The Debian project has announced the eighth update of its stable distribution, Debian 12, also known as “Bookworm.” This release doesn’t introduce a new version of Debian but includes security fixes and other relevant adjustments to improve the system’s stability and security. The update is already available for users, and new installation images are expected to be published in the coming days in the usual Debian repositories.
Security Improvements and Bug Fixes
The update for Debian 12.8 primarily focuses on addressing critical bugs and security vulnerabilities. Users who typically update their systems through the security server (security.debian.org) will not need to make many changes, as a significant portion of these security patches are included in the updated version. However, for those wishing to update their systems, simply pointing the package manager to one of the many Debian mirrors will suffice to download the necessary packages.
Notable fixes include updates to essential packages such as 7zip, which now mitigates critical vulnerabilities in NTFS handling (CVE-2023-52168 and CVE-2023-52169), and curl, which fixes a bug in OCSP responses (CVE-2024-8096). Additionally, patches have been introduced for the openssl package to address out-of-bounds memory read issues and improper memory access (CVE-2024-5535 and CVE-2024-9143).
Major Updates to System Packages
Several system packages have received significant improvements in this update. Here are some of the highlights:
- clamav: includes a new stable version that addresses denial of service and file corruption issues.
- libvirt: improved compatibility for running i686 virtual machines with AppArmor on the host, preventing certain virtual machines from becoming unusable or disappearing after the update.
- intel-microcode: a new version has been released that includes crucial security updates (CVE-2024-23984 and CVE-2024-24968).
- glibc: updates the currency settings in Croatia to use the Euro and fixes bugs in several critical library functions.
Enhanced Security in Critical Software
In addition to improvements in specific packages, Debian’s update 12.8 includes a comprehensive list of security patches that have been previously announced by the Debian Security Team. These patches cover widely used applications such as apache2 and firefox-esr, as well as other less-known yet equally important applications for system integrity.
Some of the issues addressed include:
- thunderbird: has received multiple updates that enhance its security in browsing and email management.
- git: fixes critical vulnerabilities affecting key management.
- openssl: resolves vulnerabilities that could jeopardize the confidentiality of encrypted information.
Installer and Compatibility Enhancements
The Debian installer has also been updated to reflect the changes incorporated in the stable version. Notable improvements include support for netboot on armel systems and increased compatibility with kernel Linux 6.1.0-27. This ensures that the system is optimized for the latest hardware configurations and enhances the installation experience across various platforms.
Update Process
Debian users wishing to upgrade can do so easily. There’s no need to download a new installation image of Debian 12; simply updating the current system packages will suffice. This can be done using any of the available HTTP mirrors listed on the official Debian website, which provides a complete list of updated mirrors.
Complete Change Log
For those interested in the detailed changes and updates in this version, Debian has published an exhaustive log of all modified packages, available on its official website. Additionally, security advisories and other documentation related to this update can be found on Debian’s security announcement pages.
About Debian
Debian is a non-profit organization made up of free software developers who dedicate their time and effort to creating and maintaining a completely free operating system. Debian is used globally by both individuals and organizations, and its commitment to free software and security continues to set the standard in the Linux community.
Source: Noticias Linux