[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Please review announcement of upcoming release of Debian 4.0r4 "etch-and-a-half"


Attached you'll find the current draft for the announcement of
"etch-and-a-half".  Please review it; current schedule for it to be send
out is tomorrow.

I'll make the most up to date version available at
http://people.debian.org/~tolimar/tmp/ ; patches for the wml-file (which
is used to generate the HTML and the TXT version for the mail) are most
welcome, everything else is more work for me ;)

Frans, could you please pay special attention to the paragraph about d-i?

Yours sincerely,

<define-tag pagetitle>Debian GNU/Linux 4.0 updated and support for newer hardware added</define-tag>
<define-tag release_date>2008-07-26</define-tag>
#use wml::debian::news
# $Id: 20080217.wml,v 1.2 2008-02-17 21:30:56 kreutzm Exp $

<define-tag release>4.0</define-tag>
<define-tag codename>etch</define-tag>
<define-tag revision>4.0r4</define-tag>

<define-tag dsa>
    <tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td>
        <td align="center"><:
    my @p = ();
    for my $p (split (/,\s*/, "%2")) {
	push (@p, sprintf ('<a href="http://packages.debian.org/src:%s";>%s</a>', $p, $p));
    print join (", ", @p);
:></td><td align="left">%3</td></tr>

<define-tag correction>
    <tr><td><a href="http://packages.debian.org/src:%0";>%0</a></td>              <td>%1</td></tr>

<define-tag srcpkg><a href="http://packages.debian.org/src:%0";>%0</a></define-tag>

<p>The Debian project is pleased to announce the fourth update of its
stable distribution Debian GNU/Linux 4.0 (codename <codename>).  This update
not only adds corrections for security problems and a few adjustment to serious
problems to a stable release, it also adds support for newer hardware by giving
users the option to install newer drivers.</p>

<p>Please note that this update does not constitute a new version of Debian
GNU/Linux 4.0 but only updates some of the packages included.  Even if you need
new drivers during installation time there is no need to throw away 4.0 CDs or
DVDs. If you don't need newer drivers you'll only to update against
ftp.debian.org after an installation, in order to incorporate those late

<p>Those who frequently install updates from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.</p>

<p>New CD and DVD images containing updated packages and the regular
installation media accompanied with the package archive respectively
will be available soon at the regular locations.</p>

<p>Upgrading to this revision online is usually done by pointing the
aptitude (or apt) package tool (see the sources.list(5) manual page) to
one of Debian's many FTP or HTTP mirrors.  A comprehensive list of
mirrors is available at:</p>

<div class="center">
  <a href="$(HOME)/mirror/list">http://www.debian.org/mirror/list</a>

<h2>Regarding <q>etch-and-a-half</q></h2>

<p>Additional packages have been added in the Debian 4.0r4 point release to
increase the set of hardware supported by Debian 4.0 (<q>etch</q>). This includes
packages based upon the Linux 2.6.24 kernel and additional drivers for the X
window system. Installation of these additional packages is not required and
will not occur by default. This update represents no change to the support of
previously available packages.</p>

<p>The existing 2.6.18-based kernel will continue to be the default kernel for
the etch release.</p>

<p>These package are update for <q>etch-and-a-half</q>:</p>
<table border=0>
<tr><th>Package</th>                    <th>Reason</th></tr>
<correction linux-2.6.24		"Updated for new kernel for etchnhalf">
<correction linux-kbuild-2.6.24		"Updated for new kernel for etchnhalf">
<correction linux-latest-2.6-etchnhalf	"New kernel for etchnhalf">
<correction xserver-xorg-video-nv	"Supporting more hardware">
<correction xserver-xorg-video-intel	"Supporting more hardware">
<correction aboot			"Fix alpha build, add support for kernels newer than 2.6.23">
<correction b43-fwcutter		"Fix wrongly encoded es.po">
<correction debconf 			"Make debconf-apt-progress compatible with the Lenny installer">
<correction sysvinit			"Update shutdown to work w/ libata in linux newer than 2.6.23">
<correction wireless-tools		"Update to claim support for WE API in etchnhalf kernel">

<p><a href="http://www.debian.org/releases/etch/etchnhalf";>Release notes</a>
covering the specialties of <q>etch-and-a-half</q> have been written as well as
a <a href="http://www.debian.org/releases/etch/debian-installer/etchnhalf";>short
update for the installation instructions</a>.</p>

<h2>Debian-Installer Update</h2>

<p>Due to changes regarding creating of ssl certificates used during
installation via the network-console the Debian-Installer got updated,
too.  Two other issues regarding installation on already existing RAID
setups and recognizing PowerPC64 system have been fixed, too.</p>

<h2>Miscellaneous Bugfixes</h2>

<p>This stable update adds several binary updates for various architectures
to packages whose version was not synchronised across all architectures.
It also adds a few important corrections to the following packages:</p>

<table border=0>
<tr><th>Package</th>			<th>Reason</th></tr>
<correction apache2			"Fix possible segfault introduced by patch for CVE-2007-6421">
<correction balsa			"Fix for stack-based buffer overflow">
<correction base-installer		"Correctly recognize powerpc64 systems">
<correction cbrpager			"Backported security fixes from upstream 0.9.18 for CVE-2008-2575">
<correction chkrootkit			"Enye check was killing random applications">
<correction debian-installer		"Rebuild images containing network-console">
<correction dns-flood-detector		"Actually write a pid file for start-stop-daemon">
<correction exiv2			"Fix regression in security update">
<correction fai-kernels			"Rebuild against linux-2.6_2.6.18.dfsg.1-21">
<correction firmware-nonfree		"Build-depend on new kernel ABI 2.6-6">
<correction glibc			"Fix nscd host caching and linker script for libraries using TLS">
<correction grub			"Fix 1 TiB disk addressing limit">
<correction hal				"Allows mounting ntfs volumes from within KDE">
<correction initramfs-tools		"Fix MBR checking on md devices and booting with Xen">
<correction kiosktool			"Correct the path to the KDE menu file">
<correction licq			"Fixing 'ICQ version too old' connection failure">
<correction linux-2.6			"Fix several issues">
<correction partman-lvm			"Fix installation with already existing RAID">
<correction pdftohtml			"Transition users to poppler-utils">
<correction python-django		"Fix cross-site scripting vulnerability">
<correction qsynth			"Fix wrongly named desktop file">
<correction qt-x11-free			"Ease updates of KDE by hardcoding the unames">
<correction trac			"Fix multiple issues">
<correction tzdata			"New timezone information">
<correction user-mode-linux		"Rebuild against linux-2.6_2.6.18.dfsg.1-21">
<correction vzctl			"Fix file permission transfer on migrations">
<correction wxmaxima			"Fix connection problems making the package unusable">
<correction xpdf			"Remove strict versioned dependency on xpdf-utils to fix upgrade">
<correction xpenguins-applet		"Avoid double free">
<correction znc				"Fix NULL pointer deferences leading to crashes">

<p>These packages got updated on the named architecture, to bring the architectures back in sync:</p>
<table border=0>
<tr><th>Package</th>			<th>Architecture &mdash; Reason</th></tr>
<correction apache2-mpm-itk		"s390 amd64 sparc powerpc arm i386 mips ia64 alpha mipsel hppa &mdash; Rebuild against updated apache2">
<correction gtimer			"amd64 &mdash; Rebuild against Etch libraries">
<correction kdebase			"arm">
<correction kdelibs			"arm">
<correction sage			"ia64 &mdash; Rebuild against libsdl1.2_1.2.11-8 to kill off dangling .la references">
<correction sear			"ia64 &mdash; Rebuild against lib3ds-dev 1.2.0-4.1+etch1">

<h2>Security Updates</h2>

<p>This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these

<table border=0>
<tr><th>Advisory ID</th>  <th>Package</th>    <th>Correction(s)</th></tr>
<dsa 2008 1484    xulrunner		"Fix several vulnerabilities">
<dsa 2008 1485    icedove		"Fix several vulnerabilities">
<dsa 2008 1492    wml			"Clean up temporary files">
<dsa 2008 1497    clamav		"Fix several vulnerabilities">
<dsa 2008 1498    libimager-perl	"Fix arbitrary code execution">
<dsa 2008 1499    pcre3			"Fix arbitrary code execution">
<dsa 2008 1500    splitvt		"Fix privilege escalation">
<dsa 2008 1501    dspam			"Fix information disclosure">
<dsa 2008 1502    wordpress		"Fix multiple vulnerabilities">
<dsa 2008 1505    alsa-driver		"Fix kernel memory leak">
<dsa 2008 1506    iceape		"Fix several vulnerabilities">
<dsa 2008 1507    turba2		"Fix permission testing">
<dsa 2008 1508    sword			"Fix insufficient input sanitising">
<dsa 2008 1509    koffice		"Fix multiple vulnerabilities">
<dsa 2008 1510    gs-gpl		"Fix arbitrary code execution">
<dsa 2008 1511    icu			"Fix multiple problems">
<dsa 2008 1512    evolution		"Fix arbitrary code execution">
<dsa 2008 1513    lighttpd		"Fix CGI source disclosure">
<dsa 2008 1514    moin			"Fix several vulnerabilities">
<dsa 2008 1515    libnet-dns-perl	"Fix several vulnerabilities">
<dsa 2008 1516    dovecot		"Fix privilege escalation">
<dsa 2008 1517    ldapscripts		"Fix information disclosure">
<dsa 2008 1518    backup-manager	"Fix password disclosure">
<dsa 2008 1519    horde3		"Fix insufficient input sanitising">
<dsa 2008 1520    smarty		"Fix insufficient input sanitising">
<dsa 2008 1522    unzip			"Fix programming error">
<dsa 2008 1523    ikiwiki		"Fix cross-site scripting">
<dsa 2008 1524    krb5			"Fix multiple vulnerabilities">
<dsa 2008 1525    asterisk		"Fix several vulnerabilities">
<dsa 2008 1526    xwine			"Fix several vulnerabilities">
<dsa 2008 1527    debian-goodies	"Fix insufficient input sanitising">
<dsa 2008 1528    serendipity		"Fix cross site scripting">
<dsa 2008 1530    cupsys		"Fix multiple vulnerabilities">
<dsa 2008 1531    policyd-weight	"Fix insecure temporary files">
<dsa 2008 1532    xulrunner		"Fix several vulnerabilities">
<dsa 2008 1533    exiftags		"Fix several vulnerabilities">
<dsa 2008 1534    iceape		"Fix several vulnerabilities">
<dsa 2008 1535    iceweasel		"Fix several vulnerabilities">
<dsa 2008 1536    xine-lib		"Fix Several vulnerabilities">
<dsa 2008 1537    xpdf			"Fix multiple vulnerabilities">
<dsa 2008 1538    alsaplayer		"Fix arbitrary code execution">
<dsa 2008 1539    mapserver		"Fix multiple vulnerabilities">
<dsa 2008 1540    lighttpd		"Fix denial of service">
<dsa 2008 1541    openldap2.3		"Fix denial of service">
<dsa 2008 1542    libcairo		"Fix arbitrary code execution">
<dsa 2008 1543    vlc			"Fix several vulnerabilities">
<dsa 2008 1544    pdns-recursor		"Fix cache poisioning vulnerability">
<dsa 2008 1545    rsync			"Fix arbitrary code execution">
<dsa 2008 1546    gnumeric		"Fix arbitrary code execution">
<dsa 2008 1547    openoffice.org	"Fix arbitrary code execution">
<dsa 2008 1548    xpdf			"Fix arbitrary code execution">
<dsa 2008 1549    clamav		"Fix several vulnerabilities">
<dsa 2008 1550    suphp			"Fix local privilege escalation">
<dsa 2008 1551    python2.4		"Fix several vulnerabilities">
<dsa 2008 1552    mplayer		"Fix arbitrary code execution">
<dsa 2008 1553    ikiwiki		"Fix cross-site request forgery">
<dsa 2008 1554    roundup		"Fix cross-site scripting vulnerabily">
<dsa 2008 1555    iceweasel		"Fix arbitrary code execution">
<dsa 2008 1556    perl			"Fix denial of service">
<dsa 2008 1557    phpmyadmin		"Fix several vulnerabilities">
<dsa 2008 1558    xulrunner		"Fix arbitrary code execution">
<dsa 2008 1559    phpgedview		"Fix cross site scripting">
<dsa 2008 1560    kronolith2		"Fix cross site scripting">
<dsa 2008 1561    ltsp			"Fix information disclosure">
<dsa 2008 1562    iceape		"Fix arbitrary code execution">
<dsa 2008 1563    asterisk		"Fix denial of service">
<dsa 2008 1564    wordpress		"Fix several vulnerabilities">
<dsa 2008 1566    cpio			"Fix denial of service">
<dsa 2008 1567    blender		"Fix arbitrary code execution">
<dsa 2008 1568    b2evolution		"Fix cross site scripting">
<dsa 2008 1569    cacti			"Fix multiple vulnerabilities">
<dsa 2008 1570    kazehakase		"Fix arbitrary code execution">
<dsa 2008 1571    openssl		"Fix predictable random number generator">
<dsa 2008 1572    php5			"Fix several vulnerabilities">
<dsa 2008 1573    rdesktop		"Fix several vulnerabilities">
<dsa 2008 1574    icedove		"Fix several vulnerabilities">
<dsa 2008 1576    openssh		"Fix predictable randomness">
<dsa 2008 1577    gforge		"Fix insecure temporary files">
<dsa 2008 1578    php4			"Fix several vulnerabilities">
<dsa 2008 1579    netpbm-free		"Fix arbitrary code execution">
<dsa 2008 1580    phpgedview		"Fix privilege escalation">
<dsa 2008 1581    gnutls13		"Fix potential code execution">
<dsa 2008 1582    peercast		"Fix arbitrary code execution">
<dsa 2008 1583    gnome-peercast        "Fix several vulnerabilities">
<dsa 2008 1584    libfishsound		"Fix arbitrary code execution">
<dsa 2008 1585    speex			"Fix arbitrary code execution">
<dsa 2008 1586    xine-lib		"Fix several vulnerabilities">
<dsa 2008 1587    mtr			"Fix arbitrary code execution">
<dsa 2008 1589    libxslt		"Fix arbitrary code execution">
<dsa 2008 1590    samba			"Fix arbitrary code execution">
<dsa 2008 1591    libvorbis		"Fix several vulnerabilities">
<dsa 2008 1593    tomcat5.5		"Fix missing input sanitising and cross-site scripting issue">
<dsa 2008 1594    imlib2		"Fix buffer overflows in XPM and PNM loaders">
<dsa 2008 1595    xorg-server		"Fix several vulnerabilities">
<dsa 2008 1596    typo3-src		"Fix several vulnerabilities">
<dsa 2008 1597    mt-daapd		"Fix several vulnerabilities">
<dsa 2008 1598    libtk-img		"Fix buffer overflow">
<dsa 2008 1599    dbus			"Fix programming error">
<dsa 2008 1600    sympa			"Fix denial of service">
<dsa 2008 1601    wordpress		"Fix several vulnerabilities">
<dsa 2008 1602    pcre3			"Fix arbitrary code execution">
<dsa 2008 1603    bind9			"Fix cache poisioning">
<dsa 2008 1606    poppler		"Fix arbitrary code execution">
<dsa 2008 1608    mysql-dfsg-5.0	"Fix authorization bypass">
<dsa 2008 1611    afuse			"Fix privilege escalation">
<dsa 2008 1612    ruby1.8		"Fix several vulnerabilities">
<dsa 2008 1613    libgd2		"Fix multiple vulnerabilities">

<p>A complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:</p>

<div class="center">
  <url "http://release.debian.org/stable/<release>/<revision>/">

<h2>Removed packages</h2>

<p>The following packages got removed due to circumstances beyond our control:</p>
<table border=0>
<tr><th>Package</th>                    <th>Reason</th></tr>
<correction glimpse                     "Licensing issues">
<correction dcc				"Security issues">
<correction maxdb-7.5.00		"Security issues">


<p>The complete lists of packages that have changed with this

<div class="center">
  <url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog">

<p>The current stable distribution:</p>

<div class="center">
  <url "http://ftp.debian.org/debian/dists/stable/";>

<p>Proposed updates to the stable distribution:</p>

<div class="center">
  <url "http://ftp.debian.org/debian/dists/proposed-updates/";>

<p>Stable distribution information (release notes, errata, etc.):</p>

<div class="center">

<p>Security announcements and information:</p>

<div class="center">
  <a href="$(HOME)/security/">http://security.debian.org/</a>

<h2>About Debian</h2>

<p>The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely
free operating systems Debian GNU/Linux.</p>

<h2>Contact Information</h2>

<p>For further information, please visit the Debian web pages at
<a href="$(HOME)/">http://www.debian.org/</a>, send mail to
&lt;press@debian.org&gt;, or contact the stable release team at

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: