Preparation of Debian GNU/Linux 2.2r5

An up-to-date version is at http://master.debian.org/~joey/2.2r5/

I am preparing 2.2r5 and will send reports so people can actually comment on it. The plan is to get this revision of Debian GNU/Linux 2.2 (codename `potato') out within the second week of this year (2002). James Troup still has to give the final approval for each package. However, I will try to make his work as easy as possible in the hope to get the next revision out properly. Thanks for your attention.

Development for 2.2r5 is near being finished ready to be released.

This may also be the last version of the 2.2 series, depending on how well the woody release is going. There is, however, still a possibility 2.2r6 (to be scheduled at the beginning of March) has to be released before 3.0.

My requirements for packages to go into stable:

1. The package fixes a security problem. An advisory by our own Security Team would be quite helpful.

2. The package fixes a critical bug which can lead into data loss, data corruption, or an overly broken system, or the package is broken or not usable (anymore).

3. The stable version of the package is not installable at all due to broken or unmet dependencies or broken installation scripts

4. The package gets all architectures in stable in sync.

5. All released architectures have to be in sync.

Packages which I will most probably reject:

. Package which fix non-critical bugs

. Misplaced uploads, i.e. packages that were uploaded to 'stable unstable' or `frozen unstable'

. Packages for which its binary packages are out of sync with regard to all supported architectures in the stable distribution.

. Binary packages for which the source got lost somehow

Accepted packages

These packages should be installed into stable and be part of the next revision.

apachestable1.3.9-13.2alpha, arm, i386, m68k, powerpc, sparc
apachetesting1.3.19-1alpha, arm, i386, m68k, powerpc, sparc
apacheunstable1.3.19-1hurd-i386
apacheunstable1.3.20-1.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sh, sparc
apacheupdates1.3.9-14alpha, arm, i386, m68k, powerpc, sparc

* Non-maintainer upload on behalf of Simon Huggins <huggie@earth.li> * Applied patch from Martin Kraemer to fix mod_negotiation bug to prevent revealing of directory contents.

This looks like a half security update, right?

DSA 067-1

2002-01-02: It would be nice if somebody could tell me why I tagged this version 'broken'. I don't think it's because of a missing fix for Bug#73013, so I don't remember anymore. *sigh*

base-configstable0.32alpha
base-configstable0.33.2arm, i386, m68k, powerpc, sparc
base-configupdates0.33.2alpha

Sync with other architectures

ChangeLog also says:

* Corrected stupid typo in templates file, Closes: #74785, #74815, #74828

* This problem makes it impossible to install the package, so it is important and must go in.

bbstable1.2-9i386, powerpc
bbstable1.2-9.0.1alpha
bbupdates1.2-9sparc

Package was missing from stable.

bwbasicstable2.20pl2-3alpha, i386, m68k, powerpc
bwbasicstable2.20pl2-3.1sparc
bwbasicupdates2.20pl2-3.2alpha, arm, i386, m68k, powerpc, sparc

* New maintainer.

* Recompile. Due to strange interactions with libc6, functions weren't interpreted, and the package was practically unusable. Closes: #108924.

catsbootupdates0.2.2arm

Boot glue for ARM CATS systems

Required on some ARM systems

current stable boot-floppies Build-Depend on it.

dtausstable0.4-1alpha, arm, i386, m68k, powerpc, sparc
dtausupdates0.6-0potato1alpha, arm, i386, m68k, powerpc, sparc

* Repackaged for potato because the version of dtaus in potato isn't able to create DTAUS files using the Euro currency which is the one and only official currency in Germany since yesterday. Hence, the version in potato is entirely useless since yesterday and has to be updated if people are using it for their money management.

eximonstable3.12-10.1alpha, arm, i386, m68k, powerpc, sparc
eximonupdates3.12-10.2alpha, arm, i386, m68k, powerpc, sparc
eximstable3.12-10.1alpha, arm, i386, m68k, powerpc, sparc
eximupdates3.12-10.2alpha, arm, i386, m68k, powerpc, sparc

