The developers of Debian have been hard at work patching several security vulnerabilities and fixing bugs for the latest point release of their venerable Linux distribution. This new release fixes numerous security issues surrounding Apache’s Log4j (such as CVE-2021-4104 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307) and includes other security patches for the likes of ClamAV, FLAC, GLibc, Golong, XTerm, atftp, eguardian, glewlwyd, gnupg2, and htmldoc.
Although this release doesn’t bring to light any new features, it’s still a very important release and all Debian 11 users should not hesitate to upgrade (especially those who use Debian with the Apache webserver).
The 11.3 release ships with kernel 5-10.0-13, which is patched against the Dirty Pipe vulnerability.
As far as user-facing software, it’s important to remember that Debian focuses primarily on stability, so many apps might seem out of date. For instance, the version of LibreOffice shipped is 7.0.4-2, which is an LTS release. Although this version might be missing some of the new features of LibreOffice 7.3, it’s a very stable version, so it’s on-brand for Debian.
Get your copy of Debian 11.3[1] and make sure to check out the full release notes[2] for the distribution.