[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SUA8-1] Upcoming Debian GNU/Linux 6.0 Update (6.0.2)

Debian Stable Updates Announcement SUA 8-1         http://www.debian.org/
debian-release@lists.debian.org                              Philipp Kern
June 19th, 2011

Upcoming Debian GNU/Linux 6.0 Update (6.0.2)

An update to Debian GNU/Linux 6.0 is scheduled for Saturday, June 25th,
2011.  As of now it will include the following bug fixes.  They can be
found in “squeeze-proposed-updates”, which is carried by all official

Please note that packages published through security.debian.org are not
listed, but will be included if possible.  Some for the updates below
are also already available through “squeeze-updates”.

Testing and feedback would be appreciated.  Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of
them by copying “debian-release@lists.debian.org” on your mails.

The point release will also include a rebuild of debian-installer.

Miscellaneous Bugfixes

This stable update adds a few important corrections to the following

    Package                       Reason

    aide                          Properly support large files on 32-bit systems; fix group for bind9 log files
    approx                        Don't try caching InRelease or non-.gz compressed files
    apr                           Fix apr_ino_t changing size depending on -D_FILE_OFFSET_BITS on kfreebsd-*
    apt                           Fix file size calculation on big-endian arches; don't prompt for CD re-insertion on "apt-get update"; add XZ support
    apt-listchanges               Correctly handle NEWS files containing only one entry
    clive                         Adapt for liveleak.com changes
    dbus                          Fix local DoS for system services (CVE-2011-2200)
    debian-installer              Rebuild to include new kernel and add pata modules for ia64
    deborphan                     Exclude libreoffice from --guess-section output; trap WINCH in a POSIX way; minor translation fixes
    dokuwiki                      Fix an ACL bypass issue in the XMLRPC interface
    dpkg                          Fix regression in "dpkg-divert --rename"; dpkg-split: don't corrupt metadata on 32-bit systems; fix vsnprintf() compat declaration
    e2fsprogs                     Various bug fixes
    fakechroot                    Fix "debootstrap --variant=fakechroot"
    fcgiwrap                      Fix init script's "stop" target
    gdm3                          Reset SIGPIPE handler before starting the session; execute the PostSession script even when GDM is killed or shut down
    git                           Allow remove and purge in one step by terminating the git-daemon/log service before removing the gitlog user
    gnome-settings-daemon         Work around possible race condition when starting Xsettings manager
    ia32-libs                     Refresh packages from stable and proposed-updates.
    iceowl                        Security updates
    im-config                     Avoid breaking login via GDM if im-config is removed but not purged
    inn                           Stop using "sort +1n" in makehistory; disable outdated CHECK_INCLUDED_TEXT option by default
    josm                          Give more verbose explanation to users who haven't agreed to the new OSM license
    kde4libs                      Wildcard SSL certificate and XSS security fixes; ktar checksum and UTF-8 longlink fixes
    kdenetwork                    Improve fix for CVE-2010-1000 directory traversal issue
    kerneltop                     Increase line buffer size to 1024 bytes
    klibc                         Ipconfig: escape DHCP options and correctly handle multiple connected network devices
    krb5                          Fix DoS; fix interoperability with w2k8r2 KDCs; fix invalid free and double free; don't make authentication fail if PAC verification fails
    kupfer                        Use correct parameter type to allow keybindings to work again
    libapache2-mod-perl2          Rebuild against apr 1.4.2-6+squeeze3 to pick up apr_ino_t size fix on kFreeBSD
    libburn                       Don't create images with overly-restrictive permissions
    libfinance-quotehist-perl     Disable test suite, broken by website changes
    libmms                        Fix alignment issues on arm
    linux-2.6                     New hardware support; add longterm; fix oops via corrupted partition tables
    linux-kernel-di-amd64-2.6     Rebuild against linux-2.6 2.6.32-25
    linux-kernel-di-armel-2.6     Rebuild against linux-2.6 2.6.32-25
    linux-kernel-di-i386-2.6      Rebuild against linux-2.6 2.6.32-25
    linux-kernel-di-ia64-2.6      Add pata-modules udeb; rebuild against version 2.6.32-35 of linux-2.6
    linux-kernel-di-mips-2.6      Rebuild against linux-2.6 2.6.32-25
    linux-kernel-di-mipsel-2.6    Rebuild against linux-2.6 2.6.32-25
    linux-kernel-di-powerpc-2.6   Rebuild against linux-2.6 2.6.32-25
    linux-kernel-di-s390-2.6      Rebuild against linux-2.6 2.6.32-25
    linux-kernel-di-sparc-2.6     Rebuild against linux-2.6 2.6.32-25
    lua-expat                     Fix the "billion laughs" DoS attack
    monkeysphere                  Fix monkeysphere-host revoke-key
    nagios-plugins                Allocate a big enough buffer to handle all IPs of hosts being pinged
    nsd3                          Remove statoverride before removing the package's user
    openldap                      Fix possible database corruption issues, several security issues and dpkg-reconfigure
    php-svn                       Rebuild against apr 1.4.2-6+squeeze3 to pick up apr_ino_t size fix on kFreeBSD
    php5                          Rebuild against apr 1.4.2-6+squeeze3 to pick up apr_ino_t size fix on kFreeBSD
    pianobar                      Update API keys for XMLRPC v30
    postgresql-8.4                New upstream bugfix release; fix pg_upgrade use with TOAST tables
    prosody                       Fix the "billion laughs" DoS attack
    puppet                        Fix service provider to properly use update-rc.d disable API
    python-apt                    Strip multiarch by default in RealParseDepends; add XZ support
    python-gudev                  Add missing dependency on python-gobject
    q4wine                        Stop shipping the library in lib64
    qemu                          Don't register qemu-mips(el) with binfmt on mips(el)
    qemu-kvm                      Fix division by 0 with some guests; fix vnc zlib overflow; don't abort on user hardware errors; fix migration on 32-bit
    qt4-x11                       Blacklist some fraudulent SSL certificates; fix weakness in wildcard certificate verification
    rapidsvn                      Rebuild against apr 1.4.2-6+squeeze3 to pick up apr_ino_t size fix on kFreeBSD
    refpolicy                     Various permissions fixes
    ruby1.8                       Fix upgrades from lenny by making libruby1.8 conflict/replace irb1.8 and rdoc1.8
    samba                         Fix undefined symbol error from tdb2.so; document the new and potentially disruptive "map untrusted to domain"
    schroot                       Fix loading of dchroot.conf
    softhsm                       Remove statoverride entries before the package's user
    sun-java6                     New upstream security update
    tzdata                        New upstream version
    vimperator                    Resolve compatibility issues with iceweasel
    widelands                     Fix potential security issue in Internet games
    xenomai                       Adapt kernel patch to apply cleanly to squeeze's kernel
    xserver-xorg-video-tseng      Fix driver initialisation

A complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:


If there are any issues, please don't hesitate to get in touch with the
Debian Release Team at “debian-release@lists.debian.org”.

Attachment: signature.asc
Description: Digital signature

Reply to: