[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Installation of packages from backports, unstable and stable.



On Wed, Jan 27, 2010 at 10:06:39PM +0530, vishnu vardhan wrote:
>    After installing Openoffice, I commented out lines of backports.
>    When I have installed transmission, I did not commented out lines of
>    backports.
>    Normally, I install the packages with the following command :
>    aptitude install "package".
> 

Whatever you implemented, don't let this mamor upgrade confuse you into
checking your apt configs.  Stable is generally very quiet, comparatively:

|Date: Sat, 30 Jan 2010 15:56:47 +0100
|From: Joey Schulze <joey@infodrom.org>
|To: Debian Announcements <debian-announce@lists.debian.org>
|Subject: Debian GNU/Linux 5.0 updated
|
|-------------------------------------------------------------------------
|The Debian Project                                 http://www.debian.org/
|Debian GNU/Linux 5.0 updated                             press@debian.org
|January 30th, 2010               http://www.debian.org/News/2010/20100130
|-------------------------------------------------------------------------
|
|Debian GNU/Linux 5.0 updated
|
|The Debian project is pleased to announce the fourth update of its stable
|distribution Debian GNU/Linux 5.0 (codename "lenny").  This update mainly
|adds corrections for security problems to the stable release, along with
|a few adjustments for serious problems.
|
|Please note that this update does not constitute a new version of Debian
|GNU/Linux 5.0 but only updates some of the packages included.  There is
|no need to throw away 5.0 CDs or DVDs but only to update via an up-to-
|date Debian mirror after an installation, to cause any out of date
|packages to be updated.
|
|Those who frequently install updates from security.debian.org won't have
|to update many packages and most updates from security.debian.org are
|included in this update.
|
|New CD and DVD images containing updated packages and the regular
|installation media accompanied with the package archive respectively will
|be available soon at the regular locations.
|
|Upgrading to this revision online is usually done by pointing the
|aptitude (or apt) package tool (see the sources.list(5) manual page) to
|one of Debian's many FTP or HTTP mirrors.  A comprehensive list of
|mirrors is available at:
|
|    <http://www.debian.org/distrib/ftplist>
|
|
|Miscellaneous Bugfixes
|----------------------
|
|This stable update adds a few important corrections to the following packages:
|
|    Package                         Reason
|
|    alien-arena                     Fix remote arbitrary code execution
|    amarok                          Apply regex update to make Wikipedia tab work again
|    apache2                         Several issues
|    backup-manager                  Fix possible mysql password leakage to local users
|    backuppc                        Prohibit editing of client name alias to avoid unauthorised file access
|    base-files                      Update /etc/debian_version to reflect the point release
|    choose-mirror                   Improve suite selection and validation of suites available on selected mirror
|    clock-setup                     Correctly handle system dates before epoch
|    consolekit                      Don't create pam-foreground-compat tag files for remote users
|    debmirror                       Compress packages files using --rsyncable so they match the files from the archive
|    devscripts                      Update a number of scripts to understand squeeze and lenny-backports
|    dhcp3                           Fix memory leak and SIGPIPE in LDAP code
|    dpkg                            Various fixes to new source package format support
|    drupal6                         Fix XSS issues in Contact and Menu moduels
|    fam                             Fix 100% CPU usage in famd
|    fetchmail                       Fix init script dependencies; don't complain about missing configuration when disabled
|    firebird2.0                     Fix DOS via malformed message
|    gchempaint                      Fix segmentation fault
|    gdebi                           Fix gksu call to not pass an option that the Debian package doesn't support
|    geneweb                         Correctly handle database with names containing whitespace in the postinst
|    ghc6                            Fix deadlock bug on 64-bit architectures
|    glib2.0                         Fix g_file_copy to correctly set permissions of target files
|    glibc                           Fix bug in realloc() when enlarging a memory allocation
|    gnash                           Reduce messages produced by the browser plugin to avoid filling .xsession-errors
|    gnome-system-tools              Don't change root's home directory when editing the user and fix group creation dialog
|    haproxy                         Several stability and crash fixes
|    kazehakase                      Disallow adding bookmarks for data:/javascript: URIs (CVE-2007-1084)
|    killer                          Correctly handle long usernames in the ruser field
|    libcgi-pm-perl                  Fix unwanted ISO-8859-1 -> UTF-8 conversion in CGI::Util::escape()
|    libdbd-mysql-perl               Fix segmentation faults caused by auto_reconnect
|    libdbd-pg-perl                  Correctly handle high-bit characters
|    libfinance-quote-perl           Fix ordering of fields in Yahoo data
|    linux-2.6                       Several corrections
|    linux-kernel-di-alpha-2.6       Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-amd64-2.6       Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-arm-2.6         Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-armel-2.6       Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-hppa-2.6        Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-i386-2.6        Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-ia64-2.6        Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-mips-2.6        Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-mipsel-2.6      Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-powerpc-2.6     Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-s390-2.6        Rebuild against linux-2.6 2.6.26-21
|    linux-kernel-di-sparc-2.6       Rebuild against linux-2.6 2.6.26-21
|    lkl                             Rebuild to get new MD5 sum (previous sum was causing FPs from antivirus)
|    movabletype-opensource          Disable mt-wizard.cgi by default
|    munin                           Fix CPU usage graphs to account for changes in kernel reporting
|    mysql-dfsg-5.0                  Revert "dummy thread" workaround which causes segfaults and fix crash when using GIS functions
|    nss-ldapd                       Treat usernames and other lookups as case-sensitive
|    openttd                         Fix remote crash vulnerability
|    otrs2                           Don't globally limit MaxRequestsPerChild on Apache or reject valid domains
|    partman-auto-crypto             Avoid triggering unsafe swap warning when setting up LVM
|    planet-venus                    Enhance escaping of processed feeds
|    proftpd-dfsg                    SSL certificate verification weakness
|    pyenchant                       Make add_to_personal() work again
|    python-docutils                 Fix insecure temporary file usage in reStructuredText Emacs mode
|    python-xml                      Fix two denials of service
|    qcontrol                        Create persistent input device to handle changes in udev 0.125-7+lenny3
|    redhat-cluster                  Fix problem with resource failover
|    request-tracker3.6              Session hijack vulnerability
|    roundup                         Fix pagination regression caused by security fix
|    samba                           Fix regression in name mangling
|    serveez                         Fix remote buffer overflow
|    shadow                          Fix handling of long lines in the user or group files
|    spamassassin                    Don't consider dates in 2010 "grossly in the future"
|    system-tools-backends           Fix regression in operation of some elements
|    texlive-bin                     Fix crash with large files
|    tor                             Fix crash due to race condition and update authority keys
|    totem                           Update youtube plugin to match changes to the site
|    tzdata                          Update timezone data
|    usbutils                        Update USB IDs
|    user-mode-linux                 Rebuild against linux-source-2.6.26 2.6.26-21
|    vpb-driver                      Fix Asterisk crash with missing config file
|    watchdog                        Ensure daemon really has ended before starting a new one
|    webauth                         Avoid inadvertently including passwords in cookie test URLs
|    wireshark                       Several vulnerabilities
|    xfs                             Fix temporary directory usage in the init script
|    xscreensaver                    Fix local screen lock bypass vulnerability
|
|A number of packages were rebuilt on the alpha, amd64 and ia64 
|architectures to incorporate the fix from the updated ghc6 package:
|
|    alex                               arch2darcs
|    bnfc                               c2hs
|    dfsbuild                           drift
|    cpphs                              darcs
|    darcs-buildpackage                 darcs-monitor
|    datapacker                         frown
|    geordi                             haddock
|    happy                              haskell-utils
|    hat                                helium
|    hmake                              hpodder
|    hscolour                           lhs2tex
|    kaya                               pxsl-tools
|    srcinst                            uuagc
|    whitespace                         xmonad
|
|
|Debian Installer
|----------------
|
|The Debian Installer has been updated in this point release to offer 
|better support for installation of the "oldstable" distribution and from 
|archive.debian.org.  The new installer also allows the system date to be 
|updated using NTP if it is before January 1st, 1970 at boot time.
|
|The kernel image used by the installer has been updated to incorporate a 
|number of important and security-related fixes together with support for 
|additional hardware.
|
|An update to the udev package in the previous point release 
|unfortunately led to the LEDs and on-board buzzer of arm/armel-based 
|QNAP NAS devices not operating during installs.  This is rectified in 
|the new installer release.
|
|Finally, it is once again possible to use the installer on the S/390 
|architecture by booting from CD.
|
|
|Security Updates
|----------------
|
|This revision adds the following security updates to the stable release.  
|The Security Team has already released an advisory for each of these updates:
|
|    Advisory ID    Package                 Correction(s)
|
|    DSA 1796       libwmf                  Denial of service
|    DSA 1825       nagios3                 Arbitrary code execution
|    DSA 1835       tiff                    Several vulnerabilities
|    DSA 1836       fckeditor               Arbitrary code execution
|    DSA 1837       dbus                    Denial of service
|    DSA 1839       gst-plugins-good0.10    Arbitrary code execution
|    DSA 1849       xml-security-c          Signature forgery
|    DSA 1850       libmodplug              Arbitrary code execution
|    DSA 1860       ruby1.9                 Several issues
|    DSA 1863       zope2.10                Arbitrary code execution
|    DSA 1866       kdegraphics             Several vulnerabilities
|    DSA 1868       kde4libs                Several vulnerabilities
|    DSA 1878       devscripts              Remote code execution
|    DSA 1879       silc-client             Arbitrary code execution
|    DSA 1879       silc-toolkit            Arbitrary code execution
|    DSA 1880       openoffice.org          Arbitrary code execution
|    DSA 1882       xapian-omega            Cross-site scripting
|    DSA 1884       nginx                   Arbitrary code execution
|    DSA 1885       xulrunner               Several vulnerabilities
|    DSA 1886       iceweasel               Several vulnerabilities
|    DSA 1887       rails                   Cross-site scripting
|    DSA 1888       openssl                 Deprecate MD2 hash signatures
|    DSA 1889       icu                     Security bypass due to multibyte sequence parsing
|    DSA 1890       wxwidgets2.6            Arbitrary code execution
|    DSA 1890       wxwidgets2.8            Arbitrary code execution
|    DSA 1891       changetrack             Arbitrary code execution
|    DSA 1892       dovecot                 Arbitrary code execution
|    DSA 1893       cyrus-imapd-2.2         Arbitrary code execution
|    DSA 1893       kolab-cyrus-imapd       Arbitrary code execution
|    DSA 1894       newt                    Arbitrary code execution
|    DSA 1895       opensaml2               Interpretation conflict
|    DSA 1895       shibboleth-sp2          Interpretation conflict
|    DSA 1895       xmltooling              Potential code execution
|    DSA 1896       opensaml                Potential code execution
|    DSA 1896       shibboleth-sp           Potential code execution
|    DSA 1897       horde3                  Arbitrary code execution
|    DSA 1898       openswan                Denial of service
|    DSA 1899       strongswan              Denial of service
|    DSA 1900       postgresql-8.3          Various problems
|    DSA 1903       graphicsmagick          Several vulnerabilities
|    DSA 1904       wget                    SSL certificate verification weakness
|    DSA 1905       python-django           Denial of service
|    DSA 1907       kvm                     Several vulnerabilities
|    DSA 1908       samba                   Several vulnerabilities
|    DSA 1909       postgresql-ocaml        Missing escape function
|    DSA 1910       mysql-ocaml             Missing escape function
|    DSA 1911       pygresql                Missing escape function
|    DSA 1912       advi                    Arbitrary code execution
|    DSA 1912       camlimages              Arbitrary code execution
|    DSA 1913       bugzilla                SQL injection
|    DSA 1914       mapserver               Serveral vulnerabilities
|    DSA 1915       linux-2.6               Several vulnerabilities
|    DSA 1915       user-mode-linux         Several vulnerabilities
|    DSA 1916       kdelibs                 SSL certificate verification weakness
|    DSA 1917       mimetex                 Several vulnerabilities
|    DSA 1918       phpmyadmin              Several vulnerabilities
|    DSA 1919       smarty                  Several vulnerabilities
|    DSA 1920       nginx                   Denial of service
|    DSA 1921       expat                   Denial of service
|    DSA 1922       xulrunner               Several vulnerabilities
|    DSA 1923       libhtml-parser-perl     Denial of service
|    DSA 1924       mahara                  Several vulnerabilities
|    DSA 1925       proftpd-dfsg            SSL certificate verification weakness
|    DSA 1926       typo3-src               Several vulnerabilities
|    DSA 1930       drupal6                 Several vulnerabilities
|    DSA 1931       nspr                    Several vulnerabilities
|    DSA 1932       pidgin                  Arbitrary code execution
|    DSA 1933       cups                    Cross-site scripting
|    DSA 1934       apache2                 Several issues
|    DSA 1934       apache2-mpm-itk         Several issues
|    DSA 1935       gnutls26                SSL certificate NUL byte vulnerability
|    DSA 1936       libgd2                  Several vulnerabilities
|    DSA 1937       gforge                  Cross-site scripting
|    DSA 1938       php-mail                Insufficient input sanitising
|    DSA 1939       libvorbis               Several vulnerabilities
|    DSA 1940       php5                    Multiple issues
|    DSA 1941       poppler                 Several vulnerabilities
|    DSA 1942       wireshark               Several vulnerabilities
|    DSA 1944       request-tracker3.6      Session hijack vulnerability
|    DSA 1945       gforge                  Denial of service
|    DSA 1947       opensaml2               Cross-site scripting
|    DSA 1947       shibboleth-sp           Cross-site scripting
|    DSA 1947       shibboleth-sp2          Cross-site scripting
|    DSA 1948       ntp                     Denial of service
|    DSA 1949       php-net-ping            Arbitrary code execution
|    DSA 1950       webkit                  Several vulnerabilities
|    DSA 1951       firefox-sage            Insufficient input sanitizing
|    DSA 1952       asterisk                Several vulnerabilities
|    DSA 1953       expat                   Denial of service
|    DSA 1954       cacti                   Insufficient input sanitising
|    DSA 1956       xulrunner               Several vulnerabilities
|    DSA 1957       aria2                   Arbitrary code execution
|    DSA 1958       libtool                 Privilege escalation
|    DSA 1959       ganeti                  Arbitrary command execution
|    DSA 1960       acpid                   Weak file permissions
|    DSA 1961       bind9                   Cache poisoning
|    DSA 1962       kvm                     Several vulnerabilities
|    DSA 1963       unbound                 DNSSEC validation
|    DSA 1964       postgresql-8.3          Several vulnerabilities
|    DSA 1965       phpldapadmin            Remote file inclusion
|    DSA 1966       horde3                  Cross-site scripting
|    DSA 1967       transmission            Directory traversal
|    DSA 1968       pdns-recursor           Potential code execution
|    DSA 1969       krb5                    Denial of service
|    DSA 1970       openssl                 Denial of service
|    DSA 1971       libthai                 Arbitrary code execution
|    DSA 1972       audiofile               Buffer overflow
|    DSA 1974       gzip                    Arbitrary code execution
|    DSA 1976       dokuwiki                Several vulnerabilities
|    DSA 1978       phpgroupware            Several vulnerabilities
|    DSA 1979       lintian                 Multiple vulnerabilities
|    DSA 1980       ircd-hybrid             Arbitrary code execution
|
|
|Removed packages
|----------------
|
|The following packages were removed due to circumstances beyond our
|control:
|
|    Package               Reason
|
|    destar                Security issues; unmaintained; abandoned upstream
|    electricsheep         No longer functional
|    gnudip                Security issues; unmaintained; abandoned upstream
|    kcheckgmail           No longer functional
|    libgnucrypto-java     Security issues; obsolete
|
|Additionally those parts of the libwww-search-perl and 
|libperl4caml-ocaml-dev packages which rely on the Google SOAP search 
|API (provided by libnet-google-perl) are no longer functional as the
|API has been retired by Google.  The remaining portions of the
|packages will continue to function as before.
|

. . .

-- 
Kind Regards,
Freeman


Reply to: