-------- Weitergeleitete Nachricht --------

> Von: Joey Schulze

> An: Debian Annoncements

> Betreff: Debian GNU/Linux 5.0 updated

> Datum: Sat, 27 Jun 2009 23:26:04 +0200

>

> -------------------------------------------------------------------------

> The Debian Project http://www.debian.org/

> Debian GNU/Linux 5.0 updated press[bei]debian[punkt]org

> June 27th, 2009 http://www.debian.org/News/2009/20090627

> -------------------------------------------------------------------------

>

> Debian GNU/Linux 5.0 updated

>

> The Debian project is pleased to announce the second update of its stable

> distribution Debian GNU/Linux 5.0 (codename "lenny"). This update mainly

> adds corrections for security problems to the stable release, along with

> a few adjustment to serious problems.

>

> Please note that this update does not constitute a new version of Debian

> GNU/Linux 5.0 but only updates some of the packages included. There is

> no need to throw away 5.0 CDs or DVDs but only to update via an up-to-

> date Debian mirror after an installation, to cause any out of date

> packages to be updated.

>

> Those who frequently install updates from security.debian.org won't have

> to update many packages and most updates from security.debian.org are

> included in this update.

>

> New CD and DVD images containing updated packages and the regular

> installation media accompanied with the package archive respectively will

> be available soon at the regular locations.

>

> Upgrading to this revision online is usually done by pointing the

> aptitude (or apt) package tool (see the sources.list(5) manual page) to

> one of Debian's many FTP or HTTP mirrors. A comprehensive list of

> mirrors is available at:

>

>

>

>

> Miscellaneous Bugfixes

> ----------------------

>

> This stable update adds a few important corrections to the following

> packages:

>

> Package Reason

>

> apr-util Fix information disclosure (CVE-2009-1956)

> asciidoc Replace fop with dblatex

> backuppc Fix permissions of CGI script and ht* files

> base-files Bump version to 5.0.2

> bind9 Fix DNSSEC lookaside validation failed to handle unknown algorithms

> cdebconf Optimize screen usage in newt frontend

> choose-mirror Make preseeding of oldstable possible

> glib2.0 Fix crashes in gvfs

> gnupg Fix memory leak and cleanup terminal attributes on interrupt

> hobbit Create /var/run/hobbit if missing

> installation-guide New sections on accessibility support

> iodine Fix segfault when 5.x client connects

> jd Fix posting comments

> kfreebsd-7 Fix several vulnerabilities

> libapache2-authcassimple-perl Fix POST request handling

> libaqbanking Fix segfault in qt3-wizard

> libnet-rawip-perl Fix segmentation fault

> libxcb Fix important performance issues

> linux-2.6 Several fixes

> linux-kernel-di-alpha-2.6 Rebuild against latest kernel

> linux-kernel-di-amd64-2.6 Rebuild against latest kernel

> linux-kernel-di-arm-2.6 Rebuild against latest kernel

> linux-kernel-di-armel-2.6 Rebuild against latest kernel

> linux-kernel-di-hppa-2.6 Rebuild against latest kernel

> linux-kernel-di-i386-2.6 Rebuild against latest kernel

> linux-kernel-di-ia64-2.6 Rebuild against latest kernel

> linux-kernel-di-mips-2.6 Rebuild against latest kernel

> linux-kernel-di-mipsel-2.6 Rebuild against latest kernel

> linux-kernel-di-powerpc-2.6 Rebuild against latest kernel

> linux-kernel-di-s390-2.6 Rebuild against latest kernel

> linux-kernel-di-sparc-2.6 Rebuild against latest kernel

> live-initramfs Better support for persistent mode

> live-magic Fix handling of /etc/debian_version

> mdadm Fix stability issues

> mt-daapd Add musepack to transcoding list

> nagios3 Fix nagios3-common's prerm script

> nss Fix alignment issues on sparc and ia64

> onak Always open db read/write

> pango1.0 Fix arbitrary code execution

> pidgin-otr Sourceful upload with bumped version number to fix a collision with a binNMU

> poppler Fix several vulnerabilities

> pygobject Fix inconsistent use of tabs and spaces in indentation

> samba Fix memory leak, winbind crashes and Win200 SP4 joining issues

> screen Fix symlink attack

> slime Remove non-free xref.lisp

> smstools Fix modem timeouts

> solr Fix simultaneous installation of tomcat5.5 with solr-tomcat5.5

> sound-juicer Fix a crash on invocation of the preferences dialog

> system-config-printer New Romanian translation

> system-tools-backends Fix limiting effective password length to 8 characters (CVE-2008-6792)

> and handle new format of /etc/debian_version

> tzdata New timezone information

> user-mode-linux Several fixes

> xorg Default to fbdev driver on sparc

> xorg-server Fix wakeup storm in idletime xsync counter

>

>

> New version of the debian-installer

> -----------------------------------

>

> The debian-installer has been updated to allow the installation of the

> previous stable release (Debian 4.0 "etch") and to include an updated

> cdebconf package which resolves several issues with installation menu

> rendering using the newt frontend, including:

>

> - explanatory text overlapping with the input box due to a height

> miscalculation

> - overlapping of the "Go Back" button and the select list on certain screens

> - suboptimal screen usage, particularly affecting debian-edu installations

>

> The installer has been rebuilt to use the updated kernel packages included

> in this point release, resolving issues with installation on s390 G5 systems

> and IBM summit-based i386 systems.

