1. Forum
  2. Usenet
  3. LINUX.DEBIAN.L10N.PORTUGU

  • [RFR] wml://publicity/announcements/pt/2025/20250315.wml

    From Carlos Henrique Lima Melara@21:1/5 to All on Fri Mar 14 02:20:01 2025
    --4d4nzgwejxaoqfpt
    Content-Type: text/plain; charset=utf-8
    Content-Disposition: inline
    Content-Transfer-Encoding: quoted-printable

    Boa noite, pessoal!

    Segue a tradução da notícia do lançamento da versão pontual 12.10. É basicamente a mesma da versão anterior, então deve ser bem tranquilo.

    Abraços,
    Charles

    --4d4nzgwejxaoqfpt
    Content-Type: text/vnd.wap.wml; charset=utf-8
    Content-Disposition: attachment; filename="20250315.wml" Content-Transfer-Encoding: quoted-printable

    <define-tag pagetitle>Atualização Debian 12: 12.10 lançado</define-tag> <define-tag release_date>2025-03-15</define-tag>
    #use wml::debian::news
    # $Id:

    <define-tag release>12</define-tag>
    <define-tag codename>bookworm</define-tag>
    <define-tag revision>12.10</define-tag>

    <define-tag dsa>
    <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td>
    <td align="center"><:
    my @p = ();
    for my $p (split (/,\s*/, "%2")) {
    push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p));
    }
    print join (", ", @p);
    </td></tr>
    </define-tag>

    <define-tag correction>
    <tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr>
    </define-tag>

    <define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag>

    <p>O projeto Debian está feliz em anunciar a décima atualização de sua versão estável (stable) do Debian <release> (codinome <q><codename></q>). Esta versão pontual adiciona principalmente correções para problemas de segurança, além de pequenos ajustes para problemas mais sérios. Avisos de segurança já foram publicados em separado e são referenciados quando necessário.</p>

    <p>Por favor, note que a versão pontual não constitui uma nova versão do Debian
    <release>, mas apenas atualiza alguns dos pacotes já incluídos. Não há necessidade de jogar fora as antigas mídias do <q><codename></q>. Após a instalação, os pacotes podem ser atualizados para as versões atuais usando um
    espelho atualizado do Debian.</p>

    <p>Aquelas pessoas que frequentemente instalam atualizações a partir de security.debian.org não terão que atualizar muitos pacotes, e a maioria de tais
    atualizações estão incluídas na versão pontual.</p>

    <p>Novas imagens de instalação logo estarão disponíveis nos locais habituais.</p>

    <p>A atualização de uma instalação existente para esta revisão pode ser feita
    apontando o sistema de gerenciamento de pacotes para um dos muitos espelhos HTTP do Debian. Uma lista abrangente de espelhos está disponível em:</p>

    <div class="center">
    <a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a>
    </div>


    <h2>Correções gerais de bugs</h2>

    <p>Esta atualização da versão estável (stable) adiciona algumas correções importantes para os seguintes pacotes:</p>

    <table border=0>
    <tr><th>Pacote</th> <th>Justificativa</th></tr>
    <correction 389-ds-base "Fix crash when modifying userPassword using malformed input [CVE-2024-2199 CVE-2024-8445]; prevent denial of service while attempting to log in with a user with a malformed hash in their password [CVE-2024-5953]; prevent denial
    of service on the directory server with specially-crafted LDAP query [CVE-2024-3657]">
    <correction base-files "Update for the point release">
    <correction bup "New upstream bugfix release">
    <correction containerd "Fix tests causing FTBFS on the auto-builder network"> <correction curl "Fix unintended HTTPS upgrades or premature reversion to HTTP when both subdomains and parent domains are used [CVE-2024-9681]; prevent stopping of stunnel before retries in the built-time tests; fix possible credentials leakage issues [
    CVE-2024-11053 CVE-2025-0167]; fix test failures due to port clashes"> <correction dacite "Do not cache result of get_default_value_for_field"> <correction dcmtk "Fix issue when rendering an invalid monochrome DICOM image [CVE-2024-47796]; ensure: HighBit &lt; BitsAllocated [CVE-2024-52333]; fix possible overflows when allocating memory [CVE-2024-27628]; fix two segmentation faults [CVE-2024-
    34508 CVE-2024-34509]; fix arbitrary code execution issue [CVE-2024-28130]; fix buffer overflow issues [CVE-2025-25472 CVE-2025-25474]; fix NULL pointer dereference issue [CVE-2025-25475]">
    <correction debian-installer "Increase Linux kernel ABI to 6.1.0-32; rebuild against proposed-updates">
    <correction debian-ports-archive-keyring "Add 2026 key; move 2023 and 2024 keys to the removed keyring">
    <correction dgit "Add missing parameters for source upload target">
    <correction djoser "Fix authentication bypass [CVE-2024-21543]">
    <correction dns-root-data "Add the DNSKEY record for KSK-2024">
    <correction edk2 "Fix overflow condition in PeCoffLoaderRelocateImage() [CVE-2024-38796]; fix potential UINT32 overflow in S3 ResumeCount [CVE-2024-1298]">
    <correction elpa "Fix tests on machines with 2 vCPU or fewer">
    <correction flightgear "Fix sandbox bypass vulnerability in Nasal scripts [CVE-2025-0781]">
    <correction gensim "Fix build failure on single-CPU machines">
    <correction glibc "Fix buffer overflow when printing assertion failure message [CVE-2025-0395]; fix memset performance for unaligned destinations; fix TLS performance degradation after dlopen() usage; avoid integer truncation when parsing CPUID data with
    large cache sizes; ensure data passed to the rseq syscall are properly initialized">
    <correction golang-github-containers-buildah "Disable a test known to fail on the auto-builder network, fixing build failure">
    <correction intel-microcode "New upstream security release [CVE-2023-34440 CVE-2023-43758 CVE-2024-24582 CVE-2024-28047 CVE-2024-28127 CVE-2024-29214 CVE-2024-31068 CVE-2024-31157 CVE-2024-36293 CVE-2024-37020 CVE-2024-39279 CVE-2024-39355]">
    <correction iptables-netflow "Fix build with newer bullseye kernels"> <correction jinja2 "Fix arbitrary code execution issues [CVE-2024-56201 CVE-2024-56326]">
    <correction joblib "Fix build failure on single-CPU systems">
    <correction lemonldap-ng "Fix CSRF vulnerability on 2FA registration interface [CVE-2024-52948]">
    <correction libapache-mod-jk "Set correct default permissions for shared memory [CVE-2024-46544]">
    <correction libeconf "Fix buffer overflow vulnerability [CVE-2023-32181 CVE-2023-22652]">
    <correction librabbitmq "Add option to read username/password from file [CVE-2023-35789]">
    <correction libtar "Fix out-of-bounds read in gnu_longlink() [CVE-2021-33643]; fix out-of-bounds read in gnu_longname() [CVE-2021-33644]; fix memory leak in th_read() [CVE-2021-33645]; fix memory leak in th_read() [CVE-2021-33646]">
    <correction linux "New upstream release; bump ABI to 32">
    <correction linux-signed-amd64 "New upstream release; bump ABI to 32"> <correction linux-signed-arm64 "New upstream release; bump ABI to 32"> <correction linux-signed-i386 "New upstream release; bump ABI to 32"> <correction linuxcnc "Fix multi axes movement on single axis G0 MDI call"> <correction ltt-control "Fix consumer crash on shutdown">
    <correction lttng-modules "Fix build with newer bullseye kernels">
    <correction mariadb "New upstream stable release; fix security issue [CVE-2024-21096]; fix denial of service issue [CVE-2025-21490]">
    <correction monero "Impose response limits on HTTP server connections [CVE-2025-26819]">
    <correction mozc "Install fcitx icons to the correct locations">
    <correction ndcube "Ignore test warnings from astropy">
    <correction nginx "Fix possible bypass of client certificate authentication [CVE-2025-23419]">
    <correction node-axios "Fix CSRF vulnerability [CVE-2023-45857]; fix potential vulnerability in URL when determining an origin [CVE-2024-57965]">
    <correction node-js-sdsl "Fix build failure">
    <correction node-postcss "Fix mishandling of non-integer values leading to denial of service in nanoid [CVE-2024-55565]; fix parsing of external untrusted CSS [CVE-2023-44270]">
    <correction node-recast "Fix build failure">
    <correction node-redis "Fix build failure">
    <correction node-rollup "Fix build failure arising from changed timeout API"> <correction openh264 "Fix Cisco download URL">
    <correction php-nesbot-carbon "Fix arbitrary file include issue [CVE-2025-22145]">
    <correction postgresql-15 "New upstream stable release; harden PQescapeString and allied functions against invalidly-encoded strings; improve behavior of libpq's quoting functions [CVE-2025-1094]">
    <correction puma "Fix behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers [CVE-2023-40175]; limit size of chunk extensions [CVE-2024-21647]; prevent manipulation of headers set by intermediate proxies [CVE-2024-
    45614]">
    <correction python-django "Fix regular expression-based denial of service issue [CVE-2023-36053], denial of service issues [CVE-2024-38875 CVE-2024-39614 CVE-2024-41990 CVE-2024-41991], user enumeration issue [CVE-2024-39329], directory traversal issue [
    CVE-2024-39330], excessive memory consumption issue [CVE-2024-41989], SQL injection issue [CVE-2024-42005]">
    <correction python-pycdlib "Run tests only if /tmp is tmpfs, otherwise they are known to fail">
    <correction rapiddisk "Support Linux versions up to 6.10">
    <correction rsyslog "Avoid segmentation fault if a SIGTERM is received during startup">
    <correction runit-services "Do not enable dhclient service by default"> <correction seqan3 "Fix parallel running of tests">
    <correction simgear "Fix sandbox bypass vulnerability in Nasal scripts [CVE-2025-0781]">
    <correction spamassassin "New upstream stable release">
    <correction sssd "Apply GPO policy consistently [CVE-2023-3758]">
    <correction subversion "Fix vulnerable parsing of control characters in paths served by mod_dav_svn [CVE-2024-46901]">
    <correction sunpy "Ignore test warnings from astropy">
    <correction systemd "New upstream stable release">
    <correction tzdata "New upstream release; update data for Paraguay; update leap second information">
    <correction vagrant "Fix URL of public Vagrant registry">
    <correction vim "Fix crash when expanding <q>~</q> in substitute [CVE-2023-2610]; fix buffer-overflow in vim_regsub_both() [CVE-2023-4738]; fix heap use after free in ins_compl_get_exp() [CVE-2023-4752]; fix heap-buffer-overflow in vim_regsub_both [CVE-
    2023-4781]; fix buffer-overflow in trunc_string() [CVE-2023-5344]; fix stack-buffer-overflow in option callback functions [CVE-2024-22667]; fix heap-buffer-overflow in ins_typebuf (CVE-2024-43802]; fix use-after-free when closing a buffer [CVE-2024-47814]
    ; fix build failure on 32-bit architectures">
    <correction wget "Fix mishandling of semicolons in userinfo in URLs [CVE-2024-38428]">
    <correction xen "Allow direct kernel boot with kernels &gt;= 6.12">
    </table>


    <h2>Atualizações de segurança</h2>

    <p>Esta revisão adiciona as seguintes atualizações de segurança para a versão
    estável (stable).
    A equipe de segurança já lançou um aviso para cada uma dessas atualizações:</p>

    <table border=0>
    <tr><th>ID do aviso</th> <th>Pacote</th></tr>
    <dsa 2024 5834 chromium>
    <dsa 2024 5836 xen>
    <dsa 2025 5839 firefox-esr>
    <dsa 2025 5840 chromium>
    <dsa 2025 5841 thunderbird>
    <dsa 2025 5842 openafs>
    <dsa 2025 5843 rsync>
    <dsa 2025 5844 chromium>
    <dsa 2025 5845 tomcat10>
    <dsa 2025 5846 libreoffice>
    <dsa 2025 5847 snapcast>
    <dsa 2025 5848 chromium>
    <dsa 2025 5849 git-lfs>
    <dsa 2025 5850 git>
    <dsa 2025 5851 openjpeg2>
    <dsa 2025 5852 pdns-recursor>
    <dsa 2025 5853 pam-u2f>
    <dsa 2025 5854 bind9>
    <dsa 2025 5855 chromium>
    <dsa 2025 5856 redis>
    <dsa 2025 5857 openjdk-17>
    <dsa 2025 5858 firefox-esr>
    <dsa 2025 5859 chromium>
    <dsa 2025 5860 linux-signed-amd64>
    <dsa 2025 5860 linux-signed-arm64>
    <dsa 2025 5860 linux-signed-i386>
    <dsa 2025 5860 linux>
    <dsa 2025 5861 thunderbird>
    <dsa 2025 5862 cacti>
    <dsa 2025 5863 libtasn1-6>
    <dsa 2025 5864 pam-pkcs11>
    <dsa 2025 5865 webkit2gtk>
    <dsa 2025 5866 chromium>
    <dsa 2025 5867 gnutls28>
    <dsa 2025 5868 openssh>
    <dsa 2025 5869 chromium>
    <dsa 2025 5870 openh264>
    <dsa 2025 5871 emacs>
    <dsa 2025 5872 xorg-server>
    <dsa 2025 5873 libreoffice>
    <dsa 2025 5874 firefox-esr>
    <dsa 2025 5875 chromium>
    <dsa 2025 5876 thunderbird>
    </table>


    <h2>Pacotes removidos</h2>

    <p>Os seguintes pacotes foram removidos por circunstâncias fora de nosso controle:</p>

    <table border=0>
    <tr><th>Pacote</th> <th>Justificativa</th></tr>
    <correction kanboard "Unmaintained; security issues">
    <correction libnet-easytcp-perl "Unmaintained upstream; security issues"> <correction looking-glass "Not suitable for a stable release">

    </table>


    <h2>Instalador do Debian</h2>

    <p>O instalador foi atualizado para incluir as correções incorporadas
    na versão estável (stable) pela versão pontual.</p>


    <h2>URLs</h2>

    <p>As listas completas dos pacotes que foram alterados por esta revisão:</p>

    <div class="center">
    <url "https://deb.debian.org/debian/dists/<downcase <codename>>/ChangeLog"> </div>

    <p>A atual versão estável (stable):</p>

    <div class="center">
    <url "https://deb.debian.org/debian/dists/stable/">
    </div>

    <p>Atualizações propostas (proposed updates) para a versão estável (stable):</p>

    <div class="center">
    <url "https://deb.debian.org/debian/dists/proposed-updates">
    </div>

    <p>Informações da versão estável (stable) (notas de lançamento, errata, etc):</p>

    <div class="center">
    <a
    href="$(HOME)/releases/stable/">https://www.debian.org/releases/stable/</a> </div>

    <p>Anúncios de segurança e informações:</p>

    <div class="center">
    <a href="$(HOME)/security/">https://www.debian.org/security/</a>
    </div>


    <h2>Sobre o Debian</h2>

    <p>O projeto Debian é uma associação de desenvolvedores(as) de Software Livre
    que dedicam seu tempo e esforço como voluntários(as) para produzir o sistema operacional completamente livre Debian.</p>


    <h2>Informações de contato</h2>

    <p>Para mais informações, por favor visite as páginas web do Debian em
    <a href="$(HOME)/">https://www.debian.org/</a>, envie um e-mail (em inglês) para
    &lt;press@debian.org&gt;, ou entre em contato (em inglês) com a equipe de lançamento da versão estável (stable) em &lt;debian-release@lists.debian.org&gt;.</p>

    --4d4nzgwejxaoqfpt--

    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEECgzx8d8+AINglLHJt4M9ggJ8mQsFAmfTg3kACgkQt4M9ggJ8 mQvCgBAAg0+SHS47qVtIpEXRwuCHoDAUI2QPrPoQv0NWJJF5QM95PXfi5++2Fq9A VpGkge8ZZxG+8sjnemC9SfThMpUm8pJgETgmnrBvGf2yqfdtcfXgRBytIUL1xfKD MQ1ywrhifhzw1SNupvXq/J3BspMdtBGkVLnlJD50eAoxjnsr65O7MYO+5EEz3WkB 5pCRDFa5XeeHOlbgd4jOGK3E2fydL5EB8to6Ok2sPFLHYn5ERJqYpnSvxhwqdQrz 1jlyvwsd7sG9Qi3oMUB02WjymGJgbV2Lx8qsD5stuXT3wR5plbxfkYsbuCeRdud8 tj6LJAixsH19tsgbEflavKWw3Qh4n33aXZIRfcDfT9DfTAnhibqJUV5azkQBvUxg ke0OhHl5Zven/GWt3h+co9prbkgESIHR5+e798t0taGHl4zc7gt0p5W7P9wq5FIv OzZup4ZcqZ8UAuEsL6PYhrweua9pFNLXICh+uP1s40q3xQBF653Afw0yTCyo9Yg/ FQzHiemqNhmo7lTWI+cXy3fjRjUrb0q8KIUNeelGKl/vV7YN1T1n+yx1Y9zlrAoH FQqdmDnQCPc/ffQX86lbFrTXak18w1/qccR/GfkpHRWhJiDPKf7E4ZUJUSDUj/UW uNEzo+0GNRhC+H3/sUOO7wj7o0aUPD7xgcvmg1EN5Oqv677cuLM=
    =5K2J
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)