Forums

Whew!

Very COOL! I envy you your road trip and hope your sis had a wonderful birthday w/ MANY more to follow!

They probably just come with Vi instead.

Vim doesn't apear to be installed by default in either Linux Mint or MX Linux so I installed it. It isn't as intuitive to me as nano but I can see how you could get to like it. What I find different is that you need to get in and out of command mode to do any editing of the text.

------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 10: 10.6 released press@debian.org September 26th, 2020 https://www.debian.org/News/2020/20200926 ------------------------------------------------------------------------ The Debian project is pleased to announce the sixth update of its stable distribution Debian 10 (codename "buster"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 10 but only updates some of the packages included. There is no need to throw away old "buster" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations. Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list Miscellaneous Bugfixes ---------------------- This stable update adds a few important corrections to the following packages. Note that, due to build issues, the updates for the cargo, rustc and rustc-bindgen packages are currently not available for the "armel" architecture. They may be added at a later date if the issues are resolved. +--------------------------+------------------------------------------+ | Package | Reason | +--------------------------+------------------------------------------+ | arch-test [1] | Fix detection of s390x sometimes failing | | | | | asterisk [2] | Fix crash when negotiating for T.38 with | | | a declined stream [CVE-2019-15297], | | | "SIP request can change address of a SIP | | | peer" [CVE-2019-18790], "AMI user | | | could execute system | | | commands" [CVE-2019-18610], segfault in | | | pjsip show history with IPv6 peers | | | | | bacula [3] | Fix "oversized digest strings allow a | | | malicious client to cause a heap | | | overflow in the director's | | | memory" [CVE-2020-11061] | | | | | base-files [4] | Update /etc/debian_version for the point | | | release | | | | | calamares-settings- | Disable displaymanager module | | debian [5] | | | | | | cargo [6] | New upstream release, to support | | | upcoming Firefox ESR versions | | | | | chocolate-doom [7] | Fix missing validation [CVE-2020-14983] | | | | | chrony [8] | Prevent symlink race when writing to the | | | PID file [CVE-2020-14367]; fix | | | temperature reading | | | | | debian-installer [9] | Update Linux ABI to 4.19.0-11 | | | | | debian-installer- | Rebuild against proposed-updates | | netboot-images [10] | | | | | | diaspora-installer [11] | Use --frozen option to bundle install to | | | use upstream Gemfile.lock; don't exclude | | | Gemfile.lock during upgrades; don't | | | overwrite config/oidc_key.pem during | | | upgrades; make config/schedule.yml | | | writeable | | | | | dojo [12] | Fix prototype pollution in deepCopy | | | method [CVE-2020-5258] and in jqMix | | | method [CVE-2020-5259] | | | | | dovecot [13] | Fix dsync sieve filter sync regression; | | | fix handling of getpwent result in | | | userdb-passwd | | | | | facter [14] | Change Google GCE Metadata endpoint from | | | "v1beta1" to "v1" | | | | | gnome-maps [15] | Fix an issue with misaligned shape layer | | | rendering | | | | | gnome-shell [16] | LoginDialog: Reset auth prompt on VT | | | switch before fade in [CVE-2020-17489] | | | | | gnome-weather [17] | Prevent a crash when the configured set | | | of locations are invalid | | | | | grunt [18] | Use safeLoad when loading YAML files | | | [CVE-2020-7729] | | | | | gssdp [19] | New upstream stable release | | | | | gupnp [20] | New upstream stable release; prevent the | | | "CallStranger" attack [CVE-2020-12695]; | | | require GSSDP 1.0.5 | | | | | haproxy [21] | logrotate.conf: use rsyslog helper | | | instead of SysV init script; reject | | | messages where "chunked" is missing | | | from Transfer-Encoding [CVE-2019-18277] | | | | | icinga2 [22] | Fix symlink attack [CVE-2020-14004] | | | | | incron [23] | Fix cleanup of zombie processes | | | | | inetutils [24] | Fix remote code execution issue | | | [CVE-2020-10188] | | | | | libcommons-compress- | Fix denial of service issue [CVE-2019- | | java [25] | 12402] | | | | | libdbi-perl [26] | Fix memory corruption in XS functions | | | when Perl stack is reallocated | | | [CVE-2020-14392]; fix a buffer overflow | | | on an overlong DBD class name [CVE-2020- | | | 14393]; fix a NULL profile dereference | | | in dbi_profile() [CVE-2019-20919] | | | | | libvncserver [27] | libvncclient: bail out if UNIX socket | | | name would overflow [CVE-2019-20839]; | | | fix pointer aliasing/alignment issue | | | [CVE-2020-14399]; limit max textchat | | | size [CVE-2020-14405]; libvncserver: add | | | missing NULL pointer checks [CVE-2020- | | | 14397]; fix pointer aliasing/alignment | | | issue [CVE-2020-14400]; scale: cast to | | | 64 bit before shifting [CVE-2020-14401]; | | | prevent OOB accesses [CVE-2020-14402 | | | CVE-2020-14403 CVE-2020-14404] | | | | | libx11 [28] | Fix integer overflows [CVE-2020-14344 | | | CVE-2020-14363] | | | | | lighttpd [29] | Backport several usability and security | | | fixes | | | | | linux [30] | New upstream stable release; increase | | | ABI to 11 | | | | | linux-latest [31] | Update for -11 Linux kernel ABI | | | | | linux-signed-amd64 [32] | New upstream stable release | | | | | linux-signed-arm64 [33] | New upstream stable release | | | | | linux-signed-i386 [34] | New upstream stable release | | | | | llvm-toolchain-7 [35] | New upstream release, to support | | | upcoming Firefox ESR versions; fix bugs | | | affecting rustc build | | | | | lucene-solr [36] | Fix security issue in DataImportHandler | | | configuration handling [CVE-2019-0193] | | | | | milkytracker [37] | Fix heap overflow [CVE-2019-14464], | | | stack overflow [CVE-2019-14496], heap | | | overflow [CVE-2019-14497], use after | | | free [CVE-2020-15569] | | | | | node-bl [38] | Fix over-read vulnerability [CVE-2020- | | | 8244] | | | | | node-elliptic [39] | Prevent malleability and overflows | | | [CVE-2020-13822] | | | | | node-mysql [40] | Add localInfile option to control LOAD | | | DATA LOCAL INFILE [CVE-2019-14939] | | | | | node-url-parse [41] | Fix insufficient validation and | | | sanitization of user input [CVE-2020- | | | 8124] | | | | | npm [42] | Don't show password in logs [CVE-2020- | | | 15095] | | | | | orocos-kdl [43] | Remove explicit inclusion of default | | | include path, fixing issues with cmake < | | | 3.16 | | | | | postgresql-11 [44] | New upstream stable release; set a | | | secure search_path in logical | | | replication walsenders and apply workers | | | [CVE-2020-14349]; make contrib modules' | | | installation scripts more secure | | | [CVE-2020-14350] | | | | | postgresql-common [45] | Don't drop plpgsql before testing | | | extensions | | | | | pyzmq [46] | Asyncio: wait for POLLOUT on sender in | | | can_connect | | | | | qt4-x11 [47] | Fix buffer overflow in XBM parser | | | [CVE-2020-17507] | | | | | qtbase-opensource- | Fix buffer overflow in XBM parser | | src [48] | [CVE-2020-17507]; fix clipboard breaking | | | when timer wraps after 50 days | | | | | ros-actionlib [49] | Load YAML safely [CVE-2020-10289] | | | | | rustc [50] | New upstream release, to support | | | upcoming Firefox ESR versions | | | | | rust-cbindgen [51] | New upstream release, to support | | | upcoming Firefox ESR versions | | | | | ruby-ronn [52] | Fix handling of UTF-8 content in | | | manpages | | | | | s390-tools [53] | Hardcode perl dependency instead of | | | using ${perl:Depends}, fixing | | | installation under debootstrap | | | | +--------------------------+------------------------------------------+ Security Updates ---------------- This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates: +----------------+--------------------+ | Advisory ID | Package | +----------------+--------------------+ | DSA-4662 [54] | openjdk-11 [55] | | | | | DSA-4734 [56] | openjdk-11 [57] | | | | | DSA-4736 [58] | firefox-esr [59] | | | | | DSA-4737 [60] | xrdp [61] | | | | | DSA-4738 [62] | ark [63] | | | | | DSA-4739 [64] | webkit2gtk [65] | | | | | DSA-4740 [66] | thunderbird [67] | | | | | DSA-4741 [68] | json-c [69] | | | | | DSA-4742 [70] | firejail [71] | | | | | DSA-4743 [72] | ruby-kramdown [73] | | | | | DSA-4744 [74] | roundcube [75] | | | | | DSA-4745 [76] | dovecot [77] | | | | | DSA-4746 [78] | net-snmp [79] | | | | | DSA-4747 [80] | icingaweb2 [81] | | | | | DSA-4748 [82] | ghostscript [83] | | | | | DSA-4749 [84] | firefox-esr [85] | | | | | DSA-4750 [86] | nginx [87] | | | | | DSA-4751 [88] | squid [89] | | | | | DSA-4752 [90] | bind9 [91] | | | | | DSA-4753 [92] | mupdf [93] | | | | | DSA-4754 [94] | thunderbird [95] | | | | | DSA-4755 [96] | openexr [97] | | | | | DSA-4756 [98] | lilypond [99] | | | | | DSA-4757 [100] | apache2 [101] | | | | | DSA-4758 [102] | xorg-server [103] | | | | | DSA-4759 [104] | ark [105] | | | | | DSA-4760 [106] | qemu [107] | | | | | DSA-4761 [108] | zeromq3 [109] | | | | | DSA-4762 [110] | lemonldap-ng [111] | | | | | DSA-4763 [112] | teeworlds [113] | | | | | DSA-4764 [114] | inspircd [115] | | | | | DSA-4765 [116] | modsecurity [117] | | | | +----------------+--------------------+ Debian Installer ---------------- The installer has been updated to include the fixes incorporated into stable by the point release. URLs ---- The complete lists of packages that have changed with this revision: http://ftp.debian.org/debian/dists/buster/ChangeLog The current stable distribution: http://ftp.debian.org/debian/dists/stable/ Proposed updates to the stable distribution: http://ftp.debian.org/debian/dists/proposed-updates stable distribution information (release notes, errata etc.): https://www.debian.org/releases/stable/ Security announcements and information: https://www.debian.org/security/ About Debian ------------ The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. Contact Information ------------------- For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.