Debian 9843 Published by

Debian GNU/Linux 8.7 has been released



Here the announcement:

------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Updated Debian 8: 8.7 released press@debian.org
January 14th, 2017 https://www.debian.org/News/2017/20170114
------------------------------------------------------------------------


The Debian project is pleased to announce the seventh update of its
stable distribution Debian 8 (codename "jessie"). This update mainly
adds corrections for security problems to the stable release, along with
a few adjustments for serious problems. Security advisories were already
published separately and are referenced where available.

Please note that this update does not constitute a new version of Debian
8 but only updates some of the packages included. There is no need to
throw away old "jessie" CDs or DVDs but only to update via an up-to-date
Debian mirror after an installation, to cause any out of date packages
to be updated.

Those who frequently install updates from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.

New installation media and CD and DVD images containing updated packages
will be available soon at the regular locations.

Upgrading to this revision online is usually done by pointing the
aptitude (or apt) package tool (see the sources.list(5) manual page) to
one of Debian's many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:

https://www.debian.org/mirror/list



Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

+--------------------------+------------------------------------------+
| Package | Reason |
+--------------------------+------------------------------------------+
| ark [1] | Stop crashing on exit when being used |
| | solely as a KPart |
| | |
| asterisk [2] | Fix security issue due to non-printable |
| | ASCII chars treated as whitespace |
| | [CVE-2016-9938] |
| | |
| asused [3] | Use created fields instead of changed, |
| | in line with changes to source data |
| | |
| base-files [4] | Change /etc/debian_version to 8.7 |
| | |
| bash [5] | Fix arbitrary code execution via |
| | malicious hostname [CVE-2016-0634] and |
| | specially crafted SHELLOPTS+PS4 |
| | variables allows command substitution |
| | [CVE-2016-7543] |
| | |
| ca-certificates [6] | Update Mozilla certificate authority |
| | bundle to version 2.9; postinst: run |
| | update-certificates without hooks to |
| | initially populate /etc/ssl/certs |
| | |
| cairo [7] | Fix DoS via using SVG to generate |
| | invalid pointers [CVE-2016-9082] |
| | |
| ccache [8] | [amd64] Rebuild in a clean environment |
| | |
| ceph [9] | Fix short CORS request issue [CVE-2016- |
| | 9579], mon DoS [CVE-2016-5009], |
| | anonymous read on ACL [CVE-2016-7031], |
| | RGW DoS [CVE-2016-8626] |
| | |
| chirp [10] | Disable reporting of telemetry by |
| | default |
| | |
| cyrus-imapd-2.4 [11] | Fix LIST GROUP support |
| | |
| darktable [12] | Fix integer overflow in ljpeg_start() |
| | [CVE-2015-3885] |
| | |
| dbus [13] | Fix potential format string |
| | vulnerability; dbus.prerm: ensure that |
| | dbus.socket is stopped before removal |
| | |
| debian-edu-doc [14] | Update Debian Edu Jessie manual from the |
| | wiki; fix (da|nl) Jessie manual PO files |
| | to get the PDF manuals built; |
| | translation updates |
| | |
| debian-edu-install [15] | Update version number to 8+edu1 |
| | |
| debian-installer [16] | Rebuild for the point release |
| | |
| debian-installer- | Rebuild for the point release |
| netboot-images [17] | |
| | |
| duck [18] | Fix loading of code from untrusted |
| | location [CVE-2016-1239] |
| | |
| e2fsprogs [19] | Rebuild against dietlibc |
| | 0.33~cvs20120325-6+deb8u1, to pick up |
| | included security fixes |
| | |
| ebook-speaker [20] | Fix hint about installing html2text to |
| | read html files |
| | |
| elog [21] | Fix posting entry as arbitrary username |
| | [CVE-2016-6342] |
| | |
| evolution-data- | Fix premature drop of connection with |
| server [22] | reduced TCP window sizes and resulting |
| | loss of data |
| | |
| exim4 [23] | Fix GnuTLS memory leak |
| | |
| file [24] | Fix memory leak in magic loader |
| | |
| ganeti-instance- | Fix losetup invocations by replacing -s |
| debootstrap [25] | with --show |
| | |
| glibc [26] | Do not unconditionally use the fsqrt |
| | instruction on 64-bit PowerPC CPUs; fix |
| | a regression introduced by cvs-resolv- |
| | ipv6-nameservers.diff in hesiod; disable |
| | lock elision (aka Intel TSX) on x86 |
| | architectures |
| | |
| glusterfs [27] | Quota: Fix could not start auxiliary |
| | mount issue |
| | |
| gnutls28 [28] | Fix incorrect certificate validation |
| | when using OCSP responses [GNUTLS- |
| | SA-2016-3 / CVE-2016-7444]; ensure |
| | compatibility with CVE-2016-6489-patched |
| | nettle |
| | |
| hplip [29] | Use full gpg key fingerprint when |
| | fetching key from keyservers [CVE-2015- |
| | 0839] |
| | |
| ieee-data [30] | Disable monthly update cron job |
| | |
| intel-microcode [31] | Update microcode |
| | |
| irssi [32] | Fix information exposure issue via |
| | buf.pl and /upgrade [CVE-2016-7553]; fix |
| | NULL pointer dereference in the nickcmp |
| | function [CVE-2017-5193], use-after-free |
| | when receiving invalid nick message |
| | [CVE-2017-5194] and out-of-bounds read |
| | in certain incomplete control codes |
| | [CVE-2017-5195] |
| | |
| isenkram [33] | Download firmware using curl; use HTTPS |
| | when downloading modaliases; change |
| | mirror from http.debian.net to |
| | httpredir.debian.org |
| | |
| jq [34] | Fix heap buffer overflow [CVE-2015-8863] |
| | and stack exhaustion [CVE-2016-4074] |
| | |
| libclamunrar [35] | Fix out-of-band access |
| | |
| libdatetime-timezone- | Update to 2016h; update included data to |
| perl [36] | 2016i; update to 2016j; update to 2016g |
| | |
| libfcgi-perl [37] | Fix "numerous connections cause |
| | segfault DoS" [CVE-2012-6687] |
| | |
| libio-socket-ssl- | Fix issue with incorrect "unreadable |
| perl [38] | SSL_key_file" error when using |
| | filesystem ACLs |
| | |
| libmateweather [39] | Switch from discontinued |
| | weather.noaa.gov to aviationweather.gov |
| | |
| libphp-adodb [40] | Fix XSS vulnerability [CVE-2016-4855] |
| | and SQL injection issue [CVE-2016-7405] |
| | |
| libpng [41] | Fix null pointer deference issue |
| | [CVE-2016-10087] |
| | |
| libwmf [42] | Fix allocating huge block of memory |
| | [CVE-2016-9011] |
| | |
| linkchecker [43] | Fix HTTPS checks |
| | |
| linux [44] | Update to stable 3.16.39; add chaoskey |
| | driver, backported from 4.8, support for |
| | n25q256a11 SPI flash device; |
| | security,perf: Allow unprivileged use of |
| | perf_event_open to be disabled; several |
| | bug and security fixes |
| | |
| lxc [45] | Attach: do not send procfd to attached |
| | process [CVE-2016-8649]; remount bind |
| | mounts if read-only flag is provided; |
| | fix Alpine Linux container creation |
| | |
| mapserver [46] | Fix FTBFS with php >= 5.6.25; fix |
| | information leak via error messages |
| | [CVE-2016-9839] |
| | |
| mdadm [47] | Allow '--grow --continue' to |
| | successfully reshape an array when using |
| | backup space on a 'spare' device |
| | |
| metar [48] | Update report URL |
| | |
| minissdpd [49] | Fix improper validation of array index |
| | vulnerability [CVE-2016-3178 CVE-2016- |
| | 3179] |
| | |
| monotone [50] | Change the sigpipe test case to write 1M |
| | of test data to increase chances of |
| | overflowing the pipe buffer |
| | |
| most [51] | Fix shell injection attack when opening |
| | lzma-compressed files [CVE-2016-1253] |
| | |
| mpg123 [52] | Fix DoS with crafted ID3v2 tags |
| | |
| musl [53] | Fix integer overflow [CVE-2016-8859] |
| | |
| nbd [54] | Stop mixing global flags into the flags |
| | field that gets sent to the kernel, so |
| | that connecting to nbd-server >= 3.9 |
| | does not cause every export to be |
| | (incorrectly) marked as read-only |
| | |
| nettle [55] | Protect against potential side-channel |
| | attacks against exponentiation |
| | operations [CVE-2016-6489] |
| | |
| nss-pam-ldapd [56] | Have init script stop action only return |
| | when nslcd has actually stopped |
| | |
| nvidia-graphics- | Update to new driver version, including |
| drivers [57] | security fixes [CVE-2016-8826 CVE-2016- |
| | 7382 CVE-2016-7389] |
| | |
| nvidia-graphics-drivers- | Update to new driver version, including |
| legacy-304xx [58] | security fixes [CVE-2016-8826 CVE-2016- |
| | 7382 CVE-2016-7389] |
| | |
