[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Updated Debian 6.0: 6.0.4 released

The Debian Project                                http://www.debian.org/
Updated Debian 6.0: 6.0.4 released                press@lists.debian.org
January 28th, 2012              http://www.debian.org/News/2012/20120128
The Debian project is pleased to announce the fourth update of its
stable distribution Debian 6.0 (codename  "squeeze" ). This update
mainly adds corrections for security problems to the stable release,
along with a few adjustments to serious problems. Security advisories
were already published separately and are referenced where available.

Please note that this update does not constitute a new version of
Debian 6.0 but only updates some of the packages included. There is no
need to throw away 6.0 CDs or DVDs but only to update via an up-to-date
Debian mirror after an installation, to cause any out of date packages
to be updated.

Those who frequently install updates from security.debian.org won't
have to update many packages and most updates from security.debian.org
are included in this update.

New installation media and CD and DVD images containing updated
packages will be available soon at the regular locations.

Upgrading to this revision online is usually done by pointing the
aptitude (or apt) package tool (see the sources.list(5) manual page) to
one of Debian's many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:


Miscellaneous Bugfixes
This stable update adds a few important corrections to the following

Package				Reason

adolc				Remove Visual C++ runtime from windows/
backuppc			Fix data corruption in tarballs due to 
				logging to stdout and two XSS issues
base-files			Update /etc/debian_version for the 
				point release
base-installer  		Add POWER7 to the powerpc64 family
bti 	        		Fix identi.ca OAuth URLs
bugzilla			Security fixes
byobu	        		Correct postinst chmod semantics
bzip2	        		Fix CVE-2011-4089
c-ares				Fix encoded length for indirect root
cherokee			Avoid brute-forceable password in
cifs-utils		    	Fix mtab corruption issues
clamav				New upstream version; fix potential DoS
clamz	       			Handle unencrypted amz files
cpufrequtils	      		Load powernow-k8 for AMD family 20
				(i.e. AMD E-350 cpus); better support
				3.0 kernels
debian-installer		Stop menu falling off the screen
debian-installer-netboot-images	Update to d-i 20110106+squeeze4
dpkg	      			Add armhf to {os,triplet}table; defer
				hardlink renames; do not fail to unpack
				shared directories missing on the file 
				system from packages being replaced by 
				other packages
eglibc				New upstream stable release plus fixes
				from stable branch
erlang				Fix CVE-2011-0766 (cryptographic
				weakness) in the erlang ssh application
etherape		  	Null pointer dereferences
gimp	      			Fix printing when used with libcairo
				version 1.10 or above
gnutls26		  	Fix buffer overflow in
hplip	       			Fix insecure use of temporary file
ia32-libs		   	Update packages
ia32-libs-gtk	       		Update packages
ifupdown-extra			Handle moved location of ethtool; fix
				handling of "rejects" in static-route;
				use --tmpdir for temporary files; move
				/etc/network/network-routes to
				/e/n/routes; documentation updates
iotop	       			Give a helpful error instead of 
				crashing when Linux denies permission
				to read the taskstats files
jabberbot		   	Bind callbacks after the roster has
				been initialised
kernel-wedge	      		Add et131x to nic-extra-modules; add
				isci to scsi-extra-modules; add
				xhci-hcd to usb-modules
killer				Use DNS for mail domain rather than 
				NIS; stop cron job failing when package
				is removed
ldap2zone		   	Don't send mail on success; syslog
libdata-formvalidator-perl	Fix possible passing of invalid data in
				untaint mode
libdebian-installer 	     	Detect IBM pSeries platform as
libdigest-perl			Fix unsafe use of eval in Digest->new()
libhtml-template-pro-perl	Fix XSS
libjifty-dbi-perl		SQL injection
libmtp				Add support for Motorola Xoom devices
libpar-packer-perl		Fix use of unsafe and predictable
				temporary directories
libpar-perl 	     		Fix use of unsafe and predictable
				temporary directories
linux-2.6		   	Fixes for xen regression, GRO/GSO IPv6
				forwarding, ppc vserver; add stable
				releases, various fixes;
				fix tg3 regression; xen fixes
linux-kernel-di-amd64-2.6	Rebuild against linux-2.6 kernel 
linux-kernel-di-armel-2.6	Rebuild against linux-2.6 kernel 
linux-kernel-di-i386-2.6	Rebuild against linux-2.6 kernel 
linux-kernel-di-ia64-2.6	Rebuild against linux-2.6 kernel 
linux-kernel-di-mips-2.6	Rebuild against linux-2.6 kernel 
linux-kernel-di-mipsel-2.6	Rebuild against linux-2.6 kernel 
linux-kernel-di-powerpc-2.6 	Rebuild against linux-2.6 kernel 
linux-kernel-di-s390-2.6	Rebuild against linux-2.6 kernel 
linux-kernel-di-sparc-2.6	Rebuild against linux-2.6 kernel 
masqmail		  	Fix improper seteuid() calls
mdadm	       			Quieten some cron messages; don't break
				when no scheduling class is specified
				or no devices are active; LSB header
mediawiki		   	Fix unintended exposure of hidden
				content through cache pollution; 
				disable CVE-2011-4360.patch; doesn't 
				apply to this version and causes errors
module-init-tools		Support 3.0 kernels
multipath-tools		 	Change HP hardware handler to hp_sw; 
				update man pages
mutt	      			Fix validation of commonname (gnutls)
nfs-utils		   	Allow negotiated enctypes to be limited;
				avoid corrupting mtab
nginx	       			Fix compression pointer processing in 
				DNS response greater than 255 bytes
nss-pam-ldapd	       		Correctly parse /etc/nsswitch.conf, 
				detect calling process identity and fix
				disconnect logic
partman-target			Stop treating ISO hybrid images on USB
				sticks as real optical drives
pastebinit		    	Fix support for user configuration 
pbuilder		  	Rename the /run script from --execute 
				to /runscript, for compatibility with
				wheezy and later which have /run as a 
				directory replacing /var/run
perl	      			Unregister signal handler before
				destroying my_perl; fixes segfault; 
				minor security fixes
phppgadmin		    	Fix XSS
pidgin				Fix remote crash issues
postgresql-8.4			New upstream micro-release
pure-ftpd		   	Fix man in the middle attack on
				encrypted sessions
python-debian	       		Allow  ":" as the first character of a 
python3-defaults		Ignore binary files while checking 
qemu-kvm		  	Fix NIC hotplug from libvirt
quassel		 		Fix missing translations
recoll				Plug conversion descriptor leak in 
				unac.c::convert() error path
rng-tools		   	Work around VIA Nano xstore bug; add 
				3.0 kernel support
rpm 	     			Fix malformed header parsing
samba	       			Allow using unencrypted passwords with
				Windows clients with KB2536276 
shorewall		   	Install missing 
shorewall-lite			Install missing 
shorewall6		    	Install missing 
shorewall6-lite		 	Install missing 
slbackup		  	Fix path to configuration file in the 
				cron job
slbackup-php	      		Fix login issues, deal with blanks in
				filenames, fix last failed timestamp
tinyproxy		   	Validate port number specified in 
tzdata				New upstream version; add DST for 
user-mode-linux		 	Rebuild against linux-source-2.6.32 
webkit				Avoid doing lots of needless NULL DNS
whatsnewfm		    	Handle renaming of freshmeat 
				to freshcode
xorg-server 	     		GLX: add missing input sanitization; 
				fix a file disclosure vulnerability and
				a file permission change vulnerability
xpdf	      			Fix insecure temporary file usage

Security Updates
This revision adds the following security updates to the stable
release. The Security Team has already released an advisory for each of
these updates:

Advisory ID	Package			Correction(s)

DSA-2181	subversion		Denial of service
DSA-2251     	subversion		Multiple issues
DSA-2283     	krb5-appl		Programming error
DSA-2284     	opensaml2		Implementation error
DSA-2301     	rails			Multiple issues
DSA-2311     	openjdk-6		Multiple issues
DSA-2315     	openoffice.org		Multiple issues
DSA-2318     	cyrus-imapd-2.2 	Multiple issues
DSA-2322     	bugzilla		Multiple issues
DSA-2323     	radvd			Multiple issues
DSA-2324     	wireshark		Programming error
DSA-2325     	kfreebsd-8		Privilege escalation/denial
					of service
DSA-2326     	pam			Multiple issues
DSA-2327     	libfcgi-perl		Authentication bypass
DSA-2328     	freetype		Missing input sanitising
DSA-2329     	torque			Buffer overflow
DSA-2330     	simplesamlphp		Multiple issues
DSA-2331     	tor			Multiple issues
DSA-2332     	python-django		Multiple issues
DSA-2333     	phpldapadmin		Multiple issues
DSA-2334     	mahara			Multiple issues
DSA-2335     	man2html		Missing input sanitization
DSA-2337     	xen			Multiple issues
DSA-2338     	moodle			Multiple issues
DSA-2339     	nss			Multiple issues
DSA-2340     	postgresql-8.4		Weak password hashing
DSA-2341     	iceweasel		Multiple issues
DSA-2342     	iceape			Multiple issues
DSA-2343     	openssl			CA trust revocation
DSA-2344	python-django-piston	Deserialization vulnerability
DSA-2345     	icedove			Multiple issues
DSA-2346     	proftpd-dfsg		Multiple issues
DSA-2347     	bind9			Improper assert
DSA-2348     	systemtap		Multiple issues
DSA-2349	spip			Multiple issues
DSA-2350	freetype		Missing input sanitising
DSA-2351	wireshark		Buffer overflow
DSA-2353	ldns			Buffer overflow
DSA-2354	cups			Multiple issues
DSA-2355	clearsilver		Format string vulnerability
DSA-2356	openjdk-6		Multiple issues
DSA-2357	evince			Multiple issues
DSA-2361	chasen			Buffer overflow
DSA-2362	acpid			Multiple issues
DSA-2363	tor			Buffer overflow
DSA-2364	xorg			Incorrect permission check
DSA-2366	mediawiki		Multiple issues
DSA-2367	asterisk		Multiple issues
DSA-2368	lighttpd		Multiple issues
DSA-2369	libsoup2.4		Directory traversal
DSA-2370	unbound			Multiple issues
DSA-2371	jasper			Buffer overflows
DSA-2372	heimdal			Buffer overflow
DSA-2373	inetutils		Buffer overflow
DSA-2374	openswan		Implementation error
DSA-2375	krb5-appl		Buffer overflow
DSA-2376	ipmitool		Insecure pid file
DSA-2377	cyrus-imapd-2.2		Denial of service
DSA-2378	ffmpeg			Multiple issues
DSA-2379	krb5			Multiple issues
DSA-2380	foomatic-filters	Shell command injection
DSA-2381	squid3			Invalid memory deallocation
DSA-2382	ecryptfs-utils		Multiple issues
DSA-2383	super			Buffer overflow
DSA-2384	cacti			Multiple issues
DSA-2385	pdns			Packet loop
DSA-2386	openttd			Multiple issues
DSA-2387	simplesamlphp		Cross site scripting
DSA-2388	t1lib			Multiple issues
DSA-2390	openssl			Multiple issues
DSA-2391	phpmyadmin		Multiple issues
DSA-2392	openssl			Out-of-bounds read
DSA-2393	bip			Buffer overflow

Debian Installer
The installer has been updated with this point release to add support
for installing on POWER7 machines and to adjust the dimensions of the
initial boot menu to avoid issues with some screens.

The kernel used by the installer has been updated to include various
security fixes and to add support for Agere ET-1310-based network cards
(et131x driver), Intel C600-series SAS/SATA controllers (isci driver)
and USB 3.0 controllers (xhci driver).

Removed packages
The following packages were removed due to circumstances beyond our

Package			Reason
partlibrary 	     	Non-distributable
cad	      		Non-distributable

The complete lists of packages that have changed with this revision:


The current stable distribution:


Proposed updates to the stable distribution:


Stable distribution information (release notes, errata etc.):


Security announcements and information:


About Debian
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian.

Contact Information
For further information, please visit the Debian web pages at
http://www.debian.org/, send mail to <press@debian.org>, or contact the
stable release team at <debian-release@lists.debian.org>.

Attachment: signature.asc
Description: Digital signature

Reply to: