Hi! Alexander Reichle-Schmehl schrieb: [..] > Frans, could you please pay special attention to the paragraph about d-i? Frans, everything okay? I didn't got anything from you, yet. Attached is the current state with an changed part about the debian-installer. Please comment *now* we can't wait any longer with the announcement. Yours sincerely, Alexander
<define-tag pagetitle>Debian GNU/Linux 4.0 updated and support for newer hardware added</define-tag>
<define-tag release_date>2008-07-26</define-tag>
#use wml::debian::news
# $Id: 20080217.wml,v 1.2 2008-02-17 21:30:56 kreutzm Exp $
<define-tag release>4.0</define-tag>
<define-tag codename>etch</define-tag>
<define-tag revision>4.0r4</define-tag>
<define-tag dsa>
<tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td>
<td align="center"><:
my @p = ();
for my $p (split (/,\s*/, "%2")) {
push (@p, sprintf ('<a href="http://packages.debian.org/src:%s";>%s</a>', $p, $p));
}
print join (", ", @p);
:></td><td align="left">%3</td></tr>
</define-tag>
<define-tag correction>
<tr><td><a href="http://packages.debian.org/src:%0";>%0</a></td> <td>%1</td></tr>
</define-tag>
<define-tag srcpkg><a href="http://packages.debian.org/src:%0";>%0</a></define-tag>
<p>The Debian project is pleased to announce the fourth update of its stable
distribution Debian GNU/Linux 4.0 (codename <codename>). In addition to
correcting several security problems and a few serious defects in the stable
release, for the first time in Debian's history an update for a stable
distrubtion also adds support for newer hardware by giving users the option to
install newer drivers.</p>
<p>Existing Debian GNU/Linux 4.0 installation CDs and DVDs can continue to be
used to install this update. After installation, upgrading via an up-to-date
Debian mirror will cause any out of date packages to be updated. However, users
of the network-console installation method are strongly encouraged to update
their media, see the "Debian Installer" portion of this announcement for
more information.</p>
<p>Those who install updates frequently from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.</p>
<p>New CD and DVD images containing updated packages and the regular
installation media accompanied with the package archive respectively
will be available soon at the regular locations.</p>
<p>Upgrading to this revision online should be done by directing the
aptitude (or apt) package tool (see the sources.list(5) manual page) at
one of Debian's many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:</p>
<div class="center">
<a href="$(HOME)/mirror/list">http://www.debian.org/mirror/list</a>
</div>
<h2>About <q>etch-and-a-half</q></h2>
<p>Additional packages have been added in the Debian 4.0r4 point release to
increase the set of hardware supported by Debian 4.0 (<q>etch</q>). This includes
packages based upon the Linux 2.6.24 kernel and additional drivers for the X
window system. Installation of these additional packages is not required and
will not occur by default. This update represents no change to the support of
previously available packages.</p>
<p>The existing 2.6.18-based kernel will continue to be the default kernel for
the etch release.</p>
<p>These packages have been updated or newly introduced through <q>etch-and-a-half</q>:</p>
<table border=0>
<tr><th>Package</th> <th>Reason</th></tr>
<correction linux-2.6.24 "Updated for new kernel for etchnhalf">
<correction linux-kbuild-2.6.24 "Updated for new kernel for etchnhalf">
<correction linux-latest-2.6-etchnhalf "New kernel for etchnhalf">
<correction xserver-xorg-video-nv "Supporting more hardware">
<correction xserver-xorg-video-intel "Supporting more hardware">
<correction aboot "Fix alpha build, add support for kernels newer than 2.6.23">
<correction b43-fwcutter "Fix wrongly encoded es.po">
<correction debconf "Make debconf-apt-progress compatible with the Lenny installer">
<correction sysvinit "Update shutdown to work with libata in linux newer than 2.6.23">
<correction wireless-tools "Update to claim support for WE API in etchnhalf kernel">
</table>
<p><a href="http://www.debian.org/releases/etch/etchnhalf";>Release notes</a>
covering the special features of <q>etch-and-a-half</q> have been written as well as
a <a href="http://www.debian.org/releases/etch/debian-installer/etchnhalf";>short
update for the installation instructions</a>.</p>
<h2>Debian-Installer Update</h2>
<p>The Debian-Installer was updated to repair an issue with the network-console
installation option. Due to a lack of entropy in how the host key is generated,
earlier Debian GNU/Linux 4.0 installers are vulnerable to a man-in-the-middle
attack. Two other issues regarding installation on already existing RAID
setups and recognizing PowerPC64 system have been fixed as well.</p>
<h2>Miscellaneous Bugfixes</h2>
<p>This stable update adds several binary updates for various architectures
to packages whose version was not synchronised across all architectures.
It also adds a few important corrections to the following packages:</p>
<table border=0>
<tr><th>Package</th> <th>Reason</th></tr>
<correction apache2 "Fix possible segfault introduced by patch for CVE-2007-6421">
<correction balsa "Fix for stack-based buffer overflow">
<correction base-installer "Correctly recognize powerpc64 systems">
<correction cbrpager "Backported security fixes from upstream 0.9.18 for CVE-2008-2575">
<correction chkrootkit "'Enye' check was killing random applications">
<correction debian-installer "Rebuild images containing network-console">
<correction dns-flood-detector "Actually write a pid file for start-stop-daemon">
<correction exiv2 "Fix regression in security update">
<correction fai-kernels "Rebuild against linux-2.6_2.6.18.dfsg.1-21">
<correction firmware-nonfree "Build-depend on new kernel ABI 2.6-6">
<correction glibc "Fix nscd host caching and linker script for libraries using TLS">
<correction grub "Fix 1 TiB disk addressing limit">
<correction hal "Allow mounting ntfs volumes from within KDE">
<correction initramfs-tools "Fix MBR checking on md devices and booting with Xen">
<correction kiosktool "Correct the path to the KDE menu file">
<correction licq "Fixing 'ICQ version too old' connection failure">
<correction linux-2.6 "Fix several issues">
<correction partman-lvm "Fix installation with already existing RAID">
<correction pdftohtml "Transition users to poppler-utils">
<correction python-django "Fix cross-site scripting vulnerability">
<correction qsynth "Fix wrongly named desktop file">
<correction qt-x11-free "Ease updates of KDE by hardcoding the unames">
<correction trac "Fix multiple issues">
<correction tzdata "New timezone information">
<correction user-mode-linux "Rebuild against linux-2.6_2.6.18.dfsg.1-21">
<correction vzctl "Fix file permission transfer on migrations">
<correction wxmaxima "Fix connection problems making the package unusable">
<correction xpdf "Remove strict versioned dependency on xpdf-utils to fix upgrade">
<correction xpenguins-applet "Avoid double free">
<correction znc "Fix NULL pointer dereferences leading to crashes">
</table>
<p>These packages were updated on the specified architecture to bring the architectures back in sync:</p>
<table border=0>
<tr><th>Package</th> <th>Architecture — Reason</th></tr>
<correction apache2-mpm-itk "s390 amd64 sparc powerpc arm i386 mips ia64 alpha mipsel hppa — Rebuild against updated apache2">
<correction gtimer "amd64 — Rebuild against Etch libraries">
<correction kdebase "arm">
<correction kdelibs "arm">
<correction sage "ia64 — Rebuild against libsdl1.2_1.2.11-8 to kill off dangling .la references">
<correction sear "ia64 — Rebuild against lib3ds-dev 1.2.0-4.1+etch1">
</table>
<h2>Security Updates</h2>
<p>This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:</p>
<table border=0>
<tr><th>Advisory ID</th> <th>Package</th> <th>Correction(s)</th></tr>
<dsa 2008 1484 xulrunner "Fix several vulnerabilities">
<dsa 2008 1485 icedove "Fix several vulnerabilities">
<dsa 2008 1492 wml "Clean up temporary files">
<dsa 2008 1497 clamav "Fix several vulnerabilities">
<dsa 2008 1498 libimager-perl "Fix arbitrary code execution">
<dsa 2008 1499 pcre3 "Fix arbitrary code execution">
<dsa 2008 1500 splitvt "Fix privilege escalation">
<dsa 2008 1501 dspam "Fix information disclosure">
<dsa 2008 1502 wordpress "Fix multiple vulnerabilities">
<dsa 2008 1505 alsa-driver "Fix kernel memory leak">
<dsa 2008 1506 iceape "Fix several vulnerabilities">
<dsa 2008 1507 turba2 "Fix permission testing">
<dsa 2008 1508 sword "Fix insufficient input sanitising">
<dsa 2008 1509 koffice "Fix multiple vulnerabilities">
<dsa 2008 1510 gs-gpl "Fix arbitrary code execution">
<dsa 2008 1511 icu "Fix multiple problems">
<dsa 2008 1512 evolution "Fix arbitrary code execution">
<dsa 2008 1513 lighttpd "Fix CGI source disclosure">
<dsa 2008 1514 moin "Fix several vulnerabilities">
<dsa 2008 1515 libnet-dns-perl "Fix several vulnerabilities">
<dsa 2008 1516 dovecot "Fix privilege escalation">
<dsa 2008 1517 ldapscripts "Fix information disclosure">
<dsa 2008 1518 backup-manager "Fix password disclosure">
<dsa 2008 1519 horde3 "Fix insufficient input sanitising">
<dsa 2008 1520 smarty "Fix insufficient input sanitising">
<dsa 2008 1522 unzip "Fix programming error">
<dsa 2008 1523 ikiwiki "Fix cross-site scripting">
<dsa 2008 1524 krb5 "Fix multiple vulnerabilities">
<dsa 2008 1525 asterisk "Fix several vulnerabilities">
<dsa 2008 1526 xwine "Fix several vulnerabilities">
<dsa 2008 1527 debian-goodies "Fix insufficient input sanitising">
<dsa 2008 1528 serendipity "Fix cross site scripting">
<dsa 2008 1530 cupsys "Fix multiple vulnerabilities">
<dsa 2008 1531 policyd-weight "Fix insecure temporary files">
<dsa 2008 1532 xulrunner "Fix several vulnerabilities">
<dsa 2008 1533 exiftags "Fix several vulnerabilities">
<dsa 2008 1534 iceape "Fix several vulnerabilities">
<dsa 2008 1535 iceweasel "Fix several vulnerabilities">
<dsa 2008 1536 xine-lib "Fix several vulnerabilities">
<dsa 2008 1537 xpdf "Fix multiple vulnerabilities">
<dsa 2008 1538 alsaplayer "Fix arbitrary code execution">
<dsa 2008 1539 mapserver "Fix multiple vulnerabilities">
<dsa 2008 1540 lighttpd "Fix denial of service">
<dsa 2008 1541 openldap2.3 "Fix denial of service">
<dsa 2008 1542 libcairo "Fix arbitrary code execution">
<dsa 2008 1543 vlc "Fix several vulnerabilities">
<dsa 2008 1544 pdns-recursor "Fix cache poisioning vulnerability">
<dsa 2008 1545 rsync "Fix arbitrary code execution">
<dsa 2008 1546 gnumeric "Fix arbitrary code execution">
<dsa 2008 1547 openoffice.org "Fix arbitrary code execution">
<dsa 2008 1548 xpdf "Fix arbitrary code execution">
<dsa 2008 1549 clamav "Fix several vulnerabilities">
<dsa 2008 1550 suphp "Fix local privilege escalation">
<dsa 2008 1551 python2.4 "Fix several vulnerabilities">
<dsa 2008 1552 mplayer "Fix arbitrary code execution">
<dsa 2008 1553 ikiwiki "Fix cross-site request forgery">
<dsa 2008 1554 roundup "Fix cross-site scripting vulnerability">
<dsa 2008 1555 iceweasel "Fix arbitrary code execution">
<dsa 2008 1556 perl "Fix denial of service">
<dsa 2008 1557 phpmyadmin "Fix several vulnerabilities">
<dsa 2008 1558 xulrunner "Fix arbitrary code execution">
<dsa 2008 1559 phpgedview "Fix cross site scripting">
<dsa 2008 1560 kronolith2 "Fix cross site scripting">
<dsa 2008 1561 ltsp "Fix information disclosure">
<dsa 2008 1562 iceape "Fix arbitrary code execution">
<dsa 2008 1563 asterisk "Fix denial of service">
<dsa 2008 1564 wordpress "Fix several vulnerabilities">
<dsa 2008 1566 cpio "Fix denial of service">
<dsa 2008 1567 blender "Fix arbitrary code execution">
<dsa 2008 1568 b2evolution "Fix cross site scripting">
<dsa 2008 1569 cacti "Fix multiple vulnerabilities">
<dsa 2008 1570 kazehakase "Fix arbitrary code execution">
<dsa 2008 1571 openssl "Fix predictable random number generator">
<dsa 2008 1572 php5 "Fix several vulnerabilities">
<dsa 2008 1573 rdesktop "Fix several vulnerabilities">
<dsa 2008 1574 icedove "Fix several vulnerabilities">
<dsa 2008 1576 openssh "Fix predictable randomness">
<dsa 2008 1577 gforge "Fix insecure temporary files">
<dsa 2008 1578 php4 "Fix several vulnerabilities">
<dsa 2008 1579 netpbm-free "Fix arbitrary code execution">
<dsa 2008 1580 phpgedview "Fix privilege escalation">
<dsa 2008 1581 gnutls13 "Fix potential code execution">
<dsa 2008 1582 peercast "Fix arbitrary code execution">
<dsa 2008 1583 gnome-peercast "Fix several vulnerabilities">
<dsa 2008 1584 libfishsound "Fix arbitrary code execution">
<dsa 2008 1585 speex "Fix arbitrary code execution">
<dsa 2008 1586 xine-lib "Fix several vulnerabilities">
<dsa 2008 1587 mtr "Fix arbitrary code execution">
<dsa 2008 1589 libxslt "Fix arbitrary code execution">
<dsa 2008 1590 samba "Fix arbitrary code execution">
<dsa 2008 1591 libvorbis "Fix several vulnerabilities">
<dsa 2008 1593 tomcat5.5 "Fix missing input sanitising and cross site scripting issue">
<dsa 2008 1594 imlib2 "Fix buffer overflows in XPM and PNM loaders">
<dsa 2008 1595 xorg-server "Fix several vulnerabilities">
<dsa 2008 1596 typo3-src "Fix several vulnerabilities">
<dsa 2008 1597 mt-daapd "Fix several vulnerabilities">
<dsa 2008 1598 libtk-img "Fix buffer overflow">
<dsa 2008 1599 dbus "Fix programming error">
<dsa 2008 1600 sympa "Fix denial of service">
<dsa 2008 1601 wordpress "Fix several vulnerabilities">
<dsa 2008 1602 pcre3 "Fix arbitrary code execution">
<dsa 2008 1603 bind9 "Fix cache poisioning">
<dsa 2008 1606 poppler "Fix arbitrary code execution">
<dsa 2008 1608 mysql-dfsg-5.0 "Fix authorization bypass">
<dsa 2008 1611 afuse "Fix privilege escalation">
<dsa 2008 1612 ruby1.8 "Fix several vulnerabilities">
<dsa 2008 1613 libgd2 "Fix multiple vulnerabilities">
</table>
<p>A complete list of all accepted and rejected packages together with
rationale is available on the preparation page for this revision:</p>
<div class="center">
<url "http://release.debian.org/stable/<release>/<revision>/">
</div>
<h2>Removed packages</h2>
<p>The following packages were removed due to circumstances beyond our control:</p>
<table border=0>
<tr><th>Package</th> <th>Reason</th></tr>
<correction glimpse "Licensing issues">
<correction dcc "Security issues">
<correction maxdb-7.5.00 "Security issues">
</table>
<h2>URLs</h2>
<p>The complete lists of packages that have changed with this
release:</p>
<div class="center">
<url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog">
</div>
<p>The current stable distribution:</p>
<div class="center">
<url "http://ftp.debian.org/debian/dists/stable/";>
</div>
<p>Proposed updates to the stable distribution:</p>
<div class="center">
<url "http://ftp.debian.org/debian/dists/proposed-updates/";>
</div>
<p>Stable distribution information (release notes, errata, etc.):</p>
<div class="center">
<a
href="$(HOME)/releases/stable/">http://www.debian.org/releases/stable/</a>
</div>
<p>Security announcements and information:</p>
<div class="center">
<a href="$(HOME)/security/">http://security.debian.org/</a>
</div>
<h2>About Debian</h2>
<p>The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely
free operating system Debian GNU/Linux.</p>
<h2>Contact Information</h2>
<p>For further information, please visit the Debian web pages at
<a href="$(HOME)/">http://www.debian.org/</a>, send mail to
<press@debian.org>, or contact the stable release team at
<debian-release@lists.debian.org>.</p>
------------------------------------------------------------------------
The Debian Project http://www.debian.org/
Debian GNU/Linux 4.0 updated press@debian.org
July 26th, 2008 http://www.debian.org/News/2008/20080726
------------------------------------------------------------------------
Debian GNU/Linux 4.0 updated and support for newer hardware added
The Debian project is pleased to announce the fourth update of its
stable distribution Debian GNU/Linux 4.0 (codename etch). In addition
to correcting several security problems and a few serious defects in the
stable release, for the first time in Debian's history an update for a
stable distrubtion also adds support for newer hardware by giving users
the option to install newer drivers.
Existing Debian GNU/Linux 4.0 installation CDs and DVDs can continue to
be used to install this update. After installation, upgrading via an
up-to-date Debian mirror will cause any out of date packages to be
updated. However, users of the network-console installation method are
strongly encouraged to update their media, see the "Debian Installer"
portion of this announcement for more information.
Those who install updates frequently from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.
New CD and DVD images containing updated packages and the regular
installation media accompanied with the package archive respectively
will be available soon at the regular locations.
Upgrading to this revision online should be done by directing the
aptitude (or apt) package tool (see the sources.list(5) manual page) at
one of Debian's many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:
<http://www.debian.org/distrib/ftplist>
About "etch-and-a-half"
-----------------------
Additional packages have been added in the Debian 4.0r4 point release to
increase the set of hardware supported by Debian 4.0 ("etch"). This
includes packages based upon the Linux 2.6.24 kernel and additional
drivers for the X window system. Installation of these additional
packages is not required and will not occur by default. This update
represents no change to the support of previously available packages.
The existing 2.6.18-based kernel will continue to be the default kernel
for the etch release.
These packages have been updated or newly introduced through "etch-and-a-half":
Package Reason
linux-2.6.24 Updated for new kernel for etchnhalf
linux-kbuild-2.6.24 Updated for new kernel for etchnhalf
linux-latest-2.6-etchnhalf New kernel for etchnhalf
xserver-xorg-video-nv Supporting more hardware
xserver-xorg-video-intel Supporting more hardware
aboot Fix alpha build, add support for kernels newer than 2.6.23
b43-fwcutter Fix wrongly encoded es.po
debconf Make debconf-apt-progress compatible with the Lenny installer
sysvinit Update shutdown to work with libata in linux newer than 2.6.23
wireless-tools Update to claim support for WE API in etchnhalf kernel
Release notes covering the special features of "etch-and-a-half" have
been written as well as a short update for the installation
instructions.
Release notes: <http://www.debian.org/releases/etch/etchnhalf>
Installation instructions: <http://www.debian.org/releases/etch/debian-installer/etchnhalf>
Debian-Installer Update
-----------------------
The Debian-Installer was updated to repair an issue with the network-console
installation option. Due to a lack of entropy in how the host key is generated,
earlier Debian GNU/Linux 4.0 installers are vulnerable to a man-in-the-middle
attack. Two other issues regarding installation on already existing RAID
setups and recognizing PowerPC64 system have been fixed as well.
Miscellaneous Bugfixes
----------------------
This stable update adds several binary updates for various architectures
to packages whose version was not synchronised across all architectures.
It also adds a few important corrections to the following packages:
Package Reason
apache2 Fix possible segfault introduced by patch for CVE-2007-6421
balsa Fix for stack-based buffer overflow
base-installer Correctly recognize powerpc64 systems
cbrpager Backported security fixes from upstream 0.9.18 for CVE-2008-2575
chkrootkit 'Enye' check was killing random applications
debian-installer Rebuild images containing network-console
dns-flood-detector Actually write a pid file for start-stop-daemon
exiv2 Fix regression in security update
fai-kernels Rebuild against linux-2.6_2.6.18.dfsg.1-21
firmware-nonfree Build-depend on new kernel ABI 2.6-6
glibc Fix nscd host caching and linker script for libraries using TLS
grub Fix 1 TiB disk addressing limit
hal Allow mounting ntfs volumes from within KDE
initramfs-tools Fix MBR checking on md devices and booting with Xen
kiosktool Correct the path to the KDE menu file
licq Fixing 'ICQ version too old' connection failure
linux-2.6 Fix several issues
partman-lvm Fix installation with already existing RAID
pdftohtml Transition users to poppler-utils
python-django Fix cross-site scripting vulnerability
qsynth Fix wrongly named desktop file
qt-x11-free Ease updates of KDE by hardcoding the unames
trac Fix multiple issues
tzdata New timezone information
user-mode-linux Rebuild against linux-2.6_2.6.18.dfsg.1-21
vzctl Fix file permission transfer on migrations
wxmaxima Fix connection problems making the package unusable
xpdf Remove strict versioned dependency on xpdf-utils to fix upgrade
xpenguins-applet Avoid double free
znc Fix NULL pointer dereferences leading to crashes
These packages were updated on the specified architecture to bring the architectures back in sync:
Package Architecture -- Reason
apache2-mpm-itk s390 amd64 sparc powerpc arm i386 mips ia64 alpha mipsel hppa --
Rebuild against updated apache2
gtimer amd64 -- Rebuild against Etch libraries
kdebase arm
kdelibs arm
sage ia64 -- Rebuild against libsdl1.2_1.2.11-8 to kill off dangling .la references
sear ia64 -- Rebuild against lib3ds-dev 1.2.0-4.1+etch1
Security Updates
----------------
This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:
Advisory ID Package(s) Correction(s)
DSA 1484 xulrunner Fix several vulnerabilities
DSA 1485 icedove Fix several vulnerabilities
DSA 1492 wml Clean up temporary files
DSA 1497 clamav Fix several vulnerabilities
DSA 1498 libimager-perl Fix arbitrary code execution
DSA 1499 pcre3 Fix arbitrary code execution
DSA 1500 splitvt Fix privilege escalation
DSA 1501 dspam Fix information disclosure
DSA 1502 wordpress Fix multiple vulnerabilities
DSA 1505 alsa-driver Fix kernel memory leak
DSA 1506 iceape Fix several vulnerabilities
DSA 1507 turba2 Fix permission testing
DSA 1508 sword Fix insufficient input sanitising
DSA 1509 koffice Fix multiple vulnerabilities
DSA 1510 gs-gpl Fix arbitrary code execution
DSA 1511 icu Fix multiple problems
DSA 1512 evolution Fix arbitrary code execution
DSA 1513 lighttpd Fix CGI source disclosure
DSA 1514 moin Fix several vulnerabilities
DSA 1515 libnet-dns-perl Fix several vulnerabilities
DSA 1516 dovecot Fix privilege escalation
DSA 1517 ldapscripts Fix information disclosure
DSA 1518 backup-manager Fix password disclosure
DSA 1519 horde3 Fix insufficient input sanitising
DSA 1520 smarty Fix insufficient input sanitising
DSA 1522 unzip Fix programming error
DSA 1523 ikiwiki Fix cross-site scripting
DSA 1524 krb5 Fix multiple vulnerabilities
DSA 1525 asterisk Fix several vulnerabilities
DSA 1526 xwine Fix several vulnerabilities
DSA 1527 debian-goodies Fix insufficient input sanitising
DSA 1528 serendipity Fix cross site scripting
DSA 1530 cupsys Fix multiple vulnerabilities
DSA 1531 policyd-weight Fix insecure temporary files
DSA 1532 xulrunner Fix several vulnerabilities
DSA 1533 exiftags Fix several vulnerabilities
DSA 1534 iceape Fix several vulnerabilities
DSA 1535 iceweasel Fix several vulnerabilities
DSA 1536 xine-lib Fix several vulnerabilities
DSA 1537 xpdf Fix multiple vulnerabilities
DSA 1538 alsaplayer Fix arbitrary code execution
DSA 1539 mapserver Fix multiple vulnerabilities
DSA 1540 lighttpd Fix denial of service
DSA 1541 openldap2.3 Fix denial of service
DSA 1542 libcairo Fix arbitrary code execution
DSA 1543 vlc Fix several vulnerabilities
DSA 1544 pdns-recursor Fix cache poisioning vulnerability
DSA 1545 rsync Fix arbitrary code execution
DSA 1546 gnumeric Fix arbitrary code execution
DSA 1547 openoffice.org Fix arbitrary code execution
DSA 1548 xpdf Fix arbitrary code execution
DSA 1549 clamav Fix several vulnerabilities
DSA 1550 suphp Fix local privilege escalation
DSA 1551 python2.4 Fix several vulnerabilities
DSA 1552 mplayer Fix arbitrary code execution
DSA 1553 ikiwiki Fix cross-site request forgery
DSA 1554 roundup Fix cross-site scripting vulnerability
DSA 1555 iceweasel Fix arbitrary code execution
DSA 1556 perl Fix denial of service
DSA 1557 phpmyadmin Fix several vulnerabilities
DSA 1558 xulrunner Fix arbitrary code execution
DSA 1559 phpgedview Fix cross site scripting
DSA 1560 kronolith2 Fix cross site scripting
DSA 1561 ltsp Fix information disclosure
DSA 1562 iceape Fix arbitrary code execution
DSA 1563 asterisk Fix denial of service
DSA 1564 wordpress Fix several vulnerabilities
DSA 1566 cpio Fix denial of service
DSA 1567 blender Fix arbitrary code execution
DSA 1568 b2evolution Fix cross site scripting
DSA 1569 cacti Fix multiple vulnerabilities
DSA 1570 kazehakase Fix arbitrary code execution
DSA 1571 openssl Fix predictable random number generator
DSA 1572 php5 Fix several vulnerabilities
DSA 1573 rdesktop Fix several vulnerabilities
DSA 1574 icedove Fix several vulnerabilities
DSA 1576 openssh Fix predictable randomness
DSA 1577 gforge Fix insecure temporary files
DSA 1578 php4 Fix several vulnerabilities
DSA 1579 netpbm-free Fix arbitrary code execution
DSA 1580 phpgedview Fix privilege escalation
DSA 1581 gnutls13 Fix potential code execution
DSA 1582 peercast Fix arbitrary code execution
DSA 1583 gnome-peercast Fix several vulnerabilities
DSA 1584 libfishsound Fix arbitrary code execution
DSA 1585 speex Fix arbitrary code execution
DSA 1586 xine-lib Fix several vulnerabilities
DSA 1587 mtr Fix arbitrary code execution
DSA 1589 libxslt Fix arbitrary code execution
DSA 1590 samba Fix arbitrary code execution
DSA 1591 libvorbis Fix several vulnerabilities
DSA 1593 tomcat5.5 Fix missing input sanitising and cross site scripting issue
DSA 1594 imlib2 Fix buffer overflows in XPM and PNM loaders
DSA 1595 xorg-server Fix several vulnerabilities
DSA 1596 typo3-src Fix several vulnerabilities
DSA 1597 mt-daapd Fix several vulnerabilities
DSA 1598 libtk-img Fix buffer overflow
DSA 1599 dbus Fix programming error
DSA 1600 sympa Fix denial of service
DSA 1601 wordpress Fix several vulnerabilities
DSA 1602 pcre3 Fix arbitrary code execution
DSA 1603 bind9 Fix cache poisioning
DSA 1606 poppler Fix arbitrary code execution
DSA 1608 mysql-dfsg-5.0 Fix authorization bypass
DSA 1611 afuse Fix privilege escalation
DSA 1612 ruby1.8 Fix several vulnerabilities
DSA 1613 libgd2 Fix multiple vulnerabilities
A complete list of all accepted and rejected packages together with
rationale is available on the preparation page for this revision:
<http://release.debian.org/stable/4.0/4.0r3/>
Removed packages
----------------
The following packages were removed due to circumstances beyond our control:
Package Reason
glimpse Licensing issues
dcc Security issues
maxdb-7.5.00 Security issues
URLs
----
The complete lists of packages that have changed with this revision:
<http://ftp.debian.org/debian/dists/etch/ChangeLog>
The current stable distribution:
<http://ftp.debian.org/debian/dists/stable>
Proposed updates to the stable distribution:
<http://ftp.debian.org/debian/dists/proposed-updates>
Stable distribution information (release notes, errata etc.):
<http://www.debian.org/releases/stable/>
Security announcements and information:
<http://www.debian.org/security/>
About Debian
------------
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely
free operating system Debian GNU/Linux.
Contact Information
-------------------
For further information, please visit the Debian web pages at
<http://www.debian.org/>, send mail to <press@debian.org>, or
contact the stable release team at <debian-release@lists.debian.org>.
Attachment:
signature.asc
Description: OpenPGP digital signature