Preparation of Debian GNU/Linux 2.2r6
=====================================
An up-to-date version is at http://master.debian.org/~joey/2.2r6/
I am preparing another revision of the stable Debian distribution (r6)
and will infrequently send reports so people can actually comment on
it and intervene whenever this is required.
The plan is to get this revision of Debian GNU/Linux 2.2 (codename
`potato') out at the beginning of April this year (2002) -- some code
rewrite is required though. James Troup still has to give the final
approval for each package since he is the ftpmaster involved with
stable revisions. However, I will try to make his work as easy as
possible in the hope to get the next revision out properly. Thanks
for your attention.
This may also be the last version of the 2.2 series, depending on how
well the woody release is making progress. There is, however, still a
possibility another update (r7, to be scheduled at the beginning of
June) has to be released before Debian 3.0.
My requirements for packages to go into stable:
1. The package fixes a security problem. An advisory by our own
Security Team would be quite helpful. I really should make this a
requirement for security uploads.
2. The package fixes a critical bug which can lead into data loss,
data corruption, or an overly broken system, or the package is
broken or not usable (anymore).
3. The stable version of the package is not installable at all due to
broken or unmet dependencies or broken installation scripts.
4. All released architectures have to be in sync.
Packages, which I will most probably reject:
. Package which fix non-critical bugs.
. Misplaced uploads, i.e. packages that were uploaded to 'stable
unstable' or `frozen unstable'.
. Packages for which its binary packages are out of sync with regard
to all supported architectures in the stable distribution.
. Binary packages for which the source got lost somehow.
Accepted packages
-----------------
These packages should be installed into stable and be part of the next
revision.
libace-doc stable 5.0.7-4 all
libace5.0-dev stable 5.0.7-2 alpha
libace5.0-dev stable 5.0.7-4 arm, i386, m68k, powerpc, sparc
libace5.0-dev updates 5.0.7-4 alpha
libace5.0 stable 5.0.7-2 alpha
libace5.0 stable 5.0.7-4 arm, i386, m68k, powerpc, sparc
libace5.0 updates 5.0.7-4 alpha
Get Alpha version back in sync
adjtimex stable 1.10-1 alpha, i386
adjtimex stable 1.5-1 sparc
adjtimex stable 1.5-3 powerpc
adjtimex stable 1.7-1 arm
adjtimex stable 1.8.1-1 m68k
adjtimex updates 1.10-1 arm, m68k, powerpc, sparc
Get versions in sync, apart from that:
* New upstream release - security fix: use popen() to recover output from
ntpdate, instead of an unsafe temporary file (thanks to Colin Phipps
<crp22@cam.ac.uk>) (closes:bug#56752)
at stable 3.1.8-10 alpha, arm, i386, m68k, powerpc, sparc
at updates 3.1.8-10.2 alpha, arm, i386, m68k, powerpc, sparc
Security Upload, DSA 102
cfs stable 1.3.3-8 alpha, arm, i386, m68k, powerpc, sparc, source
cfs updates 1.3.3-8.1 alpha, arm, i386, m68k, powerpc, sparc, source
Security Upload, DSA 116
* bug: buffer overflows in cfsd server daemon code: cvs_adm.c,
cvs_fh.c (thx Zorgon for pointing at this). Some careless
strcpy()'s in the server code caused cfsd to die with
segfault when attaching crypto directories with long
pathnames and on filehandle operations in attached crypto
directories with long pathnames, see bug #135903 for details
(closes: #135903).
cupsys-bsd stable 1.0.4-9 alpha, arm, i386, m68k, powerpc, sparc
cupsys-bsd updates 1.0.4-12 alpha, arm, i386, m68k, powerpc, sparc
cupsys stable 1.0.4-9 alpha, arm, i386, m68k, powerpc, sparc, source
cupsys updates 1.0.4-12 alpha, arm, i386, m68k, powerpc, sparc, source
libcupsys1-dev stable 1.0.4-9 alpha, arm, i386, m68k, powerpc, sparc
libcupsys1-dev updates 1.0.4-12 alpha, arm, i386, m68k, powerpc, sparc
libcupsys1 stable 1.0.4-9 alpha, arm, i386, m68k, powerpc, sparc
libcupsys1 updates 1.0.4-12 alpha, arm, i386, m68k, powerpc, sparc
-10: Security upload: DSA 110, Buffer overflow
-11: More security fixes: more complete patch for attribute
buffer handling and a more correct path validation check to
prevent ".." attacks.
-12: Remove lpd backend for security reasons.
cvs-doc stable 1.10.7-7 all
cvs-doc updates 1.10.7-9 all
cvs stable 1.10.7-7 alpha, arm, i386, m68k, powerpc, sparc, source
cvs updates 1.10.7-9 alpha, arm, i386, m68k, powerpc, sparc, source
* Add fix for possible security hole i diff, thanks to Niels
Heinen for pointing it out, and Larry Jones for the patch.
DSA 117 - improper variable initialization
dump stable 0.4b16-1 alpha, arm, i386, m68k, powerpc, sparc
dump updates 0.4b25-0.potato.1 alpha, arm, i386, m68k, powerpc, sparc
* back-port dump current version to potato at the request of
Martin Schulze. The 0.4b22 upstream version included
important fixes for data corruption that can occur with the
version that was released with potato.
everybuddy stable 0.0.7-3 alpha, arm, i386, m68k, powerpc, sparc, source
The current maintainer, Michael D. Ivey, told me that the
potato version is so out-dated that it doesn't work with any
current protocol, thus is completely useless. There may even
be security implications, that are dubious. The current
maintainer has agreed to remove the package from stable.
faqomatic stable 2.603-1.1 all
faqomatic updates 2.603-1.2 all
Security upload, DSA 109, cross-site scripting vulnerability
fml stable 3.0+beta.20000106-1 all
fml updates 3.0+beta.20000106-5 all
DSA 088, improper character escaping
gcc stable 1:2.95.2-13 alpha, i386, powerpc, sparc
gcc stable 1:2.95.2-13.1 arm, m68k
gcc updates 1:2.95.2-13.1 alpha, i386, powerpc, sparc
Changelog says:
* Non-maintainer upload
* Add new patch for ARM (closes #75801)
Clarification required. Doko queried. He approved, the patch
is conditionalized so gets only applied on ARM.
glibc-doc stable 2.1.3-19 all
glibc-doc updates 2.1.3-20 all
i18ndata stable 2.1.3-19 all
i18ndata updates 2.1.3-20 all
libc6-dbg stable 2.1.3-19 arm, i386, m68k, powerpc, sparc
libc6-dbg updates 2.1.3-20 arm, i386, m68k, powerpc, sparc
libc6-dev stable 2.1.3-19 arm, i386, m68k, powerpc, sparc
libc6-dev updates 2.1.3-20 arm, i386, m68k, powerpc, sparc
libc6-pic stable 2.1.3-19 arm, i386, m68k, powerpc, sparc
libc6-pic updates 2.1.3-20 arm, i386, m68k, powerpc, sparc
libc6-prof stable 2.1.3-19 arm, i386, m68k, powerpc, sparc
libc6-prof updates 2.1.3-20 arm, i386, m68k, powerpc, sparc
libc6.1-dbg stable 2.1.3-19 alpha
libc6.1-dbg updates 2.1.3-20 alpha
libc6.1-dev stable 2.1.3-19 alpha
libc6.1-dev updates 2.1.3-20 alpha
libc6.1-pic stable 2.1.3-19 alpha
libc6.1-pic updates 2.1.3-20 alpha
libc6.1-prof stable 2.1.3-19 alpha
libc6.1-prof updates 2.1.3-20 alpha
libc6.1 stable 2.1.3-19 alpha
libc6.1 updates 2.1.3-20 alpha
libc6 stable 2.1.3-19 arm, i386, m68k, powerpc, sparc
libc6 updates 2.1.3-20 arm, i386, m68k, powerpc, sparc
locales stable 2.1.3-19 alpha, arm, i386, m68k, powerpc, sparc
locales updates 2.1.3-20 alpha, arm, i386, m68k, powerpc, sparc
nscd stable 2.1.3-19 alpha, arm, i386, m68k, powerpc, sparc
nscd updates 2.1.3-20 alpha, arm, i386, m68k, powerpc, sparc
Glob security patch. DSA 103
gnujsp stable 1.0.0-4 all, source
gnujsp updates 1.0.0-5 all, source
Security fix for disclosure of directory contents and script
sources
DSA 114
gzip stable 1.2.4-33 alpha, arm, i386, m68k, powerpc, sparc, source
gzip updates 1.2.4-33.1 alpha, arm, i386, m68k, powerpc, sparc, source
DSA 100 - Buffer overflow
hanterm stable 1:3.3.1p17-5.1 alpha, arm, i386, m68k, powerpc, sparc, source
hanterm updates 1:3.3.1p17-5.2 alpha, arm, i386, m68k, powerpc, sparc, source
DSA 112
icecast-server stable 1.0.0-1 alpha, arm, i386, m68k, powerpc, sparc
icecast-server updates 1.3.10-1 alpha, arm, m68k, powerpc, sparc
icecast-server updates 1.3.10-1.1 i386
DSA 089
jgroff stable 1.15+ja-3.2 alpha, arm, i386, m68k, powerpc, sparc
jgroff updates 1.15+ja-3.4 alpha, arm, i386, m68k, powerpc, sparc
DSA 107
kernel-doc-2.2.19 stable 2.2.19.1-2 all
kernel-doc-2.2.19 updates 2.2.19.1-4 all
kernel-headers-2.2.19-compact stable 2.2.19-4potato.5 i386
kernel-headers-2.2.19-compact updates 2.2.19-4potato.7 i386
kernel-headers-2.2.19-idepci stable 2.2.19-4potato.5 i386
kernel-headers-2.2.19-idepci updates 2.2.19-4potato.7 i386
kernel-headers-2.2.19-ide stable 2.2.19-4potato.5 i386
kernel-headers-2.2.19-ide updates 2.2.19-4potato.7 i386
kernel-headers-2.2.19 stable 2.2.19-1potato.3 alpha
kernel-headers-2.2.19 stable 2.2.19-2 m68k
kernel-headers-2.2.19 stable 2.2.19-2.0potato1 powerpc
kernel-headers-2.2.19 stable 2.2.19-4potato.5 i386
kernel-headers-2.2.19 updates 2.2.19-1potato.5 alpha
kernel-headers-2.2.19 updates 2.2.19-2.0potato2 powerpc
kernel-headers-2.2.19 updates 2.2.19-4potato.7 i386
kernel-image-2.2.19-chrp stable 2.2.19-2.0potato1 powerpc
kernel-image-2.2.19-chrp updates 2.2.19-2.0potato2 powerpc
kernel-image-2.2.19-compact stable 2.2.19-4potato.5 i386
kernel-image-2.2.19-compact updates 2.2.19-4potato.7 i386
kernel-image-2.2.19-generic stable 2.2.19-1potato.3 alpha
kernel-image-2.2.19-generic updates 2.2.19-1potato.5 alpha
kernel-image-2.2.19-idepci stable 2.2.19-4potato.5 i386
kernel-image-2.2.19-idepci updates 2.2.19-4potato.7 i386
kernel-image-2.2.19-ide stable 2.2.19-4potato.5 i386
kernel-image-2.2.19-ide updates 2.2.19-4potato.7 i386
kernel-image-2.2.19-jensen stable 2.2.19-1potato.3 alpha
kernel-image-2.2.19-jensen updates 2.2.19-1potato.5 alpha
kernel-image-2.2.19-nautilus stable 2.2.19-1potato.3 alpha
kernel-image-2.2.19-nautilus updates 2.2.19-1potato.5 alpha
kernel-image-2.2.19-pmac stable 2.2.19-2.0potato1 powerpc
kernel-image-2.2.19-pmac updates 2.2.19-2.0potato2 powerpc
kernel-image-2.2.19-prep stable 2.2.19-2.0potato1 powerpc
kernel-image-2.2.19-prep updates 2.2.19-2.0potato2 powerpc
kernel-image-2.2.19-smp stable 2.2.19-1potato.3 alpha
kernel-image-2.2.19-smp updates 2.2.19-1potato.5 alpha
kernel-image-2.2.19 stable 2.2.19-4potato.5 i386
kernel-image-2.2.19 updates 2.2.19-4potato.7 i386
kernel-patch-2.2.19-powerpc stable 2.2.19-2.0potato1 all, source
kernel-patch-2.2.19-powerpc updates 2.2.19-2.0potato2 all, source
kernel-source-2.2.19 stable 2.2.19.1-2 all, source
kernel-source-2.2.19 updates 2.2.19.1-4 all, source
Security Update (following up to DSA 122)
kernel-source 2.2.19.1-3: Fixed double free in drivers/net/zlib.c
kernel-source 2.2.19.1-4: Fixed remaining double free in drivers/net/zlib.c
kernel-image-2.2.19-alpha_2.2.19-1potato.5: built against 2.2.19.1-4
kernel-image-2.2.19-i386_2.2.19-4potato.7: built against 2.2.19.1-4
kernel-patch-2.2.19-powerpc_2.2.19-2.0potato2: built against 2.2.19.1-4
MISSING m68k: elmo -u -e -a source -v 2.2.19.1-4 kernel-source-2.2.19
listar-cgi stable 0.129a-2 alpha, arm, i386, m68k, powerpc, sparc
listar-cgi updates 0.129a-2.potato1 alpha, arm, i386, m68k, powerpc, sparc
listar stable 0.129a-2 alpha, arm, i386, m68k, powerpc, sparc, source
listar updates 0.129a-2.potato1 alpha, arm, i386, m68k, powerpc, sparc, source
DSA 123 - Remote exploit
maildrop stable 0.75-2 alpha
maildrop stable 0.75-2.1 arm, i386, m68k, powerpc, sparc, source
maildrop updates 0.75-2.1 alpha
Get versions back in sync
man2html stable 1.5-23 alpha, arm, i386, m68k, powerpc, sparc
man2html updates 1.5-23.1 alpha, arm, i386, m68k, powerpc, sparc
* Recompiled with correct CGIBASE to avoid bad links; closes: #104474.
Grave bug, warrants inclusion into stable.
masqmail stable 0.0.12-2 alpha
masqmail stable 0.0.12-3 arm, i386, m68k, powerpc, sparc, source
masqmail updates 0.0.12-3 alpha
Get versions back in sync
libmhash1 stable 0.6.1-1 alpha, i386, m68k, powerpc, sparc
libmhash1 updates 0.6.1-1 arm
mhash stable 0.6.1-1 source
Get versions back in sync
apache-ssl stable 1.3.9.13-2 alpha, arm, i386, m68k, powerpc, sparc, source
apache-ssl updates 1.3.9.13-4 alpha, arm, i386, m68k, powerpc, sparc, source
libapache-mod-ssl-doc stable 2.4.10-1.3.9-1 all
libapache-mod-ssl-doc updates 2.4.10-1.3.9-1potato1 all
libapache-mod-ssl stable 2.4.10-1.3.9-1 alpha, arm, i386, m68k, powerpc, sparc, source
libapache-mod-ssl updates 2.4.10-1.3.9-1potato1 alpha, arm, i386, m68k, powerpc, sparc, source
DSA 120 - Buffer overflow in mod_ssl and apache-ssl
mtr stable 0.41-5 alpha, arm, i386, m68k, powerpc, sparc, source
mtr updates 0.41-6 alpha, arm, i386, m68k, powerpc, sparc, source
DSA 124 - buffer overflow
libncurses5-dbg stable 5.0-6.0potato1 alpha, arm, i386, m68k, powerpc, sparc
libncurses5-dbg updates 5.0-6.0potato2 alpha, arm, i386, m68k, powerpc, sparc
libncurses5-dev stable 5.0-6.0potato1 alpha, arm, i386, m68k, powerpc, sparc
libncurses5-dev updates 5.0-6.0potato2 alpha, arm, i386, m68k, powerpc, sparc
libncurses5 stable 5.0-6.0potato1 alpha, arm, i386, m68k, powerpc, sparc
libncurses5 updates 5.0-6.0potato2 alpha, arm, i386, m68k, powerpc, sparc
ncurses-base stable 5.0-6.0potato1 all
ncurses-base updates 5.0-6.0potato2 all
ncurses-bin stable 5.0-6.0potato1 alpha, arm, i386, m68k, powerpc, sparc
ncurses-bin updates 5.0-6.0potato2 alpha, arm, i386, m68k, powerpc, sparc
ncurses-term stable 5.0-6.0potato1 all
ncurses-term updates 5.0-6.0potato2 all
DSA 113
Security upload, fixing a buffer overflow I missed in the
original pass through the code (Closes: #118002).
libncurses4-dev stable 4.2-9 alpha, arm, i386, m68k, sparc
libncurses4-dev updates 4.2-9 powerpc
libncurses4 stable 4.2-6 powerpc
libncurses4 stable 4.2-9 alpha, arm, i386, m68k, sparc
libncurses4 updates 4.2-9 powerpc
It's all Heidi's fault. It'll get the version in potato in
sync at least.
libnasl0-dev stable 0.99.2-1 alpha
libnasl0-dev stable 0.99.4-1 i386, m68k, powerpc, sparc
libnasl0-dev updates 0.99.4-1 alpha
libnasl0 stable 0.99.2-1 alpha
libnasl0 stable 0.99.4-1 i386, m68k, powerpc, sparc
libnasl0 updates 0.99.4-1 alpha
libnessus0-dev stable 0.99.2-1 alpha
libnessus0-dev stable 0.99.4-1 i386, m68k, powerpc, sparc
libnessus0-dev updates 0.99.4-1 alpha
libnessus0 stable 0.99.2-1 alpha
libnessus0 stable 0.99.4-1 i386, m68k, powerpc, sparc
libnessus0 updates 0.99.4-1 alpha
nessus-plugins stable 0.99.2-1 alpha
nessus-plugins stable 0.99.4-1 i386, m68k, powerpc, sparc, source
nessus-plugins updates 0.99.4-1 alpha
Get Alpha version of nessus/libnasl back in sync
netkit-ntalk stable 0.10-8 source
talkd stable 0.10-7 alpha
talkd stable 0.10-8 arm, i386, m68k, powerpc, sparc
talkd updates 0.10-8 alpha
talk stable 0.10-7 alpha
talk stable 0.10-8 arm, i386, m68k, powerpc, sparc
talk updates 0.10-8 alpha
Get Alpha version back in sync
nfs-common stable 1:0.1.9.1-1 alpha, arm, i386, m68k, powerpc, sparc
nfs-common updates 1:0.1.9.1-1.potato1 alpha, arm, i386, m68k, powerpc, sparc
nfs-kernel-server stable 1:0.1.9.1-1 alpha, arm, i386, m68k, powerpc, sparc
nfs-kernel-server updates 1:0.1.9.1-1.potato1 alpha, arm, i386, m68k, powerpc, sparc
nhfsstone stable 1:0.1.9.1-1 alpha, arm, i386, m68k, powerpc, sparc
nhfsstone updates 1:0.1.9.1-1.potato1 alpha, arm, i386, m68k, powerpc, sparc
Support statd callbacks from later 2.2 kernels. (Bug#111990)
It seems that this upload fixes a disparity between late 2.2
kernels and the older nfs-utils package from stable in
connection with statd/lockd. Problem seems to exist for
non-Linux clients at least.
pcmcia-modules-2.2.19-compact stable 3.1.22-0.2potatok4potato.5 i386
pcmcia-modules-2.2.19-compact updates 3.1.22-0.2potatok4potato.7 i386
pcmcia-modules-2.2.19-idepci stable 3.1.22-0.2potatok4potato.5 i386
pcmcia-modules-2.2.19-idepci updates 3.1.22-0.2potatok4potato.7 i386
pcmcia-modules-2.2.19-ide stable 3.1.22-0.2potatok4potato.5 i386
pcmcia-modules-2.2.19-ide updates 3.1.22-0.2potatok4potato.7 i386
pcmcia-modules-2.2.19-pmac stable 3.1.22-0.2potatok2.0potato1 powerpc
pcmcia-modules-2.2.19-pmac updates 3.1.22-0.2potatok2.0potato2 powerpc
pcmcia-modules-2.2.19 stable 3.1.22-0.2potatok4potato.5 i386
pcmcia-modules-2.2.19 updates 3.1.22-0.2potatok4potato.7 i386
These packages seem to update pcmcia-cs for current kernel images.
Why no different changelog entry?
Herbert Xu: Because of the way pcmcia-cs is arranged. The
same pcmcia source is used to compile against arbitrary kernel
module packages.
Why for that ancient kernel source instead of the newly
uploaded kernel-source 2.2.19.1-4?
Herbert Xu: The changelog entry is for pcmcia-cs, not the
module. The version number can be deduced from the deb
itself. Do a dpkg -I on it and check the Depends field.
php3-cgi-gd stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-gd updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-imap stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-imap updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-ldap stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-ldap updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-magick stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-magick updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-mhash stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-mhash updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-mysql stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-mysql updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-pgsql stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-pgsql updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-snmp stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-snmp updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-xml stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi-xml updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-cgi updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-dev stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-dev updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-gd stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-gd updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-imap stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-imap updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-ldap stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-ldap updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-magick stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-magick updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-mhash stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-mhash updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-mysql stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-mysql updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-pgsql stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-pgsql updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-snmp stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-snmp updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3-xml stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc
php3-xml updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc
php3 stable 3:3.0.18-0potato1 alpha, arm, i386, m68k, powerpc, sparc, source
php3 updates 3:3.0.18-0potato1.1 alpha, arm, i386, m68k, powerpc, sparc, source
php4-cgi-gd stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-cgi-gd updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-cgi-imap stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-cgi-imap updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-cgi-ldap stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-cgi-ldap updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-cgi-mhash stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-cgi-mhash updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-cgi-mysql stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-cgi-mysql updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-cgi-pgsql stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-cgi-pgsql updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-cgi-snmp stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-cgi-snmp updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-cgi-xml stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-cgi-xml updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-cgi stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-cgi updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-dev stable 4.0.3pl1-0potato2 all
php4-dev updates 4.0.3pl1-0potato3 all
php4-gd stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-gd updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-imap stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-imap updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-ldap stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-ldap updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-mhash stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-mhash updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-mysql stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-mysql updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-pgsql stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-pgsql updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-snmp stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-snmp updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4-xml stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc
php4-xml updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc
php4 stable 4.0.3pl1-0potato2 alpha, i386, m68k, powerpc, sparc, source
php4 updates 4.0.3pl1-0potato3 alpha, i386, m68k, powerpc, sparc, source
DSA 115 - Broken boundary check and more
pine396-diffs stable 5 all
pine396-src stable 3 all
pine4-diffs stable 2 all
pine4-src stable 1 all
These PINE packages contain security problems and the
maintainer agrees that it would be best to remove them from
the stable directory entirely. People who still want to use
PINE should check the pine-tracker package.
pine: Bad url handling exploit
remove pine
remove pine396-diffs
remove pine396-src
remove pine4
remove pine4-diffs
remove pine4-src
samba-common stable 2.0.7-3.4 alpha, arm, i386, m68k, powerpc, sparc
samba-common updates 2.0.7-5 alpha, arm, i386, m68k, powerpc, sparc
samba-doc stable 2.0.7-3.4 all
samba-doc updates 2.0.7-5 all
samba stable 2.0.7-3.4 alpha, arm, i386, m68k, powerpc, sparc
samba updates 2.0.7-5 alpha, arm, i386, m68k, powerpc, sparc
smbclient stable 2.0.7-3.4 alpha, arm, i386, m68k, powerpc, sparc
smbclient updates 2.0.7-5 alpha, arm, i386, m68k, powerpc, sparc
smbfs stable 2.0.7-3.4 alpha, arm, i386, m68k, powerpc, sparc
smbfs updates 2.0.7-5 alpha, arm, i386, m68k, powerpc, sparc
swat stable 2.0.7-3.4 alpha, arm, i386, m68k, powerpc, sparc
swat updates 2.0.7-5 alpha, arm, i386, m68k, powerpc, sparc
ChangeLog says:
* Permanently fix problem with NMU's being built against incorrect
kernel interfaces (closes: #94380, #95015, #102226)
* add uploaders: header to control file
This upload most probably fixes the problem with the old alpha
version not being able to run properly due to a bad build
environment. This problem may be solved by a general
change... may be... Steve Langasek should speak up...
He said:
Samba upstream takes advantage of the best system facilities
(libc/kernel) available at compile time. Because Debian
releases usually include a baseline kernel and an
'experimental' kernel, Eloy and I have introduced packaging
code in unstable that prevents Samba from detecting facilities
that it should not be compiled against. The 2.0.7-4 upload
backports these packaging mods to potato, both correcting the
problems with past alpha security NMUs and safeguarding
against the possibility of future problems with security NMUs
in potato.
New Changelog says (2.0.7-5):
* Add Build-Depends line; the previous upload was missing
potentially
important library linkage on some architectures.
* Fix debian/rules to use xxx-linux instead of xxx-linux-gnu;
config.sub doesn't grok the latter, causing printing to break
(closes: #127444)
According to Steve Langasek this version is fine and suited
for stable.
sendmail-wide stable 8.9.3+3.2W-20 alpha
sendmail-wide stable 8.9.3+3.2W-23 i386, m68k, powerpc, sparc, source
sendmail-wide updates 8.9.3+3.2W-23 alpha
Get alpha version back in sync
squid-cgi stable 2.2.5-3.2 alpha, arm, i386, m68k, powerpc, sparc
squid-cgi updates 2.2.5-4 alpha, arm, i386, m68k, powerpc, sparc
squidclient stable 2.2.5-3.2 alpha, arm, i386, m68k, powerpc, sparc
squidclient updates 2.2.5-4 alpha, arm, i386, m68k, powerpc, sparc
squid stable 2.2.5-3.2 alpha, arm, i386, m68k, powerpc, sparc, source
squid updates 2.2.5-4 alpha, arm, i386, m68k, powerpc, sparc, source
Upload to address the problems as identified in the 2.4 series.
o ftp://user@pass overflow: not vulnerable
o HTCP cannot be turned off if compiled in: not vulnerable,
the Debian package has had the "turn off HTCP" patch for
ages
o SNMP memory leak potential DOS: applied patch for squid
2.4.STABLE3
sudo stable 1.6.2p2-2 alpha, arm, i386, m68k, powerpc, sparc
sudo updates 1.6.2p2-2.1 alpha, arm, i386, m68k, powerpc, sparc
Security Upload, DSA 101
tkseti stable 2.12-2 alpha, arm, i386, powerpc, sparc, source
tkseti updates 2.12-2 m68k
Get m68k version back in sync
libsnmp4.1-dev stable 4.1.1-2 alpha, arm, i386, m68k, powerpc, sparc
libsnmp4.1-dev updates 4.1.1-2.2 alpha, arm, i386, m68k, powerpc, sparc
libsnmp4.1 stable 4.1.1-2 alpha, arm, i386, m68k, powerpc, sparc
libsnmp4.1 updates 4.1.1-2.2 alpha, arm, i386, m68k, powerpc, sparc
snmpd stable 4.1.1-2 alpha, arm, i386, m68k, powerpc, sparc
snmpd updates 4.1.1-2.2 alpha, arm, i386, m68k, powerpc, sparc
snmp stable 4.1.1-2 alpha, arm, i386, m68k, powerpc, sparc
snmp updates 4.1.1-2.2 alpha, arm, i386, m68k, powerpc, sparc
ucd-snmp stable 4.1.1-2 source
ucd-snmp updates 4.1.1-2.2 source
DSA 111 - Multiple vulnerabilities
uucp stable 1.06.1-11potato1 alpha, arm, i386, m68k, powerpc, sparc
uucp updates 1.06.1-11potato2 alpha, arm, i386, m68k, powerpc, sparc
Security Upload, DSA 079-2, uucp uid/gid access
wmtv stable 0.6.5-2 alpha, arm, i386, m68k, powerpc
wmtv stable 0.6.5-2.0.1 sparc
wmtv updates 0.6.5-2potato2 alpha, arm, i386, m68k, powerpc, sparc
Security Upload, DSA 108, symlink vulnerability
xchat-common stable 1.4.3-0.1 all
xchat-common updates 1.4.3-1 all
xchat-gnome stable 1.4.3-0.1 arm, i386, m68k, powerpc, sparc
xchat-gnome stable 1.4.3-0.1.1 alpha
xchat-gnome updates 1.4.3-1 alpha, arm, i386, m68k, powerpc, sparc
xchat-text stable 1.4.3-0.1 arm, i386, m68k, powerpc, sparc
xchat-text stable 1.4.3-0.1.1 alpha
xchat-text updates 1.4.3-1 alpha, arm, i386, m68k, powerpc, sparc
xchat stable 1.4.3-0.1 arm, i386, m68k, powerpc, sparc
xchat stable 1.4.3-0.1.1 alpha
xchat updates 1.4.3-1 alpha, arm, i386, m68k, powerpc, sparc
* Fixed "Xchat 1.4.2 and 1.4.3 IRC session hijacking vulnerability",
(http://www.securityfocus.com/archive/1/249113); patch
provided by upstream author, Peter Zelezny <zed@linux.com>.
DSA 099
xcin stable 2.3.04-1 arm
xcin stable 2.5.1.3-1 powerpc
xcin stable 2.5.1.99.pre6.1-1 alpha
xcin stable 2.5.2-1 i386, m68k, sparc
xcin updates 2.5.2-1 alpha, arm, powerpc
Get versions back in sync
xmysqladmin stable 1.0-5 m68k
xmysqladmin stable 1.0-7 alpha, i386, powerpc, source
xmysqladmin updates 1.0-7 m68k
Get m68k version back in sync
xsane stable 0.50-5 alpha, arm, i386, m68k, powerpc, sparc, source
xsane updates 0.50-5.1 alpha, arm, i386, m68k, powerpc, sparc, source
DSA 118 - insecure temporary files
zmailer-ssl stable 2.99.50.s19-2 alpha
zmailer-ssl stable 2.99.51.52pre3-2 arm, i386, m68k, powerpc, sparc, source
zmailer-ssl updates 2.99.51.52pre3-2 alpha
Get Alpha version back in sync
Further investigation
---------------------
These packages need further investigation. One reason the package is
listed here could be that I'm not yet convinced this package should go
into stable, but don't want to reject it entirely at the moment.
Another reason could be that released and updated architectures are
not in sync yet.
eruby stable 0.0.4-1.0 m68k
eruby stable 0.0.4-1.2 alpha
eruby stable 0.0.9-1potato1 arm, i386, powerpc, sparc, source
eruby updates 0.0.9-1potato1 alpha
MISSING m68k
libnss-ldap stable 110-2 alpha, powerpc
libnss-ldap stable 122-1 arm, i386, m68k, sparc, source
libnss-ldap updates 122-1 alpha
Get Alpha version back in sync
MISSING powerpc
photopc stable 2.1-1 powerpc
photopc stable 2.8-3 arm
photopc stable 3.02-2 alpha, i386, sparc, source
photopc updates 3.02-2 powerpc
Get versions in sync.
MISSING arm
unixcw stable 1.1a-2 arm
unixcw stable 1.1a-5 alpha, i386, source
unixcw updates 1.1a-5 powerpc, sparc
Get package in sync through all architectures.
MISSING arm
xtell stable 1.91 alpha, arm, i386, m68k, powerpc, sparc, source
xtell updates 1.91.1 alpha, arm, powerpc, sparc
xtell updates 1.91.2 i386, m68k, source
DSA 121 - several vulnerabilities
A couple of arch's missing for .2, but uploaded already
Rejected packages
-----------------
These packages don't meet the requirements.
dvi2ps-fontdata-a2n stable 1.0-5 all
dvi2ps-fontdata-a2n updates 1.0-7 all
dvi2ps-fontdata-bsr stable 1.0-5 all
dvi2ps-fontdata-bsr updates 1.0-7 all
dvi2ps-fontdata-ja stable 1.0-5 all
dvi2ps-fontdata-ja updates 1.0-7 all
dvi2ps-fontdata-n2a stable 1.0-5 all
dvi2ps-fontdata-n2a updates 1.0-7 all
dvi2ps-fontdata-ptexfake stable 1.0-5 all
dvi2ps-fontdata-ptexfake updates 1.0-7 all
dvi2ps-fontdata-rrs stable 1.0-5 all
dvi2ps-fontdata-rrs updates 1.0-7 all
dvi2ps-fontdata-rsp stable 1.0-5 all
dvi2ps-fontdata-rsp updates 1.0-7 all
dvi2ps-fontdata-tbank stable 1.0-5 all
dvi2ps-fontdata-tbank updates 1.0-7 all
dvi2ps-fontdata-three stable 1.0-5 all
dvi2ps-fontdata-three updates 1.0-7 all
Misplaced upload to 'stable unstable'
efingerd stable 1.3 alpha, arm, i386, m68k, powerpc, sparc, source
efingerd updates 1.3.2 alpha, arm, i386, m68k, powerpc, sparc, source
Alleged security update, .1 and .2 are broken, though.
Joey is discussion the issue with the maintainer.
jtex-base stable 1.8-6 all, source
jtex-base updates 1.8-7 all, source
Misplaced upload, stable+unstable
rsync stable 2.3.2-1.2 alpha, arm, i386, m68k, powerpc, sparc
rsync updates 2.3.2-1.3 alpha, arm, i386, m68k, powerpc, sparc
DSA 106
Broken packages, hence rejecting
Disclaimer
----------
This list intends to help the ftp-masters releasing 2.2r6. They have the
final power to accept a package or not. If you want to comment on
this list, please send a mail to Martin Schulze <joey@debian.org>.
--
Life is too short to run proprietary software. -- Bdale Garbee
Attachment:
pgps1GJ3cRbKA.pgp
Description: PGP signature