Debian 9.5 release, fix and adjust security issues
Debian 9.5 was released, this is the fifth update to Debian 9 (Stretch), which adds corrections to security issues and some tweaks to serious issues.
This release also updates many of the included packages. While most point versions will bring major security updates, the latest update is more noteworthy because it updates the intel-microcode installation package and fixes vulnerabilities including Spectre V2.
Among the important installation packages that have been updated are abiword, clamav, dosbox, dpkg, Linux kernel, nvidia-graphics-drivers, rustc, systemd. In addition, popular tools like Chromium browser and Firefox extension support have been replaced with the latest version.
This stable update adds a few important corrections to the following packages:
| Package | Reason |
|---|---|
| 2ping | Add missing dependency on python-pkg-resources |
| abiword | Resolve binary file conflict between abiword-dbgsym and abiword-plugin-grammar-dbgsym |
| adminer | Don’t allow connections to privileged ports [CVE-2018-7667] |
| animals | Fix incorrect file permissions that made the game unusable |
| apache2 | Upgrade mod_http and mod_proxy_http2 to the versions from 2.4.33, fixing segfaults, high memory usage and potential crash [CVE-2018-1302]; make the apache-htcacheclean init script actually use /etc/default/apache-htcacheclean for its config |
| auto-complete-el | Add upstream fix for emacs25; adjust the emacs dependencies to the emacs versions in stretch; set auto-complete-el.emacsen-compat to silence installation warning |
| awffull | Do not use removed options in /etc/cron.daily/awffull |
More…
If you are using Debian 9 and keep up to date with the latest updates then you are now using Debian 9.5, but if you plan to install a new system, the latest ISO means you don’t need to upgrade a large number of update packages because they are already bundled Inside.
