Debian patches plenty in new version 9.1
26 security fixes for 55 packages. You know what to do!
Debian Linux has hit version 9.1.
The new release rolls up 26 security fixes that have landed since June. This one, which landed last week, is worth plucking out of the noise, with Debian joining others in patching the Heimdal Kerberos man-in-the-middle bug.
There are 55 package fixes name-checked in the point release, some of which also have CVEs but aren't listed as security patches.
c-ares resolver gets a fix for CVE-2017-1000381; there are several fixes in the
dwarfutils link shortener; seven bugs are fixed in
libquicktime, and among the
systemd patches is one to deal with an out-of-bounds write in its resolver.
Finally, since the SixXS IPv6 tunnel broker has shut down, its matching Debian package, its corresponding
aiccu package received its death-note. ®