[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SUA 38-1] Upcoming Debian GNU/Linux 7 Update (7.2)



-------------------------------------------------------------------------
Debian Stable Updates Announcement SUA 38-1        http://www.debian.org/
debian-release@lists.debian.org                           Adam D. Barratt
October 8th, 2013
-------------------------------------------------------------------------

Upcoming Debian GNU/Linux 7 Update (7.2)

An update to Debian GNU/Linux 7 is scheduled for Saturday, October 12th,
2013. As of now it will include the following bug fixes. They can be
found in “wheezy-proposed-updates”, which is carried by all official
mirrors.

Please note that packages published through security.debian.org are not
listed, but will be included if possible. Some of the updates below are
also already available through “wheezy-updates”.

Testing and feedback would be appreciated. Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of
them by copying “debian-release@lists.debian.org” on your mails.

The point release will also include a rebuild of debian-installer.

Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

    Package                       Reason

    adblock-plus                  Declare compatibility with more recent Iceweasel versions
    apr                           Don't override CFLAGS and LDFLAGS during build. This fixes the debug information being useless
    atlas                         Add Breaks: octave3.2 to try and improve some squeeze to wheezy upgrade paths
    base-files                    Update version for point release
    coherence                     Fix incompatibilities with newer Twisted releases
    cookie-monster                Declare compatibility with newer iceweasel versions
    cups                          dnssd backend: don't crash if avahi gives a callback with no TXT record
    curl                          Fix reporting of CURLINFO_CONDITION_UNMET
    debian-edu                    Update from debian-edu-wheezy; remove chmsee Recommends
    debian-edu-artwork            Update from debian-edu-wheezy
    debian-edu-doc                Update from debian-edu-wheezy
    debian-edu-install            Update from debian-edu-wheezy
    devscripts                    Fix build-rdeps to work with Wheezy being stable
    dkimpy                        Fix Gmail signature verification failures due to improper FWS regular expression
    dpkg                          Fix performance issue by correctly caching variables in Dpkg::Arch; fix chmod() arguments order in Dpkg::Source::Quilt; only ignore older packages if the existing version is informative; fix user after free; fix usage of non-existent _() function in multiple places of the Perl code; add Italian man-page translation
    emboss-explorer               Fix application menu when used with EMBOSS 6.4
    fai                           Fix path to dpkg-divert; fix nfsroot package list; lib/task_sysinfo: make sure device is a valid block device before accessing it; documentation updates
    firecookie                    Declare compatibility with newer iceweasel versions
    firetray                      Restore compatibility with newer iceweasel versions
    flash-kernel                  Machine database is case-sensitive so ensure that all instances of "Required-Packages" are capitalized correctly
    foxyproxy                     Declare compatibility with more recent Mozilla software
    freetds                       Make libiodbc Breaks versioned now that it can load multiarch drivers
    fwknop                        Fixed failure to send SPA packets due to uninitialised variable
    gajim                         Improve SSL/TLS handling; fix certificate validation
    ghostscript                   Fix endless loops related to unbalanced q/Q operators
    glusterfs                     Fix use of ext4 backend with linux >= 3.2.46-1+deb7u1
    gnome-settings-daemon         Stop installing security updates without confirmation
    gnome-shell                   Improve GC deadlock handling; make the 'disable-restart-buttons' option of gdm-shell work
    gosa                          Fix LDAP mass import
    grub2                         Fix booting FreeBSD >= 9.1 amd64 kernels
    gxine                         Switch to libmozjs185-dev as the package fails to build with newer versions of libmozjs-dev
    ibus                          Fix ibus-setup breakage by setting all related packages to use --libexec=/usr/lib/ibus
    ibus-anthy                    Fix libexecdir; add python-glade2 to Depends
    ibus-hangul                   Fix libexecdir
    ibus-m17n                     Fix libexecdir
    ibus-pinyin                   Fix libexecdir
    ibus-skk                      Fix libexecdir
    ibus-sunpinyin                Fix libexecdir
    ibus-xkbc                     Fix libexecdir
    ifmetric                      Fix "NETLINK: Packet too small or truncated!" error
    intel-microcode               Update microcode
    iso-scan                      Fix full search entry when no isos are found
    kfreebsd-downloader           Switch to people.debian.org URL for kernel.txz download; the old location no longer works
    krb5-auth-dialog              Fix krb5_principal_compare crashes on NULL arguments
    lftp                          Fix "splits input script file after byte 4096"
    libdatetime-timezone-perl     New upstream release
    libdigest-sha-perl            Fix double-free when Digest::SHA object is destroyed
    libmodule-metadata-perl       Don't claim not to execute code
    libmodule-signature-perl      CVE-2013-2145: Fixes arbitrary code execution when verifying SIGNATURE
    libquvi-scripts               New upstream release
    libvirt                       Fix libvirtd crash when destroying a domain with attached console and race condition when destroying guests; make sure qemu.conf isn't world readable by default
    linux                         Update to 3.2.51 / drm/agp 3.4.6; disable SATA_INIC162X driver; improve efivars free space check
    lm-sensors                    Skip probing for EDID or graphics cards, as it might cause hardware issues
    lvm2                          Fix udev rules to properly exclude special devices and always call "udev sync"
    mapserver                     Fix strict Content-Type matching; correctly enable AGG support
    mdbtools                      Version libiodbc Breaks now that it can load multiarch drivers; fix SEGV in blob data handling; fix double free SEGV in gmdb2 dissector
    meta-gnome3                   Demote xul-ext-adblock-plus to Suggests
    moin                          Avoid creation of empty pagedir
    multipath-tools               Fix upstream copy of kpartx rules; call PREREQS before calling scripts/functions; don't plain exit if root is on multipath device
    mutt                          Stop segfaulting when listing folders with new mails over imap; don't send saved messages to trash
    myodbc                        Version libiodbc Breaks now that it can load multiarch drivers
    netcfg                        Fix check for whether network-manager is installed
    nmap                          Sanitise filenames to fix CVE-2013-4885 (remote arbitrary file creation vulnerability)
    openvpn                       Fix regression with "multihome" option
    openvrml                      Disable JavaScript support as newer versions of Mozilla's JS engine are not supported by openvrml
    openvswitch                   Reset upper layer protocol info on internal devices
    perl                          Fix Digest::SHA double-free crash; fix issue with shared references disappearing on sub return; apply correctness patches from 5.14.4
    perspectives-extension        Fix calculation of quorum length with low number of notaries and/or low quorum percentage
    php5                          Fix several issues relating to traits; don't reset mod_user_is_open in destroy to avoid an annoying warning when using sessions
    postgresql-common             Handle wheezy point release versions
    pyopencl                      Remove non-free file from examples
    python-defaults               Add symlink for /usr/bin/python2, used by various non-distro scripts
    python-dns                    Fix timeouts associated with only one of several available nameservers being unavailable
    python-httplib2               Fix CVE-2013-2037; close connection on certificate mismatch to avoid reuse
    python-keystoneclient         Fix CVE-2013-2013: OpenStack keystone password disclosure on command line
    redmine                       Fix ruby 1.9.1 support
    rt-tests                      Fix hackbench on armhf
    rygel                         Prevent autostart of rygel by default; the default configuration file exposes files to the LAN
    sage-extension                Fix compability with iceweasel 17; ensure that links in the main window are clickable
    samba                         Fix CVE-2013-4124: Denial of service - CPU loop and memory allocation
    shotwell                      Fix crash at startup
    shutdown-at-night             Stop client wake-up cron job complaining about unpingable macines
    sitesummary                   Fix robustness and kernel version parsing in nagios plugin
    slbackup-php                  Fix non-HTTPS logins; don't assume a "backup" host exists in DNS; search for configuration file in a package-specific folder
    smbldap-tools                 Use correct name for net(8); fix qw() warning
    stellarium                    Prevent segfault when OpenGL is not present
    subversion                    Fix Python bindings when built against swig 2.0.5+
    sysvinit                      Correct the Breaks on bootchart to ensure that all broken versions are removed on upgrade
    telepathy-gabble              Work around Facebook server behaviour change with service discovery; initialize libdbus for thread-safety; fix potential FTBFS in highly-parallel builds
    telepathy-idle                Validate TLS certificates
    tntnet                        Fix insecure default tntnet.conf
    torrus                        Fix SNMPv1 maxrepetitions issues
    trac                          New upstream stable release
    ttytter                       Update to work with the Twitter 1.1 API
    tzdata                        New upstream release
    user-mode-linux               Rebuild against linux 3.2.51-1
    uwsgi                         Fix loading of nagios plugin
    virtinst                      Don't specify absolute paths to xen tools; virt-clone: properly set image type
    wv2                           Repack to remove src/generator/generator_wword{6,8}.htm, which should have been removed in earlier uploads
    xinetd                        Fix CVE-2013-4342 making TCPMUX services change the uid
    xmonad-contrib                Fix CVE-2013-1436

A complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:

  <http://release.debian.org/proposed-updates/stable.html>

Removed packages
----------------

The following packages will be removed due to circumstances beyond our
control:

    Package                    Reason

    chmsee              Fails to build with Iceweasel 17
    dactyl              Incompatible with Iceweasel 17
    edbrowse            Incompatible with Iceweasel 17
    jclicmoodle         Requires missing moodle
    pyxpcom             Incompatible with Iceweasel 17
    turpial             Broken by Twitter changes


If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at “debian-release@lists.debian.org”.

Attachment: signature.asc
Description: This is a digitally signed message part


Reply to: