Debian GNU/Linux 3.1 updated (r2)
Posted on: 04/19/2006 10:55 AM
Debian GNU/Linux 3.1r2 has been released:
This is the second update of Debian GNU/Linux 3.1 (codename ‘sarge$rsquo;) which mainly adds security updates to the stable release, along with some corrections to serious problems. Those who frequently update from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update.
Please note that this update does not produce a new version of Debian GNU/Linux 3.1 but only adds a few updated packages to it. There is no need to throw away 3.1 CDs but only to update against ftp.debian.org after an installation, in order to incorporate those late changes.
Upgrading to this revision online is usually done by pointing the ‘apt’ package tool (see the sources.list(5) manual page) to one of Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is available at:http://www.debian.org/mirror/list
This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates. The security fixes of the kernel have been delayed to the next point release due to constraints with the installer, please update the kernel images from security.debian.org.
Debian Security Advisory ID Package(s)
DSA-1011 kernel-patch-vserver, util-vserver
The sudo package has been changed to not propagate all environment variables to subsequent programs in order to avoid security risks. This change might affect software that uses sudo. Please see /usr/share/doc/sudo/README.Debian for more details.
This revision adds important corrections to the following packages. Most of them don't affect the security of the system, but may affect data integrity.
affix-kernel Fix build failures with sarge's kernel
backuppc Fix backup potential data loss and corruption
cernlib License problems, repackaged
cyrus-imapd Don't remove mail data on package purge
cyrus21-imapd Note cyrus-imapd data loss on package purge
evms Fix possible data loss
exim4 Fix mail delivery problems
f-prot-installer Adjusted to work with recent releases
fai Several fixes
glibc Update timezone data, fix NPTL for amd64
leafnode Fix security issue (CVE 2005-1911)
libchipcard Don't remove user account on package purge
mutt Fix possible attachments data loss
perl Fix utf-8/taint and malloc-to-death bug, Bug#227621
rssh Fix security issue (CVE-2005-3345)
slune Adjust to security fix in py2play, Bug#326976
sodipodi Fix segfaults on 64-bit architectures
tar Fix work with remote devices on non-i386, Bug#356657
A complete list of all accepted and rejected packages together with rationale is on the preparation page for this revision:http://release.debian.org/stable/3.1/3.1r2/
The complete lists of packages that have changed with this release:http://ftp.debian.org/debian/dists/sarge/ChangeLog
The current stable distribution:http://ftp.debian.org/debian/dists/stable/
Proposed updates to the stable distribution:http://ftp.debian.org/debian/dists/proposed-updates/
Stable distribution information (release notes, errata, etc.):http://www.debian.org/releases/stable/
Security announcements and information:http://security.debian.org/
The Debian Project is an organisation of free software developers who volunteer their time and effort in order to produce the completely free operating systems Debian GNU/Linux.