[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Press Anouncement preparation for Sarge r3

Here's the press release. Planned release: September 1st ~06:00 UTC.



The Debian Project                                http://www.debian.org/
Debian GNU/Linux 3.1 updated                            press@debian.org
September 1st, 2006             http://www.debian.org/News/2006/20060901

Debian GNU/Linux 3.1 updated

This is the third update of Debian GNU/Linux 3.1 (codename `sarge').
It mainly adds security updates to the stable release, along with a
few corrections to serious problems.  Those who frequently update from
security.debian.org won't have to update many packages and most
updates from security.debian.org are included in this update.

Please note that this update does not produce a new version of Debian
GNU/Linux 3.1 but only adds a few updated packages to it.  There is no
need to throw away 3.1 CDs but only to update against ftp.debian.org
after an installation, in order to incorporate those changes.  New CD
and DVD images are being built right now and will be available soon
at the regular locations.

Upgrading to this revision online is usually done by pointing the
`apt' package tool (see the sources.list(5) manual page) to one of
Debian's many FTP or HTTP mirrors.  A comprehensive list of mirrors is
available at:


Debian-Installer Update

In order to add recent security updates for the Linux kernel to the
installer and to reflect a binary interface change due to these
updates the Debian installer has been updated as well.  To accomplish
this the following packages also required an update: base-config,
base-installer, debian-installer, preseed.

Miscellaneous Bugfixes

This stable update adds a few important corrections to the following

   Package                Reason

   evms                   Fixes system lockup on boot
   evolution-webcal       Getting architectures back in sync
   glibc                  Fixes build failures
   grub                   Preparations for etch kernels
   kazehakase             Corrects segmentation faults
   octaviz                Corrects library path
   perl                   Corrects problems with UTF-8/taint fix and Tk
   python-pgsql           Corrects regression due to PostgreSQL update
   vlan                   Corrects interface settings
   wzdftpd                Corrects wrong dependencies

Security Updates

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates. The security fixes of the kernel have been delayed to the next
point release due to constraints with the installer, please update the
kernel images from security.debian.org.

