2024062902.wml

Carlos Henrique Lima Melara Sat, 29 Jun 2024 12:36:19 -0700

Boa tarde,

Segue a notícia do 11.10 agora.


Abraços,
Charles

#use wml::debian::translation-check translation="e3699f036461e1416232bc8af1a6f9a475163598"
<define-tag pagetitle>Atualização Debian 11: 11.10 lançado</define-tag>
<define-tag release_date>2024-06-29</define-tag>
#use wml::debian::news

<define-tag release>11</define-tag>
<define-tag codename>bullseye</define-tag>
<define-tag revision>11.10</define-tag>

<define-tag dsa>
    <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td>
        <td align="center"><:
    my @p = ();
    for my $p (split (/,\s*/, "%2")) {
	push (@p, sprintf ('<a href="https://packages.debian.org/src:%s";>%s</a>', $p, $p));
    }
    print join (", ", @p);
:></td></tr>
</define-tag>

<define-tag correction>
    <tr><td><a href="https://packages.debian.org/src:%0";>%0</a></td>              <td>%1</td></tr>
</define-tag>

<define-tag srcpkg><a href="https://packages.debian.org/src:%0";>%0</a></define-tag>

<p>O projeto Debian está feliz em anunciar a sexta atualização de sua antiga
versão estável (oldstable) do Debian <release> (codinome <q><codename></q>).
Esta versão pontual adiciona principalmente correções para problemas de
segurança, além de pequenos ajustes para problemas mais sérios. Avisos de
segurança já foram publicados em separado e são referenciados quando
necessário.</p>

<p>Por favor, note que a versão pontual não constitui uma nova versão do Debian
<release>, mas apenas atualiza alguns dos pacotes já incluídos. Não há
necessidade de jogar fora as antigas mídias do <q><codename></q>. Após a
instalação, os pacotes podem ser atualizados para as versões atuais usando um
espelho atualizado do Debian.</p>

<p>Aquelas pessoas que frequentemente instalam atualizações a partir de
security.debian.org não terão que atualizar muitos pacotes, e a maioria de tais
atualizações estão incluídas na versão pontual.</p>

<p>Novas imagens de instalação logo estarão disponíveis nos locais
habituais.</p>

<p>A atualização de uma instalação existente para esta revisão pode ser feita
apontando o sistema de gerenciamento de pacotes para um dos muitos espelhos
HTTP do Debian. Uma lista abrangente de espelhos está disponível em:</p>


<div class="center">
  <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a>
</div>




<h2>Correções gerais de bugs</h2>

<p>Esta atualização da antiga versão estável (oldstable) adiciona algumas
correções importantes para os seguintes pacotes:</p>

