[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Preparing Debian GNU/Linux 2.2r5



Preparation of Debian GNU/Linux 2.2r5
=====================================

An up-to-date version is at http://master.debian.org/~joey/2.2r5/

I am preparing 2.2r5 and will send reports so people can actually
comment on it.  The plan is to get this revision of Debian GNU/Linux
2.2 (codename `potato') out real soon now.  James Troup still has
to give the final approval for each package.  However, I will try
to make his work as easy as possible in the hope to get the next
revision out properly.  Thanks for your attention.

Development for 2.2r5 is near being finished ready to be released.

This may also be the last version of the 2.2 series, depending on
how well the woody release is going.  There is, however, still a
possibility 2.2r6 (to be scheduled at the beginning of March) has to
be released before 3.0.

My requirements for packages to go into stable:

 1. The package fixes a security problem.  An advisory by our own
    Security Team would be quite helpful.

 2. The package fixes a critical bug which can lead into data loss,
    data corruption, or an overly broken system, or the package is
    broken or not usable (anymore).

 3. The stable version of the package is not installable at all due to
    broken or unmet dependencies or broken installation scripts

 4. The package gets all architectures in stable in sync.

 5. All released architectures have to be in sync.

Packages which I will most probably reject:

  . Package which fix non-critical bugs

  . Misplaced uploads, i.e. packages that were uploaded to 'stable
    unstable' or `frozen unstable'

  . Packages for which its binary packages are out of sync with regard
    to all supported architectures in the stable distribution.

  . Binary packages for which the source got lost somehow

Accepted packages
-----------------

These packages should be installed into stable and be part of the next
revision.

apache      stable    1.3.9-13.2  alpha, arm, i386, m68k, powerpc, sparc
apache      testing   1.3.19-1    alpha, arm, i386, m68k, powerpc, sparc
apache      unstable  1.3.19-1    hurd-i386
apache      unstable  1.3.20-1.1  alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sh, sparc
apache      updates   1.3.9-14    alpha, arm, i386, m68k, powerpc, sparc

	* Non-maintainer upload on behalf of Simon Huggins <huggie@earth.li>
	* Applied patch from Martin Kraemer to fix mod_negotiation bug to prevent
	  revealing of directory contents.

	This looks like a half security update, right?

	DSA 067-1 is a broken security upload and requires an update. [further]

	2002-01-02: It would be nice if somebody could tell me why I
	tagged this version 'broken'.  I don't think it's because of a
	missing fix for Bug#73013, so I don't remember anymore.  *sigh*

base-config  stable    0.32        alpha
base-config  stable    0.33.2      arm, i386, m68k, powerpc, sparc
base-config  updates   0.33.2      alpha

	Sync with other architectures

	ChangeLog also says:

	* Corrected stupid typo in templates file, Closes: #74785, #74815,
	  #74828

	* This problem makes it impossible to install the package, so it is
	  important and must go in.

bb          stable    1.2-9       i386, powerpc
bb          stable    1.2-9.0.1   alpha
bb          updates   1.2-9       sparc

	Package was missing from stable.

bwbasic     stable    2.20pl2-3    alpha, i386, m68k, powerpc
bwbasic     stable    2.20pl2-3.1  sparc
bwbasic     updates   2.20pl2-3.2  alpha, arm, i386, m68k, powerpc, sparc

	* New maintainer.

	* Recompile.  Due to strange interactions with libc6, functions
	  weren't interpreted, and the package was practically unusable.
	  Closes: #108924.

catsboot    updates   0.2.2       arm

	Boot glue for ARM CATS systems

	Required on some ARM systems

	current stable boot-floppies Build-Depend on it.

dtaus       stable    0.4-1         alpha, arm, i386, m68k, powerpc, sparc
dtaus       updates   0.6-0potato1  alpha, arm, i386, m68k, powerpc, sparc

	* Repackaged for potato because the version of dtaus in potato isn't
	  able to create DTAUS files using the Euro currency which is the one
	  and only official currency in Germany since yesterday.  Hence, the
	  version in potato is entirely useless since yesterday and has to be
	  updated if people are using it for their money management.

eximon      stable    3.12-10.1   alpha, arm, i386, m68k, powerpc, sparc
eximon      updates   3.12-10.2   alpha, arm, i386, m68k, powerpc, sparc
exim        stable    3.12-10.1   alpha, arm, i386, m68k, powerpc, sparc
exim        updates   3.12-10.2   alpha, arm, i386, m68k, powerpc, sparc

	Security Update, DSA 097


freewnn-common       stable    1.1.0+1.1.1-a016-1           all
freewnn-common       updates   1.1.0+1.1.1-a016-1.potato.3  all
freewnn-cserver-dev  stable    1.1.0+1.1.1-a016-1           alpha, arm, i386, m68k, powerpc, sparc
freewnn-cserver-dev  updates   1.1.0+1.1.1-a016-1.potato.3  alpha, arm, i386, m68k, powerpc, sparc
freewnn-cserver      stable    1.1.0+1.1.1-a016-1           alpha, arm, i386, m68k, powerpc, sparc
freewnn-cserver      updates   1.1.0+1.1.1-a016-1.potato.3  alpha, arm, i386, m68k, powerpc, sparc
freewnn-jserver-dev  stable    1.1.0+1.1.1-a016-1           alpha, arm, i386, m68k, powerpc, sparc
freewnn-jserver-dev  updates   1.1.0+1.1.1-a016-1.potato.3  alpha, arm, i386, m68k, powerpc, sparc
freewnn-jserver      stable    1.1.0+1.1.1-a016-1           alpha, arm, i386, m68k, powerpc, sparc
freewnn-jserver      updates   1.1.0+1.1.1-a016-1.potato.3  alpha, arm, i386, m68k, powerpc, sparc
freewnn-kserver-dev  stable    1.1.0+1.1.1-a016-1           alpha, arm, i386, m68k, powerpc, sparc
freewnn-kserver-dev  updates   1.1.0+1.1.1-a016-1.potato.3  alpha, arm, i386, m68k, powerpc, sparc
freewnn-kserver      stable    1.1.0+1.1.1-a016-1           alpha, arm, i386, m68k, powerpc, sparc
freewnn-kserver      updates   1.1.0+1.1.1-a016-1.potato.3  alpha, arm, i386, m68k, powerpc, sparc

	* [security fix] backport from freewnn 1.1.0+1.1.1-a017-6.4
	  - adduser wnn, kwnn, cwnn for jserver,kserver,cserver respectively
	    instead of running as root user
	  - restrict upload/create path under jserver_dir

	The 2nd upload is required to make the package installable
	*sigh*  At least, it is proved to be tested now...

gpg-idea    stable    2           m68k
gpg-idea    stable    2.1.1       alpha, i386, powerpc, sparc
gpg-rsaref  stable    1.1-1       alpha
gpg-rsaref  stable    1.1-2       arm, i386, powerpc, sparc
gpg-rsa     stable    2           m68k
gpg-rsa     stable    2.1.1       alpha, i386, powerpc, sparc

	GnuPG provides this functionality already, it replaces these
	packages just fine, they are not needed anymore.  Even worse,
	they are not even installable anymore, since they depend on
	gnupg but gnupg conflicts with them.

gpm             stable    1.17.8-18    alpha, arm, i386, m68k, powerpc, sparc
gpm             updates   1.17.8-18.1  alpha, arm, i386, m68k, powerpc, sparc
libgpm1-altdev  stable    1.17.8-18    i386, m68k
libgpm1-altdev  stable    1.17.8-9     sparc
libgpm1-altdev  updates   1.17.8-18.1  i386, m68k
libgpm1         stable    1.17.8-18    i386, m68k
libgpm1         stable    1.17.8-9     sparc
libgpm1         updates   1.17.8-18.1  i386, m68k
libgpmg1-dev    stable    1.17.8-18    alpha, arm, i386, m68k, powerpc, sparc
libgpmg1-dev    updates   1.17.8-18.1  alpha, arm, i386, m68k, powerpc, sparc
libgpmg1        stable    1.17.8-18    alpha, arm, i386, m68k, powerpc, sparc
libgpmg1        updates   1.17.8-18.1  alpha, arm, i386, m68k, powerpc, sparc

	Security upload: DSA 095


groff       stable    1.15.2-2    alpha, arm, i386, m68k, powerpc, sparc
groff       updates   1.15.2-3    alpha, arm, i386, m68k, powerpc, sparc

	* Use lpr as the print spooler, even if it happens not to be
	  installed on the build system. Version 1.15.2-2 broke 'groff
	  -l', which worked with previous versions of groff in stable
	  (thanks, Mike Fontenot).

	Since I can't even find a single bug report that says 'groff
	-l' is broken in stable, I guess it will only be used on
	accident.  Hence, I don't think this justifies an update to stable.

	I rethought my decision again.  2.2r3 had a working version,
	2.2r4 unfortunately broke it.  We should tryto fix that.
	Upgrading from r3 or older to the next current version should
	not break more things but fix them.  *sigh*

imp         stable    2:2.2.3-0.potato.4  all
imp         updates   2:2.2.6-0.potato.3  all

	DSA 073, though it mentioned imp 2.2.6-0.potato.1

	The maintainer, Ola Lundqvist, commented:

	"The potato.1 version (the real security fix) was broken. :(

	I uploaded it too fast, without testing the postgres part. It also
	had some other minor issues because I forgot to apply one patch.

	So if any new packages of horde and imp should go to a new revision
	only the latest version should go there (from proposed-updates)."

	.4: SECURITY FIX, backport from 2.2.7, closes: #118986

inn2-dev          stable    2.2.2.2000.01.31-2  arm
inn2-dev          stable    2.2.2.2000.01.31-4  alpha, i386, m68k, powerpc, sparc
inn2-dev          updates   2.2.2.2000.01.31-5  alpha, arm, i386, m68k, powerpc, sparc
inn2-inews        stable    2.2.2.2000.01.31-2  arm
inn2-inews        stable    2.2.2.2000.01.31-4  alpha, i386, m68k, powerpc, sparc
inn2-inews        updates   2.2.2.2000.01.31-5  alpha, arm, i386, m68k, powerpc, sparc
inn2              stable    2.2.2.2000.01.31-2  arm
inn2              stable    2.2.2.2000.01.31-4  alpha, i386, m68k, powerpc, sparc
inn2              updates   2.2.2.2000.01.31-5  alpha, arm, i386, m68k, powerpc, sparc
task-news-server  stable    2.2.2.2000.01.31-4  all
task-news-server  updates   2.2.2.2000.01.31-5  all

	Security Update, DSA 023

	Bdale reports a serious problem with this upload, it broke
	some functionality.  He's going to upload a fixed version, so
	this will have to wait for 2.2r5 (formerly 2.2r4) then.  Fixed
	for 2.2.2.2000.01.31-5.

kernel-image-2.2.19-netwinder  stable    20010414    arm
kernel-image-2.2.19-netwinder  updates   20011103    arm
kernel-image-2.2.19-riscpc     stable    20010414    arm
kernel-image-2.2.19-riscpc     updates   20011109    arm
kernel-patch-2.2.19-arm        stable    20010414    all
kernel-patch-2.2.19-arm        updates   20011109    all

	Rebuilt with current kernel that has security fixes
	incorporated, was supposed for 2.2r4 but uploaded too late.

	ARM 20011109: Build against kernel-source 2.2.19.1-2 and latest ARM patch.

mac-fdisk         stable    0.1-3           m68k
mac-fdisk         stable    0.1-6.0potato1  powerpc
mac-fdisk         updates   0.1-6.0potato1  m68k
pmac-fdisk-cross  stable    0.1-3           m68k
pmac-fdisk-cross  updates   0.1-6.0potato1  m68k

	Get m68k and powerpc back in sync, package is required for
	installation of NewWorld powerpc machines.

mailman     stable    1.1-8       alpha, arm, i386, m68k, powerpc, sparc
mailman     updates   1.1-10      alpha, arm, i386, m68k, powerpc, sparc

	Security Fix.  Related to DSA 094?

	Changelog for 1.1-9:

	* Cross site scripting (CSS) fixes, backported from Mailman 2.0.8.

	* Support list names with spaces in them.
	
	Changelog for 1.1-10:

	* Add missing paranthesis in Mailman/Cgi/edithtml.py, line 88

make-doc    stable    3.79.1-1.potato.1  all
make        stable    3.78.1-8           alpha
make        stable    3.79.1-1.potato.1  arm, i386, m68k, powerpc, sparc
make        updates   3.79.1-1.potato.1  alpha

	Get versions in sync

modconf     stable    0.2.26.14    all
modconf     updates   0.2.26.14.1  all

	Included patch for secure tempfile handling, see #117283 for
	details

mutt        stable    1.2.5-4     alpha, arm, i386, m68k, powerpc, sparc
mutt        updates   1.2.5-5     alpha, arm, i386, m68k, powerpc, sparc

	Security update: DSA 096

	* Applied patch-1.2.5.tlr.terminate.1 to fix a remotely exploitable
	  buffer overflow.

nedit       updates   1:5.1.1-3   alpha, arm, i386, m68k, powerpc, sparc

	nedit is now Free Software.

telnetd     stable    0.16-4          alpha
telnetd     stable    0.16-4potato.1  arm, i386, m68k, powerpc, sparc
telnetd     updates   0.16-4potato.3  alpha, arm, i386, m68k, powerpc, sparc
telnet      stable    0.16-4          alpha
telnet      stable    0.16-4potato.1  arm, i386, m68k, powerpc, sparc
telnet      updates   0.16-4potato.3  alpha, arm, i386, m68k, powerpc, sparc

	Changelog says:
	* Fixed same overflow with minimal change.

	DSA 070 mentioned version 0.16-4potato.2 [further]

ldap-rfc             stable    1:1.2.12-1  all
ldap-rfc             updates   1:1.2.12-2  all
libopenldap-dev      stable    1:1.2.12-1  alpha, arm, i386, m68k, powerpc, sparc
libopenldap-dev      updates   1:1.2.12-2  alpha, arm, i386, m68k, powerpc, sparc
libopenldap-runtime  stable    1:1.2.12-1  all
libopenldap-runtime  updates   1:1.2.12-2  all
libopenldap1         stable    1:1.2.12-1  alpha, arm, i386, m68k, powerpc, sparc
libopenldap1         updates   1:1.2.12-2  alpha, arm, i386, m68k, powerpc, sparc
openldap-gateways    stable    1:1.2.12-1  alpha, arm, i386, m68k, powerpc, sparc
openldap-gateways    updates   1:1.2.12-2  alpha, arm, i386, m68k, powerpc, sparc
openldap-utils       stable    1:1.2.12-1  alpha, arm, i386, m68k, powerpc, sparc
openldap-utils       updates   1:1.2.12-2  alpha, arm, i386, m68k, powerpc, sparc
openldapd            stable    1:1.2.12-1  alpha, arm, i386, m68k, powerpc, sparc
openldapd            updates   1:1.2.12-2  alpha, arm, i386, m68k, powerpc, sparc

	Minor bugfix:
	* Include backport of billion second bug.

ssh-askpass-gnome  stable    1:1.2.3-9.3  alpha, arm, i386, m68k, powerpc, sparc
ssh-askpass-gnome  updates   1:1.2.3-9.4  alpha, arm, i386, m68k, powerpc, sparc
ssh-askpass-ptk    stable    1:1.2.3-9.3  all
ssh-askpass-ptk    updates   1:1.2.3-9.4  all
ssh                stable    1:1.2.3-9.3  alpha, arm, i386, m68k, powerpc, sparc
ssh                updates   1:1.2.3-9.4  alpha, arm, i386, m68k, powerpc, sparc

	Security Fix, DSA 091


php4-cgi-gd     stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-cgi-gd     updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-cgi-imap   stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-cgi-imap   updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-cgi-ldap   stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-cgi-ldap   updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-cgi-mhash  stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-cgi-mhash  updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-cgi-mysql  stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-cgi-mysql  updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-cgi-pgsql  stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-cgi-pgsql  updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-cgi-snmp   stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-cgi-snmp   updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-cgi-xml    stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-cgi-xml    updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-cgi        stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-cgi        updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-dev        stable    4.0.3pl1-0potato1  all
php4-dev        updates   4.0.3pl1-0potato2  all
php4-gd         stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-gd         updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-imap       stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-imap       updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-ldap       stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-ldap       updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-mhash      stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-mhash      updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-mysql      stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-mysql      updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-pgsql      stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-pgsql      updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-snmp       stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-snmp       updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4-xml        stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4-xml        updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc
php4            stable    4.0.3pl1-0potato1  alpha, i386, m68k, powerpc, sparc
php4            updates   4.0.3pl1-0potato2  alpha, i386, m68k, powerpc, sparc

	Security Update (DSA 020 mentions 4.0.3pl1-0potato1.1) [further]

	Roland Bauerschmidt reports "php4-cgi broken".  Look at
	#89431. /usr/lib/cgi-bin/php4 is a symlink to
	debian/php4-cgi/usr/bin/php4 which of course doesn't exist.

postfix     stable    0.0.19991231pl11-1  alpha, arm, i386, m68k, powerpc, sparc
postfix     updates   0.0.19991231pl11-2  alpha, arm, i386, m68k, powerpc, sparc

	* Fix 'smtpd command log memory exhaustion' problem.

	* Fix dhelp dangling symlink problem.  Closes: #91877, #97332.

	* Rebuild on current potato.  Closes: #102388, #99220.

	Security Fix: DSA 093


ecpg                stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
ecpg                updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
libpgperl           stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
libpgperl           updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
libpgsql2           stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
libpgsql2           updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
libpgtcl            stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
libpgtcl            updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
odbc-postgresql     stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
odbc-postgresql     updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
pgaccess            stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
pgaccess            updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
postgresql-client   stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
postgresql-client   updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
postgresql-contrib  stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
postgresql-contrib  updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
postgresql-dev      stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
postgresql-dev      updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
postgresql-doc      stable    6.5.3-26    all
postgresql-doc      updates   6.5.3-27    all
postgresql-pl       stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
postgresql-pl       updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
postgresql-test     stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
postgresql-test     updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
postgresql          stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
postgresql          updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc
python-pygresql     stable    6.5.3-26    alpha, arm, i386, m68k, powerpc, sparc
python-pygresql     updates   6.5.3-27    alpha, arm, i386, m68k, powerpc, sparc

	* postgresql: applied patch from Ben Pfaff <pfaffben@msu.edu> to cure
	  problem with segfault in pg_dump.  High urgency because pg_dump is
	  essential for transferring data when upgrading postgresql.
	  Closes: #101940

	No security update but something that is anticipated to
	prevent data loss, I'm convinced.

skkinput    stable    1:2.03-2           alpha
skkinput    stable    1:2.03-3.potato.1  arm, i386, m68k, powerpc, sparc
skkinput    updates   1:2.03-3.potato.1  alpha

