[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Preparation of the next stable Debian GNU/Linux update (I)



Preparation of the next stable Debian GNU/Linux update
======================================================

An up-to-date version is at <http://people.debian.org/~joey/3.0r4/>.

I am preparing the next revision of the current stable Debian
distribution (woody) and will infrequently send reports so people can
actually comment on it and intervene whenever this is required.

If you disagree with one bit or another, please reply to this mail and
explain why these things should be handled differently.  There is
still time to reconsider.

The plan is to release this revision roughly two months after the last
update.  However, it may be required that this happens before the
release of sarge or it won't happen at all.  It may be the last update
if no updates to 3.0 are possible after sarge has been released.

An ftpmaster still has to give the final approval for each package
since ftpmasters are responsible for the archive.  However, I'm trying
to make their work as easy as possible in the hope to get the next
revision out properly and without too much hassle.

The regulations for updates to the stable Debian release are quite
conservative.

The requirements for packages to get updated in stable are:

 1. The package fixes a security problem.  An advisory by our own
    Security Team is required.  Updates need to be approved by the
    Security Team.

 2. The package fixes a critical bug which can lead into data loss,
    data corruption, or an overly broken system, or the package is
    broken or not usable (anymore).

 3. The stable version of the package is not installable at all due to
    broken or unmet dependencies or broken installation scripts.

 4. All released architectures have to be in sync.

 5. The package gets all released architectures back in sync.

It is (or (and (or 1 2 3) 4) 5)

Regular bugs and upgrade problems don't get fixed in new revisions for
the stable distribution.  They should instead be documented in the
Release Notes which are maintained by Rob Bradford
<mailto:robster@debian.org> and are found at
<http://www.debian.org/releases/woody/releasenotes>.

Packages, which will most probably be rejected:

  . Packages that fix non-critical bugs.

  . Misplaced uploads, i.e. packages that were uploaded to 'stable
    unstable' or `frozen unstable' or similar.

  . Packages for which its binary packages are out of sync with regard
    to all supported architectures in the stable distribution.

  . Binary packages for which the source got lost somehow.

  . Packages that fix an unusable minor part of a package.

If you would like to get a package updated in the stable release, you
are advised to talk to the stable release manager first (see
<http://www.debian.org/intro/organization>).

Accepted Packages
-----------------

These packages will be installed into the stable Debian distribution
and will be part of the next revision.

abiword-common   stable    1.0.2+cvs.2002.06.05-1        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-common   updates   1.0.2+cvs.2002.06.05-1woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-doc      stable    1.0.2+cvs.2002.06.05-1        all
abiword-doc      updates   1.0.2+cvs.2002.06.05-1woody2  all
abiword-gnome    stable    1.0.2+cvs.2002.06.05-1        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-gnome    updates   1.0.2+cvs.2002.06.05-1woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-gtk      stable    1.0.2+cvs.2002.06.05-1        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-gtk      updates   1.0.2+cvs.2002.06.05-1woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-plugins  stable    1.0.2+cvs.2002.06.05-1        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-plugins  updates   1.0.2+cvs.2002.06.05-1woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword          stable    1.0.2+cvs.2002.06.05-1        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
abiword          updates   1.0.2+cvs.2002.06.05-1woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
xfonts-abi       stable    1.0.2+cvs.2002.06.05-1        all
xfonts-abi       updates   1.0.2+cvs.2002.06.05-1woody2  all

	DSA 579 abiword - buffer overflow

atari800    stable    1.2.2-1        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
atari800    updates   1.2.2-1woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 359 atari800 - buffer overflows

	Get versions back in sync

	contrib

cabextract  stable    0.2-2       alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
cabextract  updates   0.2-2b      alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 574 cabextract - missing directory sanitising

catdoc      stable    0.91.5-1         alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
catdoc      updates   0.91.5-1.woody3  alpha hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 575 catdoc - insecure temporary file

	FTBFS on arm due to broken tk (Bug#278658)

freeamp-doc        stable    1:2.1.1.0-4        all
freeamp-doc        updates   1:2.1.1.0-4woody2  all
freeamp-extras     stable    1:2.1.1.0-4        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
freeamp-extras     updates   1:2.1.1.0-4woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
freeamp            stable    1:2.1.1.0-4        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
freeamp            updates   1:2.1.1.0-4woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
libfreeamp-alsa    stable    1:2.1.1.0-4        alpha arm i386 mips powerpc sparc
libfreeamp-alsa    updates   1:2.1.1.0-4woody2  alpha arm i386 mips powerpc sparc
libfreeamp-esound  stable    1:2.1.1.0-4        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libfreeamp-esound  updates   1:2.1.1.0-4woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

	DSA 587 freeamp - buffer overflow

fte         stable    0.49.13-15         alpha arm hppa i386 ia64 m68k mips mipsel sparc source
fte         stable    0.49.13-15.0.1     powerpc s390
fte         updates   0.49.13-15.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 472 fte - several vulnerabilities

gnats-user  stable    3.999.beta1+cvs20020303-1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
gnats-user  updates   3.999.beta1+cvs20020303-2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
gnats       stable    3.999.beta1+cvs20020303-1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
gnats       updates   3.999.beta1+cvs20020303-2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 590 gnats - format string vulnerability

gps         stable    0.9.4-1         alpha arm i386 m68k mips mipsel powerpc s390 sparc source
gps         stable    0.9.4-1.0.1     hppa ia64
gps         updates   0.9.4-1.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
rgpsp       stable    0.9.4-1         alpha arm i386 m68k mips mipsel powerpc s390 sparc
rgpsp       stable    0.9.4-1.0.1     hppa ia64
rgpsp       updates   0.9.4-1.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

	DSA 307 - multiple vulnerabilities

gzip        stable    1.3.2-3woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
gzip        updates   1.3.2-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source


imagemagick       stable    4:5.4.4.5-1woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
imagemagick       updates   4:5.4.4.5-1woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
libmagick++5-dev  stable    4:5.4.4.5-1woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick++5-dev  updates   4:5.4.4.5-1woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick++5      stable    4:5.4.4.5-1woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick++5      updates   4:5.4.4.5-1woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick5-dev    stable    4:5.4.4.5-1woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick5-dev    updates   4:5.4.4.5-1woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick5        stable    4:5.4.4.5-1woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick5        updates   4:5.4.4.5-1woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
perlmagick        stable    4:5.4.4.5-1woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
perlmagick        updates   4:5.4.4.5-1woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

	debian/rules: Apply patch from Adrian Bunk that explicitly
	sets X11 include and library paths. This fixes libdps
	detection and cures a dependency bug uncovered by the previous
	security update. Unbreaks all applications depending on
	libmagick5. Closes: #207016, #237663

iptables-dev  stable    1.2.6a-5.0woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
iptables-dev  updates   1.2.6a-5.0woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
iptables      stable    1.2.6a-5.0woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
iptables      updates   1.2.6a-5.0woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 580 iptables - missing initialisation

kannel      stable    1.1.5-2     alpha arm hppa i386 ia64 m68k mips powerpc s390 sparc source
kannel      updates   1.1.5-2     mipsel

	Get architectures back in sync

kernel-patch-2.4.17-s390  stable    0.0.20020816-0.woody.1.1  all source
kernel-patch-2.4.17-s390  updates   0.0.20020816-0.woody.3    all source

	DSA 482 linux-kernel-2.4.17 - several vulnerabilities

	DSA 442 linux-kernel-2.4.17 - several vulnerabilities

kernel-headers-2.4.18            stable    2.4.18-1woody1  powerpc
kernel-headers-2.4.18            updates   2.4.18-1woody5  powerpc
kernel-image-2.4.18-newpmac      stable    2.4.18-1woody1  powerpc
kernel-image-2.4.18-newpmac      updates   2.4.18-1woody5  powerpc
kernel-image-2.4.18-powerpc-smp  stable    2.4.18-1woody1  powerpc
kernel-image-2.4.18-powerpc-smp  updates   2.4.18-1woody5  powerpc
kernel-image-2.4.18-powerpc      stable    2.4.18-1woody1  powerpc
kernel-image-2.4.18-powerpc      updates   2.4.18-1woody5  powerpc
kernel-patch-2.4.18-powerpc      stable    2.4.18-1woody1  all source
kernel-patch-2.4.18-powerpc      updates   2.4.18-1woody5  all source