Advisory ID    Package(s)            Reason

   DSA  725    ppxp                  Local root exploit
   DSA  986    gnutls11              Arbitrary code execution
   DSA 1017    Linux kernel 2.6.8    Several vulnerabilities
   DSA 1018    Linux Kernel 2.4.27   Several vulnerabilities
   DSA 1027    mailman               Denial of service
   DSA 1032    zope-cmfplone         Unprivileged data manipulation
   DSA 1035    fcheck                Insecure temporary file creation
   DSA 1036    bsdgames              Local privilege escalation
   DSA 1037    zgv                   Arbitrary code execution
   DSA 1038    xzgv                  Arbitrary code execution
   DSA 1039    blender               Several vulnerabilities
   DSA 1040    gdm                   Local root exploit
   DSA 1041    abc2ps                Arbitrary code execution
   DSA 1042    cyrus-sasl2           Denial of service
   DSA 1043    abcmidi               Arbitrary code execution
   DSA 1044    mozilla-firefox       Several vulnerabilities
   DSA 1045    openvpn               Arbitrary code execution
   DSA 1046    mozilla               Several vulnerabilities
   DSA 1047    resmgr                Unauthorised access
   DSA 1048    asterisk              Arbitrary code execution
   DSA 1049    ethereal              Several vulnerabilities
   DSA 1050    clamav                Arbitrary code execution
   DSA 1051    mozilla-thunderbird   Several vulnerabilities
   DSA 1052    cgiirc                Arbitrary code execution
   DSA 1053    mozilla               Arbitrary code execution
   DSA 1054    tiff                  Arbitrary code execution
   DSA 1055    mozilla-firefox       Arbitrary code execution
   DSA 1056    webcalendar           Information leak
   DSA 1057    phpldapadmin          Cross-site scripting
   DSA 1058    awstats               Arbitrary command execution
   DSA 1059    quagga                Several vulnerabilities
   DSA 1060    kernel-patch-vserver  Privilege escalation
   DSA 1061    popfile               Denial of service
   DSA 1062    kphone                Insecure file creation
   DSA 1063    phpgroupware          Cross-site scripting
   DSA 1064    cscope                Arbitrary code execution
   DSA 1065    hostapd               Denial of service 
   DSA 1066    phpbb2                Cross-site scripting
   DSA 1068    fbi                   Denial of service
   DSA 1072    nagios                Arbitrary code execution
   DSA 1073    mysql-dfsg-4.1        Several vulnerabilities 
   DSA 1074    mpg123                Arbitrary code execution
   DSA 1075    awstats               Arbitrary command execution
   DSA 1076    lynx                  Denial of service
   DSA 1078    tiff                  Denial of service
   DSA 1079    mysql-dfsg            Several vulnerabilities
   DSA 1080    dovecot               Directory traversal
   DSA 1081    libextractor          Arbitrary code execution
   DSA 1083    motor                 Arbitrary code execution
   DSA 1084    typespeed             Arbitrary code execution
   DSA 1085    lynx-cur              Several vulnerabilities
   DSA 1086    xmcd                  Denial of service
   DSA 1087    postgresql            Encoding vulnerabilities
   DSA 1088    centericq             Arbitrary code execution
   DSA 1090    spamassassin          Arbitrary command execution
   DSA 1091    tiff                  Arbitrary code execution
   DSA 1092    mysql-dfsg-4.1        SQL injection
   DSA 1093    xine                  Arbitrary code execution
   DSA 1094    gforge                Cross-site scripting
   DSA 1095    freetype              Several vulnerabilities
   DSA 1096    webcalendar           Arbitrary code execution
   DSA 1097    Linux kernel 2.4.27   Several vulnerabilities
   DSA 1098    horde3                Cross-site scripting
   DSA 1099    horde2                Cross-site scripting
   DSA 1100    wv2                   Integer overflow
   DSA 1101    courier               Denial of service
   DSA 1102    pinball               Privilege escalation
   DSA 1103    Linux Kernel 2.6.8    Several vulnerabilities
   DSA 1104    openoffice.org        Several vulnerabilities
   DSA 1105    xine-lib              Denial of service
   DSA 1106    ppp                   Privilege escalation
   DSA 1107    gnupg                 Denial of service
   DSA 1108    mutt                  Arbitrary code execution
   DSA 1109    rssh                  Privilege escalation
   DSA 1110    samba                 Denial of service
   DSA 1111    linux kernel 2.6.8    Privilege escalation
   DSA 1112    mysql-dfsg-4.1        Several vulnerabilities
   DSA 1113    zope2.7               Information disclosure
   DSA 1114    hashcash              Arbitrary code execution
   DSA 1115    gnupg2                Denial of service
   DSA 1116    gimp                  Arbitrary code execution
   DSA 1117    libgd2                Denial of service
   DSA 1118    mozilla               Several vulnerabilities
   DSA 1119    hiki                  Denial of service
   DSA 1120    mozilla-firefox       Several vulnerabilities
   DSA 1121    postgrey              Denial of service
   DSA 1122    libnet-server-perl    Denial of service
   DSA 1123    libdumb               Arbitrary code execution
   DSA 1124    fbi                   Potential deletion of user data
   DSA 1125    drupal                Cross-site scripting
   DSA 1126    asterisk              Denial of service
   DSA 1127    ethereal              Several vulnerabilities
   DSA 1128    heartbeat             Local denial of service
   DSA 1129    osiris                Arbitrary code execution
   DSA 1130    sitebar               Cross-site scripting
   DSA 1131    apache                Arbitrary code execution
   DSA 1132    apache2               Arbitrary code execution
   DSA 1133    mantis                Cross-site scripting
   DSA 1134    mozilla-thunderbird   Several vulnerabilities
   DSA 1135    libtunepimp           Arbitrary code execution
   DSA 1136    gpdf                  Denial of service
   DSA 1137    tiff                  Several vulnerabilities
   DSA 1138    cfs                   Denial of service
   DSA 1139    ruby1.6               Privilege escalation
   DSA 1140    gnupg                 Denial of service
   DSA 1141    gnupg2                Denial of service
   DSA 1142    freeciv               Arbitrary code execution
   DSA 1143    dhcp                  Denial of service
   DSA 1144    chmlib                Denial of service
   DSA 1145    freeradius            Several vulnerabilities
   DSA 1146    krb5                  Privilege escalation
   DSA 1147    drupal                Cross-site scripting
   DSA 1148    gallery               Several vulnerabilities
   DSA 1149    ncompress             Potential code execution
   DSA 1150    shadow                Privilege escalation
   DSA 1151    heartbeat             Denial of service 
   DSA 1153    clamav                Arbitrary code execution 
   DSA 1154    squirrelmail          Information disclosure 
   DSA 1155    sendmail              Denial of service
   DSA 1159    mozilla-thunderbird   Several vulnerabilities

The complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:



The complete lists of packages that have changed with this revision:


The current stable distribution:


Proposed updates to the stable distribution:


Stable distribution information (release notes, errata etc.):


Security announcements and information:


About Debian

The Debian Project is an organisation of Free Software developers who
volunteer their time and effort in order to produce the completely
free operating systems Debian GNU/Linux.

Contact Information

For further information, please visit the Debian web pages at
<http://www.debian.org/> or send mail to <press@debian.org> or
contact the stable release team at <debian-release@lists.debian.org>.

Everybody talks about it, but nobody does anything about it!  -- Mark Twain

Reply to: