[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:49922] Forward: Debian GNU/Linux 3.1 updated



Debian GNU/Linux 3.1 Sargeã®ãƒžã‚¤ãƒŠãƒ¼ã‚¢ãƒƒãƒ—デート(r7)もリリース
ã•ã‚Œã¾ã—ãŸã€‚

--- Begin Message ---
------------------------------------------------------------------------
The Debian Project                                http://www.debian.org/
Debian GNU/Linux 3.1 updated                            press@debian.org
December 27th, 2007             http://www.debian.org/News/2007/20071228
------------------------------------------------------------------------

Debian GNU/Linux 3.1 updated

The Debian project is pleased to announce the seventh update of its
old stable distribution Debian GNU/Linux 3.1 (codename `sarge').  This
is the first time we update the old stable distribution during the
lifetime of the stable distribution.  This update mainly adds
corrections for security problems to the oldstable release, along with
a few adjustments to serious problems.

Please note that this update does not constitute a new version of Debian
GNU/Linux 3.1 but only updates some of the packages included.  There is
no need to throw away 3.1 CDs or DVDs but only to update against
ftp.debian.org after an installation, in order to incorporate those late
changes.

Those who frequently install updates from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.

New CD and DVD images containing updated packages and the regular
installation media accompanied with the package archive respectively
will be available soon at the regular locations.

Upgrading to this revision online is usually done by pointing the
`aptitude' (or `apt') package tool (see the sources.list(5) manual
page) to one of Debian's many FTP or HTTP mirrors.  A comprehensive
list of mirrors is available at:

    <http://www.debian.org/distrib/ftplist>


Debian-Installer Update
-----------------------

With this release the installation system for sarge gains full support for
installing `oldstable' from network mirrors.  This includes base-config.

The installer also uses and supports the updated kernels included in this
revision.  This causes old netboot and floppy images to stop working,
updated versions are available from the regular locations.

Other changes are a final fix to prevent leakage of sensitive data through
saved log files and a minor fix in the partman-jfs component.


Miscellaneous Bugfixes
----------------------

This update adds several binary-only updates for various architectures
to packages whose version was not synchronised across all architectures.
It also adds a few important corrections to the following packages:

   Package                     Reason

   adesklets                   Bring architectures back in sync
   agenda.app                  Bring architectures back in sync
   antlr                       Bring architectures back in sync
   apache2                     Fix several minor vulnerabilities
   asterisk-spandsp-plugins    Bring architectures back in sync
   atomix                      Bring architectures back in sync
   bazaar                      Bring architectures back in sync
   camediaplay                 Bring architectures back in sync
   commons-daemon              Bring architectures back in sync
   debtags-edit                Bring architectures back in sync
   fai-kernels                 Rebuild against latest kernel update
   fet                         Bring architectures back in sync
   freepops                    Bring architectures back in sync
   gaim-encryption             Bring architectures back in sync
   gff2aplot                   Bring architectures back in sync
   gnuradio-core               Bring architectures back in sync
   gr-audio-oss                Bring architectures back in sync
   iroffer                     Bring architectures back in sync
   joystick                    Bring architectures back in sync
   k3d                         Bring architectures back in sync
   kdissert                    Bring architectures back in sync
   kernel-latest-2.6-alpha     Meta package for new kernel ABI
   kernel-latest-2.6-amd64     Meta package for new kernel ABI
   kernel-latest-2.6-hppa      Meta package for new kernel ABI
   kernel-latest-2.6-i386      Meta package for new kernel ABI
   kernel-latest-2.6-sparc     Meta package for new kernel ABI
   kernel-latest-2.6-powerpc   Meta package for new kernel ABI
   kernel-source-2.6.8         Several fixes and driver updates
   kexi                        Bring architectures back in sync
   kimdaba                     Bring architectures back in sync
   leafpad                     Bring architectures back in sync
   libdbd-sqlite2-perl         Bring architectures back in sync
   libgconf-java               Bring architectures back in sync
   libglade-java               Bring architectures back in sync
   libgnome-java               Bring architectures back in sync
   ocaml-http                  Bring architectures back in sync
   octaviz                     Bring architectures back in sync
   osspsa                      Bring architectures back in sync
   paje.app                    Bring architectures back in sync
   pasmo                       Bring architectures back in sync
   plptools                    Bring architectures back in sync
   pwlib                       Fix remote denial of service
   python-biopython            Bring architectures back in sync
   realtimebattle              Bring architectures back in sync
   scalapack                   Bring architectures back in sync
   skippy                      Bring architectures back in sync
   swt-gtk                     Bring architectures back in sync
   vgrabbj                     Bring architectures back in sync
   visitors                    Bring architectures back in sync
   wesnoth                     Fix denial of service
   ximian-connector            Bring architectures back in sync
   xwine                       Bring architectures back in sync


Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates.

Advisory ID    Package                  Correction(s)

   DSA 1267    webcalendar              Remote file inclusion
   DSA 1282    php4                     Several vulnerabilities
   DSA 1284    qemu                     Several vulnerabilities
   DSA 1287    ldap-account-manager     Several vulnerabilities
   DSA 1290    squirrelmail             Cross-site scripting
   DSA 1291    samba                    Several vulnerabilities
   DSA 1293    quagga                   Denial of service
   DSA 1294    rdesktop                 Several vulnerabilities
   DSA 1294    xfree86                  Several vulnerabilities
   DSA 1307    openoffice.org           Arbitrary code execution
   DSA 1310    libexif                  Arbitrary code execution
   DSA 1311    postgresql               Privilege escalation
   DSA 1312    libapache-mod-jk         Information disclosure
   DSA 1323    krb5                     Several vulnerabilities
   DSA 1325    evolution                Several vulnerabilities
   DSA 1326    fireflier                Unsafe temporary files
   DSA 1329    gfax                     Privilege escalation
   DSA 1331    php4                     Arbitrary code execution
   DSA 1332    vlc                      Arbitrary code execution
   DSA 1334    freetype                 Arbitrary code execution
   DSA 1335    gimp                     Arbitrary code execution
   DSA 1336    mozilla-firefox          Several vulnerabilities
   DSA 1342    bind9                    DNS cache poisoning
   DSA 1343    file                     Arbitrary code execution
   DSA 1347    xpdf                     Arbitrary code execution
   DSA 1349    libextractor             Arbitrary code execution
   DSA 1350    tetex-bin                Arbitrary code execution
   DSA 1351    bochs                    Privilege escalation
   DSA 1352    pdfkit.framework         Arbitrary code execution
   DSA 1353    tcpdump                  Arbitrary code execution
   DSA 1354    gpdf                     Arbitrary code execution
   DSA 1358    asterisk                 Several vulnerabilitie
   DSA 1364    vim                      Several vulnerabilites
   DSA 1421    wesnoth                  Arbitrary file disclosure
   DSA 1426    qt-x11-free              Several vulnerabilities
   DSA 1427    samba                    Arbitrary code execution
   DSA 1433    centericq                Arbitrary code execution
   DSA 1435    clamav                   Several vulnerabilities


The complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:

  <http://release.debian.org/oldstable/3.1/3.1r7/>


URLs
----

The complete lists of packages that have changed with this revision:

  <http://ftp.debian.org/debian/dists/sarge/ChangeLog>

The current oldstable distribution:

  <http://ftp.debian.org/debian/dists/oldstable>

Proposed updates to the oldstable distribution:

  <http://ftp.debian.org/debian/dists/oldstable-proposed-updates>

Oldstable distribution information (release notes, errata etc.):

  <http://www.debian.org/releases/oldstable/>

Security announcements and information:

  <http://www.debian.org/security/>


About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely
free operating systems Debian GNU/Linux.


Contact Information
-------------------

For further information, please visit the Debian web pages at
<http://www.debian.org/>, send mail to <press@debian.org>, or
contact the stable release team at <debian-release@lists.debian.org>.


-- 
To UNSUBSCRIBE, email to debian-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

--- End Message ---