------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 7: 7.8 released press@debian.org January 10th, 2015 https://www.debian.org/News/2015/20150110 ------------------------------------------------------------------------ The Debian project is pleased to announce the eighth update of its stable distribution Debian 7 (codename "wheezy"). This update mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems. Security advisories were already published separately and are referenced where available. Please note that this update does not constitute a new version of Debian 7 but only updates some of the packages included. There is no need to throw away old "wheezy" CDs or DVDs but only to update via an up-to-date Debian mirror after an installation, to cause any out of date packages to be updated. Those who frequently install updates from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update. New installation media and CD and DVD images containing updated packages will be available soon at the regular locations. Upgrading to this revision online is usually done by pointing the aptitude (or apt) package tool (see the sources.list(5) manual page) to one of Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list Miscellaneous Bugfixes ---------------------- This stable update adds a few important corrections to the following packages: +--------------------------+------------------------------------------+ | Package | Reason | +--------------------------+------------------------------------------+ | apache2 | Fix handling of chunk trailers to avoid | | | bypass of intended mod_headers | | | restrictions [CVE-2013-5704]; fix | | | hostname comparison with SNI to be case | | | insensitive | | apt | Retry without partial data after a 416 | | | response | | base-files | Update debian_version for the point | | | release | | bashburn | Fix upgrades from the old "mybashburn" | | | package in Squeeze | | clamav | New upstream version; fix endless loop | | | on special crafted quantum compressed | | | cab files | | debian-archive- | Add archive signing keys for Jessie | | keyring | | | debian-installer | Rebuild for the point release | | debian-installer- | Rebuild for the point release | | netboot-images | | | debootstrap | Install base-passwd and base-files in | | | two calls rather than one, to ensure | | | correct ordering | | dhcpcd5 | Fix denial of service [CVE-2014-6060] | | digikam | Add versioned Breaks/Replaces on | | | digikam-doc, to fix upgrades from | | | Squeeze | | evolution-data- | Enable all SSL/TLS versions supported by | | server | NSS | | firetray | Increase version compatibility with | | | icedove | | freecol | Disable introductory video to avoid | | | hanging at startup | | gnustep-base | Fix security issue in gdomap [CVE-2014- | | | 2980] and regression in - | | | performSelector: with message forwarding | | gosa | Fix XSS issue during login and | | | authentication against LDAP server(s) | | | via the gosa-admin DN | | intel-microcode | Disable TSX instructions in Haswell and | | | other errata | | iucode-tool | Fix a possible buffer overwrite, memory | | | leak and other issues found by coverity | | libclamunrar | Update to new upstream version, in line | | | with clamav | | libdatetime-timezone- | New upstream release; update included | | perl | data files to 2014j | | linux | New upstream stable release; drm, agp: | | | update to 3.4.105; rt: update to 3.2.64- | | | rt94; KVM: don't report guest userspace | | | emulation error to userspace [CVE-2014- | | | 7842], clear paravirt_enabled on KVM | | | guests for espfix32's benefit [CVE-2014- | | | 8134]; isofs: fix infinite looping over | | | CE entries [CVE-2014-9420] | | mumble | Fix UDP communication failing until | | | connected user's mic is activated and | | | data sent; fix crash on connecting; | | | properly HTML-escape some external | | | strings before using them in a rich-text | | | (HTML) context [CVE-2014-3756]; fix | | | client DoS via SVG images with local | | | file references [CVE-2014-3755] | | netcfg | Fix missing bounds check on nameserver | | | array iteration | | nostalgy | Update for compatibility with new | | | icedove versions from security | | nvidia-graphics- | New upstream release | | drivers | | | nvidia-graphics- | Rebuild against updated nvidia-graphics- | | modules | drivers | | shutdown-at-night | Check for users before shutting down | | sieve-extension | Increase version compatibility with | | | icedove | | spamassassin | Export perl_version to rules, as | | | upstream has started using it in | | | published rules | | tzdata | New upstream release | | wireless-regdb | New upstream release, with updated / | | | added data | | xulrunner | New source package split out from | | | iceweasel (which no longer provides | | | xulrunner in newer versions) | +--------------------------+------------------------------------------+ Security Updates ---------------- This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates: +----------------+----------------------------+ | Advisory ID | Package | +----------------+----------------------------+ | DSA-2720 | enigmail | | DSA-2720 | icedove-l10n | | DSA-2720 | icedove | | DSA-2746 | icedove | | DSA-2762 | icedove | | DSA-2797 | icedove | | DSA-2911 | icedove-l10n | | DSA-2911 | enigmail | | DSA-2911 | icedove | | DSA-2918 | iceweasel | | DSA-2924 | icedove | | DSA-2955 | iceweasel | | DSA-2960 | icedove | | DSA-2986 | iceweasel | | DSA-2996 | icedove | | DSA-3018 | iceweasel | | DSA-3028 | icedove | | DSA-3034 | iceweasel | | DSA-3037 | icedove | | DSA-3049 | wireshark | | DSA-3050 | iceweasel | | DSA-3051 | drupal7 | | DSA-3052 | wpa | | DSA-3053 | openssl | | DSA-3054 | mysql-5.5 | | DSA-3055 | pidgin | | DSA-3056 | libtasn1-3 | | DSA-3057 | libxml2 | | DSA-3058 | torque | | DSA-3059 | dokuwiki | | DSA-3060 | linux | | DSA-3061 | icedove | | DSA-3061 | icedove-l10n | | DSA-3061 | enigmail | | DSA-3062 | wget | | DSA-3063 | quassel | | DSA-3064 | php5 | | DSA-3065 | libxml-security-java | | DSA-3066 | qemu | | DSA-3067 | qemu-kvm | | DSA-3068 | konversation | | DSA-3069 | curl | | DSA-3071 | nss | | DSA-3072 | file | | DSA-3073 | libgcrypt11 | | DSA-3074 | php5 | | DSA-3075 | drupal7 | | DSA-3078 | libksba | | DSA-3079 | ppp | | DSA-3081 | libvncserver | | DSA-3082 | flac | | DSA-3083 | mutt | | DSA-3084 | openvpn | | DSA-3085 | wordpress | | DSA-3086 | tcpdump | | DSA-3087 | qemu | | DSA-3088 | qemu-kvm | | DSA-3089 | jasper | | DSA-3090 | iceweasel | | DSA-3091 | getmail4 | | DSA-3092 | icedove | | DSA-3093 | linux | | DSA-3094 | bind9 | | DSA-3095 | xorg-server | | DSA-3096 | pdns-recursor | | DSA-3097 | unbound | | DSA-3098 | graphviz | | DSA-3099 | dbus | | DSA-3100 | mediawiki | | DSA-3101 | c-icap | | DSA-3102 | libyaml | | DSA-3103 | libyaml-libyaml-perl | | DSA-3104 | bsd-mailx | | DSA-3105 | heirloom-mailx | | DSA-3106 | jasper | | DSA-3107 | subversion | | DSA-3108 | ntp | | DSA-3109 | firebird2.5 | | DSA-3110 | mediawiki | | DSA-3111 | cpio | | DSA-3112 | sox | | DSA-3113 | unzip | | DSA-3114 | mime-support | | DSA-3115 | pyyaml | | DSA-3116 | polarssl | | DSA-3117 | php5 | +----------------+----------------------------+ URLs ---- The complete lists of packages that have changed with this revision: http://ftp.debian.org/debian/dists/wheezy/ChangeLog The current stable distribution: http://ftp.debian.org/debian/dists/stable/ Proposed updates to the stable distribution: http://ftp.debian.org/debian/dists/proposed-updates stable distribution information (release notes, errata etc.): https://www.debian.org/releases/stable/ Security announcements and information: https://security.debian.org/ ; About Debian ------------ The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. Contact Information ------------------- For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.
Attachment:
signature.asc
Description: Digital signature