[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SUA 43-1] Upcoming Debian GNU/Linux 7 Update (7.3)

Debian Stable Updates Announcement SUA 43-1       http://www.debian.org/
debian-release@lists.debian.org                          Adam D. Barratt
December 11th, 2013

Upcoming Debian GNU/Linux 7 Update (7.3)

An update to Debian GNU/Linux 7 is scheduled for Saturday, December 14th
2013. As of now it will include the following bug fixes. They can be
found in "wheezy-proposed-updates", which is carried by all official

Please note that packages published through security.debian.org are not
listed, but will be included if possible. Some of the updates below are
also already available through "wheezy-updates".

Testing and feedback would be appreciated. Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of
them by copying "debian-release@lists.debian.org" on your mails.

The point release will also include a rebuild of debian-installer.

Miscellaneous Bugfixes

This stable update adds a few important corrections to the following

    Package                             Reason

    apt                                 Fix handling of :any in single-arch systems and processing of .debs over 2GB in size
    apt-listbugs                        Insecure use of temporary files
    base-files                          Update for point release
    bootchart                           Fix upgrade path from machines which had lenny's bootchart installed
    darktable                           Fix CVE-2013-1438; fix CVE-2013-1439
    distro-info-data                    Add Ubuntu 14.04, Trusty Tahr
    expat                               Do not ship pkgconfig files
    fcitx-cloudpinyin                   Use Google by default, to replace no longer available previous default
    firebird2.5                         Final 2.5.2 release, bug fixes
    gnome-settings-daemon               Remove no longer required patch which makes syndaemon almost useless
    gtk+3.0                             Load the file icon via a data: URI, to work with librsvg's new origin policy
    iftop                               Fix memory leak
    intel-microcode                     New upstream update
    kfreebsd-9                          Disable 101_nullfs_vsock.diff
    libdatetime-timezone-perl           New upstream version
    libguestfs                          Fix CVE-2013-4419: insecure temporary directory handling for remote guestfish
    libnet-server-perl                  Fix use of uninitialized value in pattern match
    libnet-smtp-tls-butmaintained-perl  Fix misuse of IO::Socket::SSL in the SSL_version argument
    librsvg                             Fix CVE-2013-1881: disable loading of external entities
    lua-sql                             Restore multiarch co-installability
    meep-lam4                           Move /usr/include/meep-lam4 to /usr/include/meep; fixes building against the -dev package
    meep-mpi-default                    Move /usr/include/meep-mpi-default to /usr/include/meep; fixes building against the -dev package
    meep-mpich2                         Move /usr/include/meep-mpich2 to /usr/include/meep; fixes building against the -dev package
    meep-openmpi                        Move /usr/include/meep-openmpi to /usr/include/meep; fixes building against the -dev package
    multipath-tools                     Restore "dmsetup export" workaround, lost in previous upload
    nagios3                             Stop status.cgi listing unauthorised hosts and services, miscellaneous bug fixes
    nsd3                                Add $network to Required-Start
    openttd                             Fix CVE-2013-6411 (DoS)
    postgresql-8.4                      New upstream micro-release
    postgresql-9.1                      New upstream micro-release
    rtkit                               Fix access restriction bypass via polkit race condition
    ruby-passenger                      Fix CVE-2013-2119 and CVE-2013-4136: insecure tmp files usage
    scikit-learn                        Move joblib to Depends from Recommends
    smplayer                            Don't append -fontconfig to the command line options for Mplayer2 to prevent crash at startup
    starpu                              Remove non-free example material
    starpu-contrib                      Remove non-free example material
    tzdata                              New upstream release
    usemod-wiki                         Update hardcoded cookie expiration date from 2013 to 2025
    xfce4-weather-plugin                Update weather.com API URI

A complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:


If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at "debian-release@lists.debian.org".

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: