Tweet
Updated Debian GNU/Linux: 5.0.7 released
The Debian Project is an association of individuals who have made common cause to create a free operating system. This operating system is called Debian GNU/Linux, or simply Debian for short. Debian systems currently use the Linux kernel. Linux is a completely free piece of software started by Linus Torvalds and supported by thousands of programmers worldwide.
Of course, the thing that people want is application software: programs to help them get what they want to do done, from editing documents to running a business to playing games to writing more software. Debian comes with over 8000 packages (precompiled software that is bundled up in a nice format for easy installation on your machine) - all of it free. It's a bit like a tower.
At the base is the kernel. On top of that are all the basic tools. Next is all the software that you run on the computer. At the top of the tower is Debian -- carefully organizing and fitting everything so it all works together.
What's New in This Release:
· The Debian project is pleased to announce the fourth update of its stable distribution Debian GNU/Linux 5.0 (codename "lenny"). This update mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems.
· Please note that this update does not constitute a new version of Debian GNU/Linux 5.0 but only updates some of the packages included. There is no need to throw away 5.0 CDs or DVDs but only to update via an up-to-date Debian mirror after an installation, to cause any out of date packages to be updated.
· Those who frequently install updates from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update.
· New CD and DVD images containing updated packages and the regular installation media accompanied with the package archive respectively will be available soon at the regular locations.
Upgrading to this revision online is usually done by pointing the aptitude (or apt) package tool (see the sources.list(5) manual page) to one of Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is available at:
_http://www.debian.org/mirror/list
Code:
Miscellaneous Bugfixes: This stable update adds a few important corrections to the following packages: · alien-arena Fix remote arbitrary code execution · amarok Apply regex update to make Wikipedia tab work again · apache2 Several issues · backup-manager Fix possible mysql password leakage to local users · backuppc Prohibit editing of client name alias to avoid unauthorised file access · base-files Update /etc/debian_version to reflect the point release · choose-mirror Improve suite selection and validation of suites available on selected mirror · clock-setup Correctly handle system dates before epoch · consolekit Don't create pam-foreground-compat tag files for remote users · debmirror Compress packages files using --rsyncable so they match the files from the archive · devscripts Update a number of scripts to understand squeeze and lenny-backports · dhcp3 Fix memory leak and SIGPIPE in LDAP code · dpkg Various fixes to new source package format support · drupal6 Fix XSS issues in Contact and Menu moduels · fam Fix 100% CPU usage in famd · fetchmail Fix init script dependencies; don't complain about missing configuration when disabled · firebird2.0 Fix DOS via malformed message · gchempaint Fix segmentation fault · gdebi Fix gksu call to not pass an option that the Debian package doesn't support · geneweb Correctly handle database with names containing whitespace in the postinst · ghc6 Fix deadlock bug on 64-bit architectures · glib2.0 Fix g_file_copy to correctly set permissions of target files · glibc Fix bug in realloc() when enlarging a memory allocation · gnash Reduce messages produced by the browser plugin to avoid filling .xsession-errors · gnome-system-tools Don't change root's home directory when editing the user and fix group creation dialog · haproxy Several stability and crash fixes · kazehakase Disallow adding bookmarks for data:/javascript: URIs (CVE-2007-1084) · killer Correctly handle long usernames in the ruser field · libcgi-pm-perl Fix unwanted ISO-8859-1 -> UTF-8 conversion in CGI::Util::escape() · libdbd-mysql-perl Fix segmentation faults caused by auto_reconnect · libdbd-pg-perl Correctly handle high-bit characters · libfinance-quote-perl Fix ordering of fields in Yahoo data · linux-2.6 Several corrections · linux-kernel-di-alpha-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-amd64-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-arm-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-armel-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-hppa-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-i386-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-ia64-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-mips-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-mipsel-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-powerpc-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-s390-2.6 Rebuild against linux-2.6 2.6.26-21 · linux-kernel-di-sparc-2.6 Rebuild against linux-2.6 2.6.26-21 · lkl Rebuild to get new MD5 sum (previous sum was causing FPs from antivirus) · movabletype-opensource Disable mt-wizard.cgi by default · munin Fix CPU usage graphs to account for changes in kernel reporting · mysql-dfsg-5.0 Revert 'dummy thread' workaround which causes segfaults and fix crash when using GIS functions · nss-ldapd Treat usernames and other lookups as case-sensitive · openttd Fix remote crash vulnerability · otrs2 Don't globally limit MaxRequestsPerChild on Apache or reject valid domains · partman-auto-crypto Avoid triggering unsafe swap warning when setting up LVM · planet-venus Enhance escaping of processed feeds · proftpd-dfsg SSL certificate verification weakness · pyenchant Make add_to_personal() work again · python-docutils Fix insecure temporary file usage in reStructuredText Emacs mode · python-xml Fix two denials of service · qcontrol Create persistent input device to handle changes in udev 0.125-7+lenny3 · redhat-cluster Fix problem with resource failover · request-tracker3.6 Session hijack vulnerability · roundup Fix pagination regression caused by security fix · samba Fix regression in name mangling · serveez Fix remote buffer overflow · shadow Fix handling of long lines in the user or group files · spamassassin Don't consider dates in 2010 'grossly in the future' · system-tools-backends Fix regression in operation of some elements · texlive-bin Fix crash with large files · tor Fix crash due to race condition and update authority keys · totem Update ******* plugin to match changes to the site · tzdata Update timezone data · usbutils Update USB IDs · user-mode-linux Rebuild against linux-source-2.6.26 2.6.26-21 · vpb-driver Fix Asterisk crash with missing config file · watchdog Ensure daemon really has ended before starting a new one · webauth Avoid inadvertently including passwords in cookie test URLs · wireshark Several vulnerabilities · xfs Fix temporary directory usage in the init script · xscreensaver Fix local screen lock bypass vulnerability A number of packages were rebuilt on the alpha, amd64 and ia64 architectures to incorporate the fix from the updated ghc6 package: · alex arch2darcs · bnfc c2hs · dfsbuild drift · cpphs darcs · darcs-buildpackage darcs-monitor · datapacker frown · geordi haddock · happy haskell-utils · hat helium · hmake hpodder · hscolour lhs2tex · kaya pxsl-tools · srcinst uuagc · whitespace xmonad New version of the debian-installer: · The Debian Installer has been updated in this point release to offer better support for installation of the "oldstable" distribution and from archive.debian.org. The new installer also allows the system date to be updated using NTP if it is before January 1st, 1970 at boot time. · The kernel image used by the installer has been updated to incorporate a number of important and security-related fixes together with support for additional hardware. · An update to the udev package in the previous point release unfortunately led to the LEDs and on-board buzzer of arm/armel-based QNAP NAS devices not operating during installs. This is rectified in the new installer release. · Finally, it is once again possible to use the installer on the S/390 architecture by booting from CD. Security Updates: · This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates... · DSA-1796 libwmf Denial of service · DSA-1825 nagios3 Arbitrary code execution · DSA-1835 tiff Several vulnerabilities · DSA-1836 fckeditor Arbitrary code execution · DSA-1837 dbus Denial of service · DSA-1839 gst-plugins-good0.10 Arbitrary code execution · DSA-1849 xml-security-c Signature forgery · DSA-1850 libmodplug Arbitrary code execution · DSA-1860 ruby1.9 Several issues · DSA-1863 zope2.10 Arbitrary code execution · DSA-1866 kdegraphics Several vulnerabilities · DSA-1868 kde4libs Several vulnerabilities · DSA-1878 devscripts Remote code execution · DSA-1879 silc-client Arbitrary code execution · DSA-1879 silc-toolkit Arbitrary code execution · DSA-1880 openoffice.org Arbitrary code execution · DSA-1882 xapian-omega Cross-site scripting · DSA-1884 nginx Arbitrary code execution · DSA-1885 xulrunner Several vulnerabilities · DSA-1886 iceweasel Several vulnerabilities · DSA-1887 rails Cross-site scripting · DSA-1888 openssl Deprecate MD2 hash signatures · DSA-1889 icu Security bypass due to multibyte sequence parsing · DSA-1890 wxwidgets2.6 Arbitrary code execution · DSA-1890 wxwidgets2.8 Arbitrary code execution · DSA-1891 changetrack Arbitrary code execution · DSA-1892 dovecot Arbitrary code execution · DSA-1893 cyrus-imapd-2.2 Arbitrary code execution · DSA-1893 kolab-cyrus-imapd Arbitrary code execution · DSA-1894 newt Arbitrary code execution · DSA-1895 opensaml2 Interpretation conflict · DSA-1895 shibboleth-sp2 Interpretation conflict · DSA-1895 xmltooling Potential code execution · DSA-1896 opensaml Potential code execution · DSA-1896 shibboleth-sp Potential code execution · DSA-1897 horde3 Arbitrary code execution · DSA-1898 openswan Denial of service · DSA-1899 strongswan Denial of service · DSA-1900 postgresql-8.3 Various problems · DSA-1903 graphicsmagick Several vulnerabilities · DSA-1904 wget SSL certificate verification weakness · DSA-1905 python-django Denial of service · DSA-1907 kvm Several vulnerabilities · DSA-1908 samba Several vulnerabilities · DSA-1909 postgresql-ocaml Missing escape function · DSA-1910 mysql-ocaml Missing escape function · DSA-1911 pygresql Missing escape function · DSA-1912 advi Arbitrary code execution · DSA-1912 camlimages Arbitrary code execution · DSA-1913 bugzilla SQL injection · DSA-1914 mapserver Serveral vulnerabilities · DSA-1915 linux-2.6 Several vulnerabilities · DSA-1915 user-mode-linux Several vulnerabilities · DSA-1916 kdelibs SSL certificate verification weakness · DSA-1917 mimetex Several vulnerabilities · DSA-1918 phpmyadmin Several vulnerabilities · DSA-1919 smarty Several vulnerabilities · DSA-1920 nginx Denial of service · DSA-1921 expat Denial of service · DSA-1922 xulrunner Several vulnerabilities · DSA-1923 libhtml-parser-perl Denial of service · DSA-1924 mahara Several vulnerabilities · DSA-1925 proftpd-dfsg SSL certificate verification weakness · DSA-1926 typo3-src Several vulnerabilities · DSA-1930 drupal6 Several vulnerabilities · DSA-1931 nspr Several vulnerabilities · DSA-1932 pidgin Arbitrary code execution · DSA-1933 cups Cross-site scripting · DSA-1934 apache2 Several issues · DSA-1934 apache2-mpm-itk Several issues · DSA-1935 gnutls26 SSL certificate NUL byte vulnerability · DSA-1936 libgd2 Several vulnerabilities · DSA-1937 gforge Cross-site scripting · DSA-1938 php-mail Insufficient input sanitising · DSA-1939 libvorbis Several vulnerabilities · DSA-1940 php5 Multiple issues · DSA-1941 poppler Several vulnerabilities · DSA-1942 wireshark Several vulnerabilities · DSA-1944 request-tracker3.6 Session hijack vulnerability · DSA-1945 gforge Denial of service · DSA-1947 opensaml2 Cross-site scripting · DSA-1947 shibboleth-sp Cross-site scripting · DSA-1947 shibboleth-sp2 Cross-site scripting · DSA-1948 ntp Denial of service · DSA-1949 php-net-ping Arbitrary code execution · DSA-1950 webkit Several vulnerabilities · DSA-1951 firefox-sage Insufficient input sanitizing · DSA-1952 asterisk Several vulnerabilities · DSA-1953 expat Denial of service · DSA-1954 cacti Insufficient input sanitising · DSA-1956 xulrunner Several vulnerabilities · DSA-1957 aria2 Arbitrary code execution · DSA-1958 libtool Privilege escalation · DSA-1959 ganeti Arbitrary command execution · DSA-1960 acpid Weak file permissions · DSA-1961 bind9 Cache poisoning · DSA-1962 kvm Several vulnerabilities · DSA-1963 unbound DNSSEC validation · DSA-1964 postgresql-8.3 Several vulnerabilities · DSA-1965 phpldapadmin Remote file inclusion · DSA-1966 horde3 Cross-site scripting · DSA-1967 transmission Directory traversal · DSA-1968 pdns-recursor Potential code execution · DSA-1969 krb5 Denial of service · DSA-1970 openssl Denial of service · DSA-1971 libthai Arbitrary code execution · DSA-1972 audiofile Buffer overflow · DSA-1974 gzip Arbitrary code execution · DSA-1976 dokuwiki Several vulnerabilities · DSA-1978 phpgroupware Several vulnerabilities · DSA-1979 lintian Multiple vulnerabilities · DSA-1980 ircd-hybrid Arbitrary code execution Removed packages: The following packages were removed due to circumstances beyond our control: · destar Security issues; unmaintained; abandoned upstream · electricsheep No longer functional · gnudip Security issues; unmaintained; abandoned upstream · kcheckgmail No longer functional · libgnucrypto-java Security issues; obsolete · Additionally those parts of the libwww-search-perl and libperl4caml-ocaml-dev packages which rely on the ****** SOAP search API (provided by libnet-******-perl) are no longer functional as the API has been retired by ******. The remaining portions of the packages will continue to function as before.
Price: Free
Small CD Size: 180MB
Download:
_http://www.debian.org/distrib/netinst