|
|
|
|
Updated Debian 6.0: 6.0.3 released
The Debian project is pleased to announce the third update of its stable distribution Debian 6.0 (codename "Squeeze"). This update mainly adds corrections for security problems to the stable release, along with a few adjustments to serious problems. Security advisories were already published separately and are referenced where available.
Please note that this update does not constitute a new version of Debian 6.0 but only updates some of the packages included. There is no need to throw away 6.0 CDs or DVDs but only to update via an up-to-date Debian mirror after an installation, to cause any out of date packages to be updated.
Those who frequently install updates from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update.
New installation media and CD and DVD images containing updated packages will be available soon at the regular locations.
Upgrading to this revision online is usually done by pointing the aptitude (or apt) package tool (see the sources.list(5) manual page) to one of Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is available at:
http://www.debian.org/mirror/list
Miscellaneous Bugfixes ----------------------
This stable update adds a few important corrections to the following packages:
Package Reason
ace Rebuild to drop non-distributable files akonadi Support the use of network-mounted $HOME amispammer Update service used for discovering the local IP address apache2 Fix CVE-2011-3348: Possible denial of service in mod_proxy_ajp; various documentation and init script fixes aptitude Fix symlink attack in hierarchy editor arcboot Fix netinstall on IP22 / IP32 atop Insecure use of temporary files base-files Update /etc/debian_version for the point release brltty Fix parsing brltty= when not all parameters are provided; setup gconf even if no table was specified clamav New upstream release; fix off-by-one and "opcode 20 not implemented" errors clive Adapt for youtube.com changes conky Fix file overwrite vulnerability ctdb Fix path to ethtool and activation of httpd service debian-installer-utils Set SUDO_FORCE_REMOVE=yes to allow sudo-ldap to be installed from d-i deja-dup Explicitly pass environment to subprocesses to ensure correct GPG operation on restores dokuwiki RSS XSS security fix dput Update backports configuration to use the new .d.o hosts drupal6 Security fix for XSS in color module firmware-nonfree Add VIA VT6656, Realtek RTL8105E-1 and RTL8168E-1/2/3 firmware foo2zjs Fix insecure use of temporary file freebsd-libs Move libsbuf.so.0 and libipx.so.2 to /lib freebsd-utils Provide config files and init.d script for devd; enable ieee80211 (wireless) in ifconfig gajim Fix high CPU load on connection gdebi Try to determine correct localized value for "Y" gdm3 Only show shutdown options when requested; fix double free; only set WINDOWPATH if not NULL; remove beep in PAM dialog patch git Fix off-by-one parsing commit subjects; prevent deadlock when shallow-cloning; documentation updates grub-installer Allow use of grub-legacy to be pre-seeded (if appropriate) grub2 Handle Xen split-partition disk image devices; ensure uniqueness of RAID array numbers; fix grub-probe detection for ATA devices using "ata" driver on kFreeBSD 9 heimdal Allow DES to be used with NFS httpcomponents-client Fix bug causing Proxy-Authorization header to be passed to target hosts ia32-libs Refresh packages from stable and security ia32-libs-gtk Refresh packages from stable and security ibid Fix various security issues; make the HTTP source work again ipmitool Fix segfault kde4libs Prevent marked text being cut when switching documents in kate kernel-wedge Stop considering acpi.ko as part of the kernel for kFreeBSD kfreebsd-8 Fix net802.11 stack kernel memory disclosure (CVE-2011-2480); merge backported if_msk driver from 8-STABLE; re-enable building of some modules kfreebsd-kernel-di-amd64 Rebuild against kfreebsd-8 8.1+dfsg-8+squeeze1 kfreebsd-kernel-di-i386 Rebuild against kfreebsd-8 8.1+dfsg-8+squeeze1 krb5 Permit gss_set_allowable_enctypes to restrict acceptor enctypes, allowing newer clients to use a Squeeze NFS server without degrading security for non-NFS applications kupfer Don't crash if Evolution address book not present libpcap Fix corruption of snapshot length on live captures; fix device detection when bonding in use lintian Fix information disclosure issues linux-2.6 Update to long-term release 2.6.32.46; backport network driver changes linux-kernel-di-amd64-2.6 Rebuild against linux-2.6 2.6.32-38 linux-kernel-di-armel-2.6 Rebuild against linux-2.6 2.6.32-38 linux-kernel-di-i386-2.6 Rebuild against linux-2.6 2.6.32-38 linux-kernel-di-ia64-2.6 Rebuild against linux-2.6 2.6.32-38 linux-kernel-di-mips-2.6 Rebuild against linux-2.6 2.6.32-38 linux-kernel-di-mipsel-2.6 Rebuild against linux-2.6 2.6.32-38 linux-kernel-di-powerpc-2.6 Rebuild against linux-2.6 2.6.32-38 linux-kernel-di-s390-2.6 Rebuild against linux-2.6 2.6.32-38 linux-kernel-di-sparc-2.6 Rebuild against linux-2.6 2.6.32-38 mesa GLX: suppress BadRequest from DRI2Connect (expected for non-local clients) mod-gnutls Fix segmentation faults nagvis Install documentation; properly apply FollowSymlinks; only call ucf if available nss-pam-ldapd Fix uninitialised memory while parsing the tls_ciphers; fix problem with partial attribute name matches in DN; make all string buffers able to represent 64-bit numbers; treat the "hard" value for tls_reqcert as if it was "demand" openarena Fix arbitrary code execution by malicious bytecode opencv Fix install path of opencv-doc; optimise i386 package for i486 openssh Quieten logs when multiple from= restrictions are used in different authorized_keys lines for the same key openssl Fix CVE-2011-3210: SSL memory handling for (EC)DH ciphersuites pianobar Support XMLRPC API version 31 pmake Fix symlink attack via temporary files postgresql-8.4 Fix regression due to "fix plpgsql's issues with dropped columns in rowtypes in 8.4 branch" python-recaptcha Update URLs for web service move to google.com quassel Fix DoS via CTCP red5 Add missing dependency on glassfish-javaee sbcl Fix reference to undefined asdf::split in the asdf-install module shelldap Exit with a nicer error message if IO::Socket::SSL isn't installed, but SSL/TLS was requested system-tools-backends Properly handle config file rename tesseract Fix file overwrite vulnerability by disabling xterm-based debug windows typo3-src Fix cache flooding via improper error handling tzdata New upstream version update-inetd Fix breakage with non-default inetd packages usbutils Update USB ID list; build-depend on libusb2-dev on kFreeBSD user-mode-linux Rebuild against linux-2.6 2.6.32-37 v86d Fix CVE-2011-1070: failure to validate netlink message sender; do not include random kernel headers in CFLAGS vftool Fix a buffer overflow in linetoken() in parseAFM.c vte Fix DoS widelands Fix network play on official maps (regression introduced by previous update) win32-loader Add Built-Using header; allow suite-specific versions; document versions of embedded software xapian-omega Fix escaping issues in templates zfsutils Update LSB init headers to ensure clean startup/shutdown; add bash-completion script
Note that the krb5 change mentioned above requires a further update to the "nfs-common" package before it will be effective. It is hoped that this update will be included in the next point release.
During the final stages of the point release, it was noticed that the "quassel" package no longer included any translation files. It is hoped that an update restoring the translations will be available soon via "squeeze-updates" and included in the next point release.
Security Updates ----------------
This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates:
Advisory ID Package Correction(s)
DSA-2188 webkit Multiple issues DSA-2210 tiff Multiple issues DSA-2228 iceweasel Multiple issues DSA-2248 ejabberd Denial of service DSA-2252 dovecot Programming error DSA-2254 oprofile Command injection DSA-2256 tiff Buffer overflow DSA-2258 kolab-cyrus-imapd Implementation error DSA-2266 php5 Multiple issues DSA-2267 perl Restriction bypass DSA-2268 iceweasel Multiple issues DSA-2269 iceape Multiple issues DSA-2270 qemu-kvm Programming error DSA-2271 curl Improper delegation of client credentials DSA-2272 bind9 Denial of service DSA-2273 icedove Multiple issues DSA-2274 wireshark Multiple issues DSA-2276 asterisk Multiple issues DSA-2277 xml-security-c Buffer overflow DSA-2279 libapache2-mod-authnz-external SQL injection DSA-2280 libvirt Multiple issues DSA-2281 opie Multiple issues DSA-2282 qemu-kvm Multiple issues DSA-2285 mapserver Multiple issues DSA-2287 libpng Multiple issues DSA-2288 libsndfile Integer overflow DSA-2289 typo3-src Multiple issues DSA-2291 squirrelmail Multiple issues DSA-2292 isc-dhcp Denial of service DSA-2293 libxfont Buffer overflow DSA-2294 freetype Missing input sanitization DSA-2295 iceape Multiple issues DSA-2296 iceweasel Multiple issues DSA-2297 icedove Multiple issues DSA-2298 apache2 Denial of service DSA-2299 ca-certificates Blacklist "DigiNotar Root CA" DSA-2300 nss Compromised certificate authority DSA-2301 rails Multiple issues DSA-2302 bcfg2 Arbitrary code execution DSA-2303 user-mode-linux Multiple issues DSA-2303 linux-2.6 Multiple issues DSA-2304 squid3 Buffer overflow DSA-2305 vsftpd Denial of service DSA-2306 ffmpeg Multiple issues DSA-2307 chromium-browser Multiple issues DSA-2308 mantis Multiple issues DSA-2309 openssl Compromised certificate authority DSA-2312 iceape Multiple issues DSA-2313 iceweasel Multiple issues DSA-2314 puppet Multiple issues DSA-2316 quagga Multiple issues DSA-2317 icedove Multiple issues
Debian Installer ----------------
The Debian Installer has been updated in this point release to correct the following issues (among others):
* fix netinstall on IP22 / IP32 (mips) * allow use of grub-legacy to be pre-seeded (if appropriate)
The kernel image used by the installer has been updated to incorporate a number of important and security-related fixes together with updates to the e1000e, igb, igbvf, r8169, tg3, and broadcom network drivers to add support for additional hardware.
The GNU/kFreeBSD installer also incorporates an updated kernel image including an updated if_msk Gigabit Ethernet driver.
URLs ----
The complete lists of packages that have changed with this revision:
http://ftp.debian.org/debian/dists/squeeze/ChangeLog
The current stable distribution:
http://ftp.debian.org/debian/dists/stable/
Proposed updates to the stable distribution:
http://ftp.debian.org/debian/dists/proposed-updates
Stable distribution information (release notes, errata etc.):
http://www.debian.org/releases/stable/
Security announcements and information:
http://security.debian.org/
About Debian ------------
The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. |
| |
20.11.2024 | NVIDIA rilascia il package Linux x64 (AMD64/EM64T) Display Driver 550.135 | |
18.11.2024 | The Linux Kernel Organization rilascia il Linux Kernel 6.12: info e download | |
16.11.2024 | Oracle rilascia VirtualBox 7.0.22 per Windows, Linux, macOS e Unix Solaris | |
15.11.2024 | Samsung potrebbe equipaggiare gli smartphone Galaxy S25 con 12GB di memoria RAM | |
14.11.2024 | The Linux Kernel Organization rilascia il Linux Kernel 6.11.8: info e download | |
12.11.2024 | Free RAM Testing & Diagnostics Utilities: Memtest86+ 7.20 - Windows & Linux | |
Con l'app free FileZilla Server 1.9.4 puoi creare il tuo server FTP a costo zero | |
11.11.2024 | Free VoIP & Messaging Tools: Skype 8.132.0.201 - Windows, macOS, Linux, Android | |
10.11.2024 | Mac mini con M4 disassemblato: Apple ricorre a SSD e modulo Wi-Fi insoliti | |
09.11.2024 | The Linux Kernel Organization rilascia il Linux Kernel 6.11.7: info e download | |
Wine 9.21 esegue il software nativo per Windows su Linux, Unix e MacOS | |
04.11.2024 | NVIDIA dovrebbe lanciare la sua prima CPU consumer high-end per PC nel 2025 | |
The Linux Kernel Organization rilascia il Linux Kernel 6.12-rc6: info e download | |
02.11.2024 | Apple annuncia i MacBook Pro di nuova generazione con chip M4, M4 Pro e M4 Max | |
Apple amplia ufficialmente la linea M4 con i nuovi chip M4 Pro e M4 Max | |
01.11.2024 | The Linux Kernel Organization rilascia il Linux Kernel 6.11.6: info e download | |
28.10.2024 | The Linux Kernel Organization rilascia il Linux Kernel 6.12-rc5: info e download | |
26.10.2024 | Svelata la tempistica di lancio dei Mac Studio, MacBook Air e Mac Pro con SoC M4 | |
24.10.2024 | Intel lancia i processori per desktop Core Ultra Series 2 Arrow Lake-S | |
Free VoIP & Messaging Tools: Skype 8.131.0.202 - Windows, macOS, Linux, Android | Indice delle news | | | | Ultimi File | NVIDIA Linux X64 (AMD64/EM64T) Display Driver 550.135 | Linux Kernel 6.12 | Oracle VirtualBox 7.0.22 [Maintenance Release] | Linux Kernel 6.11.8 | Linux Kernel 6.11.7 | Wine 9.21 [Development Release] | Linux Kernel 6.12-rc6 | Linux Kernel 6.11.6 | Linux Kernel 6.12-rc5 | NVIDIA Linux X64 (AMD64/EM64T) Display Driver 550.127.05 | Indice dei file | |