Security Update, DSA 097

freewnn-commonstable1.1.0+1.1.1-a016-1all
freewnn-commonupdates1.1.0+1.1.1-a016-1.potato.3all
freewnn-cserver-devstable1.1.0+1.1.1-a016-1alpha, arm, i386, m68k, powerpc, sparc
freewnn-cserver-devupdates1.1.0+1.1.1-a016-1.potato.3alpha, arm, i386, m68k, powerpc, sparc
freewnn-cserverstable1.1.0+1.1.1-a016-1alpha, arm, i386, m68k, powerpc, sparc
freewnn-cserverupdates1.1.0+1.1.1-a016-1.potato.3alpha, arm, i386, m68k, powerpc, sparc
freewnn-jserver-devstable1.1.0+1.1.1-a016-1alpha, arm, i386, m68k, powerpc, sparc
freewnn-jserver-devupdates1.1.0+1.1.1-a016-1.potato.3alpha, arm, i386, m68k, powerpc, sparc
freewnn-jserverstable1.1.0+1.1.1-a016-1alpha, arm, i386, m68k, powerpc, sparc
freewnn-jserverupdates1.1.0+1.1.1-a016-1.potato.3alpha, arm, i386, m68k, powerpc, sparc
freewnn-kserver-devstable1.1.0+1.1.1-a016-1alpha, arm, i386, m68k, powerpc, sparc
freewnn-kserver-devupdates1.1.0+1.1.1-a016-1.potato.3alpha, arm, i386, m68k, powerpc, sparc
freewnn-kserverstable1.1.0+1.1.1-a016-1alpha, arm, i386, m68k, powerpc, sparc
freewnn-kserverupdates1.1.0+1.1.1-a016-1.potato.3alpha, arm, i386, m68k, powerpc, sparc

* [security fix] backport from freewnn 1.1.0+1.1.1-a017-6.4 - adduser wnn, kwnn, cwnn for jserver,kserver,cserver respectively instead of running as root user - restrict upload/create path under jserver_dir

The 2nd upload is required to make the package installable *sigh* At least, it is proved to be tested now...

gpg-ideastable2m68k
gpg-ideastable2.1.1alpha, i386, powerpc, sparc
gpg-rsarefstable1.1-1alpha
gpg-rsarefstable1.1-2arm, i386, powerpc, sparc
gpg-rsastable2m68k
gpg-rsastable2.1.1alpha, i386, powerpc, sparc

GnuPG provides this functionality already, it replaces these packages just fine, they are not needed anymore. Even worse, they are not even installable anymore, since they depend on gnupg but gnupg conflicts with them.

gpmstable1.17.8-18alpha, arm, i386, m68k, powerpc, sparc
gpmupdates1.17.8-18.1alpha, arm, i386, m68k, powerpc, sparc
libgpm1-altdevstable1.17.8-18i386, m68k
libgpm1-altdevstable1.17.8-9sparc
libgpm1-altdevupdates1.17.8-18.1i386, m68k
libgpm1stable1.17.8-18i386, m68k
libgpm1stable1.17.8-9sparc
libgpm1updates1.17.8-18.1i386, m68k
libgpmg1-devstable1.17.8-18alpha, arm, i386, m68k, powerpc, sparc
libgpmg1-devupdates1.17.8-18.1alpha, arm, i386, m68k, powerpc, sparc
libgpmg1stable1.17.8-18alpha, arm, i386, m68k, powerpc, sparc
libgpmg1updates1.17.8-18.1alpha, arm, i386, m68k, powerpc, sparc

Security upload: DSA 095

groffstable1.15.2-2alpha, arm, i386, m68k, powerpc, sparc
groffupdates1.15.2-3alpha, arm, i386, m68k, powerpc, sparc

Changelog says:

* Use lpr as the print spooler, even if it happens not to be installed on the build system. Version 1.15.2-2 broke 'groff -l', which worked with previous versions of groff in stable (thanks, Mike Fontenot).

Since I can't even find a single bug report that says 'groff -l' is broken in stable, I guess it will only be used on accident. Hence, I don't think this justifies an update to stable.

I rethought my decision again. 2.2r3 had a working version, 2.2r4 unfortunately broke it. We should tryto fix that. Upgrading from r3 or older to the next current version should not break more things but fix them. *sigh*

impstable2:2.2.3-0.potato.4all
impupdates2:2.2.6-0.potato.3all

DSA 073, though it mentioned imp 2.2.6-0.potato.1

The maintainer, Ola Lundqvist, commented:

"The potato.1 version (the real security fix) was broken. :(

I uploaded it too fast, without testing the postgres part. It also had some other minor issues because I forgot to apply one patch.

So if any new packages of horde and imp should go to a new revision only the latest version should go there (from proposed-updates)."

.4: SECURITY FIX, backport from 2.2.7, closes: #118986

inn2-devstable2.2.2.2000.01.31-2arm
inn2-devstable2.2.2.2000.01.31-4alpha, i386, m68k, powerpc, sparc
inn2-devupdates2.2.2.2000.01.31-5alpha, arm, i386, m68k, powerpc, sparc
inn2-inewsstable2.2.2.2000.01.31-2arm
inn2-inewsstable2.2.2.2000.01.31-4alpha, i386, m68k, powerpc, sparc
inn2-inewsupdates2.2.2.2000.01.31-5alpha, arm, i386, m68k, powerpc, sparc
inn2stable2.2.2.2000.01.31-2arm
inn2stable2.2.2.2000.01.31-4alpha, i386, m68k, powerpc, sparc
inn2updates2.2.2.2000.01.31-5alpha, arm, i386, m68k, powerpc, sparc
task-news-serverstable2.2.2.2000.01.31-4all
task-news-serverupdates2.2.2.2000.01.31-5all

Security Update, DSA 023

Bdale reports a serious problem with this upload, it broke some functionality. He's going to upload a fixed version, so this will have to wait for 2.2r5 (formerly 2.2r4) then. Fixed for 2.2.2.2000.01.31-5.

kernel-image-2.2.19-netwinderstable20010414arm
kernel-image-2.2.19-netwinderupdates20011103arm
kernel-image-2.2.19-riscpcstable20010414arm
kernel-image-2.2.19-riscpcupdates20011109arm
kernel-patch-2.2.19-armstable20010414all
kernel-patch-2.2.19-armupdates20011109all
kernel-headers-2.2.20-sparcupdates9all
kernel-image-2.2.20-sun4cdmupdates9sparc
kernel-image-2.2.20-sun4dm-smpupdates9sparc
kernel-image-2.2.20-sun4u-smpupdates9sparc
kernel-image-2.2.20-sun4uupdates9sparc

Rebuilt with current kernel that has security fixes incorporated, was supposed for 2.2r4 but uploaded too late.

ARM 20011109: Build against kernel-source 2.2.19.1-2 and latest ARM patch.

Sparc: BenC says that it actually fixes an oops on sun4u when mounting nfs partitions (Bug#98755).

libgtop-daemonstable1.0.6-1alpha, arm, i386, m68k, powerpc, sparc
libgtop-daemonupdates1.0.6-1.1alpha, arm, i386, m68k, powerpc, sparc
libgtop-devstable1.0.6-1alpha, arm, i386, m68k, powerpc, sparc
libgtop-devupdates1.0.6-1.1alpha, arm, i386, m68k, powerpc, sparc
libgtop1stable1.0.6-1alpha, arm, i386, m68k, powerpc, sparc
libgtop1updates1.0.6-1.1alpha, arm, i386, m68k, powerpc, sparc

DSA 098

* Non-maintainer upload by security team

* Fix buffer overflow in src/daemon/gnuserv.c:permitted() Patch from Flavio Veloso <flaviovs@magnux.com>

* Fix printf format attacks in src/daemon/gnuserv.c logging functions

mac-fdiskstable0.1-3m68k
mac-fdiskstable0.1-6.0potato1powerpc
mac-fdiskupdates0.1-6.0potato1m68k
pmac-fdisk-crossstable0.1-3m68k
pmac-fdisk-crossupdates0.1-6.0potato1m68k

Get m68k and powerpc back in sync, package is required for installation of NewWorld powerpc machines.

mailmanstable1.1-8alpha, arm, i386, m68k, powerpc, sparc
mailmanupdates1.1-10alpha, arm, i386, m68k, powerpc, sparc

Security Fix. Related to DSA 094?

Changelog for 1.1-9:

* Cross site scripting (CSS) fixes, backported from Mailman 2.0.8.

* Support list names with spaces in them. Changelog for 1.1-10:

* Add missing paranthesis in Mailman/Cgi/edithtml.py, line 88

make-docstable3.79.1-1.potato.1all
makestable3.78.1-8alpha
makestable3.79.1-1.potato.1arm, i386, m68k, powerpc, sparc
makeupdates3.79.1-1.potato.1alpha

Get versions in sync

modconfstable0.2.26.14all
modconfupdates0.2.26.14.1all

Included patch for secure tempfile handling, see #117283 for details

muttstable1.2.5-4alpha, arm, i386, m68k, powerpc, sparc
muttupdates1.2.5-5alpha, arm, i386, m68k, powerpc, sparc

Security update: DSA 096

* Applied patch-1.2.5.tlr.terminate.1 to fix a remotely exploitable buffer overflow.

neditupdates1:5.1.1-3alpha, arm, i386, m68k, powerpc, sparc

nedit is now Free Software.

telnetdstable0.16-4alpha
telnetdstable0.16-4potato.1arm, i386, m68k, powerpc, sparc
telnetdupdates0.16-4potato.3alpha, arm, i386, m68k, powerpc, sparc
telnetstable0.16-4alpha
telnetstable0.16-4potato.1arm, i386, m68k, powerpc, sparc
telnetupdates0.16-4potato.3alpha, arm, i386, m68k, powerpc, sparc

Changelog says: * Fixed same overflow with minimal change.

DSA 070 mentioned version 0.16-4potato.2 [further]

ssh-askpass-gnomestable1:1.2.3-9.3alpha, arm, i386, m68k, powerpc, sparc
ssh-askpass-gnomeupdates1:1.2.3-9.4alpha, arm, i386, m68k, powerpc, sparc
ssh-askpass-ptkstable1:1.2.3-9.3all
ssh-askpass-ptkupdates1:1.2.3-9.4all
sshstable1:1.2.3-9.3alpha, arm, i386, m68k, powerpc, sparc
sshupdates1:1.2.3-9.4alpha, arm, i386, m68k, powerpc, sparc

Security Fix, DSA 091

php4-cgi-gdstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-cgi-gdupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-cgi-imapstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-cgi-imapupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-cgi-ldapstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-cgi-ldapupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-cgi-mhashstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-cgi-mhashupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-cgi-mysqlstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-cgi-mysqlupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-cgi-pgsqlstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-cgi-pgsqlupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-cgi-snmpstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-cgi-snmpupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-cgi-xmlstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-cgi-xmlupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-cgistable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-cgiupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-devstable4.0.3pl1-0potato1all
php4-devupdates4.0.3pl1-0potato2all
php4-gdstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-gdupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-imapstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-imapupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-ldapstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-ldapupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-mhashstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-mhashupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-mysqlstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-mysqlupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-pgsqlstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-pgsqlupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-snmpstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-snmpupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4-xmlstable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4-xmlupdates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc
php4stable4.0.3pl1-0potato1alpha, i386, m68k, powerpc, sparc
php4updates4.0.3pl1-0potato2alpha, i386, m68k, powerpc, sparc

