:PR: Debian GNU/Linux 3.1 Updated
PR: Debian GNU/Linux 3.1 Updated 0 Talkback[s]
The Debian project has updated the stable distribution Debian GNU/Linux
3.1 (codename `sarge'). This update mainly adds security updates to the
stable release, along with a few corrections to serious problems. Those
who frequently update from security.debian.org / won't have to update many
packages and most updates from security.debian.org / are included in this
update.
Please note that this update does not constitute a new version of Debian
GNU/Linux 3.1 but only updates some of the packages included. There is no
need to throw away 3.1 CDs. Instead you only need to update against
ftp ftp.debian.org or a mirror after an installation, in order to incorporate
those changes. New CD and DVD images are being built right now and will
be available soon at the regular locations.
Upgrading to this revision online is usually done by pointing the
`apt' package tool (see the sources.list(5) manual page) to one of
Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is
available at:
<http://www.debian.org/distrib/ftplist >
In order to make available updated Linux kernel packages in the Debian
installer it had to be updated as well. To accomplish this the following
packages also required an update: base-config, base-installer,
debian-installer and preseed.
This stable update adds a few important corrections to the following
packages.
Package Reason
evms Fixes system lockup on boot evolution-webcal Getting architectures back in sync glibc Fixes build failures grub Preparations for etch kernels kazehakase Corrects segmentation faults octaviz Corrects library path perl Corrects problems with UTF-8/taint fix and Tk python-pgsql Corrects regression due to PostgreSQL update vlan Corrects interface settings wzdftpd Corrects wrong dependencies
This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates.
Advisory ID Package(s) Correction(s)
DSA 725 ppxp Local root exploit DSA 986 gnutls11 Arbitrary code execution DSA 1017 Linux Kernel 2.6.8 Several vulnerabilities DSA 1018 Linux Kernel 2.4.27 Several vulnerabilities DSA 1027 mailman Denial of service DSA 1032 zope-cmfplone Unprivileged data manipulation DSA 1035 fcheck Insecure temporary file creation DSA 1036 bsdgames Local privilege escalation DSA 1037 zgv Arbitrary code execution DSA 1038 xzgv Arbitrary code execution DSA 1039 blender Several vulnerabilities DSA 1040 gdm Local root exploit DSA 1041 abc2ps Arbitrary code execution DSA 1042 cyrus-sasl2 Denial of service DSA 1043 abcmidi Arbitrary code execution DSA 1044 mozilla-firefox Several vulnerabilities DSA 1045 openvpn Arbitrary code execution DSA 1046 mozilla Several vulnerabilities DSA 1047 resmgr Unauthorised access DSA 1048 asterisk Arbitrary code execution DSA 1049 ethereal Several vulnerabilities DSA 1050 clamav Arbitrary code execution DSA 1051 mozilla-thunderbird Several vulnerabilities DSA 1052 cgiirc Arbitrary code execution DSA 1053 mozilla Arbitrary code execution DSA 1054 tiff Arbitrary code execution DSA 1055 mozilla-firefox Arbitrary code execution DSA 1056 webcalendar Information leak DSA 1057 phpldapadmin Cross-site scripting DSA 1058 awstats Arbitrary command execution DSA 1059 quagga Several vulnerabilities DSA 1060 kernel-patch-vserver Privilege escalation DSA 1061 popfile Denial of service DSA 1062 kphone Insecure file creation DSA 1063 phpgroupware Cross-site scripting DSA 1064 cscope Arbitrary code execution DSA 1065 hostapd Denial of service DSA 1066 phpbb2 Cross-site scripting DSA 1068 fbi Denial of service DSA 1072 nagios Arbitrary code execution DSA 1073 mysql-dfsg-4.1 Several vulnerabilities DSA 1074 mpg123 Arbitrary code execution DSA 1075 awstats Arbitrary command execution DSA 1076 lynx Denial of service DSA 1078 tiff Denial of service DSA 1079 mysql-dfsg Several vulnerabilities DSA 1080 dovecot Directory traversal DSA 1081 libextractor Arbitrary code execution DSA 1083 motor Arbitrary code execution DSA 1084 typespeed Arbitrary code execution DSA 1085 lynx-cur Several vulnerabilities DSA 1086 xmcd Denial of service DSA 1087 postgresql Encoding vulnerabilities DSA 1088 centericq Arbitrary code execution DSA 1090 spamassassin Arbitrary command execution DSA 1091 tiff Arbitrary code execution DSA 1092 mysql-dfsg-4.1 SQL injection DSA 1093 xine Arbitrary code execution DSA 1094 gforge Cross-site scripting DSA 1095 freetype Several vulnerabilities DSA 1096 webcalendar Arbitrary code execution DSA 1097 Linux Kernel 2.4.27 Several vulnerabilities DSA 1098 horde3 Cross-site scripting DSA 1099 horde2 Cross-site scripting DSA 1100 wv2 Integer overflow DSA 1101 courier Denial of service DSA 1102 pinball Privilege escalation DSA 1103 Linux Kernel 2.6.8 Several vulnerabilities DSA 1104 openoffice.org Several vulnerabilities DSA 1105 xine-lib Denial of service DSA 1106 ppp Privilege escalation DSA 1107 gnupg Denial of service DSA 1108 mutt Arbitrary code execution DSA 1109 rssh Privilege escalation DSA 1110 samba Denial of service DSA 1111 Linux Kernel 2.6.8 Privilege escalation DSA 1112 mysql-dfsg-4.1 Several vulnerabilities DSA 1113 zope2.7 Information disclosure DSA 1114 hashcash Arbitrary code execution DSA 1115 gnupg2 Denial of service DSA 1116 gimp Arbitrary code execution DSA 1117 libgd2 Denial of service DSA 1118 mozilla Several vulnerabilities DSA 1119 hiki Denial of service DSA 1120 mozilla-firefox Several vulnerabilities DSA 1121 postgrey Denial of service DSA 1122 libnet-server-perl Denial of service DSA 1123 libdumb Arbitrary code execution DSA 1124 fbi Potential deletion of user data DSA 1125 drupal Cross-site scripting DSA 1126 asterisk Denial of service DSA 1127 ethereal Several vulnerabilities DSA 1128 heartbeat Local denial of service DSA 1129 osiris Arbitrary code execution DSA 1130 sitebar Cross-site scripting DSA 1131 apache Arbitrary code execution DSA 1132 apache2 Arbitrary code execution DSA 1133 mantis Cross-site scripting DSA 1134 mozilla-thunderbird Several vulnerabilities DSA 1135 libtunepimp Arbitrary code execution DSA 1136 gpdf Denial of service DSA 1137 tiff Several vulnerabilities DSA 1138 cfs Denial of service DSA 1139 ruby1.6 Privilege escalation DSA 1140 gnupg Denial of service DSA 1141 gnupg2 Denial of service DSA 1142 freeciv Arbitrary code execution DSA 1143 dhcp Denial of service DSA 1144 chmlib Denial of service DSA 1145 freeradius Several vulnerabilities DSA 1146 krb5 Privilege escalation DSA 1147 drupal Cross-site scripting DSA 1148 gallery Several vulnerabilities DSA 1149 ncompress Potential code execution DSA 1150 shadow Privilege escalation DSA 1151 heartbeat Denial of service DSA 1153 clamav Arbitrary code execution DSA 1154 squirrelmail Information disclosure DSA 1155 sendmail Denial of service DSA 1159 mozilla-thunderbird Several vulnerabilities
The complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:
<http://release.debian.org/stable/3.1/3.1r3/ >
The complete lists of packages that have changed with this revision:
<http://ftp.debian.org/debian/dists/sarge/ChangeLog >
The current stable distribution:
<http://ftp.debian.org/debian/dists/stable >
Proposed updates to the stable distribution:
<http://ftp.debian.org/debian/dists/proposed-updates >
Stable distribution information (release notes, errata etc.):
<http://www.debian.org/releases/stable/ >
Security announcements and information:
<http://www.debian.org/security/ >
