The Debian project has released the fifth update for Debian 9, codenamed “Stretch”. If you run Debian 9 and keep it up-to-date then you’re already on Debian 9.5, but if you were planning to install it on a new system, the latest ISO means that you don’t have to update lots of packages that have been upgraded since the initial release of Debian 9, as they’re already bundled.
While most point releases ship with important security updates, today's announcement is notable as the intel-microcode package has been updated and includes fixes for the Spectre V2 (CVE-2017-5715) vulnerability.
In the announcement, the Debian project said:
“The Debian project is pleased to announce the fifth update of its stable distribution Debian 9 (codename stretch). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.
Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old stretch media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.”
Some notable packages to receive updates include abiword, clamav, dosbox, dpkg, the Linux kernel, nvidia-graphics-drivers, rustc, and systemd. In addition, popular tools such as the Chromium browser, and the Extended Support Release of Firefox have been bumped to their latest editions. You can read the full list of changes on the announcement page.
Just as with the Debian 9.4 release back in March, it seems the Debian project has jumped the gun a little bit because the new ISO images currently aren’t available from its website's homepage.However, they are available on mirrors and should be on the main site in the next 24 hours or so.