>

>

> Security Updates

> ----------------

>

> This revision adds the following security updates to the stable release.

> The Security Team has already released an advisory for each of these

> updates:

>

> Advisory ID Package(s) Correction(s)

>

> DSA 1761 moodle File disclosure

> DSA 1762 icu Cross-site scripting

> DSA 1763 openssl Denial of service

> DSA 1764 tunapie Several vulnerabilities

> DSA 1766 krb5 Several vulnerabilities

> DSA 1767 multipath-tools Denial of service

> DSA 1768 openafs Potential code execution

> DSA 1771 clamav Several vulnerabilities

> DSA 1772 udev Critical privilege escalation

> DSA 1773 cups Arbitrary code execution

> DSA 1774 ejabberd Cross-site scripting

> DSA 1776 slurm-llnl Privilege escalation

> DSA 1777 git-core Privilege escalation

> DSA 1778 mahara Cross-site scripting

> DSA 1779 apt Several vulnerabilities

> DSA 1781 ffmpeg-debian Arbitrary code execution

> DSA 1783 mysql-dfsg-5.0 Several vulnerabilities

> DSA 1784 freetype Arbitrary code execution

> DSA 1785 wireshark Several vulnerabilities

> DSA 1786 acpid Denial of service

> DSA 1788 quagga Denial of service

> DSA 1789 php5 Several vulnerabilities

> DSA 1790 xpdf Multiple vulnerabilities

> DSA 1791 moin Cross-site scripting

> DSA 1792 drupal6 Multiple vulnerabilities

> DSA 1793 kdegraphics Multiple vulnerabilities

> DSA 1795 ldns Arbitrary code execution

> DSA 1797 xulrunner Multiple vulnerabilities

> DSA 1798 pango1.0 Arbitrary code execution

> DSA 1799 qemu Several vulnerabilities

> DSA 1800 linux-2.6,user-mode-linux Several vulnerabilities

> DSA 1801 ntp Several vulnerabilities

> DSA 1802 squirrelmail Several vulnerabilities

> DSA 1803 nsd, nsd3 Denial of service

> DSA 1804 ipsec-tools Denial of service

> DSA 1805 pidgin Several vulnerabilities

> DSA 1806 cscope Arbitrary code execution

> DSA 1807 cyrus-sasl2 Arbitrary code execution

> DSA 1807 cyrus-sasl2-heimdal Arbitrary code execution

> DSA 1808 drupal6 Insufficient input sanitising

> DSA 1809 linux-2.6,user-mode-linux Several vulnerabilities

> DSA 1810 libapache-mod-jk Information disclosure

> DSA 1811 cups Denial of service

> DSA 1812 apr-util Several vulnerabilities

> DSA 1813 evolution-data-server Several vulnerabilities

> DSA 1814 libsndfile Arbitrary code execution

> DSA 1815 libtorrent-rasterbar Denial of service

> DSA 1817 ctorrent Arbitrary code execution

> DSA 1818 gforge Insufficient input sanitising

> DSA 1820 xulrunner Several vulnerabilities

> DSA 1821 amule Insufficient input sanitising

> DSA 1822 mahara Cross-site scripting

> DSA 1823 samba Several vulnerabilities

> DSA 1824 phpmyadmin Several vulnerabilities

>

>

> URLs

> ----

>

> The complete lists of packages that have changed with this revision:

>

>

>

> The current stable distribution:

>

>

>

> Proposed updates to the stable distribution:

>

>

>

> stable distribution information (release notes, errata etc.):

>

>

>

> Security announcements and information:

>

>

>

>

> About Debian

> ------------

>

> The Debian Project is an association of Free Software developers who

> volunteer their time and effort in order to produce the completely free

> operating systems Debian GNU/Linux.

>

>

> Contact Information

> -------------------

>

> For further information, please visit the Debian web pages at

> , send mail to , or contact the

> stable release team at

>

>

--

Gruß Amadeus

Der Massentourismus hat in den letzten 10 Jahren mehr Verwüstungen

angerichtet als alle Kriege der letzten hundert Jahre zusammen.

(Dieter Wieland - Filmemacher beim Bayerischen Rundfunk)

_______________________________________________

Ubuntu mailing list

Ubuntu[bei]easylinux[punkt]de

http://www.easylinux.de/Kontakt/Mailinglisten/listinfo/ubuntu