Two and a half months after previous maintenance update, Project Debian has released a new version of its operating system. More specifically and as mentioned in the note posted yesterday, Debian 10.5 It is a point release, which is not a new version of Buster, but includes updates to improve the software. These include some security, but they have also used the moment to update all kinds of packages and correct errors.
Perhaps the most notable new coming with Debian 10.5 Buster is that fixes several vulnerabilities found in GRUB2, what is known as the GRUB2 UEFI SecureBoot BootHole. This boot system failure is so serious that even Microsoft published a post about it, as it affects other computers that use SecureBoot and not just those that use GRUB.
Debian 10.5 now available with bug fixes and more secure
On the other hand, among the fixes introduced in Debian 10.5 we have:
- ClamAV anti-virus updated.
- A security patch for file-roller.
- Using rotated Debian signing keys for fwupdate and other packages
- They have fixed HTTPS support in Jigdo.
- Updated Linux kernel support 4.19.
- Various cross-site scripting issues with PHP Horde.
- Various corrections whose complete list you have in the link of the release note.
Users interested in performing the Zero installation can download the new images from the Debian FTP server, which you can access from this link. Existing users should receive these updates from the same operating system.
Meanwhile, the project continue working also in Debian 11, which will be codenamed "Bullseye", but it is not yet known when it will arrive as a stable version. And, as you know, Debian only releases the news when it knows that they work perfectly, without a strict calendar. Considering that they release a version every 12-15 months, they should announce their arrival soon.