The Debian Project is an association of individuals who have made common cause to create a free operating system. This operating system that we have created is called Debian GNU/Linux, or simply Debian for short.
buster ships with several desktop applications and environments. Amongst others it now includes the desktop environments:
In this release, GNOME defaults to using the Wayland display server instead of Xorg. Wayland has a simpler and more modern design, which has advantages for security. However, the Xorg display server is still installed by default and the default display manager allows users to choose Xorg as the display server for their next session.
Thanks to the Reproducible Builds project, over 91% of the source packages included in Debian 10 will build bit-for-bit identical binary packages. This is an important verification feature which protects users against malicious attempts to tamper with compilers and build networks. Future Debian releases will include tools and metadata so that end-users can validate the provenance of packages within the archive.
For those in security-sensitive environments AppArmor, a mandatory access control framework for restricting programs' capabilities, is installed and enabled by default. Furthermore, all methods provided by APT (except cdrom, gpgv, and rsh) can optionally make use of
seccomp-BPF sandboxing. The https method for APT is included in the apt package and does not need to be installed separately.
Network filtering is based on the nftables framework by default in Debian 10
buster. Starting with iptables v1.8.2 the binary package includes iptables-nft and iptables-legacy, two variants of the iptables command line interface. The nftables-based variant uses the nf_tables Linux kernel subsystem. The
alternatives system can be used to choose between the variants.
The UEFI (
Unified Extensible Firmware Interface) support first introduced in Debian 7 (code name
wheezy) continues to be greatly improved in Debian 10
buster. Secure Boot support is included in this release for amd64, i386 and arm64 architectures and should work out of the box on most Secure Boot-enabled machines. This means users should no longer need to disable Secure Boot support in the firmware configuration.
The cups and cups-filters packages are installed by default in Debian 10
buster, giving users everything that is needed to take advantage of driverless printing. Network print queues and IPP printers will be automatically set up and managed by cups-browsed and the use of non-free vendor printing drivers and plugins can be dispensed with.
buster includes numerous updated software packages (over 62% of all packages in the previous release), such as:
With this broad selection of packages and its traditional wide architecture support, Debian once again stays true to its goal of being the universal operating system. It is suitable for many different use cases: from desktop systems to netbooks; from development servers to cluster systems; and for database, web and storage servers. At the same time, additional quality assurance efforts like automatic installation and upgrade tests for all packages in Debian's archive ensure that
buster fulfills the high expectations that users have of a stable Debian release.