<table border=0>
<tr><th>Pacote</th>               <th>Justificativa</th></tr>
<correction allegro5 "Fix buffer overflow issues [CVE-2021-36489]">
<correction amavisd-new "Handle multiple boundary parameters that contain conflicting values [CVE-2024-28054]">
<correction bart "Fix build test failures by relaxing a floating-point comparison">
<correction bart-cuda "Fix build test failures by relaxing a floating-point comparison">
<correction base-files "Update for the point release">
<correction cloud-init-22.4.2 "Introduce later-versioned replacement for cloud-init package">
<correction cpu "Provide exactly one definition of globalLdap in ldap plugin">
<correction curl "Fix memory leak when HTTP/2 server push is aborted [CVE-2024-2398]">
<correction debian-installer "Increase Linux kernel ABI to 5.10.0-30; rebuild against proposed-updates">
<correction debian-installer-netboot-images "Rebuild against proposed-updates">
<correction debsig-verify "Rebuild for outdated Built-Using">
<correction deets "Rebuild for outdated Built-Using">
<correction distro-info-data "Declare intentions for bullseye/bookworm; fix past data; add Ubuntu 24.10">
<correction django-mailman3 "Scrub messages before archiving">
<correction dns-root-data "Update root hints; update expired security information">
<correction emacs "Protect against unsafe remote resources [CVE-2024-30203 CVE-2024-30204 CVE-2024-30205]; fix memory leak in patch for CVE-2022-48337">
<correction galera-4 "New upstream bugfix release; update upstream release signing key; prevent date-related test failures">
<correction gdk-pixbuf "ANI: Reject files with multiple anih chunks [CVE-2022-48622]; ANI: Reject files with multiple INAM or IART chunks; ANI: Validate anih chunk size">
<correction glib2.0 "Fix a (rare) memory leak">
<correction gnutls28 "Fix assertion failure verifying a certificate chain with a cycle of cross signatures [CVE-2024-0567]; fix timing side-channel attack inside RSA-PSK key exchange [CVE-2024-0553]">
<correction gross "Fix stack-based buffer overflow [CVE-2023-52159]">
<correction hovercraft "Depend on python3-setuptools">
<correction imlib2 "Fix heap-buffer overflow vulnerability when using the tgaflip function in loader_tga.c [CVE-2024-25447 CVE-2024-25448 CVE-2024-25450]">
<correction intel-microcode "Fixes for INTEL-SA-INTEL-SA-00972 [CVE-2023-39368], INTEL-SA-INTEL-SA-00982 [CVE-2023-38575], INTEL-SA-INTEL-SA-00898 [CVE-2023-28746], INTEL-SA-INTEL-SA-00960 [CVE-2023-22655] and INTEL-SA-INTEL-SA-01045 [CVE-2023-43490]; mitigate for INTEL-SA-01051 [CVE-2023-45733], INTEL-SA-01052 [CVE-2023-46103], INTEL-SA-01036 [CVE-2023-45745,  CVE-2023-47855] and unspecified functional issues on various Intel processors">
<correction jose "Fix potential denial-of-service issue [CVE-2023-50967]">
<correction json-smart "Fix excessive recursion leading to stack overflow [CVE-2023-1370]; fix denial of service via crafted request [CVE-2021-31684]">
<correction lacme "Fix post-issuance validation logic">
<correction libapache2-mod-auth-openidc "Fix mising input validation leading to DoS [CVE-2024-24814]">
<correction libjwt "Fix a timing side channel via strcmp() [CVE-2024-25189]">
<correction libkf5ksieve "Prevent leaking passwords into server-side logs">
<correction libmicrohttpd "Fix out of bounds read with crafted POST requests [CVE-2023-27371]">
<correction libssh2 "Fix out of bounds memory check in _libssh2_packet_add [CVE-2020-22218]">
<correction links2 "Rebuild for outdated Built-Using">
<correction nano "Fix malicious symlink issue [CVE-2024-5742]">
<correction ngircd "Respect <q>SSLConnect</q> option for incoming connections; server certificate validation on server links (S2S-TLS); METADATA: Fix unsetting <q>cloakhost</q>">
<correction nvidia-graphics-drivers "End support for Tesla 450 drivers; build libnvidia-fbc1 for arm64; upstream security fixes [CVE-2022-42265 CVE-2024-0074 CVE-2024-0078]; new upstream stable release; security fixes [CVE-2024-0090 CVE-2024-0092]; fix build on ppc64el">
<correction nvidia-graphics-drivers-tesla-450 "Convert to transitional packages">
<correction nvidia-graphics-drivers-tesla-470 "New upstream LTS release [CVE-2024-0074 CVE-2024-0078 CVE-2022-42265 CVE-2024-0090 CVE-2024-0092]; fix build on ppc64el">
<correction nvidia-settings "New upstream bugfix release; build for ppc64el">
<correction org-mode "Protect against unsafe remote resources [CVE-2024-30203 CVE-2024-30204 CVE-2024-30205]">
<correction php-composer-xdebug-handler "Force system dependency loading">
<correction php-doctrine-annotations "Force system dependency loading">
<correction php-phpseclib "Force system dependency loading; guard isPrime() and randomPrime() for BigInteger [CVE-2024-27354]; limit OID length in ASN1 [CVE-2024-27355]; fix BigInteger getLength()">
<correction php-proxy-manager "Force system dependency loading">
<correction php-symfony-contracts "Force system dependency loading">
<correction php-zend-code "Force system dependency loading">
<correction phpseclib "Force system dependency loading; guard isPrime() and randomPrime() for BigInteger [CVE-2024-27354]; limit OID length in ASN1 [CVE-2024-27355]; fix BigInteger getLength()">
<correction postfix "Upstream bugfix release">
<correction postgresql-13 "New upstream stable release">
<correction pypdf2 "Fix quadratic runtime with malformed PDF missing xref marker [CVE-2023-36810]; fix infinite loop with crafted input [CVE-2022-24859]">
<correction python-aiosmtpd "Fix SMTP smuggling issue [CVE-2024-27305]; fix STARTTLS unencrypted command injection issue [CVE-2024-34083]">
<correction python-dnslib "Validate transaction ID in client.py">
<correction python-idna "Fix denial of service issue [CVE-2024-3651]">
<correction python-stdnum "Fix FTBFS when test date is not far enough in the future">
<correction qtbase-opensource-src "Security fixes [CVE-2022-25255 CVE-2023-24607 CVE-2023-32762 CVE-2023-32763 CVE-2023-33285 CVE-2023-34410 CVE-2023-37369 CVE-2023-38197 CVE-2023-51714 CVE-2024-25580]">
<correction reportbug "Fix suite name to codename mappings to reflect the bookworm release">
<correction rust-cbindgen-web "New source package to support builds of newer Firefox ESR versions">
<correction rustc-web "Support firefox-esr and thunderbird in bullseye for LTS">
<correction sendmail "Fix SMTP smuggling issue [CVE-2023-51765]; add forgotten configuration for rejecting NUL by defualt">
<correction symfony "Force system dependency loading; DateTypeTest: ensure submitted year is accepted choice">
<correction systemd "Meson: drop arch filtering in syscall list; unset TZ before timezone-sensitive unit tests are run">
<correction wpa "Fix authentication bypass issue [CVE-2023-52160]">
</table>


<h2>Atualizações de segurança</h2>


<p>Esta revisão adiciona as seguintes atualizações de segurança para a antiga
versão estável (oldstable).
A equipe de segurança já lançou um aviso para cada uma dessas atualizações:</p>

<table border=0>
<tr><th>ID do aviso</th>  <th>Pacote</th></tr>
<dsa 2022 5146 puma>
<dsa 2023 5360 emacs>
<dsa 2023 5575 webkit2gtk>
<dsa 2023 5580 webkit2gtk>
<dsa 2024 5596 asterisk>
<dsa 2024 5616 ruby-sanitize>
<dsa 2024 5618 webkit2gtk>
<dsa 2024 5619 libgit2>
<dsa 2024 5620 unbound>
<dsa 2024 5621 bind9>
<dsa 2024 5622 postgresql-13>
<dsa 2024 5624 edk2>
<dsa 2024 5625 engrampa>
<dsa 2024 5627 firefox-esr>
<dsa 2024 5628 imagemagick>
<dsa 2024 5630 thunderbird>
<dsa 2024 5631 iwd>
<dsa 2024 5632 composer>
<dsa 2024 5635 yard>
<dsa 2024 5637 squid>
<dsa 2024 5638 libuv1>
<dsa 2024 5640 openvswitch>
<dsa 2024 5641 fontforge>
<dsa 2024 5643 firefox-esr>
<dsa 2024 5644 thunderbird>
<dsa 2024 5645 firefox-esr>
<dsa 2024 5646 cacti>
<dsa 2024 5647 samba>
<dsa 2024 5650 util-linux>
<dsa 2024 5651 mediawiki>
<dsa 2024 5652 py7zr>
<dsa 2024 5653 gtkwave>
<dsa 2024 5657 xorg-server>
<dsa 2024 5659 trafficserver>
<dsa 2024 5660 php7.4>
<dsa 2024 5662 apache2>
<dsa 2024 5663 firefox-esr>
<dsa 2024 5664 jetty9>
<dsa 2024 5666 flatpak>
<dsa 2024 5667 tomcat9>
<dsa 2024 5669 guix>
<dsa 2024 5670 thunderbird>
<dsa 2024 5671 openjdk-11>
<dsa 2024 5672 openjdk-17>
<dsa 2024 5673 glibc>
<dsa 2024 5678 glibc>
<dsa 2024 5679 less>
<dsa 2024 5681 linux-signed-amd64>
<dsa 2024 5681 linux-signed-arm64>
<dsa 2024 5681 linux-signed-i386>
<dsa 2024 5681 linux>
<dsa 2024 5682 glib2.0>
<dsa 2024 5682 gnome-shell>
<dsa 2024 5684 webkit2gtk>
<dsa 2024 5685 wordpress>
<dsa 2024 5686 dav1d>
<dsa 2024 5688 atril>
<dsa 2024 5690 libreoffice>
<dsa 2024 5691 firefox-esr>
<dsa 2024 5692 ghostscript>
<dsa 2024 5693 thunderbird>
<dsa 2024 5695 webkit2gtk>
<dsa 2024 5698 ruby-rack>
<dsa 2024 5700 python-pymysql>
<dsa 2024 5702 gst-plugins-base1.0>
<dsa 2024 5703 linux-signed-amd64>
<dsa 2024 5703 linux-signed-arm64>
<dsa 2024 5703 linux-signed-i386>
<dsa 2024 5703 linux>
<dsa 2024 5704 pillow>
<dsa 2024 5707 vlc>
<dsa 2024 5709 firefox-esr>
<dsa 2024 5711 thunderbird>
<dsa 2024 5713 libndp>
<dsa 2024 5714 roundcube>
<dsa 2024 5715 composer>
</table>


<h2>Pacotes removidos</h2>

<p>Os seguintes pacotes foram removidos por circunstâncias fora de nosso
controle:</p>

<table border=0>
<tr><th>Pacote</th>               <th>Justificativa</th></tr>
<correction phppgadmin "Security issues">
<correction pytest-salt-factories "Only needed for to-be-removed salt">
<correction pytest-testinfra "Only needed for to-be-removed salt">
<correction salt "Unsupportable, unmaintained">
<correction snort "Security concerns, unmaintained">

</table>

<h2>Instalador do Debian</h2>
<p>O instalador foi atualizado para incluir as correções incorporadas
na antiga versão estável (oldstable) pela versão pontual.</p>

<h2>URLs</h2>

<p>As listas completas dos pacotes que foram alterados por esta revisão:</p>

<div class="center">
  <url "https://deb.debian.org/debian/dists/<downcase <codename>>/ChangeLog">
</div>

<p>A atual antiga versão estável (oldstable):</p>

<div class="center">
  <url "https://deb.debian.org/debian/dists/oldstable/";>
</div>

<p>Atualizações propostas (proposed updates) para a antiga versão estável
(oldstable):</p>

<div class="center">
  <url "https://deb.debian.org/debian/dists/oldstable-proposed-updates";>
</div>

<p>Informações da antiga versão estável (oldstable) (notas de lançamento,
errata, etc):</p>

<div class="center">
  <a
  href="$(HOME)/releases/oldstable/">https://www.debian.org/releases/oldstable/</a>
</div>

<p>Anúncios de segurança e informações:</p>

<div class="center">
  <a href="$(HOME)/security/">https://www.debian.org/security/</a>
</div>

<h2>Sobre o Debian</h2>

<p>O projeto Debian é uma associação de desenvolvedores(as) de Software Livre
que dedicam seu tempo e esforço como voluntários(as) para produzir o sistema
operacional completamente livre Debian.</p>

<h2>Informações de contato</h2>

<p>Para mais informações, por favor visite as páginas web do Debian em
<a href="$(HOME)/">https://www.debian.org/</a>, envie um e-mail (em inglês) para
&lt;pr...@debian.org&gt;, ou entre em contato (em inglês) com a equipe de
lançamento da versão estável (stable) em
&lt;debian-rele...@lists.debian.org&gt;.</p>

signature.asc
Description: PGP signature

[RFR] wml://www.debian.org/News/2024/2024062902.wml

Responder a