Security Update (DSA 020 mentions 4.0.3pl1-0potato1.1) [further]

Roland Bauerschmidt reports "php4-cgi broken". Look at #89431. /usr/lib/cgi-bin/php4 is a symlink to debian/php4-cgi/usr/bin/php4 which of course doesn't exist.

postfixstable0.0.19991231pl11-1alpha, arm, i386, m68k, powerpc, sparc
postfixupdates0.0.19991231pl11-2alpha, arm, i386, m68k, powerpc, sparc

* Fix 'smtpd command log memory exhaustion' problem.

* Fix dhelp dangling symlink problem. Closes: #91877, #97332.

* Rebuild on current potato. Closes: #102388, #99220.

Security Fix: DSA 093

ecpgstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
ecpgupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
libpgperlstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
libpgperlupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
libpgsql2stable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
libpgsql2updates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
libpgtclstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
libpgtclupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
odbc-postgresqlstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
odbc-postgresqlupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
pgaccessstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
pgaccessupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
postgresql-clientstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
postgresql-clientupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
postgresql-contribstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
postgresql-contribupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
postgresql-devstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
postgresql-devupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
postgresql-docstable6.5.3-26all
postgresql-docupdates6.5.3-27all
postgresql-plstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
postgresql-plupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
postgresql-teststable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
postgresql-testupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
postgresqlstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
postgresqlupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc
python-pygresqlstable6.5.3-26alpha, arm, i386, m68k, powerpc, sparc
python-pygresqlupdates6.5.3-27alpha, arm, i386, m68k, powerpc, sparc

* postgresql: applied patch from Ben Pfaff <pfaffben@msu.edu> to cure problem with segfault in pg_dump. High urgency because pg_dump is essential for transferring data when upgrading postgresql. Closes: #101940

No security update but something that is anticipated to prevent data loss, I'm convinced.

skkinputstable1:2.03-2alpha
skkinputstable1:2.03-3.potato.1arm, i386, m68k, powerpc, sparc
skkinputupdates1:2.03-3.potato.1alpha

Get versions back in sync

ssh-askpass-nonfreestable1.2.27-6.1alpha, arm, i386, powerpc, sparc
ssh-askpass-nonfreeupdates1.2.27-6.2alpha, arm, i386, m68k, powerpc, sparc
ssh-nonfreestable1.2.27-3m68k
ssh-nonfreestable1.2.27-6.1alpha, arm, i386, powerpc, sparc
ssh-nonfreeupdates1.2.27-6.2alpha, arm, i386, m68k, powerpc, sparc
ssh-socksstable1.2.27-3m68k
ssh-socksstable1.2.27-6.1alpha, arm, i386, powerpc, sparc
ssh-socksupdates1.2.27-6.2alpha, arm, i386, m68k, powerpc, sparc

DSA 086

* Urgency high because this addresses a well-known vulnerability which is being exploited.

* Add security fixes from -7.

* Add build-depends.

* Remove client's setuid bit; people who need it can turn it back on, and everyone else will be safer.

tksetistable2.10-1arm
tksetistable2.12-1powerpc
tksetistable2.12-2alpha, i386, sparc
tksetiupdates2.12-2arm, powerpc

Get versions back in sync.

wu-ftpd-academstable2.6.0-5.3all
wu-ftpd-academupdates2.6.0-6all
wu-ftpdstable2.6.0-5.3alpha, arm, i386, m68k, powerpc, sparc
wu-ftpdupdates2.6.0-6alpha, arm, i386, m68k, powerpc, sparc

Security upload, DSA 087

xtelstable3.2.1-4alpha, arm, i386, m68k, powerpc, sparc
xtelupdates3.2.1-4.potato.1alpha, arm, i386, m68k, powerpc, sparc

* New maintainer

* Security fixes: - symlink vulnerability in xteld (see #87787). - symlink vulnerability in xtel while printing harcopy