-------------------------------------------------------------------------
Debian Stable Updates Announcement SUA 52-1 http://www.debian.org/
debian-release@lists.debian.org Adam D. Barratt
April 22nd, 2014
-------------------------------------------------------------------------
Upcoming Debian GNU/Linux 7 Update (7.5)
An update to Debian GNU/Linux 7 is scheduled for Saturday, April 26th,
2014. As of now it will include the following bug fixes. They can be
found in "wheezy-proposed-updates", which is carried by all official
mirrors.
Please note that packages published through security.debian.org are not
listed, but will be included if possible. Some of the updates below are
also already available through "wheezy-updates".
Testing and feedback would be appreciated. Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of
them by copying "debian-release@lists.debian.org" on your mails.
The point release will also include a rebuild of debian-installer.
Miscellaneous Bugfixes
----------------------
This stable update adds a few important corrections to the following
packages:
Package Reason
advi Explicitly pass latexdir to make, avoiding files ending up in non-FHS directories
base-files Update for the point release
calendarserver Update zoneinfo to tzdata 2014a
catfish Fix CVE-2014-2093 CVE-2014-2094 CVE-2014-2095 CVE-2014-2096
certificatepatrol Raise upper version limit again to make certificatepatrol usable with iceweasel 24
clamav New upstream version
conkeror Restore compatibility with newer iceweasel versions
debian-installer Add support for QNAP HS-210
docx2txt Add missing dependency on unzip
erlang Fix CVE-2014-1693, checking for CR or LF in user, file or directory names in the FTP module
evolution-ews Fix free/busy indicators with Exchange 2013 servers
firebug Restore compatibility with newer iceweasel versions
flashblock New upstream release; restores compatibility with newer iceweasel versions
freeciv Fix CVE-2012-5645 and CVE-2012-6083
freerdp Fix libfreerdp-dev so that it can be compiled against
glark Force use of ruby 1.8, as glark doesn't work with newer versions
gorm.app Fix FTBFS
greasemonkey Restore compatibility with newer iceweasel versions
gst-plugins-bad0.10 Fix FTBFS related to the libmodplug upgrade in DSA 2751
intel-microcode Microcode update
ktp-filetransfer-handler Fix broken kde-telepathy-filetransfer-handler-dbg on mips
lcms2 Security fixes
libdatetime-timezone-perl Update to tzdata 2014a
libfinance-quote-perl Update URLs of Yahoo! Finance services
libpdf-api2-perl Fix build failure
libquvi-scripts New upstream release
libsoup2.4 Fix issues with NTLM authentication against Windows 2012
libxml2 Fix memory corruption when re-using the library from threaded applications
linux Update to stable 3.2.57, 3.2.55-rt81, drm/agp 3.4.86; several security fixes; e1000e,igb: backport changes up to Linux 3.13
ltsp Fix remote audio on thin clients
meep Stop building with -march=native
meep-openmpi Stop building with -march=native
mozilla-noscript New upstream release; restores compatibility with newer iceweasel versions
mp3gain Several security fixes
net-snmp Fix agentx subagent issues with multiple-object requests and increasing object length (CVE-2014-2310)
newsbeuter Fix FTBFS due to json's switch from boolean to json_bool
nvidia-graphics-drivers New upstream release
nvidia-graphics-modules Build against nvidia-kernel-source 304.117
openblas Fix hang when called from an OpenMP-using program
php-getid3 Fix potential XXE security issue [CVE-2014-2053]
php5 Many fixes backported from upstream
polarssl Fix FTBFS bug due to expired certificates
postgresql-8.4 New upstream micro-release
postgresql-9.1 New upstream micro-release
qemu Fix entry pointer for ELF kernels loaded with -kernel option; only allow real mode to access 32bit without LMA
qemu-kvm Fix entry pointer for ELF kernels loaded with -kernel option; only allow real mode to access 32bit without LMA
quassel Fix CVE-2013-6404: clients can access backlogs belonging to other users
resource-agents Fix HTTPS service checking by IP address
ruby-passenger Fix CVE-2014-1831 and CVE-2014-1832: insecure use of /tmp
sage-extension Restore compatibility with newer iceweasel versions
samba Fix CVE-2012-6150, CVE-2013-4496
samba4 Drop samba4 and winbind4 binary packages
spamassassin Remove 'xxx' from the list of common fake TLDs, since it's not fake any more; remove rules referring to rfc-ignorant.org and NJABL, which have been shut down
spip Fix missing escaping; update security screen
subversion Fix mod_dav_svn crash when handling certain requests [CVE-2014-0032] and removal of libsvnjavahl-1.a/.la/.so from libsvn-dev
sympa Fix CAS authentication issues; fix SQLite upgrade patch to avoid errors with perl <= 5.14; raise a warning instead of an error when the CA bundle file is not readable; provide the missing template help_suspend.tt2
tweepy Update to Twitter API 1.1 and use SSL
tzdata New upstream release
wml Remove temporary directories (ipp.*)
xine-lib Fix modplug-related FTBFS
xine-lib-1.2 Fix modplug-related FTBFS
A complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:
<http://release.debian.org/proposed-updates/stable.html>
Removed packages
----------------
The following packages will be removed due to circumstances beyond our
control:
Package Reason
hlbr Broken
hlbrw Depends on to-be-removed hlbr
If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at "debian-release@lists.debian.org".
Attachment:
signature.asc
Description: This is a digitally signed message part