항을 공개했습니다.
데비안 설치관리자
설치 관리자는 포인트 릴리스에서 안정(stable) 릴리스와 병합된 수정 사항을 포함하도록 업데이트 되었습니다.
URL
개정판에서 변경된 패키지의 전체 리스트:
현재 안정 배포:
안정(stable) 배포판에 제안된 업데이트(proposed-update):
안정(stable) 배포판 정보 (릴리스 노트, 정오표 등):
보안 알림 및 정보:
데비안에 관해
데비안 프로젝트는 완전한 자유 운영체제인 데비안을 제작하기 위해 자신의 시간과 노력을 자원하는 자유 소프트웨어 개발자의 모임입니다
연락처 정보
더 많은 정보를 원하면 https://www.debian.org/에 있는 데비안 웹 페이지를 방문하거나, <press@debian.org>으로 이메일을 보내세요. 또는 <debian-release@lists.debian.org>로 보내서 안정(stable) 릴리스 팀으로 연락하세요.