[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian GNU/Linux 3.1 updated (r2)

The Debian Project                                http://www.debian.org/
Debian GNU/Linux 3.1 updated (r2)                       press@debian.org
April 19th, 2006                http://www.debian.org/News/2006/20060419

Debian GNU/Linux 3.1 updated (r2)

This is the second update of Debian GNU/Linux 3.1 (codename `sarge')
which mainly adds security updates to the stable release, along with
some corrections to serious problems.  Those who frequently update from
security.debian.org won't have to update many packages and most
updates from security.debian.org are included in this update.

Please note that this update does not produce a new version of Debian
GNU/Linux 3.1 but only adds a few updated packages to it.  There is no
need to throw away 3.1 CDs but only to update against ftp.debian.org
after an installation, in order to incorporate those late changes.

Upgrading to this revision online is usually done by pointing the
`apt' package tool (see the sources.list(5) manual page) to one of
Debian's many FTP or HTTP mirrors.  A comprehensive list of mirrors is
available at:


Security Updates

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates. The security fixes of the kernel have been delayed to the next
point release due to constraints with the installer, please update the
kernel images from security.debian.org.

Debian Security Advisory ID    Package(s)

	DSA 740                aide
	DSA 763                aide
	DSA 856                py2play
	DSA 903                unzip
	DSA 919                curl 
	DSA 923                dropbear
	DSA 924                nbd
	DSA 925                phpbb2
	DSA 926                ketm
	DSA 927                tkdiff
	DSA 928                dhis-tools-dns
	DSA 929                petris
	DSA 930                smstools
	DSA 931                xpdf
	DSA 932                kdegraphics
	DSA 933                hylafax
	DSA 934                pound
	DSA 935                libapache2-mod-auth-pgsql
	DSA 936                libextractor
	DSA 937                tetex-bin
	DSA 938                koffice
	DSA 939                fetchmail
	DSA 940                gpdf
	DSA 941                tuxpaint
	DSA 942                albatross
	DSA 943                perl
	DSA 944                mantis
	DSA 945                antiword
	DSA 946                sudo
	DSA 947                clamav
	DSA 948                kdelibs
	DSA 949                crawl
	DSA 950                cupsys
	DSA 951                trac
	DSA 952                libapache-auth-ldap
	DSA 953                flyspray
	DSA 954                wine
	DSA 955                mailman
	DSA 956                lsh-server
	DSA 957                imagemagick
	DSA 958                drupal
	DSA 959                unalz
	DSA 960	               lib-mail-audit-perl
	DSA 961                pdfkit.framework
	DSA 962                pdftohtml
	DSA 963                mydns
	DSA 964                gnocatan
	DSA 965                ipsec-tools
	DSA 966                adzapper
	DSA 967                elog
	DSA 968                noweb
	DSA 969                scponly
	DSA 970                kronolith
	DSA 971                xpdf
	DSA 972                pdfkit.framework
	DSA 973                otrs
	DSA 974                gpdf
	DSA 975                nfs-user-server
	DSA 976                libast
	DSA 977                heimdal
	DSA 978                gnupg
	DSA 979                pdfkit.framework
	DSA 980                tutos
	DSA 981                bmv
	DSA 982                gpdf
	DSA 983                pdftohtml
	DSA 984                xpdf
	DSA 985                libtasn1-2
	DSA 986                gnutls11
	DSA 987                tar
	DSA 988                squirrelmail
	DSA 989                zoph
	DSA 990                bluez-hcidump
	DSA 991                zoo
	DSA 992                ffmpeg
	DSA 993                gnupg
	DSA 994                freeciv
	DSA 995                metamail
	DSA 997                bomberclone
	DSA 998                libextractor
	DSA 999                lurker
	DSA 1000               libapreq2-perl
	DSA 1001               crossfire
	DSA 1002               webcalendar
	DSA 1003               xpvm
	DSA 1004               vlc
	DSA 1005               xine-lib
	DSA 1006               wzdftpd
	DSA 1007               drupal
	DSA 1008               kdegraphics
	DSA 1009               crossfire
	DSA 1010               ilohamail
	DSA 1011               kernel-patch-vserver, util-vserver
	DSA 1012               unzip
	DSA 1013               snmptrapfmt
	DSA 1014               firebird2
	DSA 1015               sendmail
	DSA 1016               evolution
	DSA 1019               kdegraphics
	DSA 1020               flex
	DSA 1021               netpbm-free
	DSA 1022               storebackup
	DSA 1023               kaffeine
	DSA 1024               clamav
	DSA 1025               dia
	DSA 1026               sash
	DSA 1027               mailman
	DSA 1028               libimager-perl
	DSA 1029               libphp-adodb
	DSA 1030               moodle
	DSA 1031               cacti

Notable Changes

The sudo package has been changed to not propagate all environment
variables to subsequent programs in order to avoid security risks.
This change might affect software that uses sudo.  Please see
/usr/share/doc/sudo/README.Debian for more details.

Miscellaneous Bugfixes

This revision adds important corrections to the following packages.
Most of them don't affect the security of the system, but may affect
data integrity.

   Package                Reason

   affix-kernel           Fix build failures with sarge's kernel
   backuppc               Fix backup potential data loss and corruption
   cernlib                License problems, repackaged
   cyrus-imapd            Don't remove mail data on package purge
   cyrus21-imapd          Note cyrus-imapd data loss on package purge
   evms                   Fix possible data loss
   exim4                  Fix mail delivery problems
   f-prot-installer       Adjusted to work with recent releases
   fai                    Several fixes
   glibc                  Update timezone data, fix NPTL for amd64
   leafnode               Fix security issue (CVE 2005-1911)
   libchipcard            Don't remove user account on package purge
   mutt                   Fix possible attachments data loss
   perl                   Fix utf-8/taint and malloc-to-death bug, Bug#227621
   rssh                   Fix security issue (CVE-2005-3345)
   slune                  Adjust to security fix in py2play, Bug#326976
   sodipodi               Fix segfaults on 64-bit architectures
   tar                    Fix work with remote devices on non-i386, Bug#356657

The complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:



The complete lists of packages that have changed with this revision:


The current stable distribution:


Proposed updates to the stable distribution:


Stable distribution information (release notes, errata etc.):


Security announcements and information:


About Debian

The Debian Project is an organisation of free software developers who
volunteer their time and effort in order to produce the completely
free operating systems Debian GNU/Linux.

Contact Information

For further information, please visit the Debian web pages at
<http://www.debian.org/> or send mail to <press@debian.org>.

Reply to: