Download Debian GNU/Linux 8.11

Spread the love

Debian GNU/Linux is an open source operating system, which can be used for both desktops and servers, with an emphasis on stability and security. It is therefore used as the basis for various Linux distributions, including Ubuntu and Linux Mint. Version 8.x is codenamed Jessie. The development team released version 8.11 a few days ago to address some issues.

Updated Debian 8: 8.11 released

The Debian project is pleased to announce the eleventh (and final) update of its oldstable distribution Debian 8 (codename jessie). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. After this point release, Debian’s Security and Release Teams will no longer be producing updates for Debian 8. Users wishing to continue to receive security support should upgrade to Debian 9, or see for details about the subset of architectures and packages covered by the Long Term Support project. The packages for some architectures for DSA 3746, DSA 3944, DSA 3968, DSA 4010, DSA 4014, DSA 4061, DSA 4075, DSA 4102, DSA 4155, DSA 4209 and DSA 4218 are not included in this point release for technical reasons. All other security updates released during the lifetime of “jessie” that have not previously been part of a point release are included in this update. Please note that the point release does not constitute a new version of Debian 8 but only updates some of the packages included. There is no need to throw away old jessie media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won’t have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations.

Miscellaneous Bug Fixes

This oldstable update adds a few important corrections to the following packages:

  • admin Don’t allow connections to privileged ports [CVE-2018-7667]
  • base-files Update for the point release
  • blktrace Fix buffer overflow in btt [CVE-2018-10689]
  • bwm-ng Explicitly build without libstatgrab support
  • clamav security update [CVE-2017-6418 CVE-2017-6420 CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380]; fix temporary file cleanup issue; new upstream release; new upstream version
  • debian-installer Rebuild for the point release
  • debian-installer-netboot-images Rebuild for the point release
  • debian-security-support Update package data
  • dh-make-perl Support Contents file without header
  • dns-root-data Update IANA DNSSEC files to 2017-02-02 versions
  • faad2 Fix several DoS issues via crafted MP4 files [CVE-2017-9218 CVE-2017-9219 CVE-2017-9220 CVE-2017-9221 CVE-2017-9222 CVE-2017-9223 CVE-2017-9253 CVE-2017-9254 CVE-2017-9255 CVE-2017-9256 CVE-2017-9257]
  • file Avoid reading past the end of a buffer [CVE-2018-10360]
  • ghostscript Fix segfault with fuzzing file in gxht_thresh_image_init; fix buffer overflow in fill_threshold_buffer [CVE-2016-10317]; pdfwrite – Guard against trying to output an infinite number [CVE-2018-10194]
  • intel-microcode Update included microcode, including fixes for Specter v2 [CVE-2017-5715]
  • lame Fix security issues by switching to use I/O routines from sndfile [CVE-2017-15018 CVE-2017-15045 CVE-2017-15046 CVE-2017-9869 CVE-2017-9870 CVE-2017-9871 CVE-2017-9872]
  • libdatetime-timezone-perl Update included data
  • libextractorVarious security fixes [CVE-2017-15266 CVE-2017-15267 CVE-2017-15600 CVE-2017-15601 CVE-2017-15602 CVE-2017-15922 CVE-2017-17440]
  • libipc-run-perl Fix memory leak
  • linux New upstream stable release
  • mactelnet security fix [CVE-2016-7115]
  • ncurses Fix buffer overflow in the _nc_write_entry function [CVE-2017-16879]
  • nvidia-graphics-drivers New upstream version
  • nvidia-graphics-drivers-legacy-304xx Update to latest driver
  • openafs Fix kernel module build against linux 3.16.51-3+deb8u1 kernels after security update-induced ABI changes
  • openldap Fix upgrade failure when olcSuffix contains a backslash; fix memory corruption caused by calling sasl_client_init() multiple times
  • patch Fix arbitrary command execution in ed-style patches [CVE-2018-1000156]
  • postgresql-9.4 New upstream release
  • psensor Fix directory traversal issue [CVE-2014-10073]
  • python-mimeparse Fix python3-mimeparse’s dependencies
  • rar Strip statically linked rar and install the dynamically linked version instead
  • reportbug Stop CCing [email protected]
  • sam2p Fix multiple invalid frees and buffer-overflow vulnerabilities [CVE-2018-7487 CVE-2018-7551 CVE-2018-7552 CVE-2018-7553 CVE-2018-7554]
  • slurm-llnl Fix upgrade issue from wheezy
  • soundtouch Security fixes [CVE-2017-9258 CVE-2017-9259 CVE-2017-9260]
  • subversion Fix crashes with Perl bindings, commonly seen when using git-svn
  • tzdata Update included data
  • user-mode-linux Rebuild against current jessie kernel
  • virtualbox-guest-additions-iso Fix multiple security issues [CVE-2016-0592 CVE-2016-0495 CVE-2015-8104 CVE-2015-7183 CVE-2015-5307 CVE-2015-7183 CVE-2015-4813 CVE-2015-4896 CVE-2015-3456]
  • xerces-c Fix Denial of Service via external DTD reference [CVE-2017-12627]
  • zsh Rebuild against libraries currently in jessie

Security Updates

This revision adds the following security updates to the oldstable release. The Security Team has already released an advisory for each of these updates:

  • DSA-3707 openjdk-7
  • DSA-3708 matt
  • DSA-3746 graphics magick
  • DSA-3782 openjdk-7
  • DSA-3832 openoffice.org dictionaries
  • DSA-3858 openjdk-7
  • DSA-3923 freerdp
  • DSA-3944 mariadb-10.0
  • DSA-3954 openjdk-7
  • DSA-3968 icedove
  • DSA-4010 git-annex
  • DSA-4014 thunderbird
  • DSA-4048 openjdk-7
  • DSA-4054 ​​Tor
  • DSA-4057 erlang
  • DSA-4058 options
  • DSA-4059 libx cursor
  • DSA-4060 wireshark
  • DSA-4061 thunderbird
  • DSA-4062 firefox-esr
  • DSA-4066 otrs2
  • DSA-4067 open af
  • DSA-4068 rsync
  • DSA-4069 otrs2
  • DSA-4070 enigmail
  • DSA-4071 sensible-utils
  • DSA-4075 thunderbird
  • DSA-4076 asterisk
  • DSA-4077 gimp
  • DSA-4079 poppler
  • DSA-4081 php5 DSA-4082 linux
  • DSA-4082 linux-latest
  • DSA-4083 poco
  • DSA-4084 gifsicle
  • DSA-4085 xmltooling
  • DSA-4086 libxml2
  • DSA-4087 transmission
  • DSA-4088 gdk-pixbuf
  • DSA-4089 bind9
  • DSA-4090 wordpress
  • DSA-4091 mysql-5.5
  • DSA-4092 awstats
  • DSA-4093 openocd
  • DSA-4094 smarty3
  • DSA-4096 firefox-esr
  • DSA-4097 poppler
  • DSA-4098 curl
  • DSA-4100 tiff
  • DSA-4101 wireshark
  • DSA-4102 thunderbird
  • DSA-4104 p7zip
  • DSA-4108 mailman
  • DSA-4109 ruby-omniauth
  • DSA-4110 exim4
  • DSA-4111 libre office
  • DSA-4114 jackson databind
  • DSA-4115 quagga
  • DSA-4117 gcc-4.9
  • DSA-4118 tomcat native
  • DSA-4119 libav
  • DSA-4122 squid3
  • DSA-4123 drupal7
  • DSA-4124 lucene-solr
  • DSA-4126 xml tooling
  • DSA-4127 simplesamlphp
  • DSA-4129 freexl
  • DSA-4130 dovecot
  • DSA-4132 libvpx
  • DSA-4133 isc-dhcp
  • DSA-4136 curl
  • DSA-4137 libvirt
  • DSA-4139 firefox-esr
  • DSA-4140 libvorbis
  • DSA-4141 libvorbisidec
  • DSA-4142 uwsgi
  • DSA-4143 firefox-esr
  • DSA-4146 plexus-utils
  • DSA-4147 polarssl
  • DSA-4148 kamailio
  • DSA-4149 plexus-utils2
  • DSA-4150 ICu
  • DSA-4151 librelp
  • DSA-4152 mupdf
  • DSA-4153 firefox-esr
  • DSA-4154 net-snmp
  • DSA-4155 thunderbird
  • DSA-4156 drupal7
  • DSA-4157 openssl
  • DSA-4161 python-django
  • DSA-4163 beep
  • DSA-4164 apache2
  • DSA-4165 ldap account manager
  • DSA-4167 sharutils
  • DSA-4168 squirrel mail
  • DSA-4172 pearl
  • DSA-4175 freeplane
  • DSA-4176 mysql-5.5
  • DSA-4177 libsdl2-image
  • DSA-4178 libre office
  • DSA-4179 linux tools
  • DSA-4180 drupal7
  • DSA-4184 sdl-image1.2
  • DSA-4186 gunicorn
  • DSA-4187 linux-latest
  • DSA-4187 linux
  • DSA-4189 quassel
  • DSA-4190 jackson databind
  • DSA-4192 libmad
  • DSA-4193 wordpress
  • DSA-4194 lucene-solr
  • DSA-4195 wget
  • DSA-4196 linux
  • DSA-4199 firefox-esr
  • DSA-4202 curl
  • DSA-4204 image magick
  • DSA-4208 procps
  • DSA-4209 thunderbird
  • DSA-4211 xdg-utils
  • DSA-4212 git
  • DSA-4214 zookeeper
  • DSA-4215 batik
  • DSA-4216 prosody
  • DSA-4217 wireshark
  • DSA-4218 memcached
  • DSA-4220 firefox-esr
  • DSA-4221 libvncserver
  • DSA-4222 gnupg2
  • DSA-4224 gnupg
  • DSA-4225 openjdk-7
  • DSA-4226 pearl
  • DSA-4227 Plexus Archiver
  • DSA-4228 Spip
  • DSA-4229 strongswan

Removed packages

The following packages were removed due to circumstances beyond our control:

  • dolibarr Too much work to maintain it properly in Debian
  • electrum No longer able to connect to the network
  • jirc Broken with jessie’s libpoe-filter-xml-perl
  • nvidia-graphics-modules License problem; incompatible with current kernel ABI
  • openstreetmap client Broken
  • redmine No longer security supported
  • redmine-plugin-pretend Depends on redmine
  • redmine-plugin-recaptcha Depends on redmine
  • redmine-recaptcha Depends on redmine
  • youtube-dl Incompatible YouTube API changes

Version number 8.11
Release status Final
Operating systems Linux
Website Debian
Download
License type Conditions (GNU/BSD/etc.)
You might also like