The Debian operating system’s most recent stable release, version 10 (Buster), was published on July 6, 2019, and will be supported until 2022. Long term support may be provided through 2024 as part of the Debian LTS Project.
This guide is a brief overview of the new features and significant changes to Debian since the previous release. It focuses mainly on changes that will affect users running Debian in a typical server environment. It synthesizes information from the official Debian 10 release notes, the Debian 10 release blog post, kernelnewbies.org, and other sources.
Generally, Debian stable releases contain very few surprises or major changes. This remains the case with Debian 10. Beyond a few networking and security changes — which we will cover in subsequent sections — most updates are small modifications to the base system and new versions of available software packages.
The following list summarizes a select list of Debian 10 software updates. The versions that shipped in Debian 9 are included in
( ) parentheses:
The following sections explain some of the more extensive changes to Debian 10.
The Linux kernel has been updated to version 4.19. This is a long-term support kernel that was released on October 22, 2018 and will be supported until December of 2020. For more information on the different types of Linux kernel releases, take a look at the official Linux kernel release and support schedule.
Some new features and updates that were released between kernels 4.9 and 4.19 include:
For more information on Linux kernel updates, kernelnewbies.org maintains a detailed and beginner-friendly changelog summary for each release.
AppArmor is an access control system that focuses on limiting the resources an application can use. It is supplemental to more traditional user-based access control mechanisms.
AppArmor works by loading application profiles into the kernel, and then using those profiles to enforce limits on capabilities such as file reads and writes, networking access, mounts, and raw socket access.
Debian 10 ships with AppArmor enabled and some default profiles for common applications such as Apache, Bash, Python, and PHP. More profiles can be installed via the
See the AppArmor documentation for more information, including guidelines on how to write your own AppArmor application profiles.
In Debian Buster the
iptables subsystem is replaced by
nftables, a newer packet filtering system with improved syntax, streamlined ipv4/ipv6 support, and built-in support for data sets such as dictionaries and maps. You can read a more detailed list of differences on the nftables wiki.
Compatibility with existing
iptables scripts is provided by the
iptables-nft command. The nftables wiki also has advice on transitioning from iptables to nftables.
https repositories by default in Debian 10. Users no longer need to install additional packages before using
https-based package repos.
unattended-upgrades — the system Debian uses to perform automatic updates from the
security repository — now also supports automating point-release upgrades from any repo. These upgrades are usually small bug fixes and security updates.
While this guide is not exhaustive, you should now have a general idea of the major changes and new features in Debian 10 Buster. Please refer to the official Debian 10 release notes for more information.
Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.