--- Begin Message ---
------------------------------------------------------------------------
The Debian Project http://www.debian.org/
Debian GNU/Linux 3.1 updated press@debian.org
December 27th, 2007 http://www.debian.org/News/2007/20071228
------------------------------------------------------------------------
Debian GNU/Linux 3.1 updated
The Debian project is pleased to announce the seventh update of its
old stable distribution Debian GNU/Linux 3.1 (codename `sarge'). This
is the first time we update the old stable distribution during the
lifetime of the stable distribution. This update mainly adds
corrections for security problems to the oldstable release, along with
a few adjustments to serious problems.
Please note that this update does not constitute a new version of Debian
GNU/Linux 3.1 but only updates some of the packages included. There is
no need to throw away 3.1 CDs or DVDs but only to update against
ftp.debian.org after an installation, in order to incorporate those late
changes.
Those who frequently install updates from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.
New CD and DVD images containing updated packages and the regular
installation media accompanied with the package archive respectively
will be available soon at the regular locations.
Upgrading to this revision online is usually done by pointing the
`aptitude' (or `apt') package tool (see the sources.list(5) manual
page) to one of Debian's many FTP or HTTP mirrors. A comprehensive
list of mirrors is available at:
<http://www.debian.org/distrib/ftplist>
Debian-Installer Update
-----------------------
With this release the installation system for sarge gains full support for
installing `oldstable' from network mirrors. This includes base-config.
The installer also uses and supports the updated kernels included in this
revision. This causes old netboot and floppy images to stop working,
updated versions are available from the regular locations.
Other changes are a final fix to prevent leakage of sensitive data through
saved log files and a minor fix in the partman-jfs component.
Miscellaneous Bugfixes
----------------------
This update adds several binary-only updates for various architectures
to packages whose version was not synchronised across all architectures.
It also adds a few important corrections to the following packages:
Package Reason
adesklets Bring architectures back in sync
agenda.app Bring architectures back in sync
antlr Bring architectures back in sync
apache2 Fix several minor vulnerabilities
asterisk-spandsp-plugins Bring architectures back in sync
atomix Bring architectures back in sync
bazaar Bring architectures back in sync
camediaplay Bring architectures back in sync
commons-daemon Bring architectures back in sync
debtags-edit Bring architectures back in sync
fai-kernels Rebuild against latest kernel update
fet Bring architectures back in sync
freepops Bring architectures back in sync
gaim-encryption Bring architectures back in sync
gff2aplot Bring architectures back in sync
gnuradio-core Bring architectures back in sync
gr-audio-oss Bring architectures back in sync
iroffer Bring architectures back in sync
joystick Bring architectures back in sync
k3d Bring architectures back in sync
kdissert Bring architectures back in sync
kernel-latest-2.6-alpha Meta package for new kernel ABI
kernel-latest-2.6-amd64 Meta package for new kernel ABI
kernel-latest-2.6-hppa Meta package for new kernel ABI
kernel-latest-2.6-i386 Meta package for new kernel ABI
kernel-latest-2.6-sparc Meta package for new kernel ABI
kernel-latest-2.6-powerpc Meta package for new kernel ABI
kernel-source-2.6.8 Several fixes and driver updates
kexi Bring architectures back in sync
kimdaba Bring architectures back in sync
leafpad Bring architectures back in sync
libdbd-sqlite2-perl Bring architectures back in sync
libgconf-java Bring architectures back in sync
libglade-java Bring architectures back in sync
libgnome-java Bring architectures back in sync
ocaml-http Bring architectures back in sync
octaviz Bring architectures back in sync
osspsa Bring architectures back in sync
paje.app Bring architectures back in sync
pasmo Bring architectures back in sync
plptools Bring architectures back in sync
pwlib Fix remote denial of service
python-biopython Bring architectures back in sync
realtimebattle Bring architectures back in sync
scalapack Bring architectures back in sync
skippy Bring architectures back in sync
swt-gtk Bring architectures back in sync
vgrabbj Bring architectures back in sync
visitors Bring architectures back in sync
wesnoth Fix denial of service
ximian-connector Bring architectures back in sync
xwine Bring architectures back in sync
Security Updates
----------------
This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates.
Advisory ID Package Correction(s)
DSA 1267 webcalendar Remote file inclusion
DSA 1282 php4 Several vulnerabilities
DSA 1284 qemu Several vulnerabilities
DSA 1287 ldap-account-manager Several vulnerabilities
DSA 1290 squirrelmail Cross-site scripting
DSA 1291 samba Several vulnerabilities
DSA 1293 quagga Denial of service
DSA 1294 rdesktop Several vulnerabilities
DSA 1294 xfree86 Several vulnerabilities
DSA 1307 openoffice.org Arbitrary code execution
DSA 1310 libexif Arbitrary code execution
DSA 1311 postgresql Privilege escalation
DSA 1312 libapache-mod-jk Information disclosure
DSA 1323 krb5 Several vulnerabilities
DSA 1325 evolution Several vulnerabilities
DSA 1326 fireflier Unsafe temporary files
DSA 1329 gfax Privilege escalation
DSA 1331 php4 Arbitrary code execution
DSA 1332 vlc Arbitrary code execution
DSA 1334 freetype Arbitrary code execution
DSA 1335 gimp Arbitrary code execution
DSA 1336 mozilla-firefox Several vulnerabilities
DSA 1342 bind9 DNS cache poisoning
DSA 1343 file Arbitrary code execution
DSA 1347 xpdf Arbitrary code execution
DSA 1349 libextractor Arbitrary code execution
DSA 1350 tetex-bin Arbitrary code execution
DSA 1351 bochs Privilege escalation
DSA 1352 pdfkit.framework Arbitrary code execution
DSA 1353 tcpdump Arbitrary code execution
DSA 1354 gpdf Arbitrary code execution
DSA 1358 asterisk Several vulnerabilitie
DSA 1364 vim Several vulnerabilites
DSA 1421 wesnoth Arbitrary file disclosure
DSA 1426 qt-x11-free Several vulnerabilities
DSA 1427 samba Arbitrary code execution
DSA 1433 centericq Arbitrary code execution
DSA 1435 clamav Several vulnerabilities
The complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:
<http://release.debian.org/oldstable/3.1/3.1r7/>
URLs
----
The complete lists of packages that have changed with this revision:
<http://ftp.debian.org/debian/dists/sarge/ChangeLog>
The current oldstable distribution:
<http://ftp.debian.org/debian/dists/oldstable>
Proposed updates to the oldstable distribution:
<http://ftp.debian.org/debian/dists/oldstable-proposed-updates>
Oldstable distribution information (release notes, errata etc.):
<http://www.debian.org/releases/oldstable/>
Security announcements and information:
<http://www.debian.org/security/>
About Debian
------------
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely
free operating systems Debian GNU/Linux.
Contact Information
-------------------
For further information, please visit the Debian web pages at
<http://www.debian.org/>, send mail to <press@debian.org>, or
contact the stable release team at <debian-release@lists.debian.org>.
--
To UNSUBSCRIBE, email to debian-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
--- End Message ---