Debian 12.8 “Bookworm” has been released with multiple bug and security fixes

The Debian project has released the eighth update of its stable distribution, Debian 12, known as “Bookworm”. This point release primarily addresses security vulnerabilities and serious issues. Key fixes include a heap buffer overflow and out-of-bounds read in the NTFS handler for 7-Zip, and an incorrect handling of some OCSP responses in curl. The update introduces a new ClamAV upstream stable release, resolving denial of service and file corruption issues, and a new OpenSSL release that addresses buffer overread and out-of-bounds memory access vulnerabilities.

Debian 12.8 incorporates Python 3.11, which rectifies a regression in zipfile.Path and mitigates a ReDoS vulnerability in crafted tar archives. The kernel update raises the ABI version to 6.1.0-27, affecting signed kernels for amd64, arm64, and i386. Additionally, the update resolves issues in various packages, including SQLite, Timeshift, Wireshark, GTK3, and Docker and includes security updates for Thunderbird, Chromium, Firefox ESR, Apache, Git, LibreOffice, PHP 8.2, and more.