	Get versions back in sync

ssh-askpass-nonfree  stable    1.2.27-6.1  alpha, arm, i386, powerpc, sparc
ssh-askpass-nonfree  updates   1.2.27-6.2  alpha, arm, i386, m68k, powerpc, sparc
ssh-nonfree          stable    1.2.27-3    m68k
ssh-nonfree          stable    1.2.27-6.1  alpha, arm, i386, powerpc, sparc
ssh-nonfree          updates   1.2.27-6.2  alpha, arm, i386, m68k, powerpc, sparc
ssh-socks            stable    1.2.27-3    m68k
ssh-socks            stable    1.2.27-6.1  alpha, arm, i386, powerpc, sparc
ssh-socks            updates   1.2.27-6.2  alpha, arm, i386, m68k, powerpc, sparc

	* Urgency high because this addresses a well-known vulnerability which
	  is being exploited.

	* Add security fixes from -7.

	* Add build-depends.

	* Remove client's setuid bit; people who need it can turn it back on,
	  and everyone else will be safer.

tkseti      stable    2.10-1      arm
tkseti      stable    2.12-1      powerpc
tkseti      stable    2.12-2      alpha, i386, sparc
tkseti      updates   2.12-2      arm, powerpc

	Get versions back in sync.

wu-ftpd-academ  stable    2.6.0-5.3   all
wu-ftpd-academ  updates   2.6.0-6     all
wu-ftpd         stable    2.6.0-5.3   alpha, arm, i386, m68k, powerpc, sparc
wu-ftpd         updates   2.6.0-6     alpha, arm, i386, m68k, powerpc, sparc

	Security upload, DSA 087

xtel        stable    3.2.1-4           alpha, arm, i386, m68k, powerpc, sparc
xtel        updates   3.2.1-4.potato.1  alpha, arm, i386, m68k, powerpc, sparc

	* New maintainer

	* Security fixes:
	  - symlink vulnerability in xteld (see #87787).
	  - symlink vulnerability in xtel while printing harcopy of screen.
	  - run xteld under control of tcpd to be able to restrict access to the
	    service from network.

	* Backport of annoying and easy to fix bugs from woody version of xtel:
	  - Fixed segfaults (see #43566).
	  - Fixed a little typo in the /etc/xtel/lignes file.
	  - Fixed creation of the symlink to french doc directory (see #55131).

	* Other annoying fixes:
	  - bad X resource in Xtel[m].ad (missing '-o -' in a2ps printing command).

	DSA 090

xxgdb       stable    1.12-9.3        alpha, arm, i386, m68k, powerpc, sparc
xxgdb       updates   1.12-9.4potato  alpha, arm, i386, m68k, powerpc, sparc

	* Applied a patch from Massimo Dal Zotto <dz@cs.unitn.it>. This is a
	  workaround for a serious bug (#94892) in libXaw.

	Seems this bug makes xxgdb useless in stable

yabasic     stable    2.42-1      arm
yabasic     stable    2.53-1      alpha, i386, m68k, powerpc, sparc
yabasic     updates   2.53-2      alpha, arm, i386, m68k, powerpc, sparc

	* New maintainer.

	* yabasic.c: Fixed a /tmp race condition.

	* Completed the FHS transition to allow building with a recent
	  debhelper.  Closes: #98875.

	No DSA assigned, maintainer, please get in touch with the
	Security Team

zip-crypt    stable    2.30-1      arm, i386, m68k, powerpc, sparc
zip-crypt    updates   2.30-1      alpha

	Sync with other architectures

zsh         stable    3.1.9.dev6-2      alpha
zsh         stable    3.1.9.dev6-7      i386, m68k, powerpc, sparc
zsh         stable    3.1.9.dev6-7.0.1  arm
zsh         updates   3.1.9.dev6-7      alpha

	Get versions more in sync


Further investigation
---------------------

These packages need further investigation.  One reason the package is
listed here could be that I'm not yet convinced this package should go
into stable, but don't want to reject it entirely at the moment.
Another reason could be that released and updated architectures are
not in sync yet.

dump        stable    0.4b16-1           alpha, arm, i386, m68k, powerpc, sparc
dump        updates   0.4b25-0.potato.1  i386, m68k

	* back-port dump current version to potato at the request of
          Martin Schulze.  The 0.4b22 upstream version included
          important fixes for data corruption that can occur with the
          version that was released with potato.

	MISSING alpha
	MISSING arm
	MISSING powerpc
	MISSING sparc

man2html    stable    1.5-23      alpha, arm, i386, m68k, powerpc, sparc
man2html    updates   1.5-23.1    arm, i386, m68k, powerpc, sparc

	* Recompiled with correct CGIBASE to avoid bad links; closes: #104474.
	  Grave bug, warrants inclusion into stable.

	MISSING alpa

nfs-common         stable    1:0.1.9.1-1          alpha, arm, i386, m68k, powerpc, sparc
nfs-common         updates   1:0.1.9.1-1.potato1  i386, m68k, sparc
nfs-kernel-server  stable    1:0.1.9.1-1          alpha, arm, i386, m68k, powerpc, sparc
nfs-kernel-server  updates   1:0.1.9.1-1.potato1  i386, m68k, sparc
nhfsstone          stable    1:0.1.9.1-1          alpha, arm, i386, m68k, powerpc, sparc
nhfsstone          updates   1:0.1.9.1-1.potato1  i386, m68k, sparc

	Support statd callbacks from later 2.2 kernels. (closes:
	#111990)

	It seems that this upload fixes a disparity between late 2.2
	kernels and the older nfs-utils package from stable in
	connection with statd/lockd.  

	MISSING alpha
	MISSING arm
	MISSING powerpc

xcin        stable    2.3.04-1           arm
xcin        stable    2.5.1.3-1          powerpc
xcin        stable    2.5.1.99.pre6.1-1  alpha
xcin        stable    2.5.2-1            i386, m68k, sparc
xcin        updates   2.5.2-1            alpha

	Get versions back in sync

	Beware: change the distribution to stable only.

	MISSING arm
	MISSING powerpc



Rejected packages
-----------------

These packages don't meet the requirements.

dvi2ps-fontdata-a2n       stable    1.0-5       all
dvi2ps-fontdata-a2n       updates   1.0-6       all
dvi2ps-fontdata-bsr       stable    1.0-5       all
dvi2ps-fontdata-bsr       updates   1.0-6       all
dvi2ps-fontdata-ja        stable    1.0-5       all
dvi2ps-fontdata-ja        updates   1.0-6       all
dvi2ps-fontdata-n2a       stable    1.0-5       all
dvi2ps-fontdata-n2a       updates   1.0-6       all
dvi2ps-fontdata-ptexfake  stable    1.0-5       all
dvi2ps-fontdata-ptexfake  updates   1.0-6       all
dvi2ps-fontdata-rrs       stable    1.0-5       all
dvi2ps-fontdata-rrs       updates   1.0-6       all
dvi2ps-fontdata-rsp       stable    1.0-5       all
dvi2ps-fontdata-rsp       updates   1.0-6       all
dvi2ps-fontdata-tbank     stable    1.0-5       all
dvi2ps-fontdata-tbank     updates   1.0-6       all
dvi2ps-fontdata-three     stable    1.0-5       all
dvi2ps-fontdata-three     updates   1.0-6       all

	Misplaced upload to 'stable unstable'

icecast-server  stable    1.0.0-1     alpha, arm, i386, m68k, powerpc, sparc
icecast-server  updates   1.3.10-1    alpha, arm, m68k, powerpc, sparc
icecast-server  updates   1.3.10-1.1  i386

	Alleged security update.

	Changelog says:

	* Several security exploits found to icecast.  No simple way to patch

	* old version, so upgrade to latest stable version from icecast.org

	* If questions or assistance needed join #icecast on openprojects.net IRC

	Do you have a documentation about said security exploits?
	That's still pending

	Is it something different than this one?

	"icecast" is a server used to distribute audio streams to
	compatible clients such as winamp, mpg123, xmms and many
	others.  Matt Messier (mmessier@prilnari.com) and John Viega
	(viega@list.org) have identified several buffer overflow and
	format strings problems in Icecast that could be remotely
	exploited.

	Our latest update to this software changes the package to use
	an unprivileged user ("icecast") for the daemon, so the impact
	of this vulnerability is not as high. Recent distributions (CL
	>= 5.1) have this package compiled with StackGuard to make it
	more difficult to exploit buffer overflows.

	It's said to be.

	Clarification appreciated.

	To make it worse, there is now Version: 1.3.10-1.1

	* Binary-only recompile by security team

	* Rebuild with potato libc6

roxen-doc   stable    1.3.122-13  all
roxen-doc   updates   1.3.122-22  all
roxen-ssl   stable    1.3.122-13  all
roxen-ssl   updates   1.3.122-22  all
roxen       stable    1.3.122-11  arm
roxen       stable    1.3.122-13  alpha, i386, m68k, sparc
roxen       updates   1.3.122-22  i386

	Misplaced upload:

	Distribution: stable unstable

	* Dropping the 'task-webserver-roxen2' package...
	* Updating config.{sub|guess} Closes: #111546

samba-common  stable    2.0.7-3.4   alpha, arm, i386, m68k, powerpc, sparc
samba-common  updates   2.0.7-4     alpha, arm, i386, m68k, powerpc, sparc
samba         stable    2.0.7-3.4   alpha, arm, i386, m68k, powerpc, sparc
samba         updates   2.0.7-4     alpha, arm, i386, m68k, powerpc, sparc
smbclient     stable    2.0.7-3.4   alpha, arm, i386, m68k, powerpc, sparc
smbclient     updates   2.0.7-4     alpha, arm, i386, m68k, powerpc, sparc
smbfs         stable    2.0.7-3.4   alpha, arm, i386, m68k, powerpc, sparc
smbfs         updates   2.0.7-4     alpha, arm, i386, m68k, powerpc, sparc
swat          stable    2.0.7-3.4   alpha, arm, i386, m68k, powerpc, sparc
swat          updates   2.0.7-4     alpha, arm, i386, m68k, powerpc, sparc

	ChangeLog says:

	* Permanently fix problem with NMU's being built against incorrect
	  kernel
	  interfaces (closes: #94380, #95015, #102226)

	* add uploaders: header to control file

	This upload most probably fixes the problem with the old alpha
	version not being able to run properly due to a bad build
	environment.  This problem may be solved by a general
	change...  may be...  Steve Langasek should speak up...

	He said:

	Samba upstream takes advantage of the best system facilities
	(libc/kernel) available at compile time.  Because Debian
	releases usually include a baseline kernel and an
	'experimental' kernel, Eloy and I have introduced packaging
	code in unstable that prevents Samba from detecting facilities
	that it should not be compiled against.  The 2.0.7-4 upload
	backports these packaging mods to potato, both correcting the
	problems with past alpha security NMUs and safeguarding
	against the possibility of future problems with security NMUs
	in potato.

	Rejecting on behalf of the maintainer, see Bug#127444:

	Upgrading from samba 2.0.7-3.4 to 2.0.7-4 broke printing (from
	windows clients) on our misc server [..]


Disclaimer
----------

This list intends to help the ftp-masters releasing 2.2r5.  They have the
final power to accept a package or not.  If you want to comment on
this list, please send a mail to Martin Schulze <joey@debian.org>.


-- 
The MS-DOS filesystem is nice for removable media.  -- H. Peter Anvin

Please always Cc to me when replying to me on the lists.

Attachment: pgp3sxHqD9mOx.pgp
Description: PGP signature


Reply to: