Press Anouncement preparation for Sarge r3

To: press@debian.org, debian-publicity@lists.debian.org
Subject: Press Anouncement preparation for Sarge r3
From: Martin Zobel-Helas <zobel@ftbfs.de>
Date: Tue, 29 Aug 2006 19:28:10 +0200
Message-id: <[🔎] 20060829172810.GR15020@frigg.ftbfs.de>

Hi,

please let us try to prepare the upcoming release announcement for Sarge
r3. We should outline that a new Debian installer package has been
built. Also i would like to prefere to have the packages that are
non-DSA this time could be mentioned first, as VERY many persons asked
last time, why "foo" is to be updated, as most of them did not read the
announcement to the end of the mail.

Also i would like to request, to hold back the release announcement as
long as no CD images are build. a) as the new debian installer is built,
most persons will start downloading cdimages as soon as the release
announcement is out, and b) we need to actually test the d-i, as we need
packages in stable for testing d-i builds. This will result in broken
cdimages for some cds in the timeframe, but i think we can handle that.

Greetigs
Martin


The following DSAs will be included in the upcoming point release:
------------------------------------------------------------------
DSA  725 ppxp - fix local root exploit
DSA  986 gnutls11 - buffer overflows
DSA 1017 Linux kernel 2.6.8 - fix several vulnerabilities
DSA 1018 Linux Kernel 2.4.27 - fix several vulnerabilities
DSA 1027 mailman - programming error
DSA 1032 zope-cmfplone - programming error
DSA 1035 fcheck - fix insecure temporary file creation
DSA 1036 bsdgames - fix local privilege escalation
DSA 1037 zgv - programming error
DSA 1038 xzgv - fix arbitrary code execution
DSA 1039 blender - fix several vulnerabilities
DSA 1040 gdm - fix local root exploit
DSA 1041 abc2ps - fixing buffer overflows
DSA 1042 cyrus-sasl2 - fix denial of service
DSA 1043 abcmidi - fix arbitrary code execution
DSA 1044 mozilla-firefox - several vulnerabilities
DSA 1045 openvpn - design error
DSA 1046 mozilla - several vulnerabilities
DSA 1047 resmgr - programming error
DSA 1048 asterisk - fix arbitrary code execution
DSA 1049 ethereal - fix several vulnerabilities
DSA 1050 clamav - fix denial of service or arbitrary code execution
DSA 1051 mozilla-thunderbird - several vulnerabilities
DSA 1052 cgiirc - fix arbitrary code execution
DSA 1053 mozilla - programming error
DSA 1054 tiff - fix denial of service and arbitrary code execution 
DSA 1055 mozilla-firefox - programming error
DSA 1056 webcalendar - verbose error message
DSA 1057 phpldapadmin - missing input sanitising
DSA 1058 awstats - fix arbitrary command execution
DSA 1059 quagga - several vulnerabilities
DSA 1060 kernel-patch-vserver - fix privilege escalation
DSA 1061 popfile - missing input sanitising
DSA 1062 kphone - insecure file creation
DSA 1063 phpgroupware - fix execution of arbitrary web script code
DSA 1064 cscope - fix arbitrary code execution
DSA 1065 hostapd - fix denial of service 
DSA 1066 phpbb2 - missing input sanitising 
DSA 1068 fbi - fix denial of service
DSA 1072 nagios - buffer overflow
DSA 1073 mysql-dfsg-4.1 - fix several vulnerabilities 
DSA 1074 mpg123 - fix arbitrary code execution
DSA 1075 awstats - fix arbitrary command execution
DSA 1076 lynx - programming error
DSA 1078 tiff - fix denial of service
DSA 1079 mysql-dfsg - several vulnerabilities
DSA 1080 dovecot - fix directory traversal
DSA 1081 libextractor - buffer overflow
DSA 1083 motor - buffer overflow
DSA 1084 typespeed - fix arbitrary code execution
DSA 1085 lynx-cur - several vulnerabilities
DSA 1086 xmcd - fix denial of service
DSA 1087 postgresql - fix encoding vulnerabilities
DSA 1088 centericq - fix arbitrary code execution
DSA 1090 spamassassin - programming error
DSA 1091 tiff - fix arbitrary code execution
DSA 1092 mysql-dfsg-4.1 - fix SQL injection
DSA 1093 xine - format string
DSA 1094 gforge - fix cross-site scripting
DSA 1095 freetype - fix several vulnerabilities
DSA 1096 webcalendar - uninitialised variable
DSA 1097 Linux kernel 2.4.27 - fix several vulnerabilities
DSA 1098 horde3 - missing input sanitising
DSA 1099 horde2 - missing input sanitising
DSA 1100 wv2 - integer overflow 
DSA 1101 courier - fix denial of service
DSA 1102 pinball - design error
DSA 1103 Linux Kernel 2.6.8 - fix several vulnerabilities
DSA 1104 openoffice.org - several vulnerabilities
DSA 1105 xine-lib - buffer overflow
DSA 1106 ppp - programming error
DSA 1107 gnupg - fix denial of service
DSA 1108 mutt - buffer overflow
DSA 1109 rssh - programming error
DSA 1110 samba - missing input sanitising
DSA 1111 linux kernel 2.6.8 - fix privilege escalation
DSA 1112 mysql-dfsg-4.1 - fix several vulnerabilities
DSA 1113 zope2.7 - programming error 
DSA 1114 hashcash - buffer overflow
DSA 1115 gnupg2 - integer overflow
DSA 1116 gimp - buffer overflow
DSA 1117 libgd2 - insufficient input sanitising
DSA 1118 mozilla - several vulnerabilities
DSA 1119 hiki - design flaw
DSA 1120 mozilla-firefox - several vulnerabilities
DSA 1121 postgrey - format string
DSA 1122 libnet-server-perl - format string
DSA 1123 libdumb - buffer overflow
DSA 1124 fbi - fix potential deletion of user data
DSA 1125 drupal - fix execution of arbitrary web script code
DSA 1126 asterisk - fix denial of service
DSA 1127 ethereal - fix several vulnerabilities
DSA 1128 heartbeat - permission error
DSA 1129 osiris - format string
DSA 1130 sitebar - missing input validation
DSA 1131 apache - fix buffer overflow
DSA 1132 apache2 - fixing buffer overflow
DSA 1133 mantis - missing input sanitising
DSA 1134 mozilla-thunderbird - several vulnerabilities
DSA 1135 libtunepimp - buffer overflow
DSA 1136 gpdf - wrong input sanitising
DSA 1137 tiff - several vulnerabilities
DSA 1138 cfs - fix denial of service
DSA 1139 ruby1.6 - missing privilege checks
DSA 1140 gnupg - integer overflow
DSA 1141 gnupg2 - integer overflow
DSA 1142 freeciv - fix arbitrary code execution
DSA 1143 dhcp - fix denial of service
DSA 1144 chmlib - fix denial of service
DSA 1145 freeradius - fix several vulnerabilities
DSA 1146 krb5 - programming error
DSA 1147 drupal - fix cross-site scripting
DSA 1148 gallery - fix several vulnerabilities
DSA 1149 ncompress - buffer underflow
DSA 1150 shadow - fix privilege escalation
DSA 1151 heartbeat - fix denial of service 
DSA 1153 clamav - fix arbitrary code execution 
DSA 1154 squirrelmail - fix information disclosure 
DSA 1155 sendmail - fix denial of service
DSA 1159 mozilla-thunderbird - several vulnerabilities

Additional the following packages will be fixed in this point release:
----------------------------------------------------------------------
evms - Close #364017
evolution-webcal - Getting all archs back in sync
glibc - Don't build with make -j even if we have multiple CPU. Fix FTBFS for s390 and amd64
grub - update-grub: redirect output to stderr to allow upgrading to Etch kernel images
kazehakase - Close #325124, #326509
octaviz - Close #341676, #304162
perl - Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27
python-pgsql - Close #369250
vlan - Close #330673, #378714
wzdftpd - Close #372531, #369829

Related to the new Debian Installer, the following packages will be updated:
----------------------------------------------------------------------------
base-config
base-installer
debian-installer
preseed

Reply to:

Follow-Ups:
- Re: Press Anouncement preparation for Sarge r3
  - From: Alexander Schmehl <tolimar@debian.org>
- Re: Press Anouncement preparation for Sarge r3
  - From: Joey Schulze <joey@infodrom.org>
- Re: Press Anouncement preparation for Sarge r3
  - From: Joey Schulze <joey@infodrom.org>

Prev by Date: debian cited as compromised security
Next by Date: Re: Press Anouncement preparation for Sarge r3
Previous by thread: debian cited as compromised security
Next by thread: Re: Press Anouncement preparation for Sarge r3
Index(es):
- Date
- Thread