Re: Installation of packages from backports, unstable and stable.
On Wed, Jan 27, 2010 at 10:06:39PM +0530, vishnu vardhan wrote:
> After installing Openoffice, I commented out lines of backports.
> When I have installed transmission, I did not commented out lines of
> backports.
> Normally, I install the packages with the following command :
> aptitude install "package".
>
Whatever you implemented, don't let this mamor upgrade confuse you into
checking your apt configs. Stable is generally very quiet, comparatively:
|Date: Sat, 30 Jan 2010 15:56:47 +0100
|From: Joey Schulze <joey@infodrom.org>
|To: Debian Announcements <debian-announce@lists.debian.org>
|Subject: Debian GNU/Linux 5.0 updated
|
|-------------------------------------------------------------------------
|The Debian Project http://www.debian.org/
|Debian GNU/Linux 5.0 updated press@debian.org
|January 30th, 2010 http://www.debian.org/News/2010/20100130
|-------------------------------------------------------------------------
|
|Debian GNU/Linux 5.0 updated
|
|The Debian project is pleased to announce the fourth update of its stable
|distribution Debian GNU/Linux 5.0 (codename "lenny"). This update mainly
|adds corrections for security problems to the stable release, along with
|a few adjustments for serious problems.
|
|Please note that this update does not constitute a new version of Debian
|GNU/Linux 5.0 but only updates some of the packages included. There is
|no need to throw away 5.0 CDs or DVDs but only to update via an up-to-
|date Debian mirror after an installation, to cause any out of date
|packages to be updated.
|
|Those who frequently install updates from security.debian.org won't have
|to update many packages and most updates from security.debian.org are
|included in this update.
|
|New CD and DVD images containing updated packages and the regular
|installation media accompanied with the package archive respectively will
|be available soon at the regular locations.
|
|Upgrading to this revision online is usually done by pointing the
|aptitude (or apt) package tool (see the sources.list(5) manual page) to
|one of Debian's many FTP or HTTP mirrors. A comprehensive list of
|mirrors is available at:
|
| <http://www.debian.org/distrib/ftplist>
|
|
|Miscellaneous Bugfixes
|----------------------
|
|This stable update adds a few important corrections to the following packages:
|
| Package Reason
|
| alien-arena Fix remote arbitrary code execution
| amarok Apply regex update to make Wikipedia tab work again
| apache2 Several issues
| backup-manager Fix possible mysql password leakage to local users
| backuppc Prohibit editing of client name alias to avoid unauthorised file access
| base-files Update /etc/debian_version to reflect the point release
| choose-mirror Improve suite selection and validation of suites available on selected mirror
| clock-setup Correctly handle system dates before epoch
| consolekit Don't create pam-foreground-compat tag files for remote users
| debmirror Compress packages files using --rsyncable so they match the files from the archive
| devscripts Update a number of scripts to understand squeeze and lenny-backports
| dhcp3 Fix memory leak and SIGPIPE in LDAP code
| dpkg Various fixes to new source package format support
| drupal6 Fix XSS issues in Contact and Menu moduels
| fam Fix 100% CPU usage in famd
| fetchmail Fix init script dependencies; don't complain about missing configuration when disabled
| firebird2.0 Fix DOS via malformed message
| gchempaint Fix segmentation fault
| gdebi Fix gksu call to not pass an option that the Debian package doesn't support
| geneweb Correctly handle database with names containing whitespace in the postinst
| ghc6 Fix deadlock bug on 64-bit architectures
| glib2.0 Fix g_file_copy to correctly set permissions of target files
| glibc Fix bug in realloc() when enlarging a memory allocation
| gnash Reduce messages produced by the browser plugin to avoid filling .xsession-errors
| gnome-system-tools Don't change root's home directory when editing the user and fix group creation dialog
| haproxy Several stability and crash fixes
| kazehakase Disallow adding bookmarks for data:/javascript: URIs (CVE-2007-1084)
| killer Correctly handle long usernames in the ruser field
| libcgi-pm-perl Fix unwanted ISO-8859-1 -> UTF-8 conversion in CGI::Util::escape()
| libdbd-mysql-perl Fix segmentation faults caused by auto_reconnect
| libdbd-pg-perl Correctly handle high-bit characters
| libfinance-quote-perl Fix ordering of fields in Yahoo data
| linux-2.6 Several corrections
| linux-kernel-di-alpha-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-amd64-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-arm-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-armel-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-hppa-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-i386-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-ia64-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-mips-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-mipsel-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-powerpc-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-s390-2.6 Rebuild against linux-2.6 2.6.26-21
| linux-kernel-di-sparc-2.6 Rebuild against linux-2.6 2.6.26-21
| lkl Rebuild to get new MD5 sum (previous sum was causing FPs from antivirus)
| movabletype-opensource Disable mt-wizard.cgi by default
| munin Fix CPU usage graphs to account for changes in kernel reporting
| mysql-dfsg-5.0 Revert "dummy thread" workaround which causes segfaults and fix crash when using GIS functions
| nss-ldapd Treat usernames and other lookups as case-sensitive
| openttd Fix remote crash vulnerability
| otrs2 Don't globally limit MaxRequestsPerChild on Apache or reject valid domains
| partman-auto-crypto Avoid triggering unsafe swap warning when setting up LVM
| planet-venus Enhance escaping of processed feeds
| proftpd-dfsg SSL certificate verification weakness
| pyenchant Make add_to_personal() work again
| python-docutils Fix insecure temporary file usage in reStructuredText Emacs mode
| python-xml Fix two denials of service
| qcontrol Create persistent input device to handle changes in udev 0.125-7+lenny3
| redhat-cluster Fix problem with resource failover
| request-tracker3.6 Session hijack vulnerability
| roundup Fix pagination regression caused by security fix
| samba Fix regression in name mangling
| serveez Fix remote buffer overflow
| shadow Fix handling of long lines in the user or group files
| spamassassin Don't consider dates in 2010 "grossly in the future"
| system-tools-backends Fix regression in operation of some elements
| texlive-bin Fix crash with large files
| tor Fix crash due to race condition and update authority keys
| totem Update youtube plugin to match changes to the site
| tzdata Update timezone data
| usbutils Update USB IDs
| user-mode-linux Rebuild against linux-source-2.6.26 2.6.26-21
| vpb-driver Fix Asterisk crash with missing config file
| watchdog Ensure daemon really has ended before starting a new one
| webauth Avoid inadvertently including passwords in cookie test URLs
| wireshark Several vulnerabilities
| xfs Fix temporary directory usage in the init script
| xscreensaver Fix local screen lock bypass vulnerability
|
|A number of packages were rebuilt on the alpha, amd64 and ia64
|architectures to incorporate the fix from the updated ghc6 package:
|
| alex arch2darcs
| bnfc c2hs
| dfsbuild drift
| cpphs darcs
| darcs-buildpackage darcs-monitor
| datapacker frown
| geordi haddock
| happy haskell-utils
| hat helium
| hmake hpodder
| hscolour lhs2tex
| kaya pxsl-tools
| srcinst uuagc
| whitespace xmonad
|
|
|Debian Installer
|----------------
|
|The Debian Installer has been updated in this point release to offer
|better support for installation of the "oldstable" distribution and from
|archive.debian.org. The new installer also allows the system date to be
|updated using NTP if it is before January 1st, 1970 at boot time.
|
|The kernel image used by the installer has been updated to incorporate a
|number of important and security-related fixes together with support for
|additional hardware.
|
|An update to the udev package in the previous point release
|unfortunately led to the LEDs and on-board buzzer of arm/armel-based
|QNAP NAS devices not operating during installs. This is rectified in
|the new installer release.
|
|Finally, it is once again possible to use the installer on the S/390
|architecture by booting from CD.
|
|
|Security Updates
|----------------
|
|This revision adds the following security updates to the stable release.
|The Security Team has already released an advisory for each of these updates:
|
| Advisory ID Package Correction(s)
|
| DSA 1796 libwmf Denial of service
| DSA 1825 nagios3 Arbitrary code execution
| DSA 1835 tiff Several vulnerabilities
| DSA 1836 fckeditor Arbitrary code execution
| DSA 1837 dbus Denial of service
| DSA 1839 gst-plugins-good0.10 Arbitrary code execution
| DSA 1849 xml-security-c Signature forgery
| DSA 1850 libmodplug Arbitrary code execution
| DSA 1860 ruby1.9 Several issues
| DSA 1863 zope2.10 Arbitrary code execution
| DSA 1866 kdegraphics Several vulnerabilities
| DSA 1868 kde4libs Several vulnerabilities
| DSA 1878 devscripts Remote code execution
| DSA 1879 silc-client Arbitrary code execution
| DSA 1879 silc-toolkit Arbitrary code execution
| DSA 1880 openoffice.org Arbitrary code execution
| DSA 1882 xapian-omega Cross-site scripting
| DSA 1884 nginx Arbitrary code execution
| DSA 1885 xulrunner Several vulnerabilities
| DSA 1886 iceweasel Several vulnerabilities
| DSA 1887 rails Cross-site scripting
| DSA 1888 openssl Deprecate MD2 hash signatures
| DSA 1889 icu Security bypass due to multibyte sequence parsing
| DSA 1890 wxwidgets2.6 Arbitrary code execution
| DSA 1890 wxwidgets2.8 Arbitrary code execution
| DSA 1891 changetrack Arbitrary code execution
| DSA 1892 dovecot Arbitrary code execution
| DSA 1893 cyrus-imapd-2.2 Arbitrary code execution
| DSA 1893 kolab-cyrus-imapd Arbitrary code execution
| DSA 1894 newt Arbitrary code execution
| DSA 1895 opensaml2 Interpretation conflict
| DSA 1895 shibboleth-sp2 Interpretation conflict
| DSA 1895 xmltooling Potential code execution
| DSA 1896 opensaml Potential code execution
| DSA 1896 shibboleth-sp Potential code execution
| DSA 1897 horde3 Arbitrary code execution
| DSA 1898 openswan Denial of service
| DSA 1899 strongswan Denial of service
| DSA 1900 postgresql-8.3 Various problems
| DSA 1903 graphicsmagick Several vulnerabilities
| DSA 1904 wget SSL certificate verification weakness
| DSA 1905 python-django Denial of service
| DSA 1907 kvm Several vulnerabilities
| DSA 1908 samba Several vulnerabilities
| DSA 1909 postgresql-ocaml Missing escape function
| DSA 1910 mysql-ocaml Missing escape function
| DSA 1911 pygresql Missing escape function
| DSA 1912 advi Arbitrary code execution
| DSA 1912 camlimages Arbitrary code execution
| DSA 1913 bugzilla SQL injection
| DSA 1914 mapserver Serveral vulnerabilities
| DSA 1915 linux-2.6 Several vulnerabilities
| DSA 1915 user-mode-linux Several vulnerabilities
| DSA 1916 kdelibs SSL certificate verification weakness
| DSA 1917 mimetex Several vulnerabilities
| DSA 1918 phpmyadmin Several vulnerabilities
| DSA 1919 smarty Several vulnerabilities
| DSA 1920 nginx Denial of service
| DSA 1921 expat Denial of service
| DSA 1922 xulrunner Several vulnerabilities
| DSA 1923 libhtml-parser-perl Denial of service
| DSA 1924 mahara Several vulnerabilities
| DSA 1925 proftpd-dfsg SSL certificate verification weakness
| DSA 1926 typo3-src Several vulnerabilities
| DSA 1930 drupal6 Several vulnerabilities
| DSA 1931 nspr Several vulnerabilities
| DSA 1932 pidgin Arbitrary code execution
| DSA 1933 cups Cross-site scripting
| DSA 1934 apache2 Several issues
| DSA 1934 apache2-mpm-itk Several issues
| DSA 1935 gnutls26 SSL certificate NUL byte vulnerability
| DSA 1936 libgd2 Several vulnerabilities
| DSA 1937 gforge Cross-site scripting
| DSA 1938 php-mail Insufficient input sanitising
| DSA 1939 libvorbis Several vulnerabilities
| DSA 1940 php5 Multiple issues
| DSA 1941 poppler Several vulnerabilities
| DSA 1942 wireshark Several vulnerabilities
| DSA 1944 request-tracker3.6 Session hijack vulnerability
| DSA 1945 gforge Denial of service
| DSA 1947 opensaml2 Cross-site scripting
| DSA 1947 shibboleth-sp Cross-site scripting
| DSA 1947 shibboleth-sp2 Cross-site scripting
| DSA 1948 ntp Denial of service
| DSA 1949 php-net-ping Arbitrary code execution
| DSA 1950 webkit Several vulnerabilities
| DSA 1951 firefox-sage Insufficient input sanitizing
| DSA 1952 asterisk Several vulnerabilities
| DSA 1953 expat Denial of service
| DSA 1954 cacti Insufficient input sanitising
| DSA 1956 xulrunner Several vulnerabilities
| DSA 1957 aria2 Arbitrary code execution
| DSA 1958 libtool Privilege escalation
| DSA 1959 ganeti Arbitrary command execution
| DSA 1960 acpid Weak file permissions
| DSA 1961 bind9 Cache poisoning
| DSA 1962 kvm Several vulnerabilities
| DSA 1963 unbound DNSSEC validation
| DSA 1964 postgresql-8.3 Several vulnerabilities
| DSA 1965 phpldapadmin Remote file inclusion
| DSA 1966 horde3 Cross-site scripting
| DSA 1967 transmission Directory traversal
| DSA 1968 pdns-recursor Potential code execution
| DSA 1969 krb5 Denial of service
| DSA 1970 openssl Denial of service
| DSA 1971 libthai Arbitrary code execution
| DSA 1972 audiofile Buffer overflow
| DSA 1974 gzip Arbitrary code execution
| DSA 1976 dokuwiki Several vulnerabilities
| DSA 1978 phpgroupware Several vulnerabilities
| DSA 1979 lintian Multiple vulnerabilities
| DSA 1980 ircd-hybrid Arbitrary code execution
|
|
|Removed packages
|----------------
|
|The following packages were removed due to circumstances beyond our
|control:
|
| Package Reason
|
| destar Security issues; unmaintained; abandoned upstream
| electricsheep No longer functional
| gnudip Security issues; unmaintained; abandoned upstream
| kcheckgmail No longer functional
| libgnucrypto-java Security issues; obsolete
|
|Additionally those parts of the libwww-search-perl and
|libperl4caml-ocaml-dev packages which rely on the Google SOAP search
|API (provided by libnet-google-perl) are no longer functional as the
|API has been retired by Google. The remaining portions of the
|packages will continue to function as before.
|
. . .
--
Kind Regards,
Freeman
Reply to: