[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: list of 2.1r4 changes (was: Re: Last call for updated non-i386 packages.)



I just spent a couple of hours going through the list, verifying some
things and fixing stuff. Vincent: frankly I'm annoyed that I had to do
this, since this is your job. 

This list assumes that everything that is in Incoming right now has been
processed. I've tested things with dinstall so that should not be a
problem.

People should pay more attention: I had to hand-fix a couple of .changes
and even a .dsc file that seem to have been hand-edited and messed up.

We do have a real problem: the y2k fixes hit proposed-updates way too
late and now it seems the m68k autobuilder for stable isn't running
so we don't have the y2k fixes for m68k. At this moment I'm not
sure if everything will be recompiled on time.. I'm compiling stuff
manually myself now but it's getting late and I do need to get some
sleep...


Security updates:
  package      : amd
  version      : 102-23.slink2
  architectures: alpha i386 m68k sparc
  vulnerability: remote exploit

  package      : bind
  version      : 8.2.2p5-0slink1
  architectures: alpha i386 m68k sparc
  vulnerability: remote DoS

  package      : dump
  version      : 0.4b9-0slink1
  architectures: alpha i386 m68k sparc
  vulnerability: local exploit

  package      : kernel-source-2.0.38
  version      : 2.0.38-0
  architectures: i386 (ALPHA & M68k MISSING!!)
  vulnerability: various

  package      : htdig
  version      : 3.1.2-4slink6
  architectures: alpha i386 m68k sparc
  vulnerability: remote exploit

  package      : inn
  version      : 1.7.2-4.1
  architectures: alpha i386 m68k sparc
  vulnerability: fix buffer overflow in inews 

  package      : libdb2
  version      : 1.85.4-4
  architectures: alpha
  vulnerability: buffer overflow

  package      : lpr
  version      : 0.46-1-0slink1
  architectures: alpha i386 m68k sparc
  vulnerability: local exploit (users could print files they couldn't read)

  package      : mirror
  version      : 2.9-2.1
  architectures: all
  vulnerability: remote exploit

  package      : netkit-telnet
  version      : 0.12-4slink.1
  architectures: alpha i386 m68k sparc
  vulnerability: remote DoS

  package      : nfs-server
  version      : 2.2beta37-1slink.1
  architectures: alpha i386 m68k sparc
  vulnerability: remote exploit

  package      : nis
  version      : 3.5-2
  architectures: alpha i386 m68k sparc
  vulnerability: remote exploit

  package      : proftpd
  version      : 1.2.0pre9-4
  architectures: alpha i386 m68k sparc
  vulnerability: remote exploit

  package      : pvm
  version      : 3.4beta7-4
  architectures: i386
  vulnerability: local exploit

  package      : rvplayer
  version      : 5.0-9
  architectures: i386
  vulnerability: local exploit

  package      : termcap-compat
  version      : 1.1.2
  architectures: i386 m68k (not applicable to alpha, sparc)
  vulnerability: local exploit (buffer overflows)

  package      : sendmail
  version      : 8.9.3-3slink1.0.1
  architectures: alpha i386 m68k sparc
  vulnerability: local exploit

  package      : sendmail-wide
  version      : 8.9.3+3.2W-3slink1
  architectures: alpha i386 m68k sparc
  vulnerability: local exploit


Y2K updates:
  package      : cvs
  version      : 1.10.7-1.99.slink.y2k.0
  architectures: alpha i386 m68k sparc
  issue        : date in logs

  package      : egcs
  version      : 1.1.2-0slink1 and 1.1.2-0slink2
  architectures: alpha i386 m68k sparc
  issue        : date handling in g77

  package      : elm-me+
  version      : 2.4pl25ME+65-0.slink.0
  architectures: alpha i386 sparc (M68K MISSING!!!)
  issue        : elm_vmessage didn't handle long numbers correctly

  package      : enscript
  version      : 1.6.2-3.99.slink.y2k.0
  architectures: alpha i386 sparc (M68K MISSING!!!!)
  issue        : Versions < 1.6.1 are known to have problems with y2k dates.

  package      : gnats
  version      : 3.113-0slink1
  architectures: alpha i386 sparc (M68K MISSING!!!!)
  issue        : fix y2k problem

  package      : gs
  version      : 5.10-3.99.slink.1
  architectures: alpha i386 m68k sparc
  issue        : fix y2k problem

  package      : sharutils
  version      : 1:4.2.1-1
  architectures: alpha i386 sparc (M68K MISSING!!!)
  issue        : date handling in shar files

  package      : smartlist
  version      : 3.13-2
  architectures: alpha i386 m68k sparc
  issue        : volume number in digest processing

Other updates:
  package      : selfhtml
  version      : 7.0-3
  architectures: alpha i386 m68k sparc
  problem      : trademark violation

  package      : pcmcia-cs
  version      : 3.0.5-10.slink.1
  architectures: i386
  problem      : recompile for new 2.0.38 kernel

  package      : trn
  version      : 3.6-9.3.2
  architectures: m68k
  problem      : sync with other archs.

  package      : vflib2
  version      : 2.24.2-2.99.slink.0
  architectures: alpha i386 m68k sparc
  issue        : needed by new gs.

-- 
   ________________________________________________________________
 / Generally uninteresting signature - ignore at your convenience  \
| wichert@liacs.nl                    http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Attachment: pgpbQKIfAc17Y.pgp
Description: PGP signature


Reply to: