Debian 9859 Published by

The first update of Debian 7 has been released. Here the announcement:



------------------------------------------------------------------------
The Debian Project http://www.debian.org/
Updated Debian 7: 7.1 released press@debian.org
June 15th, 2013 http://www.debian.org/News/2013/20130615
------------------------------------------------------------------------

The Debian project is pleased to announce the first update of its stable
distribution Debian 7 (codename "wheezy"). This update mainly adds
corrections for security problems to the stable release, along with a
few adjustments for serious problems. Security advisories were already
published separately and are referenced where available.

Please note that this update does not constitute a new version of Debian
7 but only updates some of the packages included. There is no need to
throw away 7 CDs or DVDs but only to update via an up-to-date Debian
mirror after an installation, to cause any out of date packages to be
updated.

Those who frequently install updates from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.

New installation media and CD and DVD images containing updated packages
will be available soon at the regular locations.

Upgrading to this revision online is usually done by pointing the
aptitude (or apt) package tool (see the sources.list(5) manual page) to
one of Debian's many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:




Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

Package Reason
alsa-base Correctly use /etc/default/alsa-base for
configuration, rather than /etc/default/alsa
apt Do not propagate negative scores from
rdepends; properly handle if-modified-since
with libcurl/https
assaultcube-data Fix updates from squeeze; add missing Breaks/
Replaces
base-files Update for the point release
brltty Ensure accessibility is enabled on the
installed system if it was enabled in the
installer; enable sound events at gdm banner
clutter-gst Restore multiarch co-installability
cyrus-imapd-2.4 Fix dataloss during upgrades and links in
documentation
cyrus-sasl2 Fix heavy CPU usage in saslauthd; send LOGOUT
before closing connection in auth_rimap; fix
garbage in output buffer when using
canonuser_plugin: ldapdb
debian-history Updates for the wheezy release
debian-installer Set version to "7"; enable building against
proposed-updates
debootstrap Add support for jessie
dh-make-drupal Use HTTPS for connections to drupal.org
Update Debian data for the wheezy release;
distro-info-data update Ubuntu data to add saucy and correct
some dates
empathy Handle readonly URL field in Google Talk
vCards
freebsd-utils Don't use --pidfile when starting/stopping
daemons that don't create one; stop nfsd with
the correct signal
gcc-msp430 Fix generation of wrong interrupt table for
MSP430FR5xxx targets, resulting in blown
security fuses
get-iplayer Update SWF verification URL after changes by
the BBC
gitg Fix run-time crashes and drag'n'drop
Fix segfault on mipsel; fix crash when the
gnome-settings-daemon "Disable touchpad while typing" option is
activated
gpsd Fix crash and potential DoS
isc-dhcp Fix CVE-2013-2494; set --with-ldapcrypto to
restore openssl support
isdnutils Unbreak debian/{ipppd,isdnlog}.config; create
isdnctrl symlink as /dev/isdnctrl and cleanup
possibly misplaced symlink /isdnctrl
keystone Fix CVE-2013-2059
lapack Fix some routines which produce incorrect
results in multithreaded environments
libdatetime-timezone-perl Update for 2013c timezone data
libiodbc2 Find odbc drivers in a system dir, fixing
usability and co-installability with
multiarch odbc drivers
libnss-myhostname Ignore link-local addresses
libpam-mklocaluser Fix runcmd()
libquvi-scripts New upstream release
libreoffice Fix build failures; remove lib/servlet.jar;
fix --view; make oosplash wait for
InternalIPC::ProcessingDone; remove
python3-uno dependencies
libvirt Fix leak in virStorageBackendLogicalMakeVol;
allow xen toolstack to find its binaries
linux Incorporate new upstream stable updates;
update drm/agp to 3.4.47
lsb Update for new X.Y stable versioning; add
jessie
modsecurity-apache Fix NULL pointer dereference. CVE-2013-2765
mozc Fix error connecting to mozc-server as root;
fix dependencies of fcitx-mozc
munin Fix several limit checks and crashes; ignore
devtmpfs in df plugin
nbd Fix handling of NBD_NAME by nbd-client
initscript; several stability fixes
nfs-utils Fix CVE-2013-1923, getopt handling for -R and
hangs in mountd
nvidia-graphics-drivers Add missing dependency on nvidia-support
octave Fix rcond function
openblas Fix crashes and use of uninitialised data;
fix FTBFS on powerpc machines with Power7
arch
openvpn Fix use of non-constant-time memcmp in HMAC
comparison. CVE-2013-2061
pcsc-lite Fix upgrades from squeeze and the check for a
running systemd
php5 Fix CVE-2013-1643 patch, crash in garbage
collection, drops in FPM receiving data in
FastCGI, libmagic detection of Microsoft
Office documents, and mssql connector with
Azure SQL; fix $_SERVER[REQUEST_TIME] in
filter SAPI; make the Breaks on php5-suhosin
versioned to allow suhosin backports
pristine-tar Update list of allowed parameters for wheezy
to support files created with newer versions
profnet Fix fortran runtime error
psqlodbc Versioned Breaks: libiodbc2 (