A few days ago the Debian developers announced the release of the new version of Debian 12.4 which was released skipping the release of Debian 12.3 because at the final stage of its preparation a bug was discovered in the Linux kernel in the package with the kernel linux-image-6.1.0-14, which causes data corruption in the Ext4 file system.
The problem appears in the stable branch of the Linux 6.1 kernel, which has been supported by a fix that was originally added in the 6.5 branch to resolve a crash due to a bug in the code to update the file size that was reduced after a direct update.
As such, it is pointed out that damage is marked as non-critical (it is not explained what exactly this means, probably data loss occurs in very rare circumstances, or the data is not permanently lost, but the file size becomes larger than actual).
In the context of Debian 12, the bug was moved to the 6.1 kernel package after synchronizing it with version 6.1.64. During the discussion of the bug, the Debian developers mentioned that the issue was fixed in update 6.1.66, but it is still unclear which of the fixes added to this version resolves the issue, as there are no changes in the 6.1.66 kernel. 4 which are clearly related to VFS and Ext6.1.66 (most likely they are talking about the issue stopping in the 6.1.65 kernel based deb package, when actually the fix was added to the 4 kernel branch, which contains changes related to ExtXNUMX).
What's new in Debian 12.4?
For the part of the improvements that are included in this new release of Debian 12.4 (plus it comes with the linux-image-6.1.0-15 kernel package, which is based on kernel version 6.1.66 and includes a fix for the issue), It introduces cumulative package updates and adds fixes to the installer. The release includes 94 updates to address stability issues and 65 updates to address vulnerabilities.
In Debian 12.4, you can also highlight lupdate to the latest stable versions of the packages gnome-shell, minizip, systemd, xen, among others. Removed the gimp-dds package, which is no longer needed as its functionality is now built into GIMP.
In addition to this, it is also noted that added llvm-toolchain-16 package based on LLVM/Clang 16, required to create new versions of the Chromium browser, Unicode 15.1 support has also been added to gnome-characters and fonts-noto-color-emoji. libsolv includes support for the zstd compression algorithm.
Of the other changes that stand out from this new version:
- eas4tbsync: New version that restores compatibility with newer versions of Thunderbird
- exfatprogs: Fixes out-of-bounds memory access issues [CVE-2023-45897]
- exim4: Fixes security issues related to the proxy protocol [CVE-2023-42117] and DNSDB lookups [CVE-2023-42119]
- GnomeShell: New version allows notifications to be dismissed with the backspace key in addition to the delete key, fixes duplicate devices showing when reconnecting to PulseAudio, fixes possible use after unlock crashes when restarting PulseAudio/Pipewire.
- libsolv: Zstd compression support enabled
- Linux kernel: Update to stable version 6.1.66
- profile: Fixes buffer overflow issue [CVE-2023-47038]
- php-phpseclib3: Fix denial of service issue
- postgresql-15: New stable version where the SQL injection problem is solved [CVE-2023-39417]; fixes MERGE to apply row security policies correctly [CVE-2023-39418]
- proftpd-dfsg: fix size of SSH key exchange buffers
- qbittorrent: disabled UPnP for web UI by default in qbittorrent-nox
- qemu: Update to stable version 7.2.7
Download and Get Debian 12.4
For those who are interested in being able to obtain the new version of Debian 12.4, you should know that the official website of the project already offers the installation images, while for those who already have a previous version, just execute the commands update to get this new version.
Finally, if you are interested in being able to know more about it, you can consult the details in the following link