[RAS] Debian GNU/Linux 5.0 updated
Christian Zimmermann
christian.zimmermann at uconn.edu
Sun Jun 27 18:35:34 CDT 2010
I am back in town, will leave July 7-11, July 19-23.
Christian Zimmermann FIGUGEGL!
Department of Economics
University of Connecticut
341 Mansfield Road, Unit 1063
Storrs, CT 06269-1063
http://ideas.repec.org/zimm/ christian.zimmermann at uconn.edu
http://ideas.repec.org/e/pzi1.html
On Sat, 26 Jun 2010, Thomas Krichel wrote:
>
> We should update nebka.
>
> Also we need a planned downtime at Xmas to upgrade to
> mysql 5.1
>
> ----- Forwarded message from Joey Schulze <joey at infodrom.org> -----
>
> From: Joey Schulze <joey at infodrom.org>
> To: debian-announce at lists.debian.org
> Subject: Debian GNU/Linux 5.0 updated
>
> -------------------------------------------------------------------------
> The Debian Project http://www.debian.org/
> Debian GNU/Linux 5.0 updated press at debian.org
> June 26th, 2010 http://www.debian.org/News/2010/20100626
> -------------------------------------------------------------------------
>
> Debian GNU/Linux 5.0 updated
>
> The Debian project is pleased to announce the fifth update of its stable
> distribution Debian GNU/Linux 5.0 (codename "lenny"). This update mainly
> adds corrections for security problems to the stable release, along with
> a few adjustment to serious problems.
>
> Please note that this update does not constitute a new version of Debian
> GNU/Linux 5.0 but only updates some of the packages included. There is
> no need to throw away 5.0 CDs or DVDs but only to update via an up-to-
> date Debian mirror after an installation, to cause any out of date
> packages to be updated.
>
> Those who frequently install updates from security.debian.org won't have
> to update many packages and most updates from security.debian.org are
> included in this update.
>
> New CD and DVD images containing updated packages and the regular
> installation media accompanied with the package archive respectively will
> be available soon at the regular locations.
>
> Upgrading to this revision online is usually done by pointing the
> aptitude (or apt) package tool (see the sources.list(5) manual page) to
> one of Debian's many FTP or HTTP mirrors. A comprehensive list of
> mirrors is available at:
>
> <http://www.debian.org/distrib/ftplist>
>
>
> Miscellaneous Bugfixes
> ----------------------
>
> This stable update adds a few important corrections to the following
> packages:
>
> Package Reason
>
> alien-arena Fix a buffer overflow and a denial of service
> apache2 Add missing psmisc dependency; fix memory leak in brigade cleanup
> apache2-mpm-itk Ensure child processes get correctly reaped on reload
> apr Set FD_CLOEXEC on file descriptors to avoid potential leaks
> apt Allow Files sections to contain more than 999 characters
> base-files Update /etc/debian_version for the point release
> cpio Fix buffer overflow in rmt_read__
> dia2code Fix segfault parsing large files
> gtk+2.0 Fix hang when printing large documents
> libapache-dbi-perl Fix loading of module from Apache startup files
> libapache2-mod-perl2 Fix XSS in Apache2::Status
> libjavascript-perl Fix segfault when calling non-existent function
> libjson-ruby Fix parser DoS and use libjs-prototype rather than embedding the library
> liblog-handler-perl Add missing dependency on libuniversal-require-perl
> libmediawiki-perl Update to match mediawiki changes
> libnamespace-clean-perl Add missing dependency on libscope-guard-perl
> libnet-smtp-server-perl Add missing dependency on libnet-dns-perl
> libxext Ensure display lock is held before calling XAllocID
> linux-2.6 Several fixes and driver updates
> mailman Don't add multiple Mime-Version headers
> mpg123 Allow modules to be located again (broken by libltdl security fix)
> nano Fix symlink attack and arbitrary file ownership change issue
> nfs-utils Update test for NFS kernel server support in init script to support partial upgrades
> nut Move library to /lib to allow power-down with separated /usr
> open-iscsi Fix temporary file vulnerability
> openssl Check return value of bn_wexpand() (CVE-2009-3245)
> openttd Fix several DoS and crash vulnerabilities
> php5 Fix overflows, add missing sybase aliases, improve e-mail validation
> poppler Fix remote code execution via crafted PDF files
> postgresql-8.3 Several vulnerabilities
> pyftpd Security fixes - disable default users, anonymous access and logging to /tmp
> python-support Use sane default umask in update-python-modules
> request-tracker3.6 Fix login problem introduced in security update
> samba Fix memory leaks with domain trust passwords; fix interdomain trust with Windows 2008 r2 servers
> slim Make magic cookie less predictable; don't save screenshots in /tmp
> sun-java5 Update to new upstream release to fix security issues
> sun-java6 Update to new upstream release to fix security issues
> tar Security fix in rmt
> texlive-bin Security fixes in dvips
> tla Fix DoS in embedded expat library
> tzdata Update timezone data
> usbutils Update USB ID list
> user-mode-linux Rebuild against linux-2.6 2.6.26-24
> wordpress Fix DoS
> xerces-c2 Fix DoS attack with nested DTDs
> xmonad-contrib Fix installability on 64-bit architectures
> xserver-xorg-input-elographics Prevent X server hangs when using the touchscreen
> xserver-xorg-video-intel Add support for ASUS eeetop LVDS output
>
> Note that due to problems with the package build process, updated sun-java5
> and sun-java6 packages for the ia64 architecture are not included in this
> point release. These packages will be provided in proposed-updates as soon
> as they are available and included in a future point release.
>
>
> Kernel Updates
> --------------
>
> The kernel images included in this point release incorporate a number of
> important and security-related fixes together with support for additional
> hardware.
>
> On the amd64 and i386 architectures, support has been re-introduced for
> automatically running the lilo bootloader when a kernel image is added,
> updated or removed in order to ensure that this is correctly registered
> with the bootloader.
>
>
> Debian Installer
> ----------------
>
> The Debian Installer has been updated in this point release to correct
> an issue with the display of the "BIOS boot area" partitioner option
> when using GPT partitions and to update the list of available mirror
> servers for package installation.
>
> The kernel image used by the installer has been updated to incorporate a
> number of important and security-related fixes together with support for
> additional hardware.
>
>
> Security Updates
> ----------------
>
> This revision adds the following security updates to the stable release.
> The Security Team has already released an advisory for each of these
> updates:
>
> Advisory ID Package Correction(s)
>
> DSA 1841 git-core Denial of service
> DSA 1955 network-manager-applet Information disclosure
> DSA 1973 glibc Information disclosure
> DSA 1977 python2.4 Several vulnerabilities
> DSA 1977 python2.5 Several vulnerabilities
> DSA 1980 ircd-ratbox Arbitrary code execution
> DSA 1981 maildrop Privilege escalation
> DSA 1982 hybserv Denial of service
> DSA 1983 wireshark Several vulnerabilities
> DSA 1984 libxerces2-java Denial of service
> DSA 1985 sendmail Insufficient input validation
> DSA 1986 moodle Several vulnerabilities
> DSA 1987 lighttpd Denial of service
> DSA 1988 qt4-x11 Several vulnerabilities
> DSA 1989 fuse Denial of service
> DSA 1990 trac-git Code execution
> DSA 1991 squid3 Denial of service
> DSA 1992 chrony Denial of service
> DSA 1993 otrs2 SQL injection
> DSA 1994 ajaxterm Session hijacking
> DSA 1995 openoffice.org Several vulnerabilities
> DSA 1996 linux-2.6 Several vulnerabilities
> DSA 1997 mysql-dfsg-5.0 Several vulnerabilities
> DSA 1998 kdelibs Arbitrary code execution
> DSA 1999 xulrunner Several vulnerabilities
> DSA 2000 ffmpeg-debian Several vulnerabilities
> DSA 2001 php5 Multiple vulnerabilities
> DSA 2002 polipo Denial of service
> DSA 2004 samba Several vulnerabilities
> DSA 2006 sudo Several vulnerabilities
> DSA 2007 cups Arbitrary code execution
> DSA 2008 typo3-src Several vulnerabilities
> DSA 2009 tdiary Cross-site scripting
> DSA 2010 kvm Several vulnerabilities
> DSA 2011 dpkg Path traversal
> DSA 2012 user-mode-linux Several vulnerabilities
> DSA 2012 linux-2.6 Several vulnerabilities
> DSA 2013 egroupware Several vulnerabilities
> DSA 2014 moin Several vulnerabilities
> DSA 2015 drbd8 Privilege escalation
> DSA 2015 linux-modules-extra-2.6 Privilege escalation
> DSA 2016 drupal6 Several vulnerabilities
> DSA 2017 pulseaudio Insecure temporary directory
> DSA 2018 php5 Null pointer dereference
> DSA 2019 pango1.0 Denial of service
> DSA 2020 ikiwiki Cross-site scripting
> DSA 2021 spamass-milter Missing input sanitization
> DSA 2022 mediawiki Several vulnerabilities
> DSA 2023 curl Arbitrary code execution
> DSA 2024 moin Cross-site scripting
> DSA 2025 icedove Several vulnerabilities
> DSA 2026 netpbm-free Denial of service
> DSA 2027 xulrunner Several vulnerabilities
> DSA 2028 xpdf Several vulnerabilities
> DSA 2029 imlib2 Arbitrary code execution
> DSA 2030 mahara SQL injection
> DSA 2031 krb5 Denial of service
> DSA 2032 libpng Several vulnerabilities
> DSA 2033 ejabberd Denial of service
> DSA 2034 phpmyadmin Several vulnerabilities
> DSA 2035 apache2 Several vulnerabilities
> DSA 2036 jasper Denial of service
> DSA 2037 kdebase Privilege escalation
> DSA 2038 pidgin Denial of service
> DSA 2039 cacti Missing input sanitising
> DSA 2040 squidguard Several vulnerabilities
> DSA 2041 mediawiki Cross-site request forgery
> DSA 2042 iscsitarget Arbitrary code execution
> DSA 2044 mplayer Arbitrary code execution
> DSA 2045 libtheora Arbitrary code execution
> DSA 2046 phpgroupware Several vulnerabilities
> DSA 2047 aria2 Directory traversal
> DSA 2048 dvipng Arbitrary code execution
> DSA 2049 barnowl Arbitrary code execution
> DSA 2050 postgresql-8.3 Several vulnerabilities
> DSA 2052 krb5 Denial of service
> DSA 2053 linux-2.6 Several issues
> DSA 2054 bind9 Cache poisoning
> DSA 2055 openoffice.org Arbitrary code execution
> DSA 2056 zonecheck Cross-site scripting
> DSA 2057 mysql-dfsg-5.0 Several vulnerabilities
> DSA 2058 pcsc-lite Privilege escalation
> DSA 2058 glibc Several vulnerabilities
> DSA 2060 cacti SQL injection
> DSA 2062 sudo Missing input sanitization
> DSA 2063 pmount Denial of service
>
>
> Removed packages
> ----------------
>
> The following packages were removed due to circumstances beyond our
> control:
>
> Package Reason
>
> eclipse incompatible with stable's xulrunner; not easily fixable
> eclipse-cdt depends on removed eclipse
> eclipse-nls-sdk depends on removed eclipse
>
>
> URLs
> ----
>
> The complete list of packages that have changed with this revision:
>
> <http://ftp.debian.org/debian/dists/lenny/ChangeLog>
>
> The current stable distribution:
>
> <http://ftp.debian.org/debian/dists/stable>
>
> Proposed updates to the stable distribution:
>
> <http://ftp.debian.org/debian/dists/proposed-updates>
>
> Stable distribution information (release notes, errata etc.):
>
> <http://www.debian.org/releases/stable/>
>
> Security announcements and information:
>
> <http://www.debian.org/security/>
>
>
> About Debian
> ------------
>
> The Debian Project is an association of Free Software developers who
> volunteer their time and effort in order to produce the completely free
> operating systems Debian GNU/Linux.
>
>
> Contact Information
> -------------------
>
> For further information, please visit the Debian web pages at
> <http://www.debian.org/>, send mail to <press at debian.org>, or contact the
> stable release team at <debian-release at lists.debian.org>
>
>
> --
> To UNSUBSCRIBE, email to debian-announce-REQUEST at lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster at lists.debian.org
> Archive: http://lists.debian.org/20100626160545.GK31750@finlandia.home.infodrom.org
>
>
> ----- End forwarded message -----
>
> --
>
> Cheers,
>
> Thomas Krichel http://openlib.org/home/krichel
> http://authorclaim.org/profile/pkr1
> skype: thomaskrichel
>
> _______________________________________________
> RAS-run mailing list
> RAS-run at lists.openlib.org
> http://lists.openlib.org/cgi-bin/mailman/listinfo/ras-run
>
More information about the RAS-run
mailing list