-------------------------------------------------------------------------
Debian Stable Updates Announcement SUA 22-1 http://www.debian.org/
debian-release@lists.debian.org Adam D. Barratt
January 22nd, 2012
-------------------------------------------------------------------------
Upcoming Debian GNU/Linux 6.0 Update (6.0.4)
An update to Debian GNU/Linux 6.0 is scheduled for Saturday, January
28th 2012. As of now it will include the following bug fixes. They can
be found in “squeeze-proposed-updates”, which is carried by all official
mirrors.
Please note that packages published through security.debian.org are not
listed, but will be included if possible. Some of the updates below are
also already available through “squeeze-updates”.
Testing and feedback would be appreciated. Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of
them by copying “debian-release@lists.debian.org” on your mails.
The point release will also include a rebuild of debian-installer.
Miscellaneous Bugfixes
----------------------
This stable update adds a few important corrections to the following
packages:
Package Reason
adolc Remove Visual C++ runtime from windows/ directory
backuppc Fix data corruption in tarballs due to logging to stdout and two XSS issues
base-files Update /etc/debian_version for the point release
base-installer Add POWER7 to the powerpc64 family
bti Fix identi.ca OAuth URLs
byobu Correct postinst chmod semantics
bzip2 Fix CVE-2011-4089
c-ares Fix encoded length for indirect root
cherokee Avoid brute-forceable password in cherokee-admin
cifs-utils Fix mtab corruption issues
clamav New upstream version; fix potential DoS
clamz Handle unencrypted amz files
cpufrequtils Load powernow-k8 for AMD family 20 (i.e. AMD E-350 cpus); better support 3.0 kernels
dpkg Add armhf to {os,triplet}table; defer hardlink renames; do not fail to unpack shared directories missing on the file system from packages being replaced by other packages
eglibc New upstream stable release plus fixes from stable branch
erlang Fix CVE-2011-0766 (cryptographic weakness) in the erlang ssh application
etherape Null pointer dereferences
gimp Fix printing when used with libcairo version 1.10 or above
gnutls26 Fix buffer overflow in gnutls_session_get_data()
hplip Fix insecure use of temporary file
ia32-libs Update packages
ia32-libs-gtk Update packages
ifupdown-extra Handle moved location of ethtool; fix handling of "rejects" in static-route; use --tmpdir for temporary files; move /etc/network/network-routes to /e/n/routes; documentation updates
iotop Give a helpful error instead of crashing when Linux denies permission to read the taskstats files
jabberbot Bind callbacks after the roster has been initialised
kernel-wedge Add et131x to nic-extra-modules; add isci to scsi-extra-modules; add xhci-hcd to usb-modules
killer Use DNS for mail domain rather than NIS; stop cron job failing when package is removed
ldap2zone Don't send mail on success; syslog instead
libdata-formvalidator-perl Fix possible passing of invalid data in untaint mode
libdebian-installer Detect IBM pSeries platform as powerpc/chrp_ibm
libdigest-perl Fix unsafe use of eval in Digest->new()
libhtml-template-pro-perl Fix XSS
libjifty-dbi-perl SQL injection
libmtp Add support for Motorola Xoom devices
libpar-packer-perl Fix use of unsafe and predictable temporary directories
libpar-perl Fix use of unsafe and predictable temporary directories
linux-2.6 Add stable releases 2.6.32.47-54, fix xen and tg3 regressions, various fixes
linux-kernel-di-amd64-2.6 Rebuild against linux-2.6 kernel 2.6.32-41
linux-kernel-di-armel-2.6 Rebuild against linux-2.6 kernel 2.6.32-41
linux-kernel-di-i386-2.6 Rebuild against linux-2.6 kernel 2.6.32-41
linux-kernel-di-ia64-2.6 Rebuild against linux-2.6 kernel 2.6.32-41
linux-kernel-di-mips-2.6 Rebuild against linux-2.6 kernel 2.6.32-41
linux-kernel-di-mipsel-2.6 Rebuild against linux-2.6 kernel 2.6.32-41
linux-kernel-di-powerpc-2.6 Rebuild against linux-2.6 kernel 2.6.32-41
linux-kernel-di-s390-2.6 Rebuild against linux-2.6 kernel 2.6.32-41
linux-kernel-di-sparc-2.6 Rebuild against linux-2.6 kernel 2.6.32-41
masqmail Fix improper seteuid() calls
mdadm Quieten some cron messages; don't break when no scheduling class is specified or no devices are active; LSB header updates
mediawiki Fix unintended exposure of hidden content through cache pollution; disable CVE-2011-4360.patch; doesn't apply to this version and causes errors
module-init-tools Support 3.0 kernels
multipath-tools Change HP hardware handler to hp_sw; update man pages
mutt Fix validation of commonname (gnutls)
nfs-utils Allow negotiated enctypes to be limited; avoid corrupting mtab
nginx Fix compression pointer processing in DNS response greater than 255 bytes
nss-pam-ldapd Correctly parse /etc/nsswitch.conf, detect calling process identity and fix disconnect logic
partman-target Stop treating ISO hybrid images on USB sticks as real optical drives
pastebinit Fix support for user configuration files
pbuilder Rename the /run script from --execute to /runscript, for compatibility with wheezy and later which have /run as a directory replacing /var/run
perl Unregister signal handler before destroying my_perl; fixes segfault; minor security fixes
phppgadmin Fix XSS
pidgin Fix remote crash issues
postgresql-8.4 New upstream micro-release
pure-ftpd Fix man in the middle attack on encrypted sessions
python-debian Allow ':' as the first character of a value
python3-defaults Ignore binary files while checking shebangs
qemu-kvm Fix NIC hotplug from libvirt
quassel Fix missing translations
recoll Plug conversion descriptor leak in unac.c::convert() error path
rng-tools Work around VIA Nano xstore bug; add 3.0 kernel support
rpm Fix malformed header parsing
samba Allow using unencrypted passwords with Windows clients with KB2536276 installed
shorewall Install missing /usr/share/shorewall/helpers
shorewall-lite Install missing /usr/share/shorewall/helpers
shorewall6 Install missing /usr/share/shorewall/helpers
shorewall6-lite Install missing /usr/share/shorewall/helpers
slbackup Fix path to configuration file in the cron job
slbackup-php Fix login issues, deal with blanks in filenames, fix last failed timestamp
tinyproxy Validate port number specified in configuration
tzdata New upstream version
user-mode-linux Rebuild against linux-source-2.6.32 (2.6.32-41)
webkit Avoid doing lots of needless NULL DNS lookups
whatsnewfm Handle renaming of freshmeat to freshcode
xorg-server GLX: add missing input sanitization; fix a file disclosure vulnerability and a file permission change vulnerability
xpdf Fix inseucre temporary file usage
A complete list of all accepted packages together with rationale is on
the preparation page for this revision:
<http://release.debian.org/proposed-updates/stable.html>
If there are any issues, please don't hesitate to get in touch with the
Debian Release Team at “debian-release@lists.debian.org”.
Attachment:
signature.asc
Description: This is a digitally signed message part