Debian GNU/Linux 4.0 updated
------------------------------------------------------------------------
The Debian Project http://www.debian.org/
Debian GNU/Linux 4.0 updated press@debian.org
December 27th, 2007 http://www.debian.org/News/2007/20071227
------------------------------------------------------------------------
Debian GNU/Linux 4.0 updated
The Debian project is pleased to announce the second update of its
stable distribution Debian GNU/Linux 4.0 (codename etch). This update
mainly adds corrections for security problems to the stable release,
along with a few adjustment to serious problems.
Please note that this update does not constitute a new version of Debian
GNU/Linux 4.0 but only updates some of the packages included. There is
no need to throw away 4.0 CDs or DVDs but only to update against
ftp.debian.org after an installation, in order to incorporate those late
changes.
Those who frequently install updates from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.
New CD and DVD images containing updated packages and the regular
installation media accompanied with the package archive respectively
will be available soon at the regular locations.
Upgrading to this revision online is usually done by pointing the
aptitude (or apt) package tool (see the sources.list(5) manual page) to
one of Debian's many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:
<http://www.debian.org/distrib/ftplist>
Debian-Installer Update
-----------------------
The installer has been updated to use and support the updated kernels
included in this release. This change causes old netboot and floppy images
to stop working; updated versions are available from the regular locations.
Other changes include stability improvements in specific situations,
improved serial console support when configuring grub, and added support
for SGI O2 machines with 300MHz RM5200SC (Nevada) CPUs (mips).
Miscellaneous Bugfixes
----------------------
This stable update adds several binary updates for various architectures
to packages whose version was not synchronised across all architectures.
It also adds a few important corrections to the following packages:
Package Reason
apache2 Fix of several CVEs
apache2-mpm-itk Rebuild for apache2 rebuilds
bonson Rebuild against lib3ds-dev
cdebconf Fix of several memory leaks
debconf Fix possible hangs during netboot installs
dosemu-freedos Remove unused non-free code
enigmail Fix regression introduced by icedove 1.5.0.10
fai-kernels Recompile for Linux Kernel rebuilds
findutils Fix locate heap buffer overflow (CVE-2007-2452)
flashplugin-nonfree New upstream release fixes security problems
glibc Fix nscd crash
gnome-hearts Added missing dependency
gnome-panel Fix authentication bypass
iceweasel-l10n Remove roa-es-val translation and updated ca package description
joystick Bring architectures back in sync
kernel-patch-openvz Rebuild for Debian Kernel rebuild
klibc Fixes nfsroot on mips(el)
lib3ds Fix strict-aliasing errors
libdbi-perl Fix potential dataloss
libmarc-charset-perl Bring architectures back in sync
libnarray-ruby Rebuild against current ruby1.8 to fix a wrong library install directory
linux-latest-2.6 Rebuild for Linux Kernel rebuild
lvm2 Fix to work correctly with striped lvm1 metadata
mpop Rebuild against etch (i386 only)
multipath-tools Move priority of initscript
opal Fix CVE-2007-4924
openscenegraph Bring architectures back in sync
openvpn Rebuild against liblzo2 to fix general protection errors.
pam Fix CVE-2005-2977
po4a Fix CVE-2007-4462
postgresql-8.1 Fix regression introduced in 8.1.9
pwlib Fix CVE-2007-4897
pygresql Fix package on libpq
sear Rebuild against lib3ds-dev
tzdata Recent timezone updates
unace Make program 64bit clean
user-mode-linux Rebuild for Debian Kernel rebuild
uswsusp Fix regression
view3ds Rebuild against lib3ds-dev
viewcvs Fix interoperability with etch CVS
wesnoth Fix CVE-2007-6201
Security Updates
----------------
This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates.
Advisory ID Package(s) Correction(s)
DSA 1288 pptpd Denial of service
DSA 1317 tinymux Buffer overflow
DSA 1319 maradns Denial of service
DSA 1320 clamav Several vulnerabilities
DSA 1321 evolution-data-server Arbitrary code execution
DSA 1322 wireshark Denial of service
DSA 1323 krb5 Several vulnerabilities
DSA 1324 hiki Missing input sanitising
DSA 1325 evolution Arbitrary code execution
DSA 1326 fireflier Unsafe temporary files
DSA 1327 gsambad Unsafe temporary files
DSA 1328 unicon Buffer overflow
DSA 1330 php5 Arbitrary code execution
DSA 1331 php4 Arbitrary code execution
DSA 1332 vlc Arbitrary code execution
DSA 1333 curl Certificate handling
DSA 1335 gimp Arbitrary code execution
DSA 1337 xulrunner Several vulnerabilities
DSA 1338 iceweasel Several vulnerabilities
DSA 1339 iceape Several vulnerabilities
DSA 1340 clamav Denial of service
DSA 1341 bind9 DNS cache poisoning
DSA 1342 xfs Privilege escalation
DSA 1343 file Arbitrary code execution
DSA 1344 iceweasel Several vulnerabilities
DSA 1345 xulrunner Several vulnerabilities
DSA 1346 iceape Several vulnerabilities
DSA 1347 xpdf Arbitrary code execution
DSA 1348 poppler Arbitrary code execution
DSA 1351 bochs Privilege escalation
DSA 1353 tcpdump Arbitrary code execution
DSA 1355 kdegraphics Arbitrary code execution
DSA 1356 Linux 2.6.18 Several vulnerabilities
DSA 1357 koffice Arbitrary code execution
DSA 1358 asterisk Several vulnerabilities
DSA 1359 dovecot Directory traversal
DSA 1360 rsync Arbitrary code execution
DSA 1361 postfix-policyd Arbitrary code execution
DSA 1362 lighttpd Several vulnerabilities
DSA 1363 Linux 2.6.18 Several vulnerabilities
DSA 1364 vim Several vulnerabilities
DSA 1365 id3lib3.8.3 Denial of service
DSA 1366 clamav Several vulnerabilities
DSA 1367 krb5 Arbitrary code execution
DSA 1368 librpcsecgss Arbitrary code execution
DSA 1369 gforge SQL injection
DSA 1370 phpmyadmin Several vulnerabilities
DSA 1371 phpwiki Several vulnerabilities
DSA 1372 ktorrent Directory traversal
DSA 1372 xorg-server Privilege escalation
DSA 1374 jffnms Several vulnerabilities
DSA 1375 OpenOffice.org Arbitrary code execution
DSA 1376 kdebase Authentication bypass
DSA 1377 fetchmail Denial of service
DSA 1378 Linux 2.6.18 Several vulnerabilities
DSA 1379 openssl Arbitrary code execution
DSA 1380 elinks Information disclosure
DSA 1381 Linux 2.6.18 Several vulnerabilities
DSA 1382 quagga Denial of service
DSA 1383 gforge Cross-site scripting
DSA 1384 xen-utils Several vulnerabilities
DSA 1385 xfs Arbitrary code execution
DSA 1386 wesnoth Denial of service
DSA 1387 librpcsecgss Arbitrary code execution
DSA 1388 dhcp Arbitrary code execution
DSA 1389 zoph SQL injection
DSA 1390 t1lib Arbitrary code execution
DSA 1391 icedove Several vulnerabilities
DSA 1392 xulrunner Several vulnerabilities
DSA 1393 xfce4-terminal Arbitrary command execution
DSA 1394 reprepro Authentication bypass
DSA 1395 xen-utils File truncation
DSA 1396 iceweasel Several vulnerabilities
DSA 1397 mono Integer overflow
DSA 1398 perdition Arbitrary code execution
DSA 1400 perl Arbitrary code execution
DSA 1401 iceape Several vulnerabilities
DSA 1402 gforge Several vulnerabilities
DSA 1403 phpmyadmin Cross-site scripting
DSA 1404 gallery2 Privilege escalation
DSA 1405 zope-cmfplone Arbitrary code execution
DSA 1406 horde3 Several vulnerabilities
DSA 1407 cupsys Arbitrary code execution
DSA 1408 kdegraphics Arbitrary code execution
DSA 1409 samba Several vulnerabilities
DSA 1410 ruby1.8 Insecure SSL certificate validation
DSA 1412 ruby1.9 Insecure SSL certificate validation
DSA 1413 mysql Several vulnerabilities
DSA 1414 wireshark Several vulnerabilities
DSA 1415 tk8.4 Arbitrary code execution
DSA 1416 tk8.3 Arbitrary code execution
DSA 1417 asterisk SQL injection
DSA 1418 cacti SQL injection
DSA 1419 OpenOffice.org Arbitrary Java code execution
DSA 1420 zabbix Privilege escalation
DSA 1421 wesnoth Arbitrary file disclosure
DSA 1422 e2fsprogs Arbitrary code execution
DSA 1423 sitebar Several vulnerabilities
DSA 1424 iceweasel Several vulnerabilities
DSA 1425 xulrunner Several vulnerabilities
DSA 1426 qt-x11-free Several vulnerabilities
DSA 1427 samba Arbitrary code execution
DSA 1428 Linux 2.6.18 Several vulnerabilities
DSA 1429 htdig Cross-site scripting
DSA 1430 libnss-ldap Denial of service
DSA 1431 ruby-gnome2 Arbitrary code execution
DSA 1432 link-grammar Arbitrary code execution
DSA 1433 centericq Arbitrary code execution
DSA 1434 mydns Denial of service
DSA 1435 clamav Several vulnerabilities
DSA 1436 Linux 2.6.18 Several vulnerabilities
The complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:
<http://release.debian.org/stable/4.0/4.0r2/>
URLs
----
The complete lists of packages that have changed with this revision:
<http://ftp.debian.org/debian/dists/etch/ChangeLog>
The current stable distribution:
<http://ftp.debian.org/debian/dists/stable>
Proposed updates to the stable distribution:
<http://ftp.debian.org/debian/dists/proposed-updates>
Stable distribution information (release notes, errata etc.):
<http://www.debian.org/releases/stable/>
Security announcements and information:
<http://www.debian.org/security/>
About Debian
------------
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely
free operating systems Debian GNU/Linux.
Contact Information
-------------------
For further information, please visit the Debian web pages at
<http://www.debian.org/>, send mail to <press@debian.org>, or
contact the stable release team at <debian-release@lists.debian.org>.
Reply to: