|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Debian GNU/Linux 3.1 updated
Date: Fri Dec 28 2007 - 16:45:01 EST
The Debian Project http://www.debian.org/ Debian GNU/Linux 3.1 updated press@debian.org December 27th, 2007 http://www.debian.org/News/2007/20071228 ------------------------------------------------------------------------
Debian GNU/Linux 3.1 updated
The Debian project is pleased to announce the seventh update of its old stable distribution Debian GNU/Linux 3.1 (codename `sarge'). This is the first time we update the old stable distribution during the lifetime of the stable distribution. This update mainly adds corrections for security problems to the oldstable release, along with a few adjustments to serious problems.
Please note that this update does not constitute a new version of Debian GNU/Linux 3.1 but only updates some of the packages included. There is no need to throw away 3.1 CDs or DVDs but only to update against ftp.debian.org after an installation, in order to incorporate those late changes.
Those who frequently install updates from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update.
New CD and DVD images containing updated packages and the regular installation media accompanied with the package archive respectively will be available soon at the regular locations.
Upgrading to this revision online is usually done by pointing the `aptitude' (or `apt') package tool (see the sources.list(5) manual page) to one of Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is available at:
<http://www.debian.org/distrib/ftplist>
Debian-Installer Update
With this release the installation system for sarge gains full support for installing `oldstable' from network mirrors. This includes base-config.
The installer also uses and supports the updated kernels included in this revision. This causes old netboot and floppy images to stop working, updated versions are available from the regular locations.
Other changes are a final fix to prevent leakage of sensitive data through saved log files and a minor fix in the partman-jfs component.
Miscellaneous Bugfixes
This update adds several binary-only updates for various architectures to packages whose version was not synchronised across all architectures. It also adds a few important corrections to the following packages:
Package Reason adesklets Bring architectures back in sync agenda.app Bring architectures back in sync antlr Bring architectures back in sync apache2 Fix several minor vulnerabilities asterisk-spandsp-plugins Bring architectures back in sync atomix Bring architectures back in sync bazaar Bring architectures back in sync camediaplay Bring architectures back in sync commons-daemon Bring architectures back in sync debtags-edit Bring architectures back in sync fai-kernels Rebuild against latest kernel update fet Bring architectures back in sync freepops Bring architectures back in sync gaim-encryption Bring architectures back in sync gff2aplot Bring architectures back in sync gnuradio-core Bring architectures back in sync gr-audio-oss Bring architectures back in sync iroffer Bring architectures back in sync joystick Bring architectures back in sync k3d Bring architectures back in sync kdissert Bring architectures back in sync kernel-latest-2.6-alpha Meta package for new kernel ABI kernel-latest-2.6-amd64 Meta package for new kernel ABI kernel-latest-2.6-hppa Meta package for new kernel ABI kernel-latest-2.6-i386 Meta package for new kernel ABI kernel-latest-2.6-sparc Meta package for new kernel ABI kernel-latest-2.6-powerpc Meta package for new kernel ABI kernel-source-2.6.8 Several fixes and driver updates kexi Bring architectures back in sync kimdaba Bring architectures back in sync leafpad Bring architectures back in sync libdbd-sqlite2-perl Bring architectures back in sync libgconf-java Bring architectures back in sync libglade-java Bring architectures back in sync libgnome-java Bring architectures back in sync ocaml-http Bring architectures back in sync octaviz Bring architectures back in sync osspsa Bring architectures back in sync paje.app Bring architectures back in sync pasmo Bring architectures back in sync plptools Bring architectures back in sync pwlib Fix remote denial of service python-biopython Bring architectures back in sync realtimebattle Bring architectures back in sync scalapack Bring architectures back in sync skippy Bring architectures back in sync swt-gtk Bring architectures back in sync vgrabbj Bring architectures back in sync visitors Bring architectures back in sync wesnoth Fix denial of service ximian-connector Bring architectures back in sync xwine Bring architectures back in sync
Security Updates
This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates.
Advisory ID Package Correction(s) DSA 1267 webcalendar Remote file inclusion DSA 1282 php4 Several vulnerabilities DSA 1284 qemu Several vulnerabilities DSA 1287 ldap-account-manager Several vulnerabilities DSA 1290 squirrelmail Cross-site scripting DSA 1291 samba Several vulnerabilities DSA 1293 quagga Denial of service DSA 1294 rdesktop Several vulnerabilities DSA 1294 xfree86 Several vulnerabilities DSA 1307 openoffice.org Arbitrary code execution DSA 1310 libexif Arbitrary code execution DSA 1311 postgresql Privilege escalation DSA 1312 libapache-mod-jk Information disclosure DSA 1323 krb5 Several vulnerabilities DSA 1325 evolution Several vulnerabilities DSA 1326 fireflier Unsafe temporary files DSA 1329 gfax Privilege escalation DSA 1331 php4 Arbitrary code execution DSA 1332 vlc Arbitrary code execution DSA 1334 freetype Arbitrary code execution DSA 1335 gimp Arbitrary code execution DSA 1336 mozilla-firefox Several vulnerabilities DSA 1342 bind9 DNS cache poisoning DSA 1343 file Arbitrary code execution DSA 1347 xpdf Arbitrary code execution DSA 1349 libextractor Arbitrary code execution DSA 1350 tetex-bin Arbitrary code execution DSA 1351 bochs Privilege escalation DSA 1352 pdfkit.framework Arbitrary code execution DSA 1353 tcpdump Arbitrary code execution DSA 1354 gpdf Arbitrary code execution DSA 1358 asterisk Several vulnerabilitie DSA 1364 vim Several vulnerabilites DSA 1421 wesnoth Arbitrary file disclosure DSA 1426 qt-x11-free Several vulnerabilities DSA 1427 samba Arbitrary code execution DSA 1433 centericq Arbitrary code execution DSA 1435 clamav Several vulnerabilities
The complete list of all accepted and rejected packages together with rationale is on the preparation page for this revision:
<http://release.debian.org/oldstable/3.1/3.1r7/>
URLs
The complete lists of packages that have changed with this revision:
<http://ftp.debian.org/debian/dists/sarge/ChangeLog>
The current oldstable distribution:
<http://ftp.debian.org/debian/dists/oldstable>
Proposed updates to the oldstable distribution:
<http://ftp.debian.org/debian/dists/oldstable-proposed-updates>
Oldstable distribution information (release notes, errata etc.):
<http://www.debian.org/releases/oldstable/>
Security announcements and information:
<http://www.debian.org/security/>
About Debian
The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating systems Debian GNU/Linux.
Contact Information
For further information, please visit the Debian web pages at <http://www.debian.org/>, send mail to <press(at)debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.
-- To UNSUBSCRIBE, email to debian-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.orgReceived on Fri Dec 28 16:52:12 2007
This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 07:02:01 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |