Debian also is known as Debian GNU/Linux announced the second version of the stable Debian 10 distribution “buster”, which includes patches for several security issues and Bugfixes for several problems.

The Debian serves as a solid platform for several distributions, the Debian project is co-ordinated by a group of volunteers and it encompasses over 50,000 packages of free.

“Please note that the point release does not constitute a new version of Debian 10 but only updates some of the packages included. There is no need to throw away old buster media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror,” reads Debian release notes.

Security Bugs Fixed

Advisory IDPackage
DSA-4509apache2
DSA-4511nghttp2
DSA-4512qemu
DSA-4514varnish
DSA-4515webkit2gtk
DSA-4516firefox-esr
DSA-4517exim4
DSA-4518ghostscript
DSA-4519libreoffice
DSA-4520trafficserver
DSA-4521docker.io
DSA-4523thunderbird
DSA-4524dino-im
DSA-4525ibus
DSA-4526opendmarc
DSA-4527php7.3
DSA-4528bird
DSA-4530expat
DSA-4531linux-signed-amd64
DSA-4531linux-signed-i386
DSA-4531linux
DSA-4531linux-signed-arm64
DSA-4532spip
DSA-4533lemonldap-ng
DSA-4534golang-1.11
DSA-4535e2fsprogs
DSA-4536exim4
DSA-4538wpa
DSA-4539openssl
DSA-4539openssh
DSA-4541libapreq2
DSA-4542jackson-databind
DSA-4543sudo
DSA-4544unbound
DSA-4545mediawiki
DSA-4547tcpdump
DSA-4549firefox-esr
DSA-4550file
DSA-4551golang-1.11
DSA-4553php7.3
DSA-4554ruby-loofah
DSA-4555pam-python
DSA-4556qtbase-opensource-src
DSA-4557libarchive
DSA-4558webkit2gtk
DSA-4559proftpd-dfsg
DSA-4560simplesamlphp
DSA-4561fribidi
DSA-4562chromium

Other Bug Fixes

PackageReason
aegisubFix crash when selecting a language from the bottom of the Spell checker language list; fix crash when right-clicking in the subtitles text box
akonadiFix various crashes / deadlock issues
base-filesUpdate /etc/debian_version for the point release
capistranoFix failure to remove old releases when there were too many
cronStop using obsolete SELinux API
cyrus-imapdFix data loss on upgrade from version 3.0.0 or earlier
debian-edu-configHandle newer Firefox ESR configuration files; add post-up stanza to /etc/network/interfaces eth0 entry conditionally
debian-installerFix unreadable fonts on hidpi displays in netboot images booted with EFI
debian-installer-netboot-imagesRebuild against proposed-updates
distro-info-dataAdd Ubuntu 20.04 LTS, Focal Fossa
dkimpy-milterNew upstream stable release; fix sysvinit support; catch more ASCII encoding errors to improve resilience against bad data; fix message extraction so that signing in the same pass through the milter as verifying works correctly
emacsUpdate the EPLA packaging key
fence-agentsFix incomplete removal of fence_amt_ws
flatpakNew upstream stable release
flightcrewSecurity fixes [CVE-2019-13032 CVE-2019-13241]
fonts-noto-cjkFix over-aggressive font selection of Noto CJK fonts in modern web browsers under Chinese locale
freetypeProperly handle phantom points for variable hinted fonts
gdbRebuild against new libbabeltrace, with higher version number to avoid conflict with earlier upload
glib2.0Ensure libdbus clients can authenticate with a GDBusServer like the one in ibus
gnome-shellNew upstream stable release; fix truncation of long messages in Shell-modal dialogs; avoid crash on reallocation of dead actors
gnome-sound-recorderFix crash when selecting a recording
gnustep-baseDisable gdomap daemon that was accidentally enabled on upgrades from stretch
graphite-webRemove unused send_email function [CVE-2017-18638]; avoid hourly error in cron when there is no whisper database
inn2Fix negotiation of DHE ciphersuites
libapache-mod-auth-kerbFix use after free bug leading to crash
libdate-holidays-de-perlMark International Childrens Day (Sep 20th) as a holiday in Thuringia from 2019 onwards
libdatetime-timezone-perlUpdate included data
libofxFix null pointer dereference issue [CVE-2019-9656]
libreofficeFix the postgresql driver with PostgreSQL 12
libsixelFix several security issues [CVE-2018-19756 CVE-2018-19757 CVE-2018-19759 CVE-2018-19761 CVE-2018-19762 CVE-2018-19763 CVE-2019-3573 CVE-2019-3574]
libxsltFix dangling pointer in xsltCopyText [CVE-2019-18197]
lucene-solrDisable obsolete call to ContextHandler in solr-jetty9.xml; fix Jetty permissions on SOLR index
mariadb-10.3New upstream stable release
modsecurity-crsFix PHP script upload rules [CVE-2019-13464]
mutterNew upstream stable release
ncursesFix several security issues [CVE-2019-17594 CVE-2019-17595] and other issues in tic
ndppdAvoid world writable PID file, that was breaking daemon init scripts
network-managerFix file permissions for /var/lib/NetworkManager/secret_key and /var/lib/NetworkManager
node-fstreamFix arbitrary file overwrite issue [CVE-2019-13173]
node-set-valueFix prototype pollution [CVE-2019-10747]
node-yarnpkgForce using HTTPS for regular registries
nx-libsFix regressions introduced in previous upload, affecting x2go
open-vm-toolsFix memory leaks and error handling
openvswitchUpdate debian/ifupdown.sh to allow setting-up the MTU; fix Python dependencies to use Python 3
picardUpdate translations to fix crash with Spanish locale
plasma-applet-redshift-controlFix manual mode when used with redshift versions above 1.12
postfixNew upstream stable release; work around poor TCP loopback performance
python-cryptographyFix test suite failures when built against newer OpenSSL versions; fix a memory leak triggerable when parsing x509 certificate extensions like AIA
python-flask-rdfAdd Depends on python{3,}-rdflib
python-oslo.messagingNew upstream stable release; fix switch connection destination when a rabbitmq cluster node disappears
python-werkzeugEnsure Docker containers have unique debugger PINs [CVE-2019-14806]
python2.7Fix several security issues [CVE-2018-20852 CVE-2019-10160 CVE-2019-16056 CVE-2019-16935 CVE-2019-9740 CVE-2019-9947]
quotaFix rpc.rquotad spinning at 100% CPU
rpcbindAllow remote calls to be enabled at run-time
shelldapRepair SASL authentications, add a ‘sasluser’ option
sogoFix display of PGP-signed e-mails
spf-engineNew upstream stable release; fix sysvinit support
standardskriverFix deprecation warning from config.RawConfigParser; use external ip command rather than deprecated ifconfig command
swi-prologUse HTTPS when contacting upstream pack servers
systemdcore: never propagate reload failure to service result; fix sync_file_range failures in nspawn containers on arm, ppc; fix RootDirectory not working when used in combination with User; ensure that access controls on systemd-resolved’s D-Bus interface are enforced correctly [CVE-2019-15718]; fix StopWhenUnneeded=true for mount units; make MountFlags=shared work again
tmpreaperPrevent breaking of systemd services that use PrivateTmp=true
trapperkeeper-webserver-jetty9-clojureRestore SSL compatibility with newer Jetty versions
tzdataNew upstream release
ublock-originNew upstream version, compatible with Firefox ESR68
uimResurrect libuim-data as a transitional package, fixing some issues after upgrades to buster
vanguardsNew upstream stable release; prevent a reload of tor’s configuration via SIGHUP causing a denial-of-service for vanguards protections

The current stable version can be downloaded form here. Also the Debian installer has been updated to include the new fixes.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

Top 10 Best Open Source Firewall to Protect Your Enterprise Network 2019

Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.