Re: draft of announcement for sarge r2
* Andreas Barth (aba@not.so.argh.org) [060412 11:07]:
> as we're now directly moving towards sarge r2, we drafted an
> announcement. Please see the attachement for more details. We will
> notify you as soon as the mail can be sent out.
As promised, here is an updated announcement draft.
Cheers,
Andi
------------------------------------------------------------------------
The Debian Project http://www.debian.org/
Debian GNU/Linux 3.1 updated (r2) press@debian.org
April 1xth, 2006 http://www.debian.org/News/2006/2006041x
------------------------------------------------------------------------
Debian GNU/Linux 3.1 updated (r2)
This is the second update of Debian GNU/Linux 3.1 (codename `sarge')
which mainly adds security updates to the stable release, along with a
few corrections to serious problems. Those who frequently update from
security.debian.org won't have to update many packages and most
updates from security.debian.org are included in this update.
Please note that this update does not produce a new version of Debian
GNU/Linux 3.1 but only adds a few updated packages to it. There is no
need to throw away 3.1 CDs but only to update against ftp.debian.org
after an installation, in order to incorporate those late changes.
Upgrading to this revision online is usually done by pointing the
`apt' package tool (see the sources.list(5) manual page) to one of
Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is
available at:
<http://www.debian.org/distrib/ftplist>
Notable Changes
---------------
Sudo has been changed to not propagate all environment variables to
subsequent programs to avoid security risks. This change might affect
software that uses sudo. Please see sudo's man page for more details.
Miscellaneous Bugfixes
----------------------
This revision adds important corrections to the following packages.
Most of them don't affect the security of the system, but may affect
data integrity.
affix-kernel Fix build failures on sarge's kernel
backuppc Fix possible backup archive corruption and
possible data loss when changing the
configuration file
cernlib License problems, repackaged
cyrus-imapd Don't remove mail data on package purge
cyrus21-imapd Note cyrus-imapd data loss on package purge in
upgrade documentation
evms Fix address stack corruption leading to possible
data loss when activating degraded RAID-5
volumes
exim4 Fix mail delivery problems to hosts with AAAA
DNS records and DNS unbalanced issues
f-prot-installer Adjusted for updates
fai Fix setup of lo device, replaced hardcoded name
of debian distribution in fai-cd, add missing
packages when calling fai-mirror
glibc Update timezone data, fix NPTL for x86_64 (amd64)
leafnode Fix non-DSA security issue (CVE 2005-1911)
libchipcard Don't remove user account on package purge
mutt Fix possible attachments data loss
perl Fix problem with utf-8/taint interaction
Fix possible malloc-to-death bug, #227621
rssh Fix non-DSA security issue (CVE-2005-3345)
slune Adjust to security fix in py2play, #326976
sodipodi Fix segfaults on 64-bit architectures
tar Fix inability to work with remote devices
on non-i386, #356657
Security Updates
----------------
This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates. The security fixes of the kernel have been delayed to the next
point release due to constraints with the installer, please update the
kernel images from security.debian.org.
Debian Security Advisory ID Package(s)
DSA 740 aide
DSA 763 aide
DSA 856 py2play
DSA 903 unzip
DSA 919 curl
DSA 923 dropbear
DSA 924 nbd
DSA 925 phpbb2
DSA 926 ketm
DSA 927 tkdiff
DSA 928 dhis-tools-dns
DSA 929 petris
DSA 930 smstools
DSA 931 xpdf
DSA 932 kdegraphics
DSA 933 hylafax
DSA 934 pound
DSA 935 libapache2-mod-auth-pgsql
DSA 936 libextractor
DSA 937 tetex-bin
DSA 938 koffice
DSA 939 fetchmail
DSA 940 gpdf
DSA 941 tuxpaint
DSA 942 albatross
DSA 943 perl
DSA 944 mantis
DSA 945 antiword
DSA 946 sudo
DSA 947 clamav
DSA 948 kdelibs
DSA 949 crawl
DSA 950 cupsys
DSA 951 trac
DSA 952 libapache-auth-ldap
DSA 953 flyspray
DSA 954 wine
DSA 955 mailman
DSA 956 lsh-server
DSA 957 imagemagick
DSA 958 drupal
DSA 959 unalz
DSA 960 lib-mail-audit-perl
DSA 961 pdfkit.framework
DSA 962 pdftohtml
DSA 963 mydns
DSA 964 gnocatan
DSA 965 ipsec-tools
DSA 966 adzapper
DSA 967 elog
DSA 968 noweb
DSA 969 scponly
DSA 970 kronolith
DSA 971 xpdf
DSA 972 pdfkit.framework
DSA 973 otrs
DSA 974 gpdf
DSA 975 nfs-user-server
DSA 976 libast
DSA 977 heimdal
DSA 978 gnupg
DSA 979 pdfkit.framework
DSA 980 tutos
DSA 981 bmv
DSA 982 gpdf
DSA 983 pdftohtml
DSA 984 xpdf
DSA 985 libtasn1-2
DSA 986 gnutls11
DSA 987 tar
DSA 988 squirrelmail
DSA 989 zoph
DSA 990 bluez-hcidump
DSA 991 zoo
DSA 992 ffmpeg
DSA 993 gnupg
DSA 994 freeciv
DSA 995 metamail
DSA 997 bomberclone
DSA 998 libextractor
DSA 999 lurker
DSA 1000 libapreq2-perl
DSA 1001 crossfire
DSA 1002 webcalendar
DSA 1003 xpvm
DSA 1004 vlc
DSA 1005 xine-lib
DSA 1006 wzdftpd
DSA 1007 drupal
DSA 1008 kdegraphics
DSA 1009 crossfire
DSA 1010 ilohamail
DSA 1011 kernel-patch-vserver and util-vserver
DSA 1012 unzip
DSA 1013 snmptrapfmt
DSA 1014 firebird2
DSA 1015 sendmail
DSA 1016 evolution
DSA 1019 kdegraphics
DSA 1020 flex
DSA 1021 netpbm-free
DSA 1022 storebackup
DSA 1023 kaffeine
DSA 1024 clamav
DSA 1025 dia
DSA 1026 sash
DSA 1027 mailman
DSA 1028 libimager-perl
DSA 1029 libphp-adodb
DSA 1030 moodle
DSA 1031 cacti
The complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:
<http://release.debian.org/stable/3.1/3.1r2/>
URLs
----
The current stable distribution:
<http://ftp.debian.org/debian/dists/stable>
Stable distribution information (release notes, errata etc.):
<http://www.debian.org/releases/stable/>
Security announcements and information:
<http://www.debian.org/security/>
About Debian
------------
The Debian Project is an organization of free software developers who
volunteer their time and effort in order to produce the completely
free operating systems Debian GNU/Linux.
Contact Information
-------------------
For further information, please visit the Debian web pages at
<http://www.debian.org/> or send mail to <press@debian.org>.
Reply to: