diff options
author | galaxico <galaxico@quteity.cti> | 2020-09-27 18:30:42 +0300 |
---|---|---|
committer | galaxico <galaxico@quteity.cti> | 2020-09-27 18:30:42 +0300 |
commit | 2f4f6d6f900f9e84af6a3cd9d1f982248e62e4fa (patch) | |
tree | c7bb215a7be4b23d15c0085345903b323c1ef7f1 /greek/News | |
parent | 8ef5b649524a2288aa7776b8617e2eee1926d11f (diff) |
added greek News 2020
Diffstat (limited to 'greek/News')
-rw-r--r-- | greek/News/2020/20200208.wml | 286 | ||||
-rw-r--r-- | greek/News/2020/2020020802.wml | 283 | ||||
-rw-r--r-- | greek/News/2020/20200316.wml | 68 | ||||
-rw-r--r-- | greek/News/2020/20200509.wml | 307 | ||||
-rw-r--r-- | greek/News/2020/20200616.wml | 95 | ||||
-rw-r--r-- | greek/News/2020/20200709.wml | 72 | ||||
-rw-r--r-- | greek/News/2020/20200718.wml | 312 | ||||
-rw-r--r-- | greek/News/2020/20200801.wml | 308 | ||||
-rw-r--r-- | greek/News/2020/20200830.wml | 173 | ||||
-rw-r--r-- | greek/News/2020/20200926.wml | 205 | ||||
-rw-r--r-- | greek/News/2020/Makefile | 1 | ||||
-rw-r--r-- | greek/News/2020/index.wml | 14 |
12 files changed, 2124 insertions, 0 deletions
diff --git a/greek/News/2020/20200208.wml b/greek/News/2020/20200208.wml new file mode 100644 index 00000000000..af1b87dd62b --- /dev/null +++ b/greek/News/2020/20200208.wml @@ -0,0 +1,286 @@ +#use wml::debian::translation-check translation="96c05360e385187167f1ccbce37d38ce2e5e6920" maintainer="galaxico" +<define-tag pagetitle>Updated Debian 10: 10.3 released</define-tag> +<define-tag release_date>2020-02-08</define-tag> +#use wml::debian::news + +<define-tag release>10</define-tag> +<define-tag codename>buster</define-tag> +<define-tag revision>10.3</define-tag> + +<define-tag dsa> + <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td> + <td align="center"><: + my @p = (); + for my $p (split (/,\s*/, "%2")) { + push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p)); + } + print join (", ", @p); +:></td></tr> +</define-tag> + +<define-tag correction> + <tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr> +</define-tag> + +<define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag> + +<p>The Debian project is pleased to announce the third update of its +stable distribution Debian <release> (codename <q><codename></q>). +This point release mainly adds corrections for security issues, +along with a few adjustments for serious problems. Security advisories +have already been published separately and are referenced where available.</p> + +<p>Please note that the point release does not constitute a new version of Debian +<release> but only updates some of the packages included. There is +no need to throw away old <q><codename></q> media. After installation, +packages can be upgraded to the current versions using an up-to-date Debian +mirror.</p> + +<p>Those who frequently install updates from security.debian.org won't have +to update many packages, and most such updates are +included in the point release.</p> + +<p>New installation images will be available soon at the regular locations.</p> + +<p>Upgrading an existing installation to this revision can be achieved by +pointing the package management system at one of Debian's many HTTP mirrors. +A comprehensive list of mirrors is available at:</p> + +<div class="center"> + <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a> +</div> + + +<h2>Miscellaneous Bugfixes</h2> + +<p>This stable update adds a few important corrections to the following packages:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction alot "Remove expiration time from test suite keys, fixing build failure"> +<correction atril "Fix segfault when no document is loaded; fix read of uninitialised memory [CVE-2019-11459]"> +<correction base-files "Update for the point release"> +<correction beagle "Provide wrapper script instead of symlinks to JARs, making them work again"> +<correction bgpdump "Fix segmentation fault"> +<correction boost1.67 "Fix undefined behaviour leading to crashing libboost-numpy"> +<correction brightd "Actually compare the value read out of /sys/class/power_supply/AC/online with <q>0</q>"> +<correction casacore-data-jplde "Include tables up to 2040"> +<correction clamav "New upstream release; fix denial of service issue [CVE-2019-15961]; remove ScanOnAccess option, replacing with clamonacc"> +<correction compactheader "New upstream release compatible with Thunderbird 68"> +<correction console-common "Fix regression that led to files not being included"> +<correction csh "Fix segfault on eval"> +<correction cups "Fix memory leak in ppdOpen; fix validation of default language in ippSetValuetag [CVE-2019-2228]"> +<correction cyrus-imapd "Add BACKUP type to cyrus-upgrade-db, fixing upgrade issues"> +<correction debian-edu-config "Keep proxy settings on client if WPAD is unreachable"> +<correction debian-installer "Rebuild against proposed-updates; tweak mini.iso generation on arm so EFI netboot will work; update USE_UDEBS_FROM default from unstable to buster, to help users performing local builds"> +<correction debian-installer-netboot-images "Rebuild against proposed-updates"> +<correction debian-security-support "Update security support status of several packages"> +<correction debos "Rebuild against updated golang-github-go-debos-fakemachine"> +<correction dispmua "New upstream release compatible with Thunderbird 68"> +<correction dkimpy "New upstream stable release"> +<correction dkimpy-milter "Fix privilege management at startup so Unix sockets work"> +<correction dpdk "New upstream stable release"> +<correction e2fsprogs "Fix potential stack underflow in e2fsck [CVE-2019-5188]; fix use after free in e2fsck"> +<correction fig2dev "Allow Fig v2 text strings ending with multiple ^A [CVE-2019-19555]; reject huge arrow types causing integer overflow [CVE-2019-19746]; fix several crashes [CVE-2019-19797]"> +<correction freerdp2 "Fix realloc return handling [CVE-2019-17177]"> +<correction freetds "tds: Make sure UDT has varint set to 8 [CVE-2019-13508]"> +<correction git-lfs "Fix build issues with newer Go versions"> +<correction gnubg "Increase the size of static buffers used to build messages during program start so that the Spanish translation doesn't overflow a buffer"> +<correction gnutls28 "Fix interop problems with gnutls 2.x; fix parsing of certificates using RegisteredID"> +<correction gtk2-engines-murrine "Fix co-installability with other themes"> +<correction guile-2.2 "Fix build failure"> +<correction libburn "Fix <q>cdrskin multi-track burning was slow and stalled after track 1</q>"> +<correction libcgns "Fix build failure on ppc64el"> +<correction libimobiledevice "Properly handle partial SSL writes"> +<correction libmatroska "Increase shared library dependency to 1.4.7 since that version introduced new symbols"> +<correction libmysofa "Security fixes [CVE-2019-16091 CVE-2019-16092 CVE-2019-16093 CVE-2019-16094 CVE-2019-16095]"> +<correction libole-storage-lite-perl "Fix interpretation of years from 2020 onwards"> +<correction libparse-win32registry-perl "Fix interpretation of years from 2020 onwards"> +<correction libperl4-corelibs-perl "Fix interpretation of years from 2020 onwards"> +<correction libsolv "Fix heap buffer overflow [CVE-2019-20387]"> +<correction libspreadsheet-wright-perl "Fix previously unusable OpenDocument spreadsheets and passing of JSON formatting options"> +<correction libtimedate-perl "Fix interpretation of years from 2020 onwards"> +<correction libvirt "Apparmor: Allow one to run pygrub; don't render osxsave, ospke into QEMU command line; this helps newer QEMU with some configs generated by virt-install"> +<correction libvncserver "RFBserver: don't leak stack memory to the remote [CVE-2019-15681]; resolve a freeze during connection closure and a segmentation fault on multi-threaded VNC servers; fix issue connecting to VMWare servers; fix crashing of x11vnc when vncviewer connects"> +<correction limnoria "Fix remote information disclosure and possibly remote code execution in the Math plugin [CVE-2019-19010]"> +<correction linux "New upstream stable release"> +<correction linux-latest "Update for 4.19.0-8 Linux kernel ABI"> +<correction linux-signed-amd64 "New upstream stable release"> +<correction linux-signed-arm64 "New upstream stable release"> +<correction linux-signed-i386 "New upstream stable release"> +<correction mariadb-10.3 "New upstream stable release [CVE-2019-2938 CVE-2019-2974 CVE-2020-2574]"> +<correction mesa "Call shmget() with permission 0600 instead of 0777 [CVE-2019-5068]"> +<correction mnemosyne "Add missing dependency on PIL"> +<correction modsecurity "Fix cookie header parsing bug [CVE-2019-19886]"> +<correction node-handlebars "Disallow calling <q>helperMissing</q> and <q>blockHelperMissing</q> directly [CVE-2019-19919]"> +<correction node-kind-of "Fix type checking vulnerability in ctorName() [CVE-2019-20149]"> +<correction ntpsec "Fix slow DNS retries; fix ntpdate -s (syslog) to fix the if-up hook; documentation fixes"> +<correction numix-gtk-theme "Fix co-installability with other themes"> +<correction nvidia-graphics-drivers-legacy-340xx "New upstream stable release"> +<correction nyancat "Rebuild in a clean environment to add the systemd unit for nyancat-server"> +<correction openjpeg2 "Fix heap overflow [CVE-2018-21010] and integer overflow [CVE-2018-20847]"> +<correction opensmtpd "Warn users of change of smtpd.conf syntax (in earlier versions); install smtpctl setgid opensmtpq; handle non-zero exit code from hostname during config phase"> +<correction openssh "Deny (non-fatally) ipc in the seccomp sandbox, fixing failures with OpenSSL 1.1.1d and Linux < 3.19 on some architectures"> +<correction php-horde "Fix stored cross-site scripting issue in Horde Cloud Block [CVE-2019-12095]"> +<correction php-horde-text-filter "Fix invalid regular expressions"> +<correction postfix "New upstream stable release"> +<correction postgresql-11 "New upstream stable release"> +<correction print-manager "Fix crash if CUPS returns the same ID for multiple print jobs"> +<correction proftpd-dfsg "Fix CRL issues [CVE-2019-19270 CVE-2019-19269]"> +<correction pykaraoke "Fix path to fonts"> +<correction python-evtx "Fix import of <q>hexdump</q>"> +<correction python-internetarchive "Close file after getting hash, avoiding file descriptor exhaustion"> +<correction python3.7 "Security fixes [CVE-2019-9740 CVE-2019-9947 CVE-2019-9948 CVE-2019-10160 CVE-2019-16056 CVE-2019-16935]"> +<correction qtbase-opensource-src "Add support for non-PPD printers and avoid silent fallback to a printer supporting PPD; fix crash when using QLabels with rich text; fix graphics tablet hover events"> +<correction qtwebengine-opensource-src "Fix PDF parsing; disable executable stack"> +<correction quassel "Fix quasselcore AppArmor denials when the config is saved; correct default channel for Debian; remove unnecessary NEWS file"> +<correction qwinff "Fix crash due to incorrect file detection"> +<correction raspi3-firmware "Fix detection of serial console with kernel 5.x"> +<correction ros-ros-comm "Fix security issues [CVE-2019-13566 CVE-2019-13465 CVE-2019-13445]"> +<correction roundcube "New upstream stable release; fix insecure permissions in enigma plugin [CVE-2018-1000071]"> +<correction schleuder "Fix recognizing keywords in mails with <q>protected headers</q> and empty subject; strip non-self-signatures when refreshing or fetching keys; error if the argument provided to `refresh_keys` is not an existing list; add missing List-Id header to notification mails sent to admins; handle decryption problems gracefully; default to ASCII-8BIT encoding"> +<correction simplesamlphp "Fix incompatibility with PHP 7.3"> +<correction sogo-connector "New upstream release compatible with Thunderbird 68"> +<correction spf-engine "Fix privilege management at startup so Unix sockets work; update documentation for TestOnly"> +<correction sudo "Fix a (non-exploitable in buster) buffer overflow when pwfeedback is enabled and input is a not a tty [CVE-2019-18634]"> +<correction systemd "Set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX; change ownership/mode of the execution directories also for static users, ensuring that execution directories like CacheDirectory and StateDirectory are properly chowned to the user specified in User= before launching the service"> +<correction tifffile "Fix wrapper script"> +<correction tigervnc "Security fixes [CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695]"> +<correction tightvnc "Security fixes [CVE-2014-6053 CVE-2019-8287 CVE-2018-20021 CVE-2018-20022 CVE-2018-20748 CVE-2018-7225 CVE-2019-15678 CVE-2019-15679 CVE-2019-15680 CVE-2019-15681]"> +<correction uif "Fix paths to ip(6)tables-restore in light of the migration to nftables"> +<correction unhide "Fix stack exhaustion"> +<correction x2goclient "Strip ~/, ~user{,/}, ${HOME}{,/} and $HOME{,/} from destination paths in SCP mode; fixes regression with newer libssh versions with fixes for CVE-2019-14889 applied"> +<correction xmltooling "Fix race condition that could lead to crash under load"> +</table> + + +<h2>Security Updates</h2> + + +<p>This revision adds the following security updates to the stable release. +The Security Team has already released an advisory for each of these +updates:</p> + +<table border=0> +<tr><th>Advisory ID</th> <th>Package</th></tr> +<dsa 2019 4546 openjdk-11> +<dsa 2019 4563 webkit2gtk> +<dsa 2019 4564 linux> +<dsa 2019 4564 linux-signed-i386> +<dsa 2019 4564 linux-signed-arm64> +<dsa 2019 4564 linux-signed-amd64> +<dsa 2019 4565 intel-microcode> +<dsa 2019 4566 qemu> +<dsa 2019 4567 dpdk> +<dsa 2019 4568 postgresql-common> +<dsa 2019 4569 ghostscript> +<dsa 2019 4570 mosquitto> +<dsa 2019 4571 enigmail> +<dsa 2019 4571 thunderbird> +<dsa 2019 4572 slurm-llnl> +<dsa 2019 4573 symfony> +<dsa 2019 4575 chromium> +<dsa 2019 4577 haproxy> +<dsa 2019 4578 libvpx> +<dsa 2019 4579 nss> +<dsa 2019 4580 firefox-esr> +<dsa 2019 4581 git> +<dsa 2019 4582 davical> +<dsa 2019 4583 spip> +<dsa 2019 4584 spamassassin> +<dsa 2019 4585 thunderbird> +<dsa 2019 4586 ruby2.5> +<dsa 2019 4588 python-ecdsa> +<dsa 2019 4589 debian-edu-config> +<dsa 2019 4590 cyrus-imapd> +<dsa 2019 4591 cyrus-sasl2> +<dsa 2019 4592 mediawiki> +<dsa 2019 4593 freeimage> +<dsa 2019 4595 debian-lan-config> +<dsa 2020 4597 netty> +<dsa 2020 4598 python-django> +<dsa 2020 4599 wordpress> +<dsa 2020 4600 firefox-esr> +<dsa 2020 4601 ldm> +<dsa 2020 4602 xen> +<dsa 2020 4603 thunderbird> +<dsa 2020 4604 cacti> +<dsa 2020 4605 openjdk-11> +<dsa 2020 4606 chromium> +<dsa 2020 4607 openconnect> +<dsa 2020 4608 tiff> +<dsa 2020 4609 python-apt> +<dsa 2020 4610 webkit2gtk> +<dsa 2020 4611 opensmtpd> +<dsa 2020 4612 prosody-modules> +<dsa 2020 4613 libidn2> +<dsa 2020 4615 spamassassin> +</table> + + +<h2>Removed packages</h2> + +<p>The following packages were removed due to circumstances beyond our control:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction caml-crush "[armel] Unbuildable due to lack of ocaml-native-compilers"> +<correction firetray "Incompatible with current Thunderbird versions"> +<correction koji "Security issues"> +<correction python-lamson "Broken by changes in python-daemon"> +<correction radare2 "Security issues; upstream do not offer stable support"> +<correction radare2-cutter "Depends on to-be-removed radare2"> + +</table> + +<h2>Debian Installer</h2> +<p>The installer has been updated to include the fixes incorporated +into stable by the point release.</p> + +<h2>URLs</h2> + +<p>The complete lists of packages that have changed with this revision:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog"> +</div> + +<p>The current stable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/stable/"> +</div> + +<p>Proposed updates to the stable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/proposed-updates"> +</div> + +<p>stable distribution information (release notes, errata etc.):</p> + +<div class="center"> + <a + href="$(HOME)/releases/stable/">https://www.debian.org/releases/stable/</a> +</div> + +<p>Security announcements and information:</p> + +<div class="center"> + <a href="$(HOME)/security/">https://www.debian.org/security/</a> +</div> + +<h2>About Debian</h2> + +<p>The Debian Project is an association of Free Software developers who +volunteer their time and effort in order to produce the completely +free operating system Debian.</p> + +<h2>Contact Information</h2> + +<p>For further information, please visit the Debian web pages at +<a href="$(HOME)/">https://www.debian.org/</a>, send mail to +<press@debian.org>, or contact the stable release team at +<debian-release@lists.debian.org>.</p> + + diff --git a/greek/News/2020/2020020802.wml b/greek/News/2020/2020020802.wml new file mode 100644 index 00000000000..be13e3b68b0 --- /dev/null +++ b/greek/News/2020/2020020802.wml @@ -0,0 +1,283 @@ +#use wml::debian::translation-check translation="2913230d58de12a2d0daeab2fd1f532a65fa5c2a" maintainer="galaxico" +<define-tag pagetitle>Updated Debian 9: 9.12 released</define-tag> +<define-tag release_date>2020-02-08</define-tag> +#use wml::debian::news + +<define-tag release>9</define-tag> +<define-tag codename>stretch</define-tag> +<define-tag revision>9.12</define-tag> + +<define-tag dsa> + <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td> + <td align="center"><: + my @p = (); + for my $p (split (/,\s*/, "%2")) { + push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p)); + } + print join (", ", @p); +:></td></tr> +</define-tag> + +<define-tag correction> + <tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr> +</define-tag> + +<define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag> + +<p>The Debian project is pleased to announce the twelfth update of its +oldstable distribution Debian <release> (codename <q><codename></q>). +This point release mainly adds corrections for security issues, +along with a few adjustments for serious problems. Security advisories +have already been published separately and are referenced where available.</p> + +<p>Please note that the point release does not constitute a new version of Debian +<release> but only updates some of the packages included. There is +no need to throw away old <q><codename></q> media. After installation, +packages can be upgraded to the current versions using an up-to-date Debian +mirror.</p> + +<p>Those who frequently install updates from security.debian.org won't have +to update many packages, and most such updates are +included in the point release.</p> + +<p>New installation images will be available soon at the regular locations.</p> + +<p>Upgrading an existing installation to this revision can be achieved by +pointing the package management system at one of Debian's many HTTP mirrors. +A comprehensive list of mirrors is available at:</p> + +<div class="center"> + <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a> +</div> + + +<h2>Miscellaneous Bugfixes</h2> + +<p>This oldstable update adds a few important corrections to the following packages:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction base-files "Update for the point release"> +<correction cargo "New upstream version, to support Firefox ESR backports; fix bootstrap for armhf"> +<correction clamav "New upstream release; fix denial of service issue [CVE-2019-15961]; remove ScanOnAccess option, replacing with clamonacc"> +<correction cups "Fix validation of default language in ippSetValuetag [CVE-2019-2228]"> +<correction debian-installer "Rebuild against oldstable-proposed-updates; set gfxpayload=keep in submenus too, to fix unreadable fonts on hidpi displays in netboot images booted with EFI; update USE_UDEBS_FROM default from unstable to stretch, to help users performing local builds"> +<correction debian-installer-netboot-images "Rebuild against stretch-proposed-updates"> +<correction debian-security-support "Update security support status of several packages"> +<correction dehydrated "New upstream release; use ACMEv2 API by default"> +<correction dispmua "New upstream release compatible with Thunderbird 68"> +<correction dpdk "New upstream stable release; fix vhost regression introduced by the fix for CVE-2019-14818"> +<correction fence-agents "Fix incomplete removal of fence_amt_ws"> +<correction fig2dev "Allow Fig v2 text strings ending with multiple ^A [CVE-2019-19555]"> +<correction flightcrew "Security fixes [CVE-2019-13032 CVE-2019-13241]"> +<correction freetype "Correctly handle deltas in TrueType GX fonts, fixing rendering of variable hinted fonts in Chromium and Firefox"> +<correction glib2.0 "Ensure libdbus clients can authenticate with a GDBusServer like the one in ibus"> +<correction gnustep-base "Fix UDP amplification vulnerability"> +<correction italc "Security fixes [CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 CVE-2018-20748 CVE-2018-20749 CVE-2018-20750 CVE-2018-6307 CVE-2018-7225 CVE-2019-15681]"> +<correction libdate-holidays-de-perl "Mark International Childrens Day (Sep 20th) as a holiday in Thuringia from 2019 onwards"> +<correction libdatetime-timezone-perl "Update included data"> +<correction libidn "Fix denial of service vulnerability in Punycode handling [CVE-2017-14062]"> +<correction libjaxen-java "Fix build failure by allowing test failures"> +<correction libofx "Fix NULL pointer dereference issue [CVE-2019-9656]"> +<correction libole-storage-lite-perl "Fix interpretation of years from 2020 onwards"> +<correction libparse-win32registry-perl "Fix interpretation of years from 2020 onwards"> +<correction libperl4-corelibs-perl "Fix interpretation of years from 2020 onwards"> +<correction libpst "Fix detection of get_current_dir_name and return truncation"> +<correction libsixel "Fix several security issues [CVE-2018-19756 CVE-2018-19757 CVE-2018-19759 CVE-2018-19761 CVE-2018-19762 CVE-2018-19763 CVE-2019-3573 CVE-2019-3574]"> +<correction libsolv "Fix heap buffer overflow [CVE-2019-20387]"> +<correction libtest-mocktime-perl "Fix interpretation of years from 2020 onwards"> +<correction libtimedate-perl "Fix interpretation of years from 2020 onwards"> +<correction libvncserver "RFBserver: don't leak stack memory to the remote [CVE-2019-15681]; resolve a freeze during connection closure and a segmentation fault on multi-threaded VNC servers; fix issue connecting to VMWare servers; fix crashing of x11vnc when vncviewer connects"> +<correction libxslt "Fix dangling pointer in xsltCopyText [CVE-2019-18197]"> +<correction limnoria "Fix remote information disclosure and possibly remote code execution in the Math plugin [CVE-2019-19010]"> +<correction linux "New upstream stable release"> +<correction linux-latest "Update for Linux kernel ABI 4.9.0-12"> +<correction llvm-toolchain-7 "Disable the gold linker from s390x; bootstrap with -fno-addrsig, stretch's binutils doesn't work with it on mips64el"> +<correction mariadb-10.1 "New upstream stable release [CVE-2019-2974 CVE-2020-2574]"> +<correction monit "Implement position independent CSRF cookie value"> +<correction node-fstream "Clobber a Link if it's in the way of a File [CVE-2019-13173]"> +<correction node-mixin-deep "Fix prototype polution [CVE-2018-3719 CVE-2019-10746]"> +<correction nodejs-mozilla "New package to support Firefox ESR backports"> +<correction nvidia-graphics-drivers-legacy-340xx "New upstream stable release"> +<correction nyancat "Rebuild in a clean environment to add the systemd unit for nyancat-server"> +<correction openjpeg2 "Fix heap overflow [CVE-2018-21010], integer overflow [CVE-2018-20847] and division by zero [CVE-2016-9112]"> +<correction perl "Fix interpretation of years from 2020 onwards"> +<correction php-horde "Fix stored cross-site scripting issue in Horde Cloud Block [CVE-2019-12095]"> +<correction postfix "New upstream stable release; work around poor TCP loopback performance"> +<correction postgresql-9.6 "New upstream release"> +<correction proftpd-dfsg "Fix NULL pointer dereference in CRL checks [CVE-2019-19269]"> +<correction pykaraoke "Fix path to fonts"> +<correction python-acme "Switch to POST-as-GET protocol"> +<correction python-cryptography "Fix test suite failures when built against newer OpenSSL versions"> +<correction python-flask-rdf "Fix missing dependencies in python3-flask-rdf"> +<correction python-pgmagick "Handle version detection of graphicsmagick security updates that identify themselves as version 1.4"> +<correction python-werkzeug "Ensure Docker containers have unique debugger PINs [CVE-2019-14806]"> +<correction ros-ros-comm "Fix buffer overflow issue [CVE-2019-13566]; fix integer overflow [CVE-2019-13445]"> +<correction ruby-encryptor "Ignore test failures, fixing build failures"> +<correction rust-cbindgen "New package to support Firefox ESR backports"> +<correction rustc "New upstream version, to support Firefox ESR backports"> +<correction safe-rm "Prevent installation in (and thereby breaking of) merged /usr environments"> +<correction sorl-thumbnail "Workaround a pgmagick exception"> +<correction sssd "sysdb: sanitize search filter input [CVE-2017-12173]"> +<correction tigervnc "Security updates [CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695]"> +<correction tightvnc "Security fixes [CVE-2014-6053 CVE-2018-20021 CVE-2018-20022 CVE-2018-20748 CVE-2018-7225 CVE-2019-8287 CVE-2019-15678 CVE-2019-15679 CVE-2019-15680 CVE-2019-15681]"> +<correction tmpreaper "Add <q>--protect '/tmp/systemd-private*/*'</q> to cron job to prevent breaking systemd services that have PrivateTmp=true"> +<correction tzdata "New upstream release"> +<correction ublock-origin "New upstream version, compatible with Firefox ESR68"> +<correction unhide "Fix stack exhaustion"> +<correction x2goclient "Strip ~/, ~user{,/}, ${HOME}{,/} and $HOME{,/} from destination paths in scp mode; fixes regression with newer libssh versions with fixes for CVE-2019-14889 applied"> +<correction xml-security-c "Fix <q>DSA verification crashes OpenSSL on invalid combinations of key content</q>"> +</table> + + +<h2>Security Updates</h2> + + +<p>This revision adds the following security updates to the oldstable release. +The Security Team has already released an advisory for each of these +updates:</p> + +<table border=0> +<tr><th>Advisory ID</th> <th>Package</th></tr> +<dsa 2019 4474 firefox-esr> +<dsa 2019 4479 firefox-esr> +<dsa 2019 4509 apache2> +<dsa 2019 4509 subversion> +<dsa 2019 4511 nghttp2> +<dsa 2019 4516 firefox-esr> +<dsa 2019 4517 exim4> +<dsa 2019 4518 ghostscript> +<dsa 2019 4519 libreoffice> +<dsa 2019 4522 faad2> +<dsa 2019 4523 thunderbird> +<dsa 2019 4525 ibus> +<dsa 2019 4526 opendmarc> +<dsa 2019 4528 bird> +<dsa 2019 4529 php7.0> +<dsa 2019 4530 expat> +<dsa 2019 4531 linux> +<dsa 2019 4532 spip> +<dsa 2019 4535 e2fsprogs> +<dsa 2019 4537 file-roller> +<dsa XXXX 4539 openssl> +<dsa 2019 4540 openssl1.0> +<dsa 2019 4541 libapreq2> +<dsa 2019 4542 jackson-databind> +<dsa 2019 4543 sudo> +<dsa 2019 4545 mediawiki> +<dsa 2019 4547 tcpdump> +<dsa 2019 4548 openjdk-8> +<dsa XXXX 4549 firefox-esr> +<dsa 2019 4550 file> +<dsa 2019 4552 php7.0> +<dsa 2019 4554 ruby-loofah> +<dsa 2019 4555 pam-python> +<dsa 2019 4557 libarchive> +<dsa 2019 4559 proftpd-dfsg> +<dsa 2019 4560 simplesamlphp> +<dsa 2019 4564 linux> +<dsa 2019 4565 intel-microcode> +<dsa 2019 4567 dpdk> +<dsa 2019 4568 postgresql-common> +<dsa 2019 4569 ghostscript> +<dsa 2019 4571 thunderbird> +<dsa 2019 4573 symfony> +<dsa 2019 4574 redmine> +<dsa 2019 4576 php-imagick> +<dsa 2019 4578 libvpx> +<dsa 2019 4580 firefox-esr> +<dsa 2019 4581 git> +<dsa 2019 4582 davical> +<dsa 2019 4584 spamassassin> +<dsa 2019 4585 thunderbird> +<dsa 2019 4587 ruby2.3> +<dsa 2019 4588 python-ecdsa> +<dsa 2019 4589 debian-edu-config> +<dsa 2019 4590 cyrus-imapd> +<dsa 2019 4591 cyrus-sasl2> +<dsa 2019 4592 mediawiki> +<dsa 2019 4593 freeimage> +<dsa 2019 4594 openssl1.0> +<dsa 2019 4595 debian-lan-config> +<dsa 2019 4596 tomcat8> +<dsa XXXX 4596 tomcat-native> +<dsa 2020 4597 netty> +<dsa 2020 4598 python-django> +<dsa 2020 4600 firefox-esr> +<dsa 2020 4601 ldm> +<dsa 2020 4602 xen> +<dsa 2020 4603 thunderbird> +<dsa 2020 4604 cacti> +<dsa 2020 4607 openconnect> +<dsa 2020 4609 python-apt> +<dsa XXXX 4611 opensmtpd> +<dsa 2020 4612 prosody-modules> +<dsa 2020 4614 sudo> +<dsa 2020 4615 spamassassin> +</table> + + +<h2>Removed packages</h2> + +<p>The following packages were removed due to circumstances beyond our control:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction firetray "Incompatible with current Thunderbird versions"> +<correction koji "Security issues"> +<correction python-lamson "Broken by changes in python-daemon"> +<correction radare2 "Security issues; upstream do not offer stable support"> +<correction ruby-simple-form "Unused; security issues"> +<correction trafficserver "Unsupportable"> + +</table> + +<h2>Debian Installer</h2> +<p>The installer has been updated to include the fixes incorporated +into oldstable by the point release.</p> + +<h2>URLs</h2> + +<p>The complete lists of packages that have changed with this revision:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog"> +</div> + +<p>The current oldstable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/oldstable/"> +</div> + +<p>Proposed updates to the oldstable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/oldstable-proposed-updates"> +</div> + +<p>oldstable distribution information (release notes, errata etc.):</p> + +<div class="center"> + <a + href="$(HOME)/releases/oldstable/">https://www.debian.org/releases/oldstable/</a> +</div> + +<p>Security announcements and information:</p> + +<div class="center"> + <a href="$(HOME)/security/">https://www.debian.org/security/</a> +</div> + +<h2>About Debian</h2> + +<p>The Debian Project is an association of Free Software developers who +volunteer their time and effort in order to produce the completely +free operating system Debian.</p> + +<h2>Contact Information</h2> + +<p>For further information, please visit the Debian web pages at +<a href="$(HOME)/">https://www.debian.org/</a>, send mail to +<press@debian.org>, or contact the stable release team at +<debian-release@lists.debian.org>.</p> diff --git a/greek/News/2020/20200316.wml b/greek/News/2020/20200316.wml new file mode 100644 index 00000000000..ce19fbf31a0 --- /dev/null +++ b/greek/News/2020/20200316.wml @@ -0,0 +1,68 @@ +#use wml::debian::translation-check translation="c1e997409ebbfee3f612efc60c0f1e3fe81c7e9c" maintainer="galaxico" +<define-tag pagetitle>Official communication channels for Debian</define-tag> +<define-tag release_date>2020-03-16</define-tag> +#use wml::debian::news + +<p> +From time to time, we get questions in Debian about our official channels of +communication and questions about the Debian status of who may own similarly +named websites. +</p> + +<p> +The main Debian website <a href="https://www.debian.org">www.debian.org</a> +is our primary medium of communication. Those seeking information about current +events and development progress in the community may be interested in the +<a href="https://www.debian.org/News/">Debian News</a> section of the Debian +website. + +For less formal announcements, we have the official Debian blog +<a href="https://bits.debian.org">Bits from Debian</a>, +and the <a href="https://micronews.debian.org">Debian micronews</a> +service for shorter news items. +</p> + +<p> +Our official newsletter +<a href="https://www.debian.org/News/weekly/">Debian Project News</a> +and all official announcements of news or project changes are dual posted on +our website and sent to our official mailing lists +<a href="https://lists.debian.org/debian-announce/">debian-announce</a> or +<a href="https://lists.debian.org/debian-news/">debian-news</a>. +Posting to those mailing lists is restricted. +</p> + +<p> +We also want to take the opportunity to announce how the Debian Project, +or for short, Debian is structured. +</p> + +<p> +Debian has a structure regulated by our +<a href="https://www.debian.org/devel/constitution">Constitution</a>. +Officers and delegated members are listed on our +<a href="https://www.debian.org/intro/organization">Organizational Structure</a> page. +Additional teams are listed on our <a href="https://wiki.debian.org/Teams">Teams</a> page. +</p> + +<p> +The complete list of official Debian members can be found on our +<a href="https://nm.debian.org/members">New Members page</a>, +where our membership is managed. A broader list of Debian contributors can be +found on our <a href="https://contributors.debian.org">Contributors</a> page. +</p> + +<p> +If you have questions, we invite you to reach the press team at +<<a href="mailto:press@debian.org">press@debian.org</a>>. +</p> + +<h2>About Debian</h2> +<p>The Debian Project is an association of Free Software developers who +volunteer their time and effort in order to produce the completely free +operating system Debian.</p> + +<h2>Contact Information</h2> +<p>For further information, please visit the Debian web pages at +<a href="$(HOME)/">https://www.debian.org/</a> or send mail to +<<a href="mailto:press@debian.org">press@debian.org</a>>.</p> diff --git a/greek/News/2020/20200509.wml b/greek/News/2020/20200509.wml new file mode 100644 index 00000000000..41623291e81 --- /dev/null +++ b/greek/News/2020/20200509.wml @@ -0,0 +1,307 @@ +#use wml::debian::translation-check translation="6547bb7720bfba1c2481b95c44642a4a6d3df030" maintainer="galaxico" +<define-tag pagetitle>Updated Debian 10: 10.4 released</define-tag> +<define-tag release_date>2020-05-09</define-tag> +#use wml::debian::news + +<define-tag release>10</define-tag> +<define-tag codename>buster</define-tag> +<define-tag revision>10.4</define-tag> + +<define-tag dsa> + <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td> + <td align="center"><: + my @p = (); + for my $p (split (/,\s*/, "%2")) { + push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p)); + } + print join (", ", @p); +:></td></tr> +</define-tag> + +<define-tag correction> + <tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr> +</define-tag> + +<define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag> + +<p>The Debian project is pleased to announce the fourth update of its +stable distribution Debian <release> (codename <q><codename></q>). +This point release mainly adds corrections for security issues, +along with a few adjustments for serious problems. Security advisories +have already been published separately and are referenced where available.</p> + +<p>Please note that the point release does not constitute a new version of Debian +<release> but only updates some of the packages included. There is +no need to throw away old <q><codename></q> media. After installation, +packages can be upgraded to the current versions using an up-to-date Debian +mirror.</p> + +<p>Those who frequently install updates from security.debian.org won't have +to update many packages, and most such updates are +included in the point release.</p> + +<p>New installation images will be available soon at the regular locations.</p> + +<p>Upgrading an existing installation to this revision can be achieved by +pointing the package management system at one of Debian's many HTTP mirrors. +A comprehensive list of mirrors is available at:</p> + +<div class="center"> + <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a> +</div> + + + + +<h2>Miscellaneous Bugfixes</h2> + +<p>This stable update adds a few important corrections to the following packages:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction apt-cacher-ng "Enforce secured call to the server in maintenance job triggering [CVE-2020-5202]; allow .zst compression for tarballs; increase size of the decompression line buffer for configuration file reading"> +<correction backuppc "Pass the username to start-stop-daemon when reloading, preventing reload failures"> +<correction base-files "Update for the point release"> +<correction brltty "Reduce severity of log message to avoid generating too many messages when used with new Orca versions"> +<correction checkstyle "Fix XML External Entity injection issue [CVE-2019-9658 CVE-2019-10782]"> +<correction choose-mirror "Update included mirror list"> +<correction clamav "New upstream release [CVE-2020-3123]"> +<correction corosync "totemsrp: Reduce MTU to avoid generating oversized packets"> +<correction corosync-qdevice "Fix service startup"> +<correction csync2 "Fail HELLO command when SSL is required"> +<correction cups "Fix heap buffer overflow [CVE-2020-3898] and <q>the `ippReadIO` function may under-read an extension field</q> [CVE-2019-8842]"> +<correction dav4tbsync "New upstream release, restoring compatibility with newer Thunderbird versions"> +<correction debian-edu-config "Add policy files for Firefox ESR and Thunderbird to fix the TLS/SSL setup"> +<correction debian-installer "Update for the 4.19.0-9 kernel ABI"> +<correction debian-installer-netboot-images "Rebuild against proposed-updates"> +<correction debian-security-support "New upstream stable release; update status of several packages; use <q>runuser</q> rather than <q>su</q>"> +<correction distro-info-data "Add Ubuntu 20.10, and likely end of support date for stretch"> +<correction dojo "Fix improper regular expression usage [CVE-2019-10785]"> +<correction dpdk "New upstream stable release"> +<correction dtv-scan-tables "New upstream snapshot; add all current German DVB-T2 muxes and the Eutelsat-5-West-A satellite"> +<correction eas4tbsync "New upstream release, restoring compatibility with newer Thunderbird versions"> +<correction edk2 "Security fixes [CVE-2019-14558 CVE-2019-14559 CVE-2019-14563 CVE-2019-14575 CVE-2019-14586 CVE-2019-14587]"> +<correction el-api "Fix stretch to buster upgrades that involve Tomcat 8"> +<correction fex "Fix a potential security issue in fexsrv"> +<correction filezilla "Fix untrusted search path vulnerability [CVE-2019-5429]"> +<correction frr "Fix extended next hop capability"> +<correction fuse "Remove outdated udevadm commands from post-install scripts; don't explicitly remove fuse.conf on purge"> +<correction fuse3 "Remove outdated udevadm commands from post-install scripts; don't explicitly remove fuse.conf on purge; fix memory leak in fuse_session_new()"> +<correction golang-github-prometheus-common "Extend validity of test certificates"> +<correction gosa "Replace (un)serialize with json_encode/json_decode to mitigate PHP object injection [CVE-2019-14466]"> +<correction hbci4java "Support EU directive on payment services (PSD2)"> +<correction hibiscus "Support EU directive on payment services (PSD2)"> +<correction iputils "Correct an issue in which ping would improperly exit with a failure code when there were untried addresses still available in the getaddrinfo() library call return value"> +<correction ircd-hybrid "Use dhparam.pem to avoid crash on startup"> +<correction jekyll "Allow use of ruby-i18n 0.x and 1.x"> +<correction jsp-api "Fix stretch to buster upgrades that involve Tomcat 8"> +<correction lemonldap-ng "Prevent unwanted access to administration endpoints [CVE-2019-19791]; fix the GrantSession plugin which could not prohibit logon when two factor authentication was used; fix arbitrary redirects with OIDC if redirect_uri was not used"> +<correction libdatetime-timezone-perl "Update included data"> +<correction libreoffice "Fix OpenGL slide transitions"> +<correction libssh "Fix possible denial of service issue when handling AES-CTR keys with OpenSSL [CVE-2020-1730]"> +<correction libvncserver "Fix heap overflow [CVE-2019-15690]"> +<correction linux "New upstream stable release"> +<correction linux-latest "Update kernel ABI to 4.19.0-9"> +<correction linux-signed-amd64 "New upstream stable release"> +<correction linux-signed-arm64 "New upstream stable release"> +<correction linux-signed-i386 "New upstream stable release"> +<correction lwip "Fix buffer overflow [CVE-2020-8597]"> +<correction lxc-templates "New upstream stable release; handle languages that are only UTF-8 encoded"> +<correction manila "Fix missing access permissions check [CVE-2020-9543]"> +<correction megatools "Add support for the new format of mega.nz links"> +<correction mew "Fix server SSL certificate validity checking"> +<correction mew-beta "Fix server SSL certificate validity checking"> +<correction mkvtoolnix "Rebuild to tighten libmatroska6v5 dependency"> +<correction ncbi-blast+ "Disable SSE4.2 support"> +<correction node-anymatch "Remove unnecessary dependencies"> +<correction node-dot "Prevent code execution after prototype pollution [CVE-2020-8141]"> +<correction node-dot-prop "Fix prototype pollution [CVE-2020-8116]"> +<correction node-knockout "Fix escaping with older Internet Explorer versions [CVE-2019-14862]"> +<correction node-mongodb "Reject invalid _bsontypes [CVE-2019-2391 CVE-2020-7610]"> +<correction node-yargs-parser "Fix prototype pollution [CVE-2020-7608]"> +<correction npm "Fix arbitrary path access [CVE-2019-16775 CVE-2019-16776 CVE-2019-16777]"> +<correction nvidia-graphics-drivers "New upstream stable release"> +<correction nvidia-graphics-drivers-legacy-390xx "New upstream stable release"> +<correction nvidia-settings-legacy-340xx "New upstream release"> +<correction oar "Revert to stretch behavior for Storable::dclone perl function, fixing recursion depth issues"> +<correction opam "Prefer mccs over aspcud"> +<correction openvswitch "Fix vswitchd abort when a port is added and the controller is down"> +<correction orocos-kdl "Fix string conversion with Python 3"> +<correction owfs "Remove broken Python 3 packages"> +<correction pango1.0 "Fix crash in pango_fc_font_key_get_variations() when key is null"> +<correction pgcli "Add missing dependency on python3-pkg-resources"> +<correction php-horde-data "Fix authenticated remote code execution vulnerability [CVE-2020-8518]"> +<correction php-horde-form "Fix authenticated remote code execution vulnerability [CVE-2020-8866]"> +<correction php-horde-trean "Fix authenticated remote code execution vulnerability [CVE-2020-8865]"> +<correction postfix "New upstream stable release; fix panic with Postfix multi-Milter configuration during MAIL FROM; fix d/init.d running change so it works with multi-instance again"> +<correction proftpd-dfsg "Fix memory access issue in keyboard-interative code in mod_sftp; properly handle DEBUG, IGNORE, DISCONNECT, and UNIMPLEMENTED messages in keyboard-interactive mode"> +<correction puma "Fix Denial of Service issue [CVE-2019-16770]"> +<correction purple-discord "Fix crashes in ssl_nss_read"> +<correction python-oslo.utils "Fix leak of sensitive information via mistral logs [CVE-2019-3866]"> +<correction rails "Fix possible cross-site scripting via Javascript escape helper [CVE-2020-5267]"> +<correction rake "Fix command injection vulnerability [CVE-2020-8130]"> +<correction raspi3-firmware "Fix dtb names mismatch in z50-raspi-firmware; fix boot on Raspberry Pi families 1 and 0"> +<correction resource-agents "Fix <q>ethmonitor does not list interfaces without assigned IP address</q>; remove no longer required xen-toolstack patch; fix non-standard usage in ZFS agent"> +<correction rootskel "Disable multiple console support if preseeding is in use"> +<correction ruby-i18n "Fix gemspec generation"> +<correction rubygems-integration "Avoid deprecation warnings when users install a newer version of Rubygems via <q>gem update --system</q>"> +<correction schleuder "Improve patch to handle encoding errors introduced in the previous version; switch default encoding to UTF-8; let x-add-key handle mails with attached, quoted-printable encoded keys; fix x-attach-listkey with mails created by Thunderbird that include protected headers"> +<correction scilab "Fix library loading with OpenJDK 11.0.7"> +<correction serverspec-runner "Support Ruby 2.5"> +<correction softflowd "Fix broken flow aggregation which might result in flow table overflow and 100% CPU usage"> +<correction speech-dispatcher "Fix default pulseaudio latency which triggers <q>scratchy</q> output"> +<correction spl-linux "Fix deadlock"> +<correction sssd "Fix sssd_be busy-looping when LDAP connection is intermittent"> +<correction systemd "when authorizing via PolicyKit re-resolve callback/userdata instead of caching it [CVE-2020-1712]; install 60-block.rules in udev-udeb and initramfs-tools"> +<correction taglib "Fix corruption issues with OGG files"> +<correction tbsync "New upstream release, restoring compatibility with newer Thunderbird versions"> +<correction timeshift "Fix predictable temporary directory use [CVE-2020-10174]"> +<correction tinyproxy "Only set PIDDIR, if PIDFILE is a non-zero length string"> +<correction tzdata "New upstream stable release"> +<correction uim "unregister modules that are not installed, fixing a regression in the previous upload"> +<correction user-mode-linux "Fix build failure with current stable kernels"> +<correction vite "Fix crash when there are more than 32 elements"> +<correction waagent "New upstream release; support co-installation with cloud-init"> +<correction websocket-api "Fix stretch to buster upgrades that involve Tomcat 8"> +<correction wpa "Do not try to detect PSK mismatch during PTK rekeying; check for FT support when selecting FT suites; fix MAC randomisation issue with some cards"> +<correction xdg-utils "xdg-open: fix pcmanfm check and handling of directories with spaces in their names; xdg-screensaver: Sanitise window name before sending it over D-Bus; xdg-mime: Create config directory if it does not exist yet"> +<correction xtrlock "Fix blocking of (some) multitouch devices while locked [CVE-2016-10894]"> +<correction zfs-linux "Fix potential deadlock issues"> +</table> + + +<h2>Security Updates</h2> + + +<p>This revision adds the following security updates to the stable release. +The Security Team has already released an advisory for each of these +updates:</p> + +<table border=0> +<tr><th>Advisory ID</th> <th>Package</th></tr> +<dsa 2020 4616 qemu> +<dsa 2020 4617 qtbase-opensource-src> +<dsa 2020 4618 libexif> +<dsa 2020 4619 libxmlrpc3-java> +<dsa 2020 4620 firefox-esr> +<dsa 2020 4623 postgresql-11> +<dsa 2020 4624 evince> +<dsa 2020 4625 thunderbird> +<dsa 2020 4627 webkit2gtk> +<dsa 2020 4629 python-django> +<dsa 2020 4630 python-pysaml2> +<dsa 2020 4631 pillow> +<dsa 2020 4632 ppp> +<dsa 2020 4633 curl> +<dsa 2020 4634 opensmtpd> +<dsa 2020 4635 proftpd-dfsg> +<dsa 2020 4636 python-bleach> +<dsa 2020 4637 network-manager-ssh> +<dsa 2020 4638 chromium> +<dsa 2020 4639 firefox-esr> +<dsa 2020 4640 graphicsmagick> +<dsa 2020 4641 webkit2gtk> +<dsa 2020 4642 thunderbird> +<dsa 2020 4643 python-bleach> +<dsa 2020 4644 tor> +<dsa 2020 4645 chromium> +<dsa 2020 4646 icu> +<dsa 2020 4647 bluez> +<dsa 2020 4648 libpam-krb5> +<dsa 2020 4649 haproxy> +<dsa 2020 4650 qbittorrent> +<dsa 2020 4651 mediawiki> +<dsa 2020 4652 gnutls28> +<dsa 2020 4653 firefox-esr> +<dsa 2020 4654 chromium> +<dsa 2020 4655 firefox-esr> +<dsa 2020 4656 thunderbird> +<dsa 2020 4657 git> +<dsa 2020 4658 webkit2gtk> +<dsa 2020 4659 git> +<dsa 2020 4660 awl> +<dsa 2020 4661 openssl> +<dsa 2020 4663 python-reportlab> +<dsa 2020 4664 mailman> +<dsa 2020 4665 qemu> +<dsa 2020 4666 openldap> +<dsa 2020 4667 linux-signed-amd64> +<dsa 2020 4667 linux-signed-arm64> +<dsa 2020 4667 linux-signed-i386> +<dsa 2020 4667 linux> +<dsa 2020 4669 nodejs> +<dsa 2020 4671 vlc> +<dsa 2020 4672 trafficserver> +</table> + + +<h2>Removed packages</h2> + +<p>The following packages were removed due to circumstances beyond our control:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction getlive "Broken due to Hotmail changes"> +<correction gplaycli "Broken by Google API changes"> +<correction kerneloops "Upstream service no longer available"> +<correction lambda-align2 "[arm64 armel armhf i386 mips64el ppc64el s390x] Broken on non-amd64 architectures"> +<correction libmicrodns "Security issues"> +<correction libperlspeak-perl "Security issues; unmaintained"> +<correction quotecolors "Incompatible with newer Thunderbird versions"> +<correction torbirdy "Incompatible with newer Thunderbird versions"> +<correction ugene "Non-free; fails to build"> +<correction yahoo2mbox "Broken for several years"> + +</table> + +<h2>Debian Installer</h2> +<p>The installer has been updated to include the fixes incorporated +into stable by the point release.</p> + +<h2>URLs</h2> + +<p>The complete lists of packages that have changed with this revision:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog"> +</div> + +<p>The current stable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/stable/"> +</div> + +<p>Proposed updates to the stable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/proposed-updates"> +</div> + +<p>stable distribution information (release notes, errata etc.):</p> + +<div class="center"> + <a + href="$(HOME)/releases/stable/">https://www.debian.org/releases/stable/</a> +</div> + +<p>Security announcements and information:</p> + +<div class="center"> + <a href="$(HOME)/security/">https://www.debian.org/security/</a> +</div> + +<h2>About Debian</h2> + +<p>The Debian Project is an association of Free Software developers who +volunteer their time and effort in order to produce the completely +free operating system Debian.</p> + +<h2>Contact Information</h2> + +<p>For further information, please visit the Debian web pages at +<a href="$(HOME)/">https://www.debian.org/</a>, send mail to +<press@debian.org>, or contact the stable release team at +<debian-release@lists.debian.org>.</p> + + diff --git a/greek/News/2020/20200616.wml b/greek/News/2020/20200616.wml new file mode 100644 index 00000000000..94c15271272 --- /dev/null +++ b/greek/News/2020/20200616.wml @@ -0,0 +1,95 @@ +#use wml::debian::translation-check translation="a3ce03f0ff8939281b7a4da3bb955c91e6857f6f" maintainer="galaxico" +<define-tag pagetitle>Ampere donates Arm64 server hardware to Debian to fortify the Arm ecosystem</define-tag> +<define-tag release_date>2020-06-16</define-tag> +#use wml::debian::news + +# Status: [content-frozen] + +## +## Translators: +## - if translating while the file is in publicity-team/announcements repo, +## please ignore the translation-check header. Publicity team will add it +## including the correct translation-check header when moving the file +## to the web repo +## +## - if translating while the file is in webmaster-team/webwml repo, +## please use the copypage.pl script to create the page in your language +## subtree including the correct translation-check header. +## + +<p> +<a href="https://amperecomputing.com/">Ampere®</a> has partnered with Debian +to support our hardware infrastructure through the donation +of three of Ampere's high-performance Arm64 servers. +These Lenovo ThinkSystem HR330A servers contain Ampere's eMAG CPU with an +Arm®v8 64-bit processor specifically designed for cloud servers, +equipped with 256GB RAM, dual 960GB SSDs, and a 25GbE dual port NIC. +</p> + +<p> +The donated servers have been deployed at the University of British Columbia, +our hosting partner in Vancouver, Canada. +The Debian System Administrators (DSA) have configured them to run +arm64/armhf/armel build daemons, replacing the build daemons running on less +powerful development-grade boards. On virtual machines with half as many +allocated vCPUs, the result has been that the time to build Arm* packages has +been halved with Ampere's eMAG system. Another benefit from this generous gift +is that it will allow DSA to migrate some general Debian services currently operating in +our present infrastructure, and will provision virtual machines for other +Debian teams (e.g.: Continuous Integration, Quality Assurance, etc.) +who require access to Arm64 architecture. +</p> + +<p> +<q>Our partnership with Debian supports our developer strategy to expand +the open source communities which run on Ampere servers to further build out +the Arm64 ecosystem and enable the creation of new applications,</q> +said Mauri Whalen, vice president of software engineering at Ampere. +<q>Debian is a well-run and respected community, and we are proud to work with them.</q> +</p> + +<p> +<q>The Debian System Administrators are grateful to Ampere for the donation of +carrier-grade Arm64 servers. Having servers with integrated standard management +interfaces such as Intelligent Platform Management Interface (IPMI), +and with Lenovo's hardware warranties and support organization behind them, +is precisely what DSA has been wanting for the Arm64 architecture. +These servers are very powerful and very well equipped: we anticipate using them +for general services in addition to Arm64 build daemons. I think they'll prove +to be very appealing to cloud operators and I'm thrilled that Ampere Computing +has partnered with Debian.</q> - Luca Filipozzi, Debian System Administrator. +</p> + +<p> +It is only through the donation of volunteer effort, in-kind equipment and +services, and funding that Debian is able to deliver on our commitment of a +free operating system. We are very appreciative of Ampere's generosity. +</p> + +<h2>About Ampere Computing</h2> +<p> +Ampere is designing the future of hyperscale cloud and edge computing with the +world's first cloud native processor. Built for the cloud with a modern 64-bit +Arm server-based architecture, Ampere gives customers the freedom to accelerate +the delivery of all cloud computing applications. With industry-leading cloud +performance, power efficiency and scalability, Ampere processors are tailored +for the continued growth of cloud and edge computing. +</p> + +<h2>About Debian</h2> +<p> +The Debian Project was founded in 1993 by Ian Murdock to be a truly +free community project. Since then the project has grown to be one of +the largest and most influential open source projects. Thousands of +volunteers from all over the world work together to create and +maintain Debian software. Available in 70 languages, and +supporting a huge range of computer types, Debian calls itself the +<q>universal operating system</q>. +</p> + + +<h2>Contact Information</h2> + +<p>For further information, please visit the Debian web pages at +<a href="$(HOME)/">https://www.debian.org/</a> or send mail to +<press@debian.org>.</p> diff --git a/greek/News/2020/20200709.wml b/greek/News/2020/20200709.wml new file mode 100644 index 00000000000..cffbe5c29fd --- /dev/null +++ b/greek/News/2020/20200709.wml @@ -0,0 +1,72 @@ +# Status: [open-for-edit] +# $Rev$ +#use wml::debian::translation-check translation="9c0ebe940eaf29e78367427aea8e02f46fb70bcd" maintainer="galaxico" +<define-tag pagetitle>Debian 8 Long Term Support reaching end-of-life</define-tag> +<define-tag release_date>2020-07-09</define-tag> +#use wml::debian::news + +## +## Translators: +## - if translating while the file is in publicity-team/announcements repo, +## please ignore the translation-check header. Publicity team will add it +## including the correct translation-check header when moving the file +## to the web repo +## +## - if translating while the file is in webmaster-team/webwml repo, +## please use the copypage.pl script to create the page in your language +## subtree including the correct translation-check header. +## + +<p>The Debian Long Term Support (LTS) Team hereby announces that Debian 8 +<q>jessie</q> support has reached its end-of-life on June 30, 2020, +five years after its initial release on April 26, 2015.</p> + +<p>Debian will not provide further security updates for Debian 8. A +subset of <q>jessie</q> packages will be supported by external parties. Detailed +information can be found at <a href="https://wiki.debian.org/LTS/Extended"> +Extended LTS</a>.</p> + +<p>The LTS Team will prepare the transition to Debian 9 <q>stretch</q>, which is the +current oldstable release. The LTS Team has taken over support from the +Security Team on July 6, 2020 while the final point update for <q>stretch</q> will +be released on July 18, 2020.</p> + +<p>Debian 9 will also receive Long Term Support for five years after its +initial release with support ending on June 30, 2022. The supported +architectures remain amd64, i386, armel and armhf. In addition we are +pleased to announce, for the first time support will be extended to +include the arm64 architecture.</p> + +<p>For further information about using <q>stretch</q> LTS and upgrading from <q>jessie</q> +LTS, please refer to <a href="https://wiki.debian.org/LTS/Using">LTS/Using</a>.</p> + +<p>Debian and its LTS Team would like to thank all contributing users, +developers and sponsors who are making it possible to extend the life +of previous stable releases, and who have made this LTS a success.</p> + +<p>If you rely on Debian LTS, please consider +<a href="https://wiki.debian.org/LTS/Development">joining the team</a>, +providing patches, testing or +<a href="https://wiki.debian.org/LTS/Funding">funding the efforts</a>.</p> + +<h2>About Debian</h2> + +<p> +The Debian Project was founded in 1993 by Ian Murdock to be a truly +free community project. Since then the project has grown to be one of +the largest and most influential open source projects. Thousands of +volunteers from all over the world work together to create and +maintain Debian software. Available in 70 languages, and +supporting a huge range of computer types, Debian calls itself the +<q>universal operating system</q>. +</p> + +<h2>More Information</h2> +<p>More information about Debian Long Term Support can be found at +<a href="https://wiki.debian.org/LTS/">https://wiki.debian.org/LTS/</a>.</p> + +<h2>Contact Information</h2> + +<p>For further information, please visit the Debian web pages at +<a href="$(HOME)/">https://www.debian.org/</a> or send mail to +<press@debian.org>.</p> diff --git a/greek/News/2020/20200718.wml b/greek/News/2020/20200718.wml new file mode 100644 index 00000000000..f48c0db474f --- /dev/null +++ b/greek/News/2020/20200718.wml @@ -0,0 +1,312 @@ +#use wml::debian::translation-check translation="b51002b9cd5b7dbca0e39ddb2d17bcc495ead21a" maintainer="galaxico" +<define-tag pagetitle>Updated Debian 9: 9.13 released</define-tag> +<define-tag release_date>2020-07-18</define-tag> +#use wml::debian::news + +<define-tag release>9</define-tag> +<define-tag codename>stretch</define-tag> +<define-tag revision>9.13</define-tag> + +<define-tag dsa> + <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td> + <td align="center"><: + my @p = (); + for my $p (split (/,\s*/, "%2")) { + push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p)); + } + print join (", ", @p); +:></td></tr> +</define-tag> + +<define-tag correction> + <tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr> +</define-tag> + +<define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag> + +<p>The Debian project is pleased to announce the thirteenth (and final) update of its +oldstable distribution Debian <release> (codename <q><codename></q>). +This point release mainly adds corrections for security issues, +along with a few adjustments for serious problems. Security advisories +have already been published separately and are referenced where available.</p> + +<p>After this point release, Debian's Security and Release Teams will no longer be +producing updates for Debian 9. Users wishing to continue to receive security support +should upgrade to Debian 10, or see <url "https://wiki.debian.org/LTS"> for details +about the subset of architectures and packages covered by the Long Term Support +project.</p> + +<p>Please note that the point release does not constitute a new version of Debian +<release> but only updates some of the packages included. There is +no need to throw away old <q><codename></q> media. After installation, +packages can be upgraded to the current versions using an up-to-date Debian +mirror.</p> + +<p>Those who frequently install updates from security.debian.org won't have +to update many packages, and most such updates are +included in the point release.</p> + +<p>New installation images will be available soon at the regular locations.</p> + +<p>Upgrading an existing installation to this revision can be achieved by +pointing the package management system at one of Debian's many HTTP mirrors. +A comprehensive list of mirrors is available at:</p> + +<div class="center"> + <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a> +</div> + + + + +<h2>Miscellaneous Bugfixes</h2> + +<p>This oldstable update adds a few important corrections to the following packages:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction acmetool "Rebuild against recent golang to pick up security fixes"> +<correction atril "dvi: Mitigate command injection attacks by quoting filename [CVE-2017-1000159]; fix overflow checks in tiff backend [CVE-2019-1010006]; tiff: Handle failure from TIFFReadRGBAImageOriented [CVE-2019-11459]"> +<correction bacula "Add transitional package bacula-director-common, avoiding loss of /etc/bacula/bacula-dir.conf when purged; make PID files owned by root"> +<correction base-files "Update /etc/debian_version for the point release"> +<correction batik "Fix server-side request forgery via xlink:href attributes [CVE-2019-17566]"> +<correction c-icap-modules "Support ClamAV 0.102"> +<correction ca-certificates "Update Mozilla CA bundle to 2.40, blacklist distrusted Symantec roots and expired <q>AddTrust External Root</q>; remove e-mail only certificates"> +<correction chasquid "Rebuild against recent golang to pick up security fixes"> +<correction checkstyle "Fix XML External Entity injection issue [CVE-2019-9658 CVE-2019-10782]"> +<correction clamav "New upstream release [CVE-2020-3123]; security fixes [CVE-2020-3327 CVE-2020-3341]"> +<correction compactheader "New upstream version, compatible with newer Thunderbird versions"> +<correction cram "Ignore test failures to fix build issues"> +<correction csync2 "Fail HELLO command when SSL is required"> +<correction cups "Fix heap buffer overflow [CVE-2020-3898] and <q>the `ippReadIO` function may under-read an extension field</q> [CVE-2019-8842]"> +<correction dbus "New upstream stable release; prevent a denial of service issue [CVE-2020-12049]; prevent use-after-free if two usernames share a uid"> +<correction debian-installer "Update for the 4.9.0-13 Linux kernel ABI"> +<correction debian-installer-netboot-images "Rebuild against stretch-proposed-updates"> +<correction debian-security-support "Update support status of several packages"> +<correction erlang "Fix use of weak TLS ciphers [CVE-2020-12872]"> +<correction exiv2 "Fix denial of service issue [CVE-2018-16336]; fix over-restrictive fix for CVE-2018-10958 and CVE-2018-10999"> +<correction fex "Security update"> +<correction file-roller "Security fix [CVE-2020-11736]"> +<correction fwupd "New upstream release; use a CNAME to redirect to the correct CDN for metadata; do not abort startup if the XML metadata file is invalid; add the Linux Foundation public GPG keys for firmware and metadata; raise the metadata limit to 10MB"> +<correction glib-networking "Return bad identity error if identity is unset [CVE-2020-13645]"> +<correction gnutls28 "Fix memory corruption issue [CVE-2019-3829]; fix memory leak; add support for zero length session tickets, fix connection errors on TLS1.2 sessions to some hosting providers"> +<correction gosa "Tighten check on LDAP success/failure [CVE-2019-11187]; fix compatibility with newer PHP versions; backport several other patches; replace (un)serialize with json_encode/json_decode to mitigate PHP object injection [CVE-2019-14466]"> +<correction heartbleeder "Rebuild against recent golang to pick up security fixes"> +<correction intel-microcode "Downgrade some microcodes to previously released revisions, working around hangs on boot on Skylake-U/Y and Skylake Xeon E3"> +<correction iptables-persistent "Don't fail if modprobe does"> +<correction jackson-databind "Fix multiple security issues affecting BeanDeserializerFactory [CVE-2020-9548 CVE-2020-9547 CVE-2020-9546 CVE-2020-8840 CVE-2020-14195 CVE-2020-14062 CVE-2020-14061 CVE-2020-14060 CVE-2020-11620 CVE-2020-11619 CVE-2020-11113 CVE-2020-11112 CVE-2020-11111 CVE-2020-10969 CVE-2020-10968 CVE-2020-10673 CVE-2020-10672 CVE-2019-20330 CVE-2019-17531 and CVE-2019-17267]"> +<correction libbusiness-hours-perl "Use explicit 4 digit years, fixing build and usage issues"> +<correction libclamunrar "New upstream stable release; add an unversioned meta-package"> +<correction libdbi "Comment out _error_handler() call again, fixing issues with consumers"> +<correction libembperl-perl "Handle error pages from Apache >= 2.4.40"> +<correction libexif "Security fixes [CVE-2016-6328 CVE-2017-7544 CVE-2018-20030 CVE-2020-12767 CVE-2020-0093]; security fixes [CVE-2020-13112 CVE-2020-13113 CVE-2020-13114]; fix a buffer read overflow [CVE-2020-0182] and an unsigned integer overflow [CVE-2020-0198]"> +<correction libvncserver "Fix heap overflow [CVE-2019-15690]"> +<correction linux "New upstream stable release; update ABI to 4.9.0-13"> +<correction linux-latest "Update for 4.9.0-13 kernel ABI"> +<correction mariadb-10.1 "New upstream stable release; security fixes [CVE-2020-2752 CVE-2020-2812 CVE-2020-2814]"> +<correction megatools "Add support for the new format of mega.nz links"> +<correction mod-gnutls "Avoid deprecated ciphersuites in test suite; fix test failures when combined with Apache's fix for CVE-2019-10092"> +<correction mongo-tools "Rebuild against recent golang to pick up security fixes"> +<correction neon27 "Treat OpenSSL-related test failures as non-fatal"> +<correction nfs-utils "Fix potential file overwrite vulnerability [CVE-2019-3689]; don't make all of /var/lib/nfs owned by the statd user"> +<correction nginx "Fix error page request smuggling vulnerability [CVE-2019-20372]"> +<correction node-url-parse "Sanitize paths and hosts before parsing [CVE-2018-3774]"> +<correction nvidia-graphics-drivers "New upstream stable release; new upstream stable release; security fixes [CVE-2020-5963 CVE-2020-5967]"> +<correction pcl "Fix missing dependency on libvtk6-qt-dev"> +<correction perl "Fix multiple regular expression related security issues [CVE-2020-10543 CVE-2020-10878 CVE-2020-12723]"> +<correction php-horde "Fix cross-site scripting vulnerability [CVE-2020-8035]"> +<correction php-horde-data "Fix authenticated remote code execution vulnerability [CVE-2020-8518]"> +<correction php-horde-form "Fix authenticated remote code execution vulnerability [CVE-2020-8866]"> +<correction php-horde-gollem "Fix cross-site scripting vulnerability in breadcrumb output [CVE-2020-8034]"> +<correction php-horde-trean "Fix authenticated remote code execution vulnerability [CVE-2020-8865]"> +<correction phpmyadmin "Several security fixes [CVE-2018-19968 CVE-2018-19970 CVE-2018-7260 CVE-2019-11768 CVE-2019-12616 CVE-2019-6798 CVE-2019-6799 CVE-2020-10802 CVE-2020-10803 CVE-2020-10804 CVE-2020-5504]"> +<correction postfix "New upstream stable release"> +<correction proftpd-dfsg "Fix handling SSH_MSG_IGNORE packets"> +<correction python-icalendar "Fix Python3 dependencies"> +<correction rails "Fix possible cross-site scripting via Javascript escape helper [CVE-2020-5267]"> +<correction rake "Fix command injection vulnerability [CVE-2020-8130]"> +<correction roundcube "Fix cross-site scripting issue via HTML messages with malicious svg/namespace [CVE-2020-15562]"> +<correction ruby-json "Fix unsafe object creation vulnerability [CVE-2020-10663]"> +<correction ruby2.3 "Fix unsafe object creation vulnerability [CVE-2020-10663]"> +<correction sendmail "Fix finding the queue runner control process in <q>split daemon</q> mode, <q>NOQUEUE: connect from (null)</q>, removal failure when using BTRFS"> +<correction sogo-connector "New upstream version, compatible with newer Thunderbird versions"> +<correction ssvnc "Fix out-of-bounds write [CVE-2018-20020], infinite loop [CVE-2018-20021], improper initialisation [CVE-2018-20022], potential denial-of-service [CVE-2018-20024]"> +<correction storebackup "Fix possible privilege escalation vulnerability [CVE-2020-7040]"> +<correction swt-gtk "Fix missing dependency on libwebkitgtk-1.0-0"> +<correction tinyproxy "Create PID file before dropping privileges to non-root account [CVE-2017-11747]"> +<correction tzdata "New upstream stable release"> +<correction websockify "Fix missing dependency on python{3,}-pkg-resources"> +<correction wpa "Fix AP mode PMF disconnection protection bypass [CVE-2019-16275]; fix MAC randomisation issues with some cards"> +<correction xdg-utils "Sanitise window name before sending it over D-Bus; correctly handle directories with names containing spaces; create the <q>applications</q> directory if needed"> +<correction xml-security-c "Fix length calculation in the concat method"> +<correction xtrlock "Fix blocking of (some) multitouch devices while locked [CVE-2016-10894]"> +</table> + + +<h2>Security Updates</h2> + + +<p>This revision adds the following security updates to the oldstable release. +The Security Team has already released an advisory for each of these +updates:</p> + +<table border=0> +<tr><th>Advisory ID</th> <th>Package</th></tr> +<dsa 2017 4005 openjfx> +<dsa 2018 4255 ant> +<dsa 2018 4352 chromium-browser> +<dsa 2019 4379 golang-1.7> +<dsa 2019 4380 golang-1.8> +<dsa 2019 4395 chromium> +<dsa 2019 4421 chromium> +<dsa 2020 4616 qemu> +<dsa 2020 4617 qtbase-opensource-src> +<dsa 2020 4618 libexif> +<dsa 2020 4619 libxmlrpc3-java> +<dsa 2020 4620 firefox-esr> +<dsa 2020 4621 openjdk-8> +<dsa 2020 4622 postgresql-9.6> +<dsa 2020 4624 evince> +<dsa 2020 4625 thunderbird> +<dsa 2020 4628 php7.0> +<dsa 2020 4629 python-django> +<dsa 2020 4630 python-pysaml2> +<dsa 2020 4631 pillow> +<dsa 2020 4632 ppp> +<dsa 2020 4633 curl> +<dsa 2020 4634 opensmtpd> +<dsa 2020 4635 proftpd-dfsg> +<dsa 2020 4637 network-manager-ssh> +<dsa 2020 4639 firefox-esr> +<dsa 2020 4640 graphicsmagick> +<dsa 2020 4642 thunderbird> +<dsa 2020 4646 icu> +<dsa 2020 4647 bluez> +<dsa 2020 4648 libpam-krb5> +<dsa 2020 4650 qbittorrent> +<dsa 2020 4653 firefox-esr> +<dsa 2020 4655 firefox-esr> +<dsa 2020 4656 thunderbird> +<dsa 2020 4657 git> +<dsa 2020 4659 git> +<dsa 2020 4660 awl> +<dsa 2020 4663 python-reportlab> +<dsa 2020 4664 mailman> +<dsa 2020 4666 openldap> +<dsa 2020 4668 openjdk-8> +<dsa 2020 4670 tiff> +<dsa 2020 4671 vlc> +<dsa 2020 4673 tomcat8> +<dsa 2020 4674 roundcube> +<dsa 2020 4675 graphicsmagick> +<dsa 2020 4676 salt> +<dsa 2020 4677 wordpress> +<dsa 2020 4678 firefox-esr> +<dsa 2020 4683 thunderbird> +<dsa 2020 4685 apt> +<dsa 2020 4686 apache-log4j1.2> +<dsa 2020 4687 exim4> +<dsa 2020 4688 dpdk> +<dsa 2020 4689 bind9> +<dsa 2020 4692 netqmail> +<dsa 2020 4693 drupal7> +<dsa 2020 4695 firefox-esr> +<dsa 2020 4698 linux> +<dsa 2020 4700 roundcube> +<dsa 2020 4701 intel-microcode> +<dsa 2020 4702 thunderbird> +<dsa 2020 4703 mysql-connector-java> +<dsa 2020 4704 vlc> +<dsa 2020 4705 python-django> +<dsa 2020 4706 drupal7> +<dsa 2020 4707 mutt> +<dsa 2020 4711 coturn> +<dsa 2020 4713 firefox-esr> +<dsa 2020 4715 imagemagick> +<dsa 2020 4717 php7.0> +<dsa 2020 4718 thunderbird> +</table> + + +<h2>Removed packages</h2> + +<p>The following packages were removed due to circumstances beyond our control:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction certificatepatrol "Incompatible with newer Firefox ESR versions"> +<correction colorediffs-extension "Incompatible with newer Thunderbird versions"> +<correction dynalogin "Depends on to-be-removed simpleid"> +<correction enigmail "Incompatible with newer Thunderbird versions"> +<correction firefox-esr "[armel] No longer supported (requires nodejs)"> +<correction firefox-esr "[mips mipsel mips64el] No longer supported (needs newer rustc)"> +<correction getlive "Broken due to Hotmail changes"> +<correction gplaycli "Broken by Google API changes"> +<correction kerneloops "Upstream service no longer available"> +<correction libmicrodns "Security issues"> +<correction libperlspeak-perl "Security issues; unmaintained"> +<correction mathematica-fonts "Relies on unavailable download location"> +<correction pdns-recursor "Security issues; unsupported"> +<correction predictprotein "Depends on to-be-removed profphd"> +<correction profphd "Unusable"> +<correction quotecolors "Incompatible with newer Thunderbird versions"> +<correction selenium-firefoxdriver "Incompatible with newer Firefox ESR versions"> +<correction simpleid "Does not work with PHP7"> +<correction simpleid-ldap "Depends on to-be-removed simpleid"> +<correction torbirdy "Incompatible with newer Thunderbird versions"> +<correction weboob "Unmaintained; already removed from later releases"> +<correction yahoo2mbox "Broken for several years"> + +</table> + +<h2>Debian Installer</h2> +<p>The installer has been updated to include the fixes incorporated +into oldstable by the point release.</p> + +<h2>URLs</h2> + +<p>The complete lists of packages that have changed with this revision:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog"> +</div> + +<p>The current oldstable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/oldstable/"> +</div> + +<p>Proposed updates to the oldstable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/oldstable-proposed-updates"> +</div> + +<p>oldstable distribution information (release notes, errata etc.):</p> + +<div class="center"> + <a + href="$(HOME)/releases/oldstable/">https://www.debian.org/releases/oldstable/</a> +</div> + +<p>Security announcements and information:</p> + +<div class="center"> + <a href="$(HOME)/security/">https://www.debian.org/security/</a> +</div> + +<h2>About Debian</h2> + +<p>The Debian Project is an association of Free Software developers who +volunteer their time and effort in order to produce the completely +free operating system Debian.</p> + +<h2>Contact Information</h2> + +<p>For further information, please visit the Debian web pages at +<a href="$(HOME)/">https://www.debian.org/</a>, send mail to +<press@debian.org>, or contact the stable release team at +<debian-release@lists.debian.org>.</p> + + diff --git a/greek/News/2020/20200801.wml b/greek/News/2020/20200801.wml new file mode 100644 index 00000000000..011ec2b6202 --- /dev/null +++ b/greek/News/2020/20200801.wml @@ -0,0 +1,308 @@ +#use wml::debian::translation-check translation="846effa858f46cf6429f61e241ec96292032972f" maintainer="galaxico" +<define-tag pagetitle>Updated Debian 10: 10.5 released</define-tag> +<define-tag release_date>2020-08-01</define-tag> +#use wml::debian::news + +<define-tag release>10</define-tag> +<define-tag codename>buster</define-tag> +<define-tag revision>10.5</define-tag> + +<define-tag dsa> + <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td> + <td align="center"><: + my @p = (); + for my $p (split (/,\s*/, "%2")) { + push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p)); + } + print join (", ", @p); +:></td></tr> +</define-tag> + +<define-tag correction> + <tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr> +</define-tag> + +<define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag> + +<p>The Debian project is pleased to announce the fifth update of its +stable distribution Debian <release> (codename <q><codename></q>). +This point release mainly adds corrections for security issues, +along with a few adjustments for serious problems. Security advisories +have already been published separately and are referenced where available.</p> + +<p>This point release also addresses Debian Security Advisory: +<a href="https://www.debian.org/security/2020/dsa-4735">DSA-4735-1 grub2 -- security update</a> +which covers multiple CVE issues regarding +the <a href="https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/">GRUB2 UEFI SecureBoot 'BootHole' vulnerability</a>.</p> + + +<p>Please note that the point release does not constitute a new version of Debian +<release> but only updates some of the packages included. There is +no need to throw away old <q><codename></q> media. After installation, +packages can be upgraded to the current versions using an up-to-date Debian +mirror.</p> + +<p>Those who frequently install updates from security.debian.org won't have +to update many packages, and most such updates are +included in the point release.</p> + +<p>New installation images will be available soon at the regular locations.</p> + +<p>Upgrading an existing installation to this revision can be achieved by +pointing the package management system at one of Debian's many HTTP mirrors. +A comprehensive list of mirrors is available at:</p> + +<div class="center"> + <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a> +</div> + + + + +<h2>Miscellaneous Bugfixes</h2> + +<p>This stable update adds a few important corrections to the following packages:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction appstream-glib "Fix build failures in 2020 and later"> +<correction asunder "Use gnudb instead of freedb by default"> +<correction b43-fwcutter "Ensure removal succeeds under non-English locales; do not fail removal if some files no longer exist; fix missing dependencies on pciutils and ca-certificates"> +<correction balsa "Provide server identity when validating certificates, allowing successful validation when using the glib-networking patch for CVE-2020-13645"> +<correction base-files "Update for the point release"> +<correction batik "Fix server-side request forgery via xlink:href attributes [CVE-2019-17566]"> +<correction borgbackup "Fix index corruption bug leading to data loss"> +<correction bundler "Update required version of ruby-molinillo"> +<correction c-icap-modules "Add support for ClamAV 0.102"> +<correction cacti "Fix issue where UNIX timestamps after September 13th 2020 were rejected as graph start / end; fix remote code execution [CVE-2020-7237], cross-site scripting [CVE-2020-7106], CSRF issue [CVE-2020-13231]; disabling a user account does not immediately invalidate permissions [CVE-2020-13230]"> +<correction calamares-settings-debian "Enable displaymanager module, fixing autologin options; use xdg-user-dir to specify Desktop directory"> +<correction clamav "New upstream release; security fixes [CVE-2020-3327 CVE-2020-3341 CVE-2020-3350 CVE-2020-3327 CVE-2020-3481]"> +<correction cloud-init "New upstream release"> +<correction commons-configuration2 "Prevent object creation when loading YAML files [CVE-2020-1953]"> +<correction confget "Fix the Python module's handling of values containing <q>=</q>"> +<correction dbus "New upstream stable release; prevent a denial of service issue [CVE-2020-12049]; prevent use-after-free if two usernames share a uid"> +<correction debian-edu-config "Fix loss of dynamically allocated IPv4 address"> +<correction debian-installer "Update Linux ABI to 4.19.0-10"> +<correction debian-installer-netboot-images "Rebuild against proposed-updates"> +<correction debian-ports-archive-keyring "Increase the expiration date of the 2020 key (84C573CD4E1AFD6C) by one year; add Debian Ports Archive Automatic Signing Key (2021); move the 2018 key (ID: 06AED62430CB581C) to the removed keyring"> +<correction debian-security-support "Update support status of several packages"> +<correction dpdk "New upstream release"> +<correction exiv2 "Adjust overly restrictive security patch [CVE-2018-10958 and CVE-2018-10999]; fix denial of service issue [CVE-2018-16336]"> +<correction fdroidserver "Fix Litecoin address validation"> +<correction file-roller "Security fix [CVE-2020-11736]"> +<correction freerdp2 "Fix smartcard logins; security fixes [CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526]"> +<correction fwupd "New upstream release; fix possible signature verification issue [CVE-2020-10759]; use rotated Debian signing keys"> +<correction fwupd-amd64-signed "New upstream release; fix possible signature verification issue [CVE-2020-10759]; use rotated Debian signing keys"> +<correction fwupd-arm64-signed "New upstream release; fix possible signature verification issue [CVE-2020-10759]; use rotated Debian signing keys"> +<correction fwupd-armhf-signed "New upstream release; fix possible signature verification issue [CVE-2020-10759]; use rotated Debian signing keys"> +<correction fwupd-i386-signed "New upstream release; fix possible signature verification issue [CVE-2020-10759]; use rotated Debian signing keys"> +<correction fwupdate "Use rotated Debian signing keys"> +<correction fwupdate-amd64-signed "Use rotated Debian signing keys"> +<correction fwupdate-arm64-signed "Use rotated Debian signing keys"> +<correction fwupdate-armhf-signed "Use rotated Debian signing keys"> +<correction fwupdate-i386-signed "Use rotated Debian signing keys"> +<correction gist "Avoid deprecated authorization API"> +<correction glib-networking "Return bad identity error if identity is unset [CVE-2020-13645]; break balsa older than 2.5.6-2+deb10u1 as the fix for CVE-2020-13645 breaks balsa's certificate verification"> +<correction gnutls28 "Fix TL1.2 resumption errors; fix memory leak; handle zero length session tickets, fixing connection errors on TLS1.2 sessions to some big hosting providers; fix verification error with alternate chains"> +<correction intel-microcode "Downgrade some microcodes to previously issued versions, working around hangs on boot on Skylake-U/Y and Skylake Xeon E3"> +<correction jackson-databind "Fix multiple security issues affecting BeanDeserializerFactory [CVE-2020-9548 CVE-2020-9547 CVE-2020-9546 CVE-2020-8840 CVE-2020-14195 CVE-2020-14062 CVE-2020-14061 CVE-2020-14060 CVE-2020-11620 CVE-2020-11619 CVE-2020-11113 CVE-2020-11112 CVE-2020-11111 CVE-2020-10969 CVE-2020-10968 CVE-2020-10673 CVE-2020-10672 CVE-2019-20330 CVE-2019-17531 and CVE-2019-17267]"> +<correction jameica "Add mckoisqldb to classpath, allowing use of SynTAX plugin"> +<correction jigdo "Fix HTTPS support in jigdo-lite and jigdo-mirror"> +<correction ksh "Fix environment variable restriction issue [CVE-2019-14868]"> +<correction lemonldap-ng "Fix nginx configuration regression introduced by the fix for CVE-2019-19791"> +<correction libapache-mod-jk "Rename Apache configuration file so it can be automatically enabled and disabled"> +<correction libclamunrar "New upstream stable release; add an unversioned meta-package"> +<correction libembperl-perl "Handle error pages from Apache >= 2.4.40"> +<correction libexif "Security fixes [CVE-2020-12767 CVE-2020-0093 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114]; fix buffer overflow [CVE-2020-0182] and integer overflow [CVE-2020-0198]"> +<correction libinput "Quirks: add trackpoint integration attribute"> +<correction libntlm "Fix buffer overflow [CVE-2019-17455]"> +<correction libpam-radius-auth "Fix buffer overflow in password field [CVE-2015-9542]"> +<correction libunwind "Fix segfaults on mips; manually enable C++ exception support only on i386 and amd64"> +<correction libyang "Fix cache corruption crash, CVE-2019-19333, CVE-2019-19334"> +<correction linux "New upstream stable release"> +<correction linux-latest "Update for 4.19.0-10 kernel ABI"> +<correction linux-signed-amd64 "New upstream stable release"> +<correction linux-signed-arm64 "New upstream stable release"> +<correction linux-signed-i386 "New upstream stable release"> +<correction lirc "Fix conffile management"> +<correction mailutils "maidag: drop setuid privileges for all delivery operations but mda [CVE-2019-18862]"> +<correction mariadb-10.3 "New upstream stable release; security fixes [CVE-2020-2752 CVE-2020-2760 CVE-2020-2812 CVE-2020-2814 CVE-2020-13249]; fix regression in RocksDB ZSTD detection"> +<correction mod-gnutls "Fix a possible segfault on failed TLS handshake; fix test failures"> +<correction multipath-tools "kpartx: use correct path to partx in udev rule"> +<correction mutt "Don't check IMAP PREAUTH encryption if $tunnel is in use"> +<correction mydumper "Link against libm"> +<correction nfs-utils "statd: take user-id from /var/lib/nfs/sm [CVE-2019-3689]; don't make /var/lib/nfs owned by statd"> +<correction nginx "Fix error page request smuggling vulnerability [CVE-2019-20372]"> +<correction nmap "Update default key size to 2048 bits"> +<correction node-dot-prop "Fix regression introduced in CVE-2020-8116 fix"> +<correction node-handlebars "Disallow calling <q>helperMissing</q> and <q>blockHelperMissing</q> directly [CVE-2019-19919]"> +<correction node-minimist "Fix prototype pollution [CVE-2020-7598]"> +<correction nvidia-graphics-drivers "New upstream stable release; security fixes [CVE-2020-5963 CVE-2020-5967]"> +<correction nvidia-graphics-drivers-legacy-390xx "New upstream stable release; security fixes [CVE-2020-5963 CVE-2020-5967]"> +<correction openstack-debian-images "Install resolvconf if installing cloud-init"> +<correction pagekite "Avoid issues with expiry of shipped SSL certificates by using those from the ca-certificates package"> +<correction pdfchain "Fix crash at startup"> +<correction perl "Fix multiple regular expression related security issues [CVE-2020-10543 CVE-2020-10878 CVE-2020-12723]"> +<correction php-horde "Fix cross-site scripting vulnerability [CVE-2020-8035]"> +<correction php-horde-gollem "Fix cross-site scripting vulnerability in breadcrumb output [CVE-2020-8034]"> +<correction pillow "Fix multiple out-of-bounds read issues [CVE-2020-11538 CVE-2020-10378 CVE-2020-10177]"> +<correction policyd-rate-limit "Fix issues in accounting due to socket reuse"> +<correction postfix "New upstream stable release; fix segfault in the tlsproxy client role when the server role was disabled; fix <q>maillog_file_rotate_suffix default value used the minute instead of the month</q>; fix several TLS related issues; README.Debian fixes"> +<correction python-markdown2 "Fix cross-site scripting issue [CVE-2020-11888]"> +<correction python3.7 "Avoid infinite loop when reading specially crafted TAR files using the tarfile module [CVE-2019-20907]; resolve hash collisions for IPv4Interface and IPv6Interface [CVE-2020-14422]; fix denial of service issue in urllib.request.AbstractBasicAuthHandler [CVE-2020-8492]"> +<correction qdirstat "Fix saving of user-configured MIME categories"> +<correction raspi3-firmware "Fix typo that could lead to unbootable systems"> +<correction resource-agents "IPsrcaddr: make <q>proto</q> optional to fix regression when used without NetworkManager"> +<correction ruby-json "Fix unsafe object creation vulnerability [CVE-2020-10663]"> +<correction shim "Use rotated Debian signing keys"> +<correction shim-helpers-amd64-signed "Use rotated Debian signing keys"> +<correction shim-helpers-arm64-signed "Use rotated Debian signing keys"> +<correction shim-helpers-i386-signed "Use rotated Debian signing keys"> +<correction speedtest-cli "Pass correct headers to fix upload speed test"> +<correction ssvnc "Fix out-of-bounds write [CVE-2018-20020], infinite loop [CVE-2018-20021], improper initialisation [CVE-2018-20022], potential denial-of-service [CVE-2018-20024]"> +<correction storebackup "Fix possible privilege escalation vulnerability [CVE-2020-7040]"> +<correction suricata "Fix dropping privileges in nflog runmode"> +<correction tigervnc "Don't use libunwind on armel, armhf or arm64"> +<correction transmission "Fix possible denial of service issue [CVE-2018-10756]"> +<correction wav2cdr "Use C99 fixed-size integer types to fix runtime assertion on 64bit architectures other than amd64 and alpha"> +<correction zipios++ "Security fix [CVE-2019-13453]"> +</table> + + +<h2>Security Updates</h2> + + +<p>This revision adds the following security updates to the stable release. +The Security Team has already released an advisory for each of these +updates:</p> + +<table border=0> +<tr><th>Advisory ID</th> <th>Package</th></tr> +<dsa 2020 4626 php7.3> +<dsa 2020 4674 roundcube> +<dsa 2020 4675 graphicsmagick> +<dsa 2020 4676 salt> +<dsa 2020 4677 wordpress> +<dsa 2020 4678 firefox-esr> +<dsa 2020 4679 keystone> +<dsa 2020 4680 tomcat9> +<dsa 2020 4681 webkit2gtk> +<dsa 2020 4682 squid> +<dsa 2020 4683 thunderbird> +<dsa 2020 4684 libreswan> +<dsa 2020 4685 apt> +<dsa 2020 4686 apache-log4j1.2> +<dsa 2020 4687 exim4> +<dsa 2020 4688 dpdk> +<dsa 2020 4689 bind9> +<dsa 2020 4690 dovecot> +<dsa 2020 4691 pdns-recursor> +<dsa 2020 4692 netqmail> +<dsa 2020 4694 unbound> +<dsa 2020 4695 firefox-esr> +<dsa 2020 4696 nodejs> +<dsa 2020 4697 gnutls28> +<dsa 2020 4699 linux-signed-amd64> +<dsa 2020 4699 linux-signed-arm64> +<dsa 2020 4699 linux-signed-i386> +<dsa 2020 4699 linux> +<dsa 2020 4700 roundcube> +<dsa 2020 4701 intel-microcode> +<dsa 2020 4702 thunderbird> +<dsa 2020 4704 vlc> +<dsa 2020 4705 python-django> +<dsa 2020 4707 mutt> +<dsa 2020 4708 neomutt> +<dsa 2020 4709 wordpress> +<dsa 2020 4710 trafficserver> +<dsa 2020 4711 coturn> +<dsa 2020 4712 imagemagick> +<dsa 2020 4713 firefox-esr> +<dsa 2020 4714 chromium> +<dsa 2020 4716 docker.io> +<dsa 2020 4718 thunderbird> +<dsa 2020 4719 php7.3> +<dsa 2020 4720 roundcube> +<dsa 2020 4721 ruby2.5> +<dsa 2020 4722 ffmpeg> +<dsa 2020 4723 xen> +<dsa 2020 4724 webkit2gtk> +<dsa 2020 4725 evolution-data-server> +<dsa 2020 4726 nss> +<dsa 2020 4727 tomcat9> +<dsa 2020 4728 qemu> +<dsa 2020 4729 libopenmpt> +<dsa 2020 4730 ruby-sanitize> +<dsa 2020 4731 redis> +<dsa 2020 4732 squid> +<dsa 2020 4733 qemu> +<dsa 2020 4735 grub-efi-amd64-signed> +<dsa 2020 4735 grub-efi-arm64-signed> +<dsa 2020 4735 grub-efi-ia32-signed> +<dsa 2020 4735 grub2> +</table> + + +<h2>Removed packages</h2> + +<p>The following packages were removed due to circumstances beyond our control:</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction golang-github-unknwon-cae "Security issues; unmaintained"> +<correction janus "Not supportable in stable"> +<correction mathematica-fonts "Relies on unavailable download location"> +<correction matrix-synapse "Security issues; unsupportable"> +<correction selenium-firefoxdriver "Incompatible with newer Firefox ESR versions"> + +</table> + +<h2>Debian Installer</h2> +<p>The installer has been updated to include the fixes incorporated +into stable by the point release.</p> + +<h2>URLs</h2> + +<p>The complete lists of packages that have changed with this revision:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog"> +</div> + +<p>The current stable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/stable/"> +</div> + +<p>Proposed updates to the stable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/proposed-updates"> +</div> + +<p>stable distribution information (release notes, errata etc.):</p> + +<div class="center"> + <a + href="$(HOME)/releases/stable/">https://www.debian.org/releases/stable/</a> +</div> + +<p>Security announcements and information:</p> + +<div class="center"> + <a href="$(HOME)/security/">https://www.debian.org/security/</a> +</div> + +<h2>About Debian</h2> + +<p>The Debian Project is an association of Free Software developers who +volunteer their time and effort in order to produce the completely +free operating system Debian.</p> + +<h2>Contact Information</h2> + +<p>For further information, please visit the Debian web pages at +<a href="$(HOME)/">https://www.debian.org/</a>, send mail to +<press@debian.org>, or contact the stable release team at +<debian-release@lists.debian.org>.</p> diff --git a/greek/News/2020/20200830.wml b/greek/News/2020/20200830.wml new file mode 100644 index 00000000000..b58dec1a73d --- /dev/null +++ b/greek/News/2020/20200830.wml @@ -0,0 +1,173 @@ +#use wml::debian::translation-check translation="549ed0fce26a03a0a08c5aca5a6c51e4199c3e20" maintainer="galaxico" +<define-tag pagetitle>DebConf20 online closes</define-tag> + +<define-tag release_date>2020-08-30</define-tag> +#use wml::debian::news + +<p> +On Saturday 29 August 2020, the annual Debian Developers +and Contributors Conference came to a close. +</p> + +<p> +DebConf20 has been held online for the first time, due to the coronavirus +(COVID-19) disease pandemic. +</p> + +<p> +All of the sessions have been streamed, with a variety of ways of participating: +via IRC messaging, online collaborative text documents, +and video conferencing meeting rooms. +</p> + +<p> +With more than 850 attendees from 80 different countries and a +total of over 100 event talks, discussion sessions, +Birds of a Feather (BoF) gatherings and other activities, +<a href="https://debconf20.debconf.org">DebConf20</a> was a large success. +</p> + +<p> +When it became clear that DebConf20 was going to be an online-only +event, the DebConf video team spent much time over the next months to +adapt, improve, and in some cases write from scratch, technology that +would be required to make an online DebConf possible. After lessons +learned from the MiniDebConfOnline in late May, some adjustments were +made, and then eventually we came up with a setup involving Jitsi, OBS, +Voctomix, SReview, nginx, Etherpad, and a newly written web-based +frontend for voctomix as the various elements of the stack. +</p> + +<p> +All components of the video infrastructure are free software, and the +whole setup is configured through their public +<a href="https://salsa.debian.org/debconf-video-team/ansible">ansible</a> repository. +</p> + +<p> +The DebConf20 <a href="https://debconf20.debconf.org/schedule/">schedule</a> included +two tracks in other languages than English: the Spanish language MiniConf, +with eight talks in two days, +and the Malayalam language MiniConf, with nine talks in three days. +Ad-hoc activities, introduced by attendees over the course of the entire conference, +have been possible too, streamed and recorded. There have also been several +team gatherings to <a href="https://wiki.debian.org/Sprints/">sprint</a> on certain Debian development areas. +</p> + +<p> +Between talks, the video stream has been showing the usual sponsors on the loop, but also +some additional clips including photos from previous DebConfs, fun facts about Debian +and short shout-out videos sent by attendees to communicate with their Debian friends. +</p> + +<p> +For those who were not able to participate, most of the talks and sessions are already +available through the +<a href="https://meetings-archive.debian.net/pub/debian-meetings/2020/DebConf20/">Debian meetings archive website</a>, +and the remaining ones will appear in the following days. +</p> + +<p> +The <a href="https://debconf20.debconf.org/">DebConf20</a> website +will remain active for archival purposes and will continue to offer +links to the presentations and videos of talks and events. +</p> + +<p> +Next year, <a href="https://wiki.debian.org/DebConf/21">DebConf21</a> is planned to be held +in Haifa, Israel, in August or September. +</p> + +<p> +DebConf is committed to a safe and welcome environment for all participants. +During the conference, several teams (Front Desk, Welcome team and Community team) +have been available to help so participants get their best experience +in the conference, and find solutions to any issue that may arise. +See the <a href="https://debconf20.debconf.org/about/coc/">web page about the Code of Conduct in DebConf20 website</a> +for more details on this. +</p> + +<p> +Debian thanks the commitment of numerous <a href="https://debconf20.debconf.org/sponsors/">sponsors</a> +to support DebConf20, particularly our Platinum Sponsors: +<a href="https://www.lenovo.com">Lenovo</a>, +<a href="https://www.infomaniak.com">Infomaniak</a>, +<a href="https://google.com/">Google</a> +and +<a href="https://aws.amazon.com/">Amazon Web Services (AWS)</a>. +</p> + +<h2>About Debian</h2> +<p> +The Debian Project was founded in 1993 by Ian Murdock to be a truly +free community project. Since then the project has grown to be one of +the largest and most influential open source projects. Thousands of +volunteers from all over the world work together to create and +maintain Debian software. Available in 70 languages, and +supporting a huge range of computer types, Debian calls itself the +<q>universal operating system</q>. +</p> + +<h2>About DebConf</h2> + +<p> +DebConf is the Debian Project's developer conference. In addition to a +full schedule of technical, social and policy talks, DebConf provides an +opportunity for developers, contributors and other interested people to +meet in person and work together more closely. It has taken place +annually since 2000 in locations as varied as Scotland, Argentina, and +Bosnia and Herzegovina. More information about DebConf is available from +<a href="https://debconf.org/">https://debconf.org</a>. +</p> + +<h2>About Lenovo</h2> + +<p> +As a global technology leader manufacturing a wide portfolio of connected products, +including smartphones, tablets, PCs and workstations as well as AR/VR devices, +smart home/office and data center solutions, <a href="https://www.lenovo.com">Lenovo</a> +understands how critical open systems and platforms are to a connected world. +</p> + +<h2>About Infomaniak</h2> + +<p> +<a href="https://www.infomaniak.com">Infomaniak</a> is Switzerland's largest web-hosting company, +also offering backup and storage services, solutions for event organizers, +live-streaming and video on demand services. +It wholly owns its datacenters and all elements critical +to the functioning of the services and products provided by the company +(both software and hardware). +</p> + +<h2>About Google</h2> + +<p> +<a href="https://google.com/">Google</a> is one of the largest technology companies in the +world, providing a wide range of Internet-related services and products such +as online advertising technologies, search, cloud computing, software, and hardware. +</p> + +<p> +Google has been supporting Debian by sponsoring DebConf for more than +ten years, and is also a Debian partner sponsoring parts +of <a href="https://salsa.debian.org">Salsa</a>'s continuous integration infrastructure +within Google Cloud Platform. +</p> + +<h2>About Amazon Web Services (AWS)</h2> + +<p> +<a href="https://aws.amazon.com">Amazon Web Services (AWS)</a> is one of the world's +most comprehensive and broadly adopted cloud platforms, +offering over 175 fully featured services from data centers globally +(in 77 Availability Zones within 24 geographic regions). +AWS customers include the fastest-growing startups, largest enterprises +and leading government agencies. +</p> + +<h2>Contact Information</h2> + +<p>For further information, please visit the DebConf20 web page at +<a href="https://debconf20.debconf.org/">https://debconf20.debconf.org/</a> +or send mail to <press@debian.org>.