| nvidia-graphics- | Rebuild against nvidia-kernel-source |
| modules [59] | 340.101 |
| | |
| openbox [60] | Add libxcursor-dev build-dependency to |
| | fix loading of startup notifications; |
| | replace getgrent with getgroups so as |
| | not to enumerate all groups at startup |
| | |
| opendkim [61] | Fix relaxed canonicalization of folded |
| | headers, which broke signatures |
| | |
| pam [62] | Fix handling of loginuid in containers |
| | |
| pgpdump [63] | Fix endless loop parsing specially |
| | crafted input in read_binary [CVE-2016- |
| | 4021] and buffer overrun in read_radix64 |
| | |
| postgresql-9.4 [64] | New upstream release |
| | |
| postgresql-common [65] | Pg_upgradecluster: Properly upgrade |
| | databases with non-login role owners; |
| | pg_ctlcluster: Protect against symlink |
| | in /var/log/postgresql/ allowing the |
| | creation of arbitrary files elsewhere |
| | [CVE-2016-1255] |
| | |
| potrace [66] | Security fixes [CVE-2016-8694 CVE-2016- |
| | 8695 CVE-2016-8696 CVE-2016-8697 |
| | CVE-2016-8698 CVE-2016-8699 CVE-2016- |
| | 8700 CVE-2016-8701 CVE-2016-8702 |
| | CVE-2016-8703] |
| | |
| python-crypto [67] | Raise a warning when IV is used with ECB |
| | or CTR and ignore the IV [CVE-2013-7459] |
| | |
| python-werkzeug [68] | Fix XSS issue in debugger |
| | |
| qtbase-opensource- | Prevent bad-ptrs deref in |
| src [69] | QNetworkConfigurationManagerPrivate; fix |
| | X11 tray icons on some desktops |
| | |
| rawtherapee [70] | Fix buffer overflow in dcraw [CVE-2015- |
| | 8366] |
| | |
| redmine [71] | Handle dependency check failure when |
| | triggered, to avoid breaking in the |
| | middle of dist-upgrades; avoid opening |
| | database configuration that are not |
| | readable |
| | |
| samba [72] | Fix "client side SMB2/3 required |
| | signing can be downgraded" [CVE-2016- |
| | 2119], various regressions introduced by |
| | the 4.2.10 security fixes, segfault with |
| | clustering |
| | |
| sed [73] | Ensure consistent permissions with |
| | different umasks |
| | |
| shutter [74] | Fix insecure usage of system() |
| | [CVE-2015-0854] |
| | |
| sniffit [75] | Security fix [CVE-2014-5439] |
| | |
| suckless-tools [76] | Fix SEGV in slock when user's account |
| | has been disabled [CVE-2016-6866] |
| | |
| sympa [77] | Fix logrotate configuration so that |
| | sympa is not left in a confused state |
| | when systemd is used |
| | |
| systemd [78] | Don't return any error in |
| | manager_dispatch_notify_fd() [CVE-2016- |
| | 7796]; core: Rework logic to determine |
| | when we decide to add automatic deps for |
| | mounts; various ordering fixes for |
| | ifupdown; systemctl: Fix argument |
| | handling when invoked as shutdown; |
| | localed: tolerate absence of /etc/ |
| | default/keyboard; systemctl, loginctl, |
| | etc.: Don't start polkit agent when |
| | running as root |
| | |
| tevent [79] | New upstream version, required for samba |
| | |
| tre [80] | Fix regex integer overflow in buffer |
| | size computations [CVE-2016-8859] |
| | |
| tzdata [81] | Update included data to 2016h; update to |
| | 2016g; update to 2016j; update included |
| | data to 2016i |
| | |
| unrtf [82] | Fix buffer overflow in various cmd_ |
| | functions [CVE-2016-10091] |
| | |
| w3m [83] | Several security fixes [CVE-2016-9430 |
| | CVE-2016-9434 CVE-2016-9438 CVE-2016- |
| | 9440 CVE-2016-9441 CVE-2016-9423 |
| | CVE-2016-9431 CVE-2016-9424 CVE-2016- |
| | 9432 CVE-2016-9433 CVE-2016-9437 |
| | CVE-2016-9422 CVE-2016-9435 CVE-2016- |
| | 9436 CVE-2016-9426 CVE-2016-9425 |
| | CVE-2016-9428 CVE-2016-9442 CVE-2016- |
| | 9443 CVE-2016-9429 CVE-2016-9621 |
| | CVE-2016-9439 CVE-2016-9622 CVE-2016- |
| | 9623 CVE-2016-9624 CVE-2016-9625 |
| | CVE-2016-9626 CVE-2016-9627 CVE-2016- |
| | 9628 CVE-2016-9629 CVE-2016-9631 |
| | CVE-2016-9630 CVE-2016-9632 CVE-2016- |
| | 9633] |
| | |
| wireless-regdb [84] | Update included data |
| | |
| wot [85] | Remove plugin due to privacy issues |
| | |
| xwax [86] | Replace ffmpeg with avconv from libav- |
| | tools |
| | |
| zookeeper [87] | Fix buffer overflow via the input |
| | command when using the "cmd:" batch |
| | mode syntax [CVE-2016-5017] |
| | |
+--------------------------+------------------------------------------+

1: https://packages.debian.org/src:ark
2: https://packages.debian.org/src:asterisk
3: https://packages.debian.org/src:asused
4: https://packages.debian.org/src:base-files
5: https://packages.debian.org/src:bash
6: https://packages.debian.org/src:ca-certificates
7: https://packages.debian.org/src:cairo
8: https://packages.debian.org/src:ccache
9: https://packages.debian.org/src:ceph
10: https://packages.debian.org/src:chirp
11: https://packages.debian.org/src:cyrus-imapd-2.4
12: https://packages.debian.org/src:darktable
13: https://packages.debian.org/src:dbus
14: https://packages.debian.org/src:debian-edu-doc
15: https://packages.debian.org/src:debian-edu-install
16: https://packages.debian.org/src:debian-installer
17: https://packages.debian.org/src:debian-installer-netboot-images
18: https://packages.debian.org/src:duck
19: https://packages.debian.org/src:e2fsprogs
20: https://packages.debian.org/src:ebook-speaker
21: https://packages.debian.org/src:elog
22: https://packages.debian.org/src:evolution-data-server
23: https://packages.debian.org/src:exim4
24: https://packages.debian.org/src:file
25: https://packages.debian.org/src:ganeti-instance-debootstrap
26: https://packages.debian.org/src:glibc
27: https://packages.debian.org/src:glusterfs
28: https://packages.debian.org/src:gnutls28
29: https://packages.debian.org/src:hplip
30: https://packages.debian.org/src:ieee-data
31: https://packages.debian.org/src:intel-microcode
32: https://packages.debian.org/src:irssi
33: https://packages.debian.org/src:isenkram
34: https://packages.debian.org/src:jq
35: https://packages.debian.org/src:libclamunrar
36: https://packages.debian.org/src:libdatetime-timezone-perl
37: https://packages.debian.org/src:libfcgi-perl
38: https://packages.debian.org/src:libio-socket-ssl-perl
39: https://packages.debian.org/src:libmateweather
40: https://packages.debian.org/src:libphp-adodb
41: https://packages.debian.org/src:libpng
42: https://packages.debian.org/src:libwmf
43: https://packages.debian.org/src:linkchecker
44: https://packages.debian.org/src:linux
45: https://packages.debian.org/src:lxc
46: https://packages.debian.org/src:mapserver
47: https://packages.debian.org/src:mdadm
48: https://packages.debian.org/src:metar
49: https://packages.debian.org/src:minissdpd
50: https://packages.debian.org/src:monotone
51: https://packages.debian.org/src:most
52: https://packages.debian.org/src:mpg123
53: https://packages.debian.org/src:musl
54: https://packages.debian.org/src:nbd
55: https://packages.debian.org/src:nettle
56: https://packages.debian.org/src:nss-pam-ldapd
57: https://packages.debian.org/src:nvidia-graphics-drivers
58: https://packages.debian.org/src:nvidia-graphics-drivers-legacy-304xx
59: https://packages.debian.org/src:nvidia-graphics-modules
60: https://packages.debian.org/src:openbox
61: https://packages.debian.org/src:opendkim
62: https://packages.debian.org/src:pam
63: https://packages.debian.org/src:pgpdump
64: https://packages.debian.org/src:postgresql-9.4
65: https://packages.debian.org/src:postgresql-common
66: https://packages.debian.org/src:potrace
67: https://packages.debian.org/src:python-crypto
68: https://packages.debian.org/src:python-werkzeug
69: https://packages.debian.org/src:qtbase-opensource-src
70: https://packages.debian.org/src:rawtherapee
71: https://packages.debian.org/src:redmine
72: https://packages.debian.org/src:samba
73: https://packages.debian.org/src:sed
74: https://packages.debian.org/src:shutter
75: https://packages.debian.org/src:sniffit
76: https://packages.debian.org/src:suckless-tools
77: https://packages.debian.org/src:sympa
78: https://packages.debian.org/src:systemd
79: https://packages.debian.org/src:tevent
80: https://packages.debian.org/src:tre
81: https://packages.debian.org/src:tzdata
82: https://packages.debian.org/src:unrtf
83: https://packages.debian.org/src:w3m
84: https://packages.debian.org/src:wireless-regdb
85: https://packages.debian.org/src:wot
86: https://packages.debian.org/src:xwax
87: https://packages.debian.org/src:zookeeper

Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

+----------------+----------------------------+
| Advisory ID | Package |
+----------------+----------------------------+
| DSA-3636 [88] | collectd [89] |
| | |
| DSA-3665 [90] | openjpeg2 [91] |
| | |
| DSA-3666 [92] | mysql-5.5 [93] |
| | |
| DSA-3667 [94] | chromium-browser [95] |
| | |
| DSA-3668 [96] | mailman [97] |
| | |
| DSA-3669 [98] | tomcat7 [99] |
| | |
| DSA-3670 [100] | tomcat8 [101] |
| | |
| DSA-3671 [102] | wireshark [103] |
| | |
| DSA-3672 [104] | irssi [105] |
| | |
| DSA-3673 [106] | openssl [107] |
| | |
| DSA-3674 [108] | firefox-esr [109] |
| | |
| DSA-3675 [110] | imagemagick [111] |
| | |
| DSA-3676 [112] | unadf [113] |
| | |
| DSA-3677 [114] | libarchive [115] |
| | |
| DSA-3678 [116] | python-django [117] |
| | |
| DSA-3679 [118] | jackrabbit [119] |
| | |
| DSA-3680 [120] | bind9 [121] |
| | |
| DSA-3681 [122] | wordpress [123] |
| | |
| DSA-3682 [124] | c-ares [125] |
| | |
| DSA-3683 [126] | chromium-browser [127] |
| | |
| DSA-3684 [128] | libdbd-mysql-perl [129] |
| | |
| DSA-3685 [130] | libav [131] |
| | |
| DSA-3686 [132] | icedove [133] |
| | |
| DSA-3687 [134] | nspr [135] |
| | |
| DSA-3688 [136] | nss [137] |
| | |
| DSA-3689 [138] | php5 [139] |
| | |
| DSA-3691 [140] | ghostscript [141] |
| | |
| DSA-3692 [142] | freeimage [143] |
| | |
| DSA-3693 [144] | libgd2 [145] |
| | |
| DSA-3694 [146] | tor [147] |
| | |
| DSA-3695 [148] | quagga [149] |
| | |
| DSA-3696 [150] | linux [151] |
| | |
| DSA-3697 [152] | kdepimlibs [153] |
| | |
| DSA-3698 [154] | php5 [155] |
| | |
| DSA-3700 [156] | asterisk [157] |
| | |
| DSA-3701 [158] | nginx [159] |
| | |
| DSA-3702 [160] | tar [161] |
| | |
| DSA-3703 [162] | bind9 [163] |
| | |
| DSA-3704 [164] | memcached [165] |
| | |
| DSA-3705 [166] | curl [167] |
| | |
| DSA-3706 [168] | mysql-5.5 [169] |
| | |
| DSA-3709 [170] | libxslt [171] |
| | |
| DSA-3710 [172] | pillow [173] |
| | |
| DSA-3712 [174] | terminology [175] |
| | |
| DSA-3713 [176] | gst-plugins-bad0.10 [177] |
| | |
| DSA-3714 [178] | akonadi [179] |
| | |
| DSA-3715 [180] | moin [181] |
| | |
| DSA-3716 [182] | firefox-esr [183] |
| | |
| DSA-3717 [184] | gst-plugins-bad0.10 [185] |
| | |
| DSA-3717 [186] | gst-plugins-bad1.0 [187] |
| | |
| DSA-3718 [188] | drupal7 [189] |
| | |
| DSA-3719 [190] | wireshark [191] |
| | |
| DSA-3720 [192] | tomcat8 [193] |
| | |
| DSA-3721 [194] | tomcat7 [195] |
| | |
| DSA-3722 [196] | vim [197] |
| | |
| DSA-3723 [198] | gst-plugins-good1.0 [199] |
| | |
| DSA-3724 [200] | gst-plugins-good0.10 [201] |
| | |
| DSA-3725 [202] | icu [203] |
| | |
| DSA-3726 [204] | imagemagick [205] |
| | |
| DSA-3727 [206] | hdf5 [207] |
| | |
| DSA-3728 [208] | firefox-esr [209] |
| | |
| DSA-3729 [210] | xen [211] |
| | |
| DSA-3731 [212] | chromium-browser [213] |
| | |
| DSA-3732 [214] | php-ssh2 [215] |
| | |
| DSA-3732 [216] | php5 [217] |
| | |
| DSA-3733 [218] | apt [219] |
| | |
| DSA-3734 [220] | firefox-esr [221] |
| | |
| DSA-3735 [222] | game-music-emu [223] |
| | |
| DSA-3736 [224] | libupnp [225] |
| | |
| DSA-3737 [226] | php5 [227] |
| | |
| DSA-3738 [228] | tomcat7 [229] |
| | |
| DSA-3739 [230] | tomcat8 [231] |
| | |
| DSA-3740 [232] | samba [233] |
| | |
| DSA-3741 [234] | tor [235] |
| | |
| DSA-3743 [236] | python-bottle [237] |
| | |
| DSA-3744 [238] | libxml2 [239] |
| | |
| DSA-3745 [240] | squid3 [241] |
| | |
| DSA-3747 [242] | exim4 [243] |
| | |
| DSA-3748 [244] | libcrypto++ [245] |
| | |
| DSA-3749 [246] | dcmtk [247] |
| | |
| DSA-3750 [248] | libphp-phpmailer [249] |
| | |
| DSA-3751 [250] | libgd2 [251] |
| | |
| DSA-3752 [252] | pcsc-lite [253] |
| | |
| DSA-3753 [254] | libvncserver [255] |
| | |
| DSA-3754 [256] | tomcat7 [257] |
| | |
| DSA-3755 [258] | tomcat8 [259] |
| | |
+----------------+----------------------------+

