Debian GNU/Linux 4.0r1 has been released:
The Debian project has updated the stable distribution Debian GNU/Linux 4.0 (codename Etch). This update adds security updates to the stable release, together with a few corrections to serious problems. As always, the first point release also corrects a few issues that have been noticed too late in the release process to stop the release, but still should be fixed.
This point release for Etch also includes an updated release of the installer, which includes the following changes:
- kernels used in the installer have been updated to ABI 2.6.18-5; as a result, some "small" images (for example netboot and floppy images) included with the original Etch release will no longer work (but the new images included with the point release will work, as well as the full CD/DVD images from both the original release as well as from this point release)
- updated mirror list
- support added for certain USB CD drives that were not being detected
incorrect setup of gksu fixed when user chooses to install with the root account disabled; this prevented the execution of administrative tasks in
GNOME
- important translation fixes in partman for Catalan and Romanian
Please note that this update does not constitute a new version of Debian GNU/Linux 4.0 but only updates some of the packages included. There is no need to throw away 4.0 DVDs/CDs. Instead you only need to update against ftp.debian.org or a mirror after an installation, in order to incorporate those changes. New CD and DVD images will be available within the next week at the regular locations.
Upgrading to this revision online is usually done by pointing the aptitude package tool (see the sources.list(5) manual page) to one of Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is available at:
http://www.debian.org/distrib/ftplist
Miscellaneous Bugfixes
This stable update adds a few important corrections to the following packages.
Package Reason
apache2 Fix #423653 and #419552; better documentation
apache2-mpm-itk Rebuild against apache2 2.2.3-4+etch1.
apt-setup Default suite to code name.
cdrom-detect Scan also for things that look like USB floppies.
choose-mirror Update mirrors list.
debian-archive-keyring Adding debian volatile keyring
debian-installer-utils Support scanning for USB sticks and discs that are misdetected as floppies.
debian-installer Updates for the 2.6.18-5-kernels and misc fixes
debootstrap Add support for lenny.
desktop-base Fix kde default wallpaper appearance between kdm to ksplash switch.
epiphany-browser Add language to gconf defaults
fai-kernels Include arcmsr scsi-driver which is included in the etch kernels
file Fix possible denial of service
glibc Fix CPU hog on 64 bits machines, dependencies of nscd, wrong assertion and unaligned memory access
gnome-mount Rebuild against libeel2-2.14
initramfs-tools Added missing esp module to scsi modules list so it gets installed in the initrd
kernel-wedge Reupload to match packages in r1
libofa Rebuild in a clean environment.
librsvg Fix dependency (#403977)
lifelines Fix file conflict by versioning a dependency.
lilo-installer Support multiple disks when devfs device names are used
linux-latest-2.6 Assist upgrade to new linux-2.6 ABI
lsb Don't remove PID files of daemons that aren't actually killed
madwifi Fix two remote and one local DoS
mail-notification Fix uninstallability on sparc
mixmaster Fix buffer overflow in mixmaster (#418662)
mozilla-traybiff less restrict depends on icedove-dev
mpop fix CVE-2007-1558
mutt Add imap_close_connection to fully reset IMAP state
nano Fix segfaults.
neon26 Fix kerberos authentication.
nfs-utils Fix memory leaks.
openoffice.org Fix crashes when saving files.
orage Memory leak
orbit2 Allow non-local IPv4.
partman-auto d-i translation update
partman-partitioning d-i translation update
php5 Fix regression in single quote escaping.
pppconfig Fix upgrade issue from sarge, #418350
rdesktop Segfault regression caused by libx11-6 security fix prior Etch release
tetex-base Ease transition to texlive, #420390
trac Fix CSS and remote exploitable issues.
user-setup Fix chroot calls to properly setup gksu alternatives.
vice Regression caused by libx11-6 security fix prior Etch release
xorg Updated conflicts for easier upgrades and corrected dependencies for x11-common.
Removed Package
This package has been removed due to non-fixable issues:
vdrift: license issues, #420965
Missing Builds
One or more missing or out-of-date architectures have been added to these packages in this point release:
asterisk-chan-capi
banshee
codespeak-lib
democracyplayer
dfsbuild
dwm
dwm-tools
hpodder
ivtv
mercurial
metar
ocp
pekwm
rlwrap
setpwc
slcfitsio
stalin
twinkle
xfce4-session
xserver-xorg-input-acecad
xserver-xorg-input-evdev
xserver-xorg-input-joystick
xserver-xorg-input-keyboard
xserver-xorg-input-mouse
xserver-xorg-input-summa
xserver-xorg-video-apm
xserver-xorg-video-ark
xserver-xorg-video-i128
xserver-xorg-video-nsc
xserver-xorg-video-nv
xserver-xorg-video-rendition
xserver-xorg-video-s3
xserver-xorg-video-savage
xserver-xorg-video-sis
xserver-xorg-video-tseng
xserver-xorg-video-via
xserver-xorg-video-voodoo
Security Updates
This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates.
Advisory ID Package(s) Correction(s)
DSA 1280 aircrack-ng Fix remote exploitable buffer overflow
DSA 1281 clamav Fix several remote vulnerabilities
DSA 1282 php4 Fix several remote vulnerabilities
DSA 1283 php5 Fix several vulnerabilities
DSA 1284 qemu Fix several vulnerabilities
DSA 1285 wordpress Fix multiple vulnerabilities
DSA 1286 linux-2.6 Fix several vulnerabilities (superseded by DSA 1289)
DSA 1288 pptpd Fix denial of service vulnerability
DSA 1289 linux-2.6 Fix several vulnerabilities
DSA 1290 squirrelmail Fix cross-site scripting
DSA 1291 samba Fix multiple vulnerabilities
DSA 1292 qt4-x11 Fix missing input validation
DSA 1293 quagga Fix denial of service vulnerability
DSA 1295 php5 Fix several vulnerabilities
DSA 1296 php4 Fix privilige escalation
DSA 1297 gforge-plugin-scmcvs Fix arbitrary shell command execution
DSA 1298 otrs2 Fix cross-site scripting
DSA 1299 ipsec-tools Fix denial of service vulnerability
DSA 1300 iceape Fix several vulnerabilities
DSA 1301 gimp Fix arbitrary code execution
DSA 1302 freetype Fix integer overflow
DSA 1303 lighttpd Fix denial of service vulnerability
DSA 1305 icedove Fix several vulnerabilities
DSA 1306 xulrunner Fix several vulnerabilities
DSA 1307 openoffice.org Fix arbitrary code execution
DSA 1309 postgresql-8.1 Fix privilage escalation.
DSA 1310 libexif Fix integer overflow
DSA 1311 postgresql-7.4 Fix privilige escalation.
DSA 1312 libapache-mod-jk Fix information disclosure
DSA 1313 mplayer Fix arbitrary code execution
DSA 1314 open-iscsi Fix several vulnerabilities
DSA 1315 libphp-phpmailer Fix arbitrary shell command execution
DSA 1316 emacs21 Fix denial of service vulnerability
DSA 1318 ekg Fix denial of service vulnerability
The complete list of all accepted and rejected packages together with rationale is on the preparation page for this revision:
http://release.debian.org/stable/4.0/4.0r1/
URLs
The complete lists of packages that have changed with this revision:
http://ftp.debian.org/debian/dists/etch/ChangeLog
The current stable distribution:
http://ftp.debian.org/debian/dists/etch
Proposed updates to the stable distribution:
http://ftp.debian.org/debian/dists/proposed-updates
Stable distribution information (release notes, errata etc.):
http://www.debian.org/releases/etch/
Security announcements and information:
http://www.debian.org/security/
The Debian project has updated the stable distribution Debian GNU/Linux 4.0 (codename Etch). This update adds security updates to the stable release, together with a few corrections to serious problems. As always, the first point release also corrects a few issues that have been noticed too late in the release process to stop the release, but still should be fixed.
This point release for Etch also includes an updated release of the installer, which includes the following changes:
- kernels used in the installer have been updated to ABI 2.6.18-5; as a result, some "small" images (for example netboot and floppy images) included with the original Etch release will no longer work (but the new images included with the point release will work, as well as the full CD/DVD images from both the original release as well as from this point release)
- updated mirror list
- support added for certain USB CD drives that were not being detected
incorrect setup of gksu fixed when user chooses to install with the root account disabled; this prevented the execution of administrative tasks in
GNOME
- important translation fixes in partman for Catalan and Romanian
Please note that this update does not constitute a new version of Debian GNU/Linux 4.0 but only updates some of the packages included. There is no need to throw away 4.0 DVDs/CDs. Instead you only need to update against ftp.debian.org or a mirror after an installation, in order to incorporate those changes. New CD and DVD images will be available within the next week at the regular locations.
Upgrading to this revision online is usually done by pointing the aptitude package tool (see the sources.list(5) manual page) to one of Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is available at:
http://www.debian.org/distrib/ftplist
Miscellaneous Bugfixes
This stable update adds a few important corrections to the following packages.
Package Reason
apache2 Fix #423653 and #419552; better documentation
apache2-mpm-itk Rebuild against apache2 2.2.3-4+etch1.
apt-setup Default suite to code name.
cdrom-detect Scan also for things that look like USB floppies.
choose-mirror Update mirrors list.
debian-archive-keyring Adding debian volatile keyring
debian-installer-utils Support scanning for USB sticks and discs that are misdetected as floppies.
debian-installer Updates for the 2.6.18-5-kernels and misc fixes
debootstrap Add support for lenny.
desktop-base Fix kde default wallpaper appearance between kdm to ksplash switch.
epiphany-browser Add language to gconf defaults
fai-kernels Include arcmsr scsi-driver which is included in the etch kernels
file Fix possible denial of service
glibc Fix CPU hog on 64 bits machines, dependencies of nscd, wrong assertion and unaligned memory access
gnome-mount Rebuild against libeel2-2.14
initramfs-tools Added missing esp module to scsi modules list so it gets installed in the initrd
kernel-wedge Reupload to match packages in r1
libofa Rebuild in a clean environment.
librsvg Fix dependency (#403977)
lifelines Fix file conflict by versioning a dependency.
lilo-installer Support multiple disks when devfs device names are used
linux-latest-2.6 Assist upgrade to new linux-2.6 ABI
lsb Don't remove PID files of daemons that aren't actually killed
madwifi Fix two remote and one local DoS
mail-notification Fix uninstallability on sparc
mixmaster Fix buffer overflow in mixmaster (#418662)
mozilla-traybiff less restrict depends on icedove-dev
mpop fix CVE-2007-1558
mutt Add imap_close_connection to fully reset IMAP state
nano Fix segfaults.
neon26 Fix kerberos authentication.
nfs-utils Fix memory leaks.
openoffice.org Fix crashes when saving files.
orage Memory leak
orbit2 Allow non-local IPv4.
partman-auto d-i translation update
partman-partitioning d-i translation update
php5 Fix regression in single quote escaping.
pppconfig Fix upgrade issue from sarge, #418350
rdesktop Segfault regression caused by libx11-6 security fix prior Etch release
tetex-base Ease transition to texlive, #420390
trac Fix CSS and remote exploitable issues.
user-setup Fix chroot calls to properly setup gksu alternatives.
vice Regression caused by libx11-6 security fix prior Etch release
xorg Updated conflicts for easier upgrades and corrected dependencies for x11-common.
Removed Package
This package has been removed due to non-fixable issues:
vdrift: license issues, #420965
Missing Builds
One or more missing or out-of-date architectures have been added to these packages in this point release:
asterisk-chan-capi
banshee
codespeak-lib
democracyplayer
dfsbuild
dwm
dwm-tools
hpodder
ivtv
mercurial
metar
ocp
pekwm
rlwrap
setpwc
slcfitsio
stalin
twinkle
xfce4-session
xserver-xorg-input-acecad
xserver-xorg-input-evdev
xserver-xorg-input-joystick
xserver-xorg-input-keyboard
xserver-xorg-input-mouse
xserver-xorg-input-summa
xserver-xorg-video-apm
xserver-xorg-video-ark
xserver-xorg-video-i128
xserver-xorg-video-nsc
xserver-xorg-video-nv
xserver-xorg-video-rendition
xserver-xorg-video-s3
xserver-xorg-video-savage
xserver-xorg-video-sis
xserver-xorg-video-tseng
xserver-xorg-video-via
xserver-xorg-video-voodoo
Security Updates
This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates.
Advisory ID Package(s) Correction(s)
DSA 1280 aircrack-ng Fix remote exploitable buffer overflow
DSA 1281 clamav Fix several remote vulnerabilities
DSA 1282 php4 Fix several remote vulnerabilities
DSA 1283 php5 Fix several vulnerabilities
DSA 1284 qemu Fix several vulnerabilities
DSA 1285 wordpress Fix multiple vulnerabilities
DSA 1286 linux-2.6 Fix several vulnerabilities (superseded by DSA 1289)
DSA 1288 pptpd Fix denial of service vulnerability
DSA 1289 linux-2.6 Fix several vulnerabilities
DSA 1290 squirrelmail Fix cross-site scripting
DSA 1291 samba Fix multiple vulnerabilities
DSA 1292 qt4-x11 Fix missing input validation
DSA 1293 quagga Fix denial of service vulnerability
DSA 1295 php5 Fix several vulnerabilities
DSA 1296 php4 Fix privilige escalation
DSA 1297 gforge-plugin-scmcvs Fix arbitrary shell command execution
DSA 1298 otrs2 Fix cross-site scripting
DSA 1299 ipsec-tools Fix denial of service vulnerability
DSA 1300 iceape Fix several vulnerabilities
DSA 1301 gimp Fix arbitrary code execution
DSA 1302 freetype Fix integer overflow
DSA 1303 lighttpd Fix denial of service vulnerability
DSA 1305 icedove Fix several vulnerabilities
DSA 1306 xulrunner Fix several vulnerabilities
DSA 1307 openoffice.org Fix arbitrary code execution
DSA 1309 postgresql-8.1 Fix privilage escalation.
DSA 1310 libexif Fix integer overflow
DSA 1311 postgresql-7.4 Fix privilige escalation.
DSA 1312 libapache-mod-jk Fix information disclosure
DSA 1313 mplayer Fix arbitrary code execution
DSA 1314 open-iscsi Fix several vulnerabilities
DSA 1315 libphp-phpmailer Fix arbitrary shell command execution
DSA 1316 emacs21 Fix denial of service vulnerability
DSA 1318 ekg Fix denial of service vulnerability
The complete list of all accepted and rejected packages together with rationale is on the preparation page for this revision:
http://release.debian.org/stable/4.0/4.0r1/
URLs
The complete lists of packages that have changed with this revision:
http://ftp.debian.org/debian/dists/etch/ChangeLog
The current stable distribution:
http://ftp.debian.org/debian/dists/etch
Proposed updates to the stable distribution:
http://ftp.debian.org/debian/dists/proposed-updates
Stable distribution information (release notes, errata etc.):
http://www.debian.org/releases/etch/
Security announcements and information:
http://www.debian.org/security/
