[urgent] draft for Etch r1
this is the current draft for the upcoming etch point-release. We need
to cross-check the lists of packages however before we send out the
Comments are welcome, but please Cc me.
Subject: Debian GNU/Linux 3.1 updated
The Debian Project http://www.debian.org/
Debian GNU/Linux 4.0 updated firstname.lastname@example.org
August 15th, 2007 http://www.debian.org/News/2007/20070815
Debian GNU/Linux 4.0 updated
The Debian project has updated the stable distribution Debian GNU/Linux
4.0 (codename `Etch'). This update adds security updates to the
stable release, together with a few corrections to serious problems.
As always, the first point release also corrects a few issues that
have been noticed too late in the release process to stop the release,
but still should be fixed.
This point release for Etch also includes an updated release of the
installer, which includes the following changes:
- kernels used in the installer have been updated to ABI 2.6.18-5; as a
result, some "small" images (for example netboot and floppy images)
included with the original Etch release will no longer work (but the new
images included with the point release will work, as well as the full
CD/DVD images from both the original release as well as from this point
- updated mirror list
- support added for certain USB CD drives that were not being detected
- incorrect setup of gksu fixed when user chooses to install with the root
account disabled; this prevented the execution of administrative tasks
- important translation fixes in partman for Catalan and Romanian
Please note that this update does not constitute a new version of Debian
GNU/Linux 4.0 but only updates some of the packages included. There is
no need to throw away 4.0 DVDs/CDs. Instead you only need to update
against ftp.debian.org or a mirror after an installation, in order to
incorporate those changes. New CD and DVD images will be available within
the next week at the regular locations.
Upgrading to this revision online is usually done by pointing the
`aptitude' package tool (see the sources.list(5) manual page) to one of
Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is
This stable update adds a few important corrections to the following
apache2 - Fix #423653 and #419552; better documentation
apache2-mpm-itk - Rebuild against apache2 2.2.3-4+etch1.
apt-setup - Default suite to code name.
cdrom-detect - Scan also for things that look like USB floppies.
choose-mirror - Update mirrors list.
debian-archive-keyring - Adding debian volatile keyring
debian-installer-utils - Support scanning for USB sticks and discs that are misdetected as floppies.
debootstrap - Add support for lenny.
desktop-base - Fix kde default wallpaper appearance between kdm to ksplash switch.
ekg - Rebuild against pristine stable environment.
epiphany-browser - Add language to gconf defaults
fai-kernels - Include arcmsr scsi-driver which is included in the etch kernels
file - Fix possible denial of service
glibc - Fix CPU hog on 64 bits machines, dependencies of nscd, wrong assertion and unaligned memory access
glibc - Fix printf exploding the stack and memory leak.
gnome-mount - Rebuild against libeel2-2.14
initramfs-tools - Added missing esp module to scsi modules list so it gets installed in the initrd
kernel-wedge - Reupload to match packages in r1
libofa - Rebuild in a clean environment.
librsvg - Fix dependency (#403977)
lifelines - Fix file conflict by versioning a dependency.
lilo-installer - Support multiple disks when devfs device names are used
linux-latest-2.6 - Assist upgrade to new linux-2.6 ABI
lsb - Don't remove PID files of daemons that aren't actually killed
madwifi - Fix two remote and one local DoS
mail-notification - Fix uninstallability on sparc
mixmaster - Fix buffer overflow in mixmaster (#418662)
mozilla-traybiff - less restrict depends on icedove-dev
mpop - fix CVE-2007-1558
mutt - Add imap_close_connection to fully reset IMAP state
nano - Fix segfaults.
neon26 - Fix kerberos authentication.
nfs-utils - Fix memory leaks.
openoffice.org - Fix crashes when saving files.
orage - Memory leak
orbit2 - Allow non-local IPv4.
partman-auto - d-i translation update
partman-partitioning - d-i translation update
php5 - Fix regression in single quote escaping.
pppconfig - Fix upgrade issue from sarge, #418350
rdesktop - Segfault regression caused by libx11-6 security fix prior Etch release
tetex-base - Ease transition to texlive, #420390
trac - Fix CSS and remote exploitable issues.
trac - Fix concurrent resync handling, #425909
user-setup - Fix chroot calls to properly setup gksu alternatives.
vice - Regression caused by libx11-6 security fix prior Etch release
xorg - Updated conflicts for easier upgrades and corrected dependencies for x11-common.
One or more missing or out-of-date architectures have been added to these
packages in this point release:
This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
Advisory ID Package(s) Correction(s)
DSA 1280 aircrack-ng Fix remote exploitable buffer overflow
DSA 1281 clamav Fix denial of service vulnerability
DSA 1281 clamav Fix several remote vulnerabilities
DSA 1282 php4 Fix several remote vulnerabilities
DSA 1283 php5 Fix several vulnerabilities
DSA 1284 qemu Fix several vulnerabilities
DSA 1285 wordpress Fix multiple vulnerabilities
DSA 1286 linux-2.6 Fix several vulnerabilities (superseded by DSA 1289)
DSA 1286 fai-kernels Fix several vulnerabilities
DSA 1286 kernel-patch-openvz Adjust to linux-2.6 fixes
DSA 1286 kernel-patch-openvz Adjust to linux-2.6 fixes and fix oops, #420708
DSA 1286 user-mode-linux Fix several vulnerabilities
DSA 1288 pptpd Fix denial of service vulnerability
DSA 1289 linux-2.6 Fix several vulnerabilities
DSA 1289 fai-kernels Fix several vulnerabilities
DSA 1289 linux-modules-extra-2.6 Upgrade for linux-2.6 upgrade
DSA 1289 linux-modules-nonfree-2.6 Upgrade for linux-2.6 upgrade
DSA 1289 loop-aes Upgrade for linux-2.6 upgrade
DSA 1289 nvidia-graphics-legacy-modules-amd64 Upgrade for linux-2.6 upgrade
DSA 1289 nvidia-graphics-legacy-modules-i386 Upgrade for linux-2.6 upgrade
DSA 1289 nvidia-graphics-modules-amd64 Upgrade for linux-2.6 upgrade
DSA 1289 nvidia-graphics-modules-i386 Upgrade for linux-2.6 upgrade
DSA 1289 user-mode-linux Fix several vulnerabilities
DSA 1290 squirrelmail Fix cross-site scripting
DSA 1291 samba Fix multiple vulnerabilities
DSA 1291 samba Fix regression
DSA 1291 samba Fix regression
DSA 1292 qt4-x11 Fix missing input validation
DSA 1293 quagga Fix denial of service vulnerability
DSA 1295 php5 Fix several vulnerabilities
DSA 1296 php4 Fix privilige escalation
DSA 1297 gforge-plugin-scmcvs Fix arbitrary shell command execution
DSA 1298 otrs2 Fix cross-site scripting
DSA 1299 ipsec-tools Fix denial of service vulnerability
DSA 1300 iceape Fix several vulnerabilities
DSA 1301 gimp Fix arbitrary code execution
DSA 1302 freetype Fix integer overflow
DSA 1303 lighttpd Fix denial of service vulnerability
DSA 1305 icedove Fix several vulnerabilities
DSA 1306 xulrunner Fix several vulnerabilities
DSA 1307 openoffice.org Fix arbitrary code execution
DSA 1309 postgresql-8.1 Fix privilage escalation.
DSA 1310 libexif Fix integer overflow
DSA 1311 postgresql-7.4 Fix privilige escalation.
DSA 1312 libapache-mod-jk Fix information disclosure
DSA 1313 mplayer Fix arbitrary code execution
DSA 1314 open-iscsi Fix several vulnerabilities
DSA 1315 libphp-phpmailer Fix arbitrary shell command execution
DSA 1316 emacs21 Fix denial of service vulnerability
DSA 1318 ekg Fix denial of service vulnerability
The complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:
The complete lists of packages that have changed with this revision:
The current stable distribution:
Proposed updates to the stable distribution:
Stable distribution information (release notes, errata etc.):
Security announcements and information:
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely
free operating systems Debian GNU/Linux.
For further information, please visit the Debian web pages at
<http://www.debian.org/>, send mail to <email@example.com>, or
contact the stable release team at <firstname.lastname@example.org>.