http://www.debian.org/News/2006/20060419
Debian GNU/Linux 3.1 updated (r2)
This is the second update of Debian GNU/Linux 3.1 (codename
`sarge’) which mainly adds security updates to the stable release,
along with some corrections to serious problems. Those who
frequently update from security.debian.org won’t have to update
many packages and most updates from security.debian.org/ are included
in this update.
Please note that this update does not produce a new version of
Debian GNU/Linux 3.1 but only adds a few updated packages to it.
There is no need to throw away 3.1 CDs but only to update against
ftp ftp.debian.org after an
installation, in order to incorporate those late changes.
Upgrading to this revision online is usually done by pointing
the `apt’ package tool (see the sources.list(5) manual page) to one
of Debian’s many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:
<http://www.debian.org/distrib/ftplist>
This revision adds the following security updates to the stable
release. The Security Team has already released an advisory for
each of these updates. The security fixes of the kernel have been
delayed to the next point release due to constraints with the
installer, please update the kernel images from security.debian.org/.
Debian Security Advisory ID |
Package(s) |
DSA 740 |
aide |
DSA 763 |
aide |
DSA 856 |
py2play |
DSA 903 |
unzip |
DSA 919 |
curl |
DSA 923 |
dropbear |
DSA 924 |
nbd |
DSA 925 |
phpbb2 |
DSA 926 |
ketm |
DSA 927 |
tkdiff |
DSA 928 |
dhis-tools-dns |
DSA 929 |
petris |
DSA 930 |
smstools |
DSA 931 |
xpdf |
DSA 932 |
kdegraphics |
DSA 933 |
hylafax |
DSA 934 |
pound |
DSA 935 |
libapache2-mod-auth-pgsql |
DSA 936 |
libextractor |
DSA 937 |
tetex-bin |
DSA 938 |
koffice |
DSA 939 |
fetchmail |
DSA 940 |
gpdf |
DSA 941 |
tuxpaint |
DSA 942 |
albatross |
DSA 943 |
perl |
DSA 944 |
mantis |
DSA 945 |
antiword |
DSA 946 |
sudo |
DSA 947 |
clamav |
DSA 948 |
kdelibs |
DSA 949 |
crawl |
DSA 950 |
cupsys |
DSA 951 |
trac |
DSA 952 |
libapache-auth-ldap |
DSA 953 |
flyspray |
DSA 954 |
wine |
DSA 955 |
mailman |
DSA 956 |
lsh-server |
DSA 957 |
imagemagick |
DSA 958 |
drupal |
DSA 959 |
unalz |
DSA 960 |
lib-mail-audit-perl |
DSA 961 |
pdfkit.framework |
DSA 962 |
pdftohtml |
DSA 963 |
mydns |
DSA 964 |
gnocatan |
DSA 965 |
ipsec-tools |
DSA 966 |
adzapper |
DSA 967 |
elog |
DSA 968 |
noweb |
DSA 969 |
scponly |
DSA 970 |
kronolith |
DSA 971 |
xpdf |
DSA 972 |
pdfkit.framework |
DSA 973 |
otrs |
DSA 974 |
gpdf |
DSA 975 |
nfs-user-server |
DSA 976 |
libast |
DSA 977 |
heimdal |
DSA 978 |
gnupg |
DSA 979 |
pdfkit.framework |
DSA 980 |
tutos |
DSA 981 |
bmv |
DSA 982 |
gpdf |
DSA 983 |
pdftohtml |
DSA 984 |
xpdf |
DSA 985 |
libtasn1-2 |
DSA 986 |
gnutls11 |
DSA 987 |
tar |
DSA 988 |
squirrelmail |
DSA 989 |
zoph |
DSA 990 |
bluez-hcidump |
DSA 991 |
zoo |
DSA 992 |
ffmpeg |
DSA 993 |
gnupg |
DSA 994 |
freeciv |
DSA 995 |
metamail |
DSA 997 |
bomberclone |
DSA 998 |
libextractor |
DSA 999 |
lurker |
DSA 1000 |
libapreq2-perl |
DSA 1001 |
crossfire |
DSA 1002 |
webcalendar |
DSA 1003 |
xpvm |
DSA 1004 |
vlc |
DSA 1005 |
xine-lib |
DSA 1006 |
wzdftpd |
DSA 1007 |
drupal |
DSA 1008 |
kdegraphics |
DSA 1009 |
crossfire |
DSA 1010 |
ilohamail |
DSA 1011 |
kernel-patch-vserver, util-vserver |
DSA 1012 |
unzip |
DSA 1013 |
snmptrapfmt |
DSA 1014 |
firebird2 |
DSA 1015 |
sendmail |
DSA 1016 |
evolution |
DSA 1019 |
kdegraphics |
DSA 1020 |
flex |
DSA 1021 |
netpbm-free |
DSA 1022 |
storebackup |
DSA 1023 |
kaffeine |
DSA 1024 |
clamav |
DSA 1025 |
dia |
DSA 1026 |
sash |
DSA 1027 |
mailman |
DSA 1028 |
libimager-perl |
DSA 1029 |
libphp-adodb |
DSA 1030 |
moodle |
DSA 1031 |
cacti |
The sudo package has been changed to not propagate all
environment variables to subsequent programs in order to avoid
security risks. This change might affect software that uses sudo.
Please see /usr/share/doc/sudo/README.Debian for more details.
This revision adds important corrections to the following
packages. Most of them don’t affect the security of the system, but
may affect data integrity.
Package |
Reason |
affix-kernel |
Fix build failures with sarge’s kernel |
backuppc |
Fix backup potential data loss and corruption |
cernlib |
License problems, repackaged |
cyrus-imapd |
Don’t remove mail data on package purge |
cyrus21-imapd |
Note cyrus-imapd data loss on package purge |
evms |
Fix possible data loss |
exim4 |
Fix mail delivery problems |
f-prot-installer |
Adjusted to work with recent releases |
fai |
Several fixes |
glibc |
Update timezone data, fix NPTL for amd64 |
leafnode |
Fix security issue (CVE 2005-1911) |
libchipcard |
Don’t remove user account on package purge |
mutt |
Fix possible attachments data loss |
perl |
Fix utf-8/taint and malloc-to-death bug, Bug#227621 |
rssh |
Fix security issue (CVE-2005-3345) |
slune |
Adjust to security fix in py2play, Bug#326976 |
sodipodi |
Fix segfaults on 64-bit architectures |
tar |
Fix work with remote devices on non-i386, Bug#356657 |
The complete list of all accepted and rejected packages together
with rationale is on the preparation page for this revision:
<http://release.debian.org/stable/3.1/3.1r2/>
The complete lists of packages that have changed with this
revision:
<http://ftp.debian.org/debian/dists/sarge/ChangeLog>
The current stable distribution:
<ftp://ftp.debian.org/debian/dists/stable>
Proposed updates to the stable distribution:
<ftp://ftp.debian.org/debian/dists/proposed-updates>
Stable distribution information (release notes, errata
etc.):
<http://www.debian.org/releases/stable/>
Security announcements and information:
<http://www.debian.org/security/>
The Debian Project is an organisation of free software
developers who volunteer their time and effort in order to produce
the completely free operating systems Debian GNU/Linux.
For further information, please visit the Debian web pages at
<http://www.debian.org/>
or send mail to <press@debian.org>.
|