</p> diff --git a/greek/News/2020/20200926.wml b/greek/News/2020/20200926.wml new file mode 100644 index 00000000000..5885f5698f1 --- /dev/null +++ b/greek/News/2020/20200926.wml @@ -0,0 +1,205 @@ +#use wml::debian::translation-check translation="cc3aa11466129a6224ab33a305a554cb8d65f63c" maintainer="galaxico" +<define-tag pagetitle>Updated Debian 10: 10.6 released</define-tag> +<define-tag release_date>2020-09-26</define-tag> +#use wml::debian::news + +<define-tag release>10</define-tag> +<define-tag codename>buster</define-tag> +<define-tag revision>10.6</define-tag> + +<define-tag dsa> + <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td> + <td align="center"><: + my @p = (); + for my $p (split (/,\s*/, "%2")) { + push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p)); + } + print join (", ", @p); +:></td></tr> +</define-tag> + +<define-tag correction> + <tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr> +</define-tag> + +<define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag> + +<p>Tο Σχέδιο Debian είναι στην ευχάριστη θέση να αναγγείλει την έκτη επικαιροποίηση +της σταθερής του διανομής Debian <release> (codename <q><codename></q>). +Αυτή η σημειακή έκδοση προσθέτει κυρίως διορθώσεις ζητημάτων ασφαλείας μαζί με μερικές προσαρμογές +για σοβαρά προβλήματα. Προειδοποιήσεις ασφαλείας έχουν ήδη δημοσιοποιηθεί ξεχωριστά, στις οποίες +γίνεται αναφορά όπου είναι διαθέσιμες.</p> + +<p>Παρακαλούμε σημειώστε ότι μια σημειακή έκδοση δεν συνιστά μια καινούρια του Debian <release> αλλά μόνο την επικαιροποίηση μερικών από τα πακέτα που περιλαμβάνει η έκδοση. Δεν υπάρχει ανάγκη να πετάξετα τα παλικά <q><codename></q> μέσα εγκατάστασης. Μετά την εγκατάσταση, τα πακέτα μπορούν να αναβαθμιστούν στις τρέχουσες εκδόσεις τους χρησιμοποποιώντας έναν ενημερωμένο καθρέφτη του Debian.</p> + +<p>Όσοι/ες εγκαθιστούν συχνά επικαιροποιήσεις από το security.debian.org δεν θα έχουν να αναβαθμίσουν πολλά πακέτα, και οι περισσότερες από αυτές τις επικαιροποιήσεις συμπεριλαμβάνονται στην σημειακή αυτή έκδοση.</p> + +<p>Νέες εικόνες εγκατάστασης θα είναι σύντομα διαθέσιμες στις συνηθισμένες τοποθεσίες.</p> + +<p>Upgrading an existing installation to this revision can be achieved by +pointing the package management system at one of Debian's many HTTP mirrors. +A comprehensive list of mirrors is available at:</p> + +<div class="center"> + <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a> +</div> + +<h2>Miscellaneous Bugfixes</h2> + +<p>This stable update adds a few important corrections to the following packages.</p> + +<p>Note that, due to build issues, the updates for the cargo, rustc and rustc-bindgen packages are currently not available for the <q>armel</q> architecture. +They may be added at a later date if the issues are resolved.</p> + +<table border=0> +<tr><th>Package</th> <th>Reason</th></tr> +<correction arch-test "Fix detection of s390x sometimes failing"> +<correction asterisk "Fix crash when negotiating for T.38 with a declined stream [CVE-2019-15297], <q>SIP request can change address of a SIP peer</q> [CVE-2019-18790], <q>AMI user could execute system commands</q> [CVE-2019-18610], segfault in pjsip show history with IPv6 peers"> +<correction bacula "Fix <q>oversized digest strings allow a malicious client to cause a heap overflow in the director's memory</q> [CVE-2020-11061]"> +<correction base-files "Update /etc/debian_version for the point release"> +<correction calamares-settings-debian "Disable displaymanager module"> +<correction cargo "New upstream release, to support upcoming Firefox ESR versions"> +<correction chocolate-doom "Fix missing validation [CVE-2020-14983]"> +<correction chrony "Prevent symlink race when writing to the PID file [CVE-2020-14367]; fix temperature reading"> +<correction debian-installer "Update Linux ABI to 4.19.0-11"> +<correction debian-installer-netboot-images "Rebuild against proposed-updates"> +<correction diaspora-installer "Use --frozen option to bundle install to use upstream Gemfile.lock; don't exclude Gemfile.lock during upgrades; don't overwrite config/oidc_key.pem during upgrades; make config/schedule.yml writeable"> +<correction dojo "Fix prototype pollution in deepCopy method [CVE-2020-5258] and in jqMix method [CVE-2020-5259]"> +<correction dovecot "Fix dsync sieve filter sync regression; fix handling of getpwent result in userdb-passwd"> +<correction facter "Change Google GCE Metadata endpoint from <q>v1beta1</q> to <q>v1</q>"> +<correction gnome-maps "Fix an issue with misaligned shape layer rendering"> +<correction gnome-shell "LoginDialog: Reset auth prompt on VT switch before fade in [CVE-2020-17489]"> +<correction gnome-weather "Prevent a crash when the configured set of locations are invalid"> +<correction grunt "Use safeLoad when loading YAML files [CVE-2020-7729]"> +<correction gssdp "New upstream stable release"> +<correction gupnp "New upstream stable release; prevent the <q>CallStranger</q> attack [CVE-2020-12695]; require GSSDP 1.0.5"> +<correction haproxy "logrotate.conf: use rsyslog helper instead of SysV init script; reject messages where <q>chunked</q> is missing from Transfer-Encoding [CVE-2019-18277]"> +<correction icinga2 "Fix symlink attack [CVE-2020-14004]"> +<correction incron "Fix cleanup of zombie processes"> +<correction inetutils "Fix remote code execution issue [CVE-2020-10188]"> +<correction libcommons-compress-java "Fix denial of service issue [CVE-2019-12402]"> +<correction libdbi-perl "Fix memory corruption in XS functions when Perl stack is reallocated [CVE-2020-14392]; fix a buffer overflow on an overlong DBD class name [CVE-2020-14393]; fix a NULL profile dereference in dbi_profile() [CVE-2019-20919]"> +<correction libvncserver "libvncclient: bail out if UNIX socket name would overflow [CVE-2019-20839]; fix pointer aliasing/alignment issue [CVE-2020-14399]; limit max textchat size [CVE-2020-14405]; libvncserver: add missing NULL pointer checks [CVE-2020-14397]; fix pointer aliasing/alignment issue [CVE-2020-14400]; scale: cast to 64 bit before shifting [CVE-2020-14401]; prevent OOB accesses [CVE-2020-14402 CVE-2020-14403 CVE-2020-14404]"> +<correction libx11 "Fix integer overflows [CVE-2020-14344 CVE-2020-14363]"> +<correction lighttpd "Backport several usability and security fixes"> +<correction linux "New upstream stable release; increase ABI to 11"> +<correction linux-latest "Update for -11 Linux kernel ABI"> +<correction linux-signed-amd64 "New upstream stable release"> +<correction linux-signed-arm64 "New upstream stable release"> +<correction linux-signed-i386 "New upstream stable release"> +<correction llvm-toolchain-7 "New upstream release, to support upcoming Firefox ESR versions; fix bugs affecting rustc build"> +<correction lucene-solr "Fix security issue in DataImportHandler configuration handling [CVE-2019-0193]"> +<correction milkytracker "Fix heap overflow [CVE-2019-14464], stack overflow [CVE-2019-14496], heap overflow [CVE-2019-14497], use after free [CVE-2020-15569]"> +<correction node-bl "Fix over-read vulnerability [CVE-2020-8244]"> +<correction node-elliptic "Prevent malleability and overflows [CVE-2020-13822]"> +<correction node-mysql "Add localInfile option to control LOAD DATA LOCAL INFILE [CVE-2019-14939]"> +<correction node-url-parse "Fix insufficient validation and sanitization of user input [CVE-2020-8124]"> +<correction npm "Don't show password in logs [CVE-2020-15095]"> +<correction orocos-kdl "Remove explicit inclusion of default include path, fixing issues with cmake < 3.16"> +<correction postgresql-11 "New upstream stable release; set a secure search_path in logical replication walsenders and apply workers [CVE-2020-14349]; make contrib modules' installation scripts more secure [CVE-2020-14350]"> +<correction postgresql-common "Don't drop plpgsql before testing extensions"> +<correction pyzmq "Asyncio: wait for POLLOUT on sender in can_connect"> +<correction qt4-x11 "Fix buffer overflow in XBM parser [CVE-2020-17507]"> +<correction qtbase-opensource-src "Fix buffer overflow in XBM parser [CVE-2020-17507]; fix clipboard breaking when timer wraps after 50 days"> +<correction ros-actionlib "Load YAML safely [CVE-2020-10289]"> +<correction rustc "New upstream release, to support upcoming Firefox ESR versions"> +<correction rust-cbindgen "New upstream release, to support upcoming Firefox ESR versions"> +<correction ruby-ronn "Fix handling of UTF-8 content in manpages"> +<correction s390-tools "Hardcode perl dependency instead of using ${perl:Depends}, fixing installation under debootstrap"> +</table> + + +<h2>Security Updates</h2> + + +<p>This revision adds the following security updates to the stable release. +The Security Team has already released an advisory for each of these +updates:</p> + +<table border=0> +<tr><th>Advisory ID</th> <th>Package</th></tr> +<dsa 2020 4662 openjdk-11> +<dsa 2020 4734 openjdk-11> +<dsa 2020 4736 firefox-esr> +<dsa 2020 4737 xrdp> +<dsa 2020 4738 ark> +<dsa 2020 4739 webkit2gtk> +<dsa 2020 4740 thunderbird> +<dsa 2020 4741 json-c> +<dsa 2020 4742 firejail> +<dsa 2020 4743 ruby-kramdown> +<dsa 2020 4744 roundcube> +<dsa 2020 4745 dovecot> +<dsa 2020 4746 net-snmp> +<dsa 2020 4747 icingaweb2> +<dsa 2020 4748 ghostscript> +<dsa 2020 4749 firefox-esr> +<dsa 2020 4750 nginx> +<dsa 2020 4751 squid> +<dsa 2020 4752 bind9> +<dsa 2020 4753 mupdf> +<dsa 2020 4754 thunderbird> +<dsa 2020 4755 openexr> +<dsa 2020 4756 lilypond> +<dsa 2020 4757 apache2> +<dsa 2020 4758 xorg-server> +<dsa 2020 4759 ark> +<dsa 2020 4760 qemu> +<dsa 2020 4761 zeromq3> +<dsa 2020 4762 lemonldap-ng> +<dsa 2020 4763 teeworlds> +<dsa 2020 4764 inspircd> +<dsa 2020 4765 modsecurity> +</table> + + + +<h2>Debian Installer</h2> +<p>The installer has been updated to include the fixes incorporated +into stable by the point release.</p> + +<h2>URLs</h2> + +<p>The complete lists of packages that have changed with this revision:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog"> +</div> + +<p>The current stable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/stable/"> +</div> + +<p>Proposed updates to the stable distribution:</p> + +<div class="center"> + <url "http://ftp.debian.org/debian/dists/proposed-updates"> +</div> + +<p>stable distribution information (release notes, errata etc.):</p> + +<div class="center"> + <a + href="$(HOME)/releases/stable/">https://www.debian.org/releases/stable/</a> +</div> + +<p>Security announcements and information:</p> + +<div class="center"> + <a href="$(HOME)/security/">https://www.debian.org/security/</a> +</div> + +<h2>About Debian</h2> + +<p>The Debian Project is an association of Free Software developers who +volunteer their time and effort in order to produce the completely +free operating system Debian.</p> + +<h2>Contact Information</h2> + +<p>For further information, please visit the Debian web pages at +<a href="$(HOME)/">https://www.debian.org/</a>, send mail to +<press@debian.org>, or contact the stable release team at +<debian-release@lists.debian.org>.</p> diff --git a/greek/News/2020/Makefile b/greek/News/2020/Makefile new file mode 100644 index 00000000000..c26323c0c92 --- /dev/null +++ b/greek/News/2020/Makefile @@ -0,0 +1 @@ +include $(subst webwml/greek,webwml/english,$(CURDIR))/Makefile diff --git a/greek/News/2020/index.wml b/greek/News/2020/index.wml new file mode 100644 index 00000000000..6c6f7ed3fdf --- /dev/null +++ b/greek/News/2020/index.wml @@ -0,0 +1,14 @@ +#use wml::debian::template title="Νέα από το 2020" +#use wml::debian::recent_list +#use wml::debian::translation-check translation="2d9bcdf043aeb45dac38fa887e61facd61561797" maintainer="galaxico" + +<p><:= get_recent_list ('.', '0', '$(ENGLISHDIR)/News/2020', '', +'\d+\w*') :></p> + +<p>Σημείωση: μπορείτε να αποκτήσετε τα πιο πρόσφατα νέα για το Debian +εγγραφόμενοι/ες ή περιηγούμενοι/ες την αρχειοθήκη μας για τις λίστες αλληλογραφίας +<a +href="https://lists.debian.org/debian-announce/debian-announce-2020/">\ +<strong>debian-announce</strong></a> και +<a href="https://lists.debian.org/debian-news/">\ +<strong>debian-news</strong></a>.</p> |