On Sat, Dec 13, 2008 at 04:37:51PM +0100, Philipp Kern wrote: > Preparation of Debian GNU/Linux 4.0r6 > ===================================== > > Accepted Packages > ----------------- > > These packages will be installed into the stable Debian distribution > and will be part of the next revision. Also accepted was this upload to reportbug: Sourceful update of reportbug: version in stable: 3.31 version in updates: 3.31+etch1 Rationales: - 3.31+etch1: reportbug - bugs.d.o is now RR DNS. SMTP is only running on one of them. And the following security updates (also listed below): Sourceful update of phpmyadmin: version in stable: 4:2.9.1.1-8 version in updates: 4:2.9.1.1-9 Rationales: - 2.9.1.1-9: DSA 1675 phpmyadmin - fix cross site scripting, fix regression introduced in DSA 1641 Sourceful update of fai-kernels: version in stable: 1.17+etch.23 version in updates: 1.17+etch.23etch1 - 1.17+etch.23etch1: DSA 1687 fai-kernels - several vulnerabilities Sourceful update of squirrelmail: version in stable: 2:1.4.9a-2 version in updates: 2:1.4.9a-3 Rationales: - 1.4.9a-3: DSA 1682 squirrelmail - fix cross site scripting Sourceful update of user-mode-linux: version in stable: 2.6.18-1um-2etch.23 version in updates: 2.6.18-1um-2etch.23etch1 Rationales: - 2.6.18-1um-2etch.23etch1: DSA 1687 user-mode-linux - several vulnerabilities Sourceful update of linux-2.6: version in stable: 2.6.18.dfsg.1-23 version in updates: 2.6.18.dfsg.1-23etch1 Rationales: - 2.6.18.dfsg.1-23etch1: DSA 1687 linux-2.6 - several vulnerabilities > Requires further Investigation > ------------------------------ > > These packages need further investigation. One reason the package is > listed here could be that I'm not yet convinced this package should go > into stable, but don't want to reject it entirely at the moment. > > Another reason could be that released and updated architectures are > not yet in sync. > > Sourceful update of devscripts: > version in stable: 2.9.26 > version in updates: 2.9.26etch1 > Rationales: > - 2.9.26etch1: devscripts - Allow signing of changes files produced by dpkg versions >= 1.14.17 (#474949) > Problems: mipsel build missing > > Sourceful update of graphviz: > version in stable: 2.8-2.4 > version in updates: 2.8-3+etch1 > Rationales: > - 2.8-3+etch1: graphviz - fix stack overflow (CVE-2008-4555) > Problems: ia64 and mipsel builds missing The builds for both packages are in and they are ready to be installed into stable. > Sourceful update of perl: > version in updates: 5.8.8-7etch4 > version in updates-NEW: 5.8.8-7etch5 > Rationales: > - 5.8.8-7etch5: DSA 1678 perl - fix privilege escalation > Problems: FTBFS on hppa This will hopefully be fixed with a new upload for the next point release. > Packages Waiting for Investigation > ---------------------------------- > > glpi | 0.68.2-1etch0.2 > phpmyadmin | 2.9.1.1-9 > squirrelmail | 1.4.9a-3 > uw-imap | 2002edebian1-13.1+etch1 phpmyadmin and squirrelmail have been accepted. The other two (glpi and uw-imap) will be considered for the next point release. > Covered DSAs > ------------ > > The following DSAs are incorporated into this point release. Additionally to those already listed the following were accepted into this point release: DSA 1675 | phpmyadmin | fix cross site scripting, fix regression introduced in DSA 1641 DSA 1682 | squirrelmail | fix cross site scripting DSA 1687 | fai-kernels | several vulnerabilities DSA 1687 | linux-2.6 | several vulnerabilities DSA 1687 | user-mode-linux | several vulnerabilities Kind regards, Philipp Kern -- .''`. Philipp Kern Debian Developer : :' : http://philkern.de Release Assistant `. `' xmpp:phil@0x539.de Stable Release Manager `- finger pkern/key@db.debian.org
Attachment:
signature.asc
Description: Digital signature