88: https://www.debian.org/security/2016/dsa-3636
89: https://packages.debian.org/src:collectd
90: https://www.debian.org/security/2016/dsa-3665
91: https://packages.debian.org/src:openjpeg2
92: https://www.debian.org/security/2016/dsa-3666
93: https://packages.debian.org/src:mysql-5.5
94: https://www.debian.org/security/2016/dsa-3667
95: https://packages.debian.org/src:chromium-browser
96: https://www.debian.org/security/2016/dsa-3668
97: https://packages.debian.org/src:mailman
98: https://www.debian.org/security/2016/dsa-3669
99: https://packages.debian.org/src:tomcat7
100: https://www.debian.org/security/2016/dsa-3670
101: https://packages.debian.org/src:tomcat8
102: https://www.debian.org/security/2016/dsa-3671
103: https://packages.debian.org/src:wireshark
104: https://www.debian.org/security/2016/dsa-3672
105: https://packages.debian.org/src:irssi
106: https://www.debian.org/security/2016/dsa-3673
107: https://packages.debian.org/src:openssl
108: https://www.debian.org/security/2016/dsa-3674
109: https://packages.debian.org/src:firefox-esr
110: https://www.debian.org/security/2016/dsa-3675
111: https://packages.debian.org/src:imagemagick
112: https://www.debian.org/security/2016/dsa-3676
113: https://packages.debian.org/src:unadf
114: https://www.debian.org/security/2016/dsa-3677
115: https://packages.debian.org/src:libarchive
116: https://www.debian.org/security/2016/dsa-3678
117: https://packages.debian.org/src:python-django
118: https://www.debian.org/security/2016/dsa-3679
119: https://packages.debian.org/src:jackrabbit
120: https://www.debian.org/security/2016/dsa-3680
121: https://packages.debian.org/src:bind9
122: https://www.debian.org/security/2016/dsa-3681
123: https://packages.debian.org/src:wordpress
124: https://www.debian.org/security/2016/dsa-3682
125: https://packages.debian.org/src:c-ares
126: https://www.debian.org/security/2016/dsa-3683
127: https://packages.debian.org/src:chromium-browser
128: https://www.debian.org/security/2016/dsa-3684
129: https://packages.debian.org/src:libdbd-mysql-perl
130: https://www.debian.org/security/2016/dsa-3685
131: https://packages.debian.org/src:libav
132: https://www.debian.org/security/2016/dsa-3686
133: https://packages.debian.org/src:icedove
134: https://www.debian.org/security/2016/dsa-3687
135: https://packages.debian.org/src:nspr
136: https://www.debian.org/security/2016/dsa-3688
137: https://packages.debian.org/src:nss
138: https://www.debian.org/security/2016/dsa-3689
139: https://packages.debian.org/src:php5
140: https://www.debian.org/security/2016/dsa-3691
141: https://packages.debian.org/src:ghostscript
142: https://www.debian.org/security/2016/dsa-3692
143: https://packages.debian.org/src:freeimage
144: https://www.debian.org/security/2016/dsa-3693
145: https://packages.debian.org/src:libgd2
146: https://www.debian.org/security/2016/dsa-3694
147: https://packages.debian.org/src:tor
148: https://www.debian.org/security/2016/dsa-3695
149: https://packages.debian.org/src:quagga
150: https://www.debian.org/security/2016/dsa-3696
151: https://packages.debian.org/src:linux
152: https://www.debian.org/security/2016/dsa-3697
153: https://packages.debian.org/src:kdepimlibs
154: https://www.debian.org/security/2016/dsa-3698
155: https://packages.debian.org/src:php5
156: https://www.debian.org/security/2016/dsa-3700
157: https://packages.debian.org/src:asterisk
158: https://www.debian.org/security/2016/dsa-3701
159: https://packages.debian.org/src:nginx
160: https://www.debian.org/security/2016/dsa-3702
161: https://packages.debian.org/src:tar
162: https://www.debian.org/security/2016/dsa-3703
163: https://packages.debian.org/src:bind9
164: https://www.debian.org/security/2016/dsa-3704
165: https://packages.debian.org/src:memcached
166: https://www.debian.org/security/2016/dsa-3705
167: https://packages.debian.org/src:curl
168: https://www.debian.org/security/2016/dsa-3706
169: https://packages.debian.org/src:mysql-5.5
170: https://www.debian.org/security/2016/dsa-3709
171: https://packages.debian.org/src:libxslt
172: https://www.debian.org/security/2016/dsa-3710
173: https://packages.debian.org/src:pillow
174: https://www.debian.org/security/2016/dsa-3712
175: https://packages.debian.org/src:terminology
176: https://www.debian.org/security/2016/dsa-3713
177: https://packages.debian.org/src:gst-plugins-bad0.10
178: https://www.debian.org/security/2016/dsa-3714
179: https://packages.debian.org/src:akonadi
180: https://www.debian.org/security/2016/dsa-3715
181: https://packages.debian.org/src:moin
182: https://www.debian.org/security/2016/dsa-3716
183: https://packages.debian.org/src:firefox-esr
184: https://www.debian.org/security/2016/dsa-3717
185: https://packages.debian.org/src:gst-plugins-bad0.10
186: https://www.debian.org/security/2016/dsa-3717
187: https://packages.debian.org/src:gst-plugins-bad1.0
188: https://www.debian.org/security/2016/dsa-3718
189: https://packages.debian.org/src:drupal7
190: https://www.debian.org/security/2016/dsa-3719
191: https://packages.debian.org/src:wireshark
192: https://www.debian.org/security/2016/dsa-3720
193: https://packages.debian.org/src:tomcat8
194: https://www.debian.org/security/2016/dsa-3721
195: https://packages.debian.org/src:tomcat7
196: https://www.debian.org/security/2016/dsa-3722
197: https://packages.debian.org/src:vim
198: https://www.debian.org/security/2016/dsa-3723
199: https://packages.debian.org/src:gst-plugins-good1.0
200: https://www.debian.org/security/2016/dsa-3724
201: https://packages.debian.org/src:gst-plugins-good0.10
202: https://www.debian.org/security/2016/dsa-3725
203: https://packages.debian.org/src:icu
204: https://www.debian.org/security/2016/dsa-3726
205: https://packages.debian.org/src:imagemagick
206: https://www.debian.org/security/2016/dsa-3727
207: https://packages.debian.org/src:hdf5
208: https://www.debian.org/security/2016/dsa-3728
209: https://packages.debian.org/src:firefox-esr
210: https://www.debian.org/security/2016/dsa-3729
211: https://packages.debian.org/src:xen
212: https://www.debian.org/security/2016/dsa-3731
213: https://packages.debian.org/src:chromium-browser
214: https://www.debian.org/security/2016/dsa-3732
215: https://packages.debian.org/src:php-ssh2
216: https://www.debian.org/security/2016/dsa-3732
217: https://packages.debian.org/src:php5
218: https://www.debian.org/security/2016/dsa-3733
219: https://packages.debian.org/src:apt
220: https://www.debian.org/security/2016/dsa-3734
221: https://packages.debian.org/src:firefox-esr
222: https://www.debian.org/security/2016/dsa-3735
223: https://packages.debian.org/src:game-music-emu
224: https://www.debian.org/security/2016/dsa-3736
225: https://packages.debian.org/src:libupnp
226: https://www.debian.org/security/2016/dsa-3737
227: https://packages.debian.org/src:php5
228: https://www.debian.org/security/2016/dsa-3738
229: https://packages.debian.org/src:tomcat7
230: https://www.debian.org/security/2016/dsa-3739
231: https://packages.debian.org/src:tomcat8
232: https://www.debian.org/security/2016/dsa-3740
233: https://packages.debian.org/src:samba
234: https://www.debian.org/security/2016/dsa-3741
235: https://packages.debian.org/src:tor
236: https://www.debian.org/security/2016/dsa-3743
237: https://packages.debian.org/src:python-bottle
238: https://www.debian.org/security/2016/dsa-3744
239: https://packages.debian.org/src:libxml2
240: https://www.debian.org/security/2016/dsa-3745
241: https://packages.debian.org/src:squid3
242: https://www.debian.org/security/2016/dsa-3747
243: https://packages.debian.org/src:exim4
244: https://www.debian.org/security/2016/dsa-3748
245: https://packages.debian.org/src:libcrypto++
246: https://www.debian.org/security/2016/dsa-3749
247: https://packages.debian.org/src:dcmtk
248: https://www.debian.org/security/2017/dsa-3750
249: https://packages.debian.org/src:libphp-phpmailer
250: https://www.debian.org/security/2017/dsa-3751
251: https://packages.debian.org/src:libgd2
252: https://www.debian.org/security/2017/dsa-3752
253: https://packages.debian.org/src:pcsc-lite
254: https://www.debian.org/security/2017/dsa-3753
255: https://packages.debian.org/src:libvncserver
256: https://www.debian.org/security/2017/dsa-3754
257: https://packages.debian.org/src:tomcat7
258: https://www.debian.org/security/2017/dsa-3755
259: https://packages.debian.org/src:tomcat8

Removed packages
----------------

The following packages were removed due to circumstances beyond our
control:

+----------------+-----------------+
| Package | Reason |
+----------------+-----------------+
| dotclear [260] | Security issues |
| | |
| sogo [261] | Security issues |
| | |
+----------------+-----------------+

260: https://packages.debian.org/src:dotclear
261: https://packages.debian.org/src:sogo

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into
stable by the point release.


URLs
----

The complete lists of packages that have changed with this revision:

http://ftp.debian.org/debian/dists/jessie/ChangeLog


The current stable distribution:

http://ftp.debian.org/debian/dists/stable/


Proposed updates to the stable distribution:

http://ftp.debian.org/debian/dists/proposed-updates


stable distribution information (release notes, errata etc.):

https://www.debian.org/releases/stable/


Security announcements and information:

https://security.debian.org/ [262]

262: https://www.debian.org/security/


About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.

  Debian 8.7 released