	DSA 479 linux-kernel-2.4.18 - several vulnerabilities

	DSA 438 linux-kernel-2.4.18 - missing function return value check

	DSA 417 linux-kernel-2.4.18 - missing boundary check

lha         stable    1.14i-2         alpha arm i386 ia64 m68k powerpc s390 sparc source
lha         stable    1.14i-2.0.1     hppa
lha         updates   1.14i-2.woody3  alpha arm hppa i386 ia64 m68k powerpc s390 sparc source

	Security update for non-free

	debian/patch.CAN-2004-0234_0235: Add to fix CAN-2004-0234
	(buffer overflows), CAN-2004-0235 (directory traversal).  See:
	http://marc.theaimsgroup.com/?l=full-disclosure&m=108345064008698&w=2
	* debian/control: Change my mail address.

libgd-dev        stable    1.8.4-17.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd-dev        updates   1.8.4-17.woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd-noxpm-dev  stable    1.8.4-17.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd-noxpm-dev  updates   1.8.4-17.woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd1-noxpm     stable    1.8.4-17.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd1-noxpm     updates   1.8.4-17.woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd1           stable    1.8.4-17.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd1           updates   1.8.4-17.woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

	DSA 589 libgd1 - integer overflows

libgd-tools   stable    2.0.1-10        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd-tools   updates   2.0.1-10woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd2-dev    stable    2.0.1-10        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd2-dev    updates   2.0.1-10woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd2-noxpm  stable    2.0.1-10        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd2-noxpm  updates   2.0.1-10woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd2        stable    2.0.1-10        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
libgd2        updates   2.0.1-10woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 591 libgd2 - integer overflows

libxml-dev  stable    1:1.8.17-2woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxml-dev  updates   1:1.8.17-2woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxml1     stable    1:1.8.17-2woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxml1     updates   1:1.8.17-2woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

	DSA 582 libxml - buffer overflow

libxml2-dev  stable    2.4.19-4woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxml2-dev  updates   2.4.19-4woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxml2      stable    2.4.19-4woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
libxml2      updates   2.4.19-4woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 582 libxml - buffer overflow

lvm10       stable    1:1.0.4-5woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
lvm10       updates   1:1.0.4-5woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 583 lvm10 - insecure temporary directory

libnetpbm9-dev  stable    2:9.20-8.2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libnetpbm9-dev  updates   2:9.20-8.4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libnetpbm9      stable    2:9.20-8.2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libnetpbm9      updates   2:9.20-8.4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
netpbm-free     stable    2:9.20-8.2  source
netpbm-free     updates   2:9.20-8.4  source
netpbm          stable    2:9.20-8.2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
netpbm          updates   2:9.20-8.4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

	DSA426 netpbm-free - insecure temporary files

libecpg3            stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libecpg3            updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgperl           stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgperl           updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgsql2           stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgsql2           updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgtcl            stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgtcl            updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
odbc-postgresql     stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
odbc-postgresql     updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
pgaccess            stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
pgaccess            updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-client   stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-client   updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-contrib  stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-contrib  updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-dev      stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-dev      updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-doc      stable    7.2.1-2woody5  all
postgresql-doc      updates   7.2.1-2woody6  all
postgresql          stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
postgresql          updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
python-pygresql     stable    7.2.1-2woody5  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
python-pygresql     updates   7.2.1-2woody6  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

	DSA 577 postgresql - insecure temporary file

irb               stable    1.6.7-3woody3  all
irb               updates   1.6.7-3woody4  all
libcurses-ruby    stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libcurses-ruby    updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libdbm-ruby       stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libdbm-ruby       updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgdbm-ruby      stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgdbm-ruby      updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libnkf-ruby       stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libnkf-ruby       updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpty-ruby       stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpty-ruby       updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libreadline-ruby  stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libreadline-ruby  updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libruby           stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libruby           updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libsdbm-ruby      stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libsdbm-ruby      updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libsyslog-ruby    stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libsyslog-ruby    updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtcltk-ruby     stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtcltk-ruby     updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtk-ruby        stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtk-ruby        updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
ruby-dev          stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
ruby-dev          updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
ruby-elisp        stable    1.6.7-3woody3  all
ruby-elisp        updates   1.6.7-3woody4  all
ruby-examples     stable    1.6.7-3woody3  all
ruby-examples     updates   1.6.7-3woody4  all
ruby              stable    1.6.7-3woody3  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
ruby              updates   1.6.7-3woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 586 ruby - infinite loop

login       stable    20000902-12        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
login       updates   20000902-12woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
passwd      stable    20000902-12        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
passwd      updates   20000902-12woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
shadow      stable    20000902-12        source
shadow      updates   20000902-12woody1  source

	DSA 585 shadow - programming error

squid-cgi    stable    2.4.6-2woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
squid-cgi    updates   2.4.6-2woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
squidclient  stable    2.4.6-2woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
squidclient  updates   2.4.6-2woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
squid        stable    2.4.6-2woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
squid        updates   2.4.6-2woody4  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 576 squid - several vulnerabilities

libtiff-tools  stable    3.5.5-6         alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc
libtiff-tools  stable    3.5.5-6.0.1     s390
libtiff-tools  updates   3.5.5-6.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtiff3g-dev  stable    3.5.5-6         alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc
libtiff3g-dev  stable    3.5.5-6.0.1     s390
libtiff3g-dev  updates   3.5.5-6.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtiff3g      stable    3.5.5-6         alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc
libtiff3g      stable    3.5.5-6.0.1     s390
libtiff3g      updates   3.5.5-6.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
tiff           stable    3.5.5-6         source
tiff           updates   3.5.5-6.woody2  source

	DSA 567 tiff - heap overflows

xaos        stable    3.0-23         alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc source
xaos        stable    3.0-23.0.1     s390
xaos        updates   3.0-23.woody2  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	DSA 310 - improper setuid-root execution

xpdf-common  stable    1.00-3.1    all
xpdf-common  updates   1.00-3.2    all
xpdf-reader  stable    1.00-3.1    alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xpdf-reader  updates   1.00-3.2    alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xpdf-utils   stable    1.00-3.1    alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xpdf-utils   updates   1.00-3.2    alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xpdf         stable    1.00-3.1    all source
xpdf         updates   1.00-3.2    all source

	DSA 581 xpdf - integer overflows

Requires further Investigation
------------------------------

These packages need further investigation.  One reason the package is
listed here could be that I'm not yet convinced this package should go
into stable, but don't want to reject it entirely at the moment.

Another reason could be that released and updated architectures are
not yet in sync.

acorn-fdisk  stable    3.0.6-4        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
acorn-fdisk  updates   3.0.6-4woody1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	Rebuilt for stable since required for working boot-floppies;
	otherwise identical to 3.0.6-5.

	Probably only required for updated boot-floppies

console-common  stable    0.7.14        all source
console-common  updates   0.7.14woody1  all source
dh-consoledata  stable    0.7.14        all
dh-consoledata  updates   0.7.14woody1  all

	Support the Acorn RiscStation architecture.

	Alastair McKinstry: The console-common change for Acorn
	RiscStation is included in the current boot-floppies since
	2002/08/12; it is in kbdconfig.c 1.68; boot-floppies 3.0.23
	shipped with kbdconfig.c 1.66. As I understand it, this is not
	the current shipping woody, but these machines only boot with
	this updated, modified boot-floppies and console-common.

	Hence, only needed for updated boot-floppies, probably for r3
	then.

chill-2.95              stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
chill-2.95              stable    1:2.95.4-7            mips mipsel sparc
chill-2.95              updates   1:2.95.4-11woody1     mips mipsel
cpp-2.95-doc            stable    1:2.95.4-11woody1     all
cpp-2.95                stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
cpp-2.95                stable    1:2.95.4-7            mips mipsel sparc
cpp-2.95                updates   1:2.95.4-11woody1     mips mipsel
g++-2.95                stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
g++-2.95                stable    1:2.95.4-7            mips mipsel sparc
g++-2.95                updates   1:2.95.4-11woody1     mips mipsel
g77-2.95-doc            stable    1:2.95.4-11woody1     all
g77-2.95                stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
g77-2.95                stable    1:2.95.4-7            mips mipsel sparc
g77-2.95                updates   1:2.95.4-11woody1     mips mipsel
gcc-2.95-doc            stable    1:2.95.4-11woody1     all
gcc-2.95                stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
gcc-2.95                stable    1:2.95.4-7            mips mipsel sparc
gcc-2.95                stable    2.95.4.ds13-11woody1  source
gcc-2.95                updates   1:2.95.4-11woody1     mips mipsel
gobjc-2.95              stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
gobjc-2.95              stable    1:2.95.4-7            mips mipsel sparc
gobjc-2.95              updates   1:2.95.4-11woody1     mips mipsel
gpc-2.95-doc            stable    1:2.95.4-11woody1     all
gpc-2.95                stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
gpc-2.95                stable    1:2.95.4-7            mips mipsel sparc
gpc-2.95                updates   1:2.95.4-11woody1     mips mipsel
libg++2.8.1.3-dbg       stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
libg++2.8.1.3-dbg       stable    1:2.95.4-7            mips mipsel sparc
libg++2.8.1.3-dbg       updates   1:2.95.4-11woody1     mips mipsel
libg++2.8.1.3-dev       stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
libg++2.8.1.3-dev       stable    1:2.95.4-7            mips mipsel sparc
libg++2.8.1.3-dev       updates   1:2.95.4-11woody1     mips mipsel
libg++2.8.1.3-glibc2.2  stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
libg++2.8.1.3-glibc2.2  stable    1:2.95.4-7            mips mipsel sparc
libg++2.8.1.3-glibc2.2  updates   1:2.95.4-11woody1     mips mipsel
libstdc++2.10-dbg       stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
libstdc++2.10-dbg       stable    1:2.95.4-7            mips mipsel sparc
libstdc++2.10-dbg       stable    1:2.96-8              ia64
libstdc++2.10-dbg       updates   1:2.95.4-11woody1     mips mipsel
libstdc++2.10-dev       stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
libstdc++2.10-dev       stable    1:2.95.4-7            mips mipsel sparc
libstdc++2.10-dev       stable    1:2.96-8              ia64
libstdc++2.10-dev       updates   1:2.95.4-11woody1     mips mipsel
libstdc++2.10-glibc2.2  stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
libstdc++2.10-glibc2.2  stable    1:2.95.4-7            mips mipsel sparc
libstdc++2.10-glibc2.2  stable    1:2.96-8              ia64
libstdc++2.10-glibc2.2  updates   1:2.95.4-11woody1     mips mipsel
protoize-2.95           stable    1:2.95.4-11woody1     alpha arm i386 m68k powerpc s390
protoize-2.95           stable    1:2.95.4-7            mips mipsel sparc
protoize-2.95           updates   1:2.95.4-11woody1     mips mipsel

	Bring architectures back in sync

	MISSING sparc

kernel-headers-2.2.20-reiserfs     stable    2.2.20-4        i386
kernel-headers-2.2.20-reiserfs     updates   2.2.20-4woody1  i386
kernel-image-2.2.20-reiserfs-i386  stable    2.2.20-4        source
kernel-image-2.2.20-reiserfs-i386  updates   2.2.20-4woody1  source
kernel-image-2.2.20-reiserfs       stable    2.2.20-4        i386
kernel-image-2.2.20-reiserfs       updates   2.2.20-4woody1  i386

	DSA 453 linux-kernel-2.2.20 - failing function and TLB flush

	pcmcia-modules-2.2.20-reiserfs: Depends: kernel-image-2.2.20-reiserfs (= 2.2.20-4)

	*Bummer*

kernel-headers-2.4.18-1-generic  updates   2.4.18-15    alpha
kernel-headers-2.4.18-1-smp      updates   2.4.18-15    alpha
kernel-headers-2.4.18-1          updates   2.4.18-15    alpha
kernel-image-2.4.18-1-alpha      updates   2.4.18-15    source
kernel-image-2.4.18-1-generic    updates   2.4.18-15    alpha
kernel-image-2.4.18-1-smp        updates   2.4.18-15    alpha

	DSA 479 linux-kernel-2.4.18 - several vulnerabilities

	DSA 438 linux-kernel-2.4.18 - missing function return value check

	DSA 417 linux-kernel-2.4.18 - missing boundary check

	New package + incompatible ABI = *Bummer*

kernel-headers-2.4.18-1-386             updates   2.4.18-13.1  i386
kernel-headers-2.4.18-1-586tsc          updates   2.4.18-13.1  i386
kernel-headers-2.4.18-1-686-smp         updates   2.4.18-13.1  i386
kernel-headers-2.4.18-1-686             updates   2.4.18-13.1  i386
kernel-headers-2.4.18-1-k6              updates   2.4.18-13.1  i386
kernel-headers-2.4.18-1-k7              updates   2.4.18-13.1  i386
kernel-headers-2.4.18-1                 updates   2.4.18-13.1  i386
kernel-image-2.4.18-1-386               updates   2.4.18-13.1  i386
kernel-image-2.4.18-1-586tsc            updates   2.4.18-13.1  i386
kernel-image-2.4.18-1-686-smp           updates   2.4.18-13.1  i386
kernel-image-2.4.18-1-686               updates   2.4.18-13.1  i386
kernel-image-2.4.18-1-i386              updates   2.4.18-13.1  source
kernel-image-2.4.18-1-k6                updates   2.4.18-13.1  i386
kernel-image-2.4.18-1-k7                updates   2.4.18-13.1  i386
kernel-pcmcia-modules-2.4.18-1-386      updates   2.4.18-13.1  i386
kernel-pcmcia-modules-2.4.18-1-586tsc   updates   2.4.18-13.1  i386
kernel-pcmcia-modules-2.4.18-1-686-smp  updates   2.4.18-13.1  i386
kernel-pcmcia-modules-2.4.18-1-686      updates   2.4.18-13.1  i386
kernel-pcmcia-modules-2.4.18-1-k6       updates   2.4.18-13.1  i386
kernel-pcmcia-modules-2.4.18-1-k7       updates   2.4.18-13.1  i386

	DSA 479 linux-kernel-2.4.18 - several vulnerabilities

	DSA 438 linux-kernel-2.4.18 - missing function return value check

	New package + incompatible ABI = *Bummer*

kernel-headers-2.4.18-bf2.4  stable    2.4.18-5        i386
kernel-headers-2.4.18-bf2.4  updates   2.4.18-5woody8  i386
kernel-image-2.4.18-bf2.4    stable    2.4.18-5        i386
kernel-image-2.4.18-bf2.4    updates   2.4.18-5woody8  i386
kernel-image-2.4.18-i386bf   stable    2.4.18-5        source
kernel-image-2.4.18-i386bf   updates   2.4.18-5woody8  source

	DSA 479 linux-kernel-2.4.18 - several vulnerabilities

	DSA 403 - kernel-image-2.4.18-1 - local root exploit

	But: pcmcia-modules-2.4.18-bf2.4

	Depends: kernel-image-2.4.18-bf2.4 (= 2.4.18-5)

	*Bummer*

kernel-headers-2.4.17-ia64        stable    011226.13   ia64
kernel-image-2.4.17-ia64          stable    011226.13   source
kernel-image-2.4.17-itanium-smp   stable    011226.13   ia64
kernel-image-2.4.17-itanium       stable    011226.13   ia64
kernel-image-2.4.17-mckinley-smp  stable    011226.13   ia64
kernel-image-2.4.17-mckinley      stable    011226.13   ia64
kernel-source-2.4.17-ia64         stable    011226.13   all
kernel-headers-2.4.19-ia64        updates   020821.1    ia64
kernel-image-2.4.19-ia64          updates   020821.1    source
kernel-image-2.4.19-itanium-smp   updates   020821.1    ia64
kernel-image-2.4.19-itanium       updates   020821.1    ia64
kernel-image-2.4.19-mckinley-smp  updates   020821.1    ia64
kernel-image-2.4.19-mckinley      updates   020821.1    ia64
kernel-source-2.4.19-ia64         updates   020821.1    all

	* initial release of kernel image packages for ia64 based on 2.4.19

	* turn off broadcom gigE driver, change tg3 from module to built-in

	* lose several patches from previous kernel builds now merged upstream

	* update config files for 2.4.19

	New packages, rationale still:

	The 2.4.17 bits which were used to generate the original woody boot floppies
	have some ugly bugs, are not being updated, and generally are not useful
	any more.  Every problem reported on debian-ia64 starts with a request that
	the user move to at least 2.4.19.

	HP has shipped products using the 2.4.19 and 2.4.20 kernel images currently
	in Debian's mirror network, which means they've been through serious testing
	and meet HP product quality standards.  The same is not true of the 2.4.17
	images, as woody was released before HP shipped our first Itanium 2 products.

	Some newer systems cannot even be installed with 2.4.17 based boot floppies,
	we work around that by making alternate installation media available from HP
	based on fresher kernels.  Even on the systems where 2.4.17 is ok for
	install, I don't recommend anyone run a 2.4.17 kernel on any real system.

	When new boot-floppies are uploaded, they'll use this kernel,
	then the kernel will be updated as well.

	TODO: New boot-floppies, contact Bdale

	TODO: Apply security fixes

	TODO: remove actual kernel source and use a kernel-patch instead

	TODO: Build now boot-floppies

kernel-patch-2.4-grsecurity  stable    1.9.4-1     all source
kernel-patch-2.4-grsecurity  updates   1.9.4-3     all source

	-3:

	* Removed patch bit that sets EXTRAVERSION. (closes: Bug#182183)

	* Fix to work with ptrace fixed 2.4.18 (otherwise the patch fails to
	  apply rendering it useless, hence medium urgency). (closes: Bug#194523)

	-4:

	* Fixed around some security patches in 2.4.18 kernel
	  (otherwise the patch fails to apply rendering it useless,
	  hence medium urgency). (refer to Bug#231858).

	-5:

	* Fixed a stupid cut'n'paste bug in the patch for the 2.4.18
	  kernel, which renders the patch unappliable.

	ptrace/2.4 can't go into stable due to binary-incompatibility.

libpam-radius-auth  stable    1.3.14-1    alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
libpam-radius-auth  updates   1.3.14-1.1  i386 source

	SECURITY: fix /etc/pam_radius_auth.conf permissions

	Several non-important yada fixes

	MISSING alpha
	MISSING arm
	MISSING hppa
	MISSING ia64
	MISSING m68k
	MISSING mips
	MISSING mipsel
	MISSING powerpc
	MISSING s390
	MISSING sparc

lsb         stable    1.1.0-11       all source
lsb         updates   1.2-5.woody.1  all source

	Support LSB 1.2 in woody.  Includes all changes through 1.2-6 in sid.

	This package is not sufficient to make Debian stable LSB 1.3
	compliant.  The only approved LSB version is 1.3.  According
	to Anthony also required: alien, kernel-(headers|source|image)
	2.4.19 and glibc, pax.  According to Tobias Burnus
	start-stop-daemon needs to be altered as well.  lsb.deb needs
	another backport.

	Matt Taggart wrote: The separate OpenI18N standard was merged
	into the LSB at 1.3 so there are additional requirements that
	are being tested for now.  These are mostly requirements on
	the commands provided by the LSB and _will_ require patches to
	fix.  I do not know if the patches have been accepted upstream
	yet.  There's a rumor that they affect performance.  there may
	need to be additional changes to glibc for the new test
	suites.

	I don't think that we can meet the LSB 1.3 with Debian stable
	without too many changes, hence LSB updates will be rejected.

	Newsflash: Maybe it's still possible to meet the LSB
	testsuite.  To be discussed after 3.0r2.

libparted1.4-dbg   stable    1.4.24-4          alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libparted1.4-dbg   updates   1.4.24-4.woody.1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libparted1.4-dev   stable    1.4.24-4          alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libparted1.4-dev   updates   1.4.24-4.woody.1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libparted1.4-i18n  stable    1.4.24-4          all
libparted1.4-i18n  updates   1.4.24-4.woody.1  all
libparted1.4       stable    1.4.24-4          alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libparted1.4       updates   1.4.24-4.woody.1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
parted-bf          stable    1.4.24-4          alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
parted-bf          updates   1.4.24-4.woody.1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
parted-doc         stable    1.4.24-4          all
parted-doc         updates   1.4.24-4.woody.1  all
parted             stable    1.4.24-4          alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
parted             updates   1.4.24-4.woody.1  alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

	TODO: Why should this be added to Debian stable?

spellcast   stable    1.0-12      alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
spellcast   updates   1.0-12.1    i386 source

	* Moved to non-free due to licensing which was incorrectly
	  considered free by the previous maintainer. See
	  http://lists.debian.org/debian-legal/2003/debian-legal-200310/msg00136.html

	* Added a rant on why spellcast is not GPL describing the
	  issue in the README.Debian file with more detail than the
	  information available in the copyright file.

	MISSING alpha
	MISSING arm
	MISSING hppa
	MISSING ia64
	MISSING m68k
	MISSING mips
	MISSING mipsel
	MISSING powerpc
	MISSING s390
	MISSING sparc

spellcast-doc  stable    1.0         alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
spellcast-doc  updates   1.0.1       i386 source

	* Moved to non-free due to licensing which was incorrectly
	  considered free by the previous maintainer. See
	  http://lists.debian.org/debian-legal/2003/debian-legal-200310/msg00136.html

	* Added a rant on why spellcast is not GPL describing the
	  issue in the README.Debian file with more detail than the
	  information available in the copyright file.

	MISSING alpha
	MISSING arm
	MISSING hppa
	MISSING ia64
	MISSING m68k
	MISSING mips
	MISSING mipsel
	MISSING powerpc
	MISSING s390
	MISSING sparc

ssed        stable    3.57a-1        alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
ssed        updates   3.57a-2woody   alpha i386 m68k mips powerpc
ssed        updates   3.57a-2woody1  hppa mipsel source
 
delay-install-u ssed_3.57a-2woody_alpha.changes
delay-install-u ssed_3.57a-2woody_i386.changes
delay-install-u ssed_3.57a-2woody_m68k.changes
delay-install-u ssed_3.57a-2woody_mips.changes
delay-install-u ssed_3.57a-2woody_powerpc.changes
delay-install ssed_3.57a-2woody1_hppa.changes
delay-install ssed_3.57a-2woody1_mipsel.changes

	MISSING alpha
	MISSING arm
	MISSING hppa
	MISSING ia64
	MISSING m68k
	MISSING mips
	MISSING powerpc
	MISSING s390
	MISSING sparc

syslog-ng   stable    1.5.15-1    alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
syslog-ng   updates   1.5.15-1.2  hppa mipsel

	1.5.15-1.2 would be DSA 175 syslog-ng - buffer overflow

	1.5.15-2 was a bogus fix and removes the DSA, congratulations.

	And since it has had a newer source, there is no source
	anymore.  Congratulations.  I love it when maintainers think
	properly.


yaboot      stable    1.3.6-1         powerpc source
yaboot      updates   1.3.10-0woody1  powerpc source

	* Backport yaboot 1.3.10 to stable (See bug #190439).

	  - This is necessary to boot/install on recent Apple hardware.

	  - Ethan reports that the one line change between 1.3.9 and 1.3.10 is
	    critical.

	Unly required for new boot-floppies

Rejected Packages
-----------------

These packages don't meet the requirements and will be rejected (if
katie supports that, otherwise we'll just carry them with us until the
end of time).

Removed Packages
----------------

These packages will be removed from the stable Debian distribution.
This normally only a result of license problems when the license
prohibits their distribution.

Disclaimer
----------

This list intends to help the ftp-masters releasing 3.0r4.  They have the
final power to accept a package or not.  If you want to comment on
this list, please send a mail to Martin Schulze <joey@debian.org>.

Last updated 2004/11/12 10:19 MET

-- 
We all know Linux is great... it does infinite loops in 5 seconds.
        -- Linus Torvalds

Attachment: signature.asc
Description: Digital signature


Reply to: