[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian GNU/Linux 3.1 updated

The Debian Project                                http://www.debian.org/
Debian GNU/Linux 3.1 updated                            press@debian.org
November 6th, 2006              http://www.debian.org/News/2006/20061106

Debian GNU/Linux 3.1 updated

The Debian project is pleased to announce the fourth update of its
stable distribution Debian GNU/Linux 3.1 (codename `sarge').  This
update mainly adds corrections for security problems to the stable
release, along with a few adjustment to serious problems.  Those who
frequently update from security.debian.org won't have to update many
packages and most updates from security.debian.org are included in
this update.

Please note that this update does not constitute a new version of
Debian GNU/Linux 3.1 but only updates some of the packages included in
the stable release.  There is no need to throw away 3.1 CDs or DVDs
but only to update against ftp.debian.org after an installation, in
order to incorporate those late changes.

Upgrade CD and DVD images will be created soon.  No new installation
images will be created.  Users are advised to update their system
against an official Debian mirror after a new installation and update
the kernel instead.  For the next update new images are anticipated.

Upgrading to this revision online is usually done by pointing the
`apt' package tool (see the sources.list(5) manual page) to one of
Debian's many FTP or HTTP mirrors.  A comprehensive list of mirrors is
available at:


Miscellaneous Bugfixes

This stable update adds a few important corrections to the following

   Package                Reason

   deal                   Fixes segfault on 64bit platforms
   devmapper              Creates LVM devices with appropriate permissions

This update also fixes an error in Debian-Installer for Sparc32 that
was introduced with the last stable update (r3).

Security Updates

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these

Advisory ID    Package(s)            Correction(s)

   DSA 1152    python-docutils       Information disclosure
   DSA 1152    trac                  Information disclosure
   DSA 1156    kdebase               Information disclosure
   DSA 1157    ruby1.8               Several vulnerabilities
   DSA 1158    streamripper          Arbitrary code execution
   DSA 1159    mozilla-thunderbird   Several vulnerabilities
   DSA 1160    mozilla               Several vulnerabilities
   DSA 1161    mozilla-firefox       Several vulnerabilities
   DSA 1162    libmusicbrainz        Arbitrary code execution
   DSA 1163    gtetrinet             Arbitrary code execution
   DSA 1164    sendmail              Denial of service
   DSA 1165    capi4hylafax          Arbitrary command execution
   DSA 1166    cheesetracker         Arbitrary code execution
   DSA 1167    apache                Several vulnerabilities
   DSA 1168    imagemagick           Arbitrary code execution
   DSA 1169    mysql-dfsg-4.1        Several vulnerabilities
   DSA 1170    gcc-3.4               Directory traversal in fastjar
   DSA 1171    ethereal              Arbitrary code execution
   DSA 1172    bind9                 Denial of service
   DSA 1173    openssl               RSA signature forgery cryptographic weakness
   DSA 1174    openssl096            RSA signature forgery cryptographic weakness
   DSA 1175    isakmpd               Replay protection bypass
   DSA 1176    zope2.7               Information disclosure
   DSA 1177    usermin               Denial of service
   DSA 1178    freetype              Arbitrary code execution
   DSA 1179    alsaplayer            Denial of service
   DSA 1180    bomberclone           Several vulnerabilities
   DSA 1181    gzip                  Arbitrary code execution
   DSA 1182    gnutls11              RSA signature forgery cryptographic weakness
   DSA 1183    Kernel 2.4.27         Several vulnerabilities
   DSA 1184    Kernel 2.6.8          Several vulnerabilities
   DSA 1185    openssl               Arbitrary code execution
   DSA 1186    cscope                Arbitrary code execution
   DSA 1187    migrationtools        Denial of service
   DSA 1188    mailman               Several vulnerabilities
   DSA 1189    openssh-krb5          Potential arbitrary code execution
   DSA 1190    maxdb-7.5.00          Arbitrary code execution
   DSA 1191    mozilla-thunderbird   Several vulnerabilities
   DSA 1192    mozilla               Several vulnerabilities
   DSA 1194    libwmf                Arbitrary code execution
   DSA 1195    openssl096            Denial of service

The complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:



The complete lists of packages that have changed with this revision:


The current stable distribution:


Proposed updates to the stable distribution:


Stable distribution information (release notes, errata etc.):


Security announcements and information:


About Debian

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely
free operating systems Debian GNU/Linux.

Contact Information

For further information, please visit the Debian web pages at
<http://www.debian.org/>, send mail to <press@debian.org>, or
contact the stable release team at <debian-release@lists.debian.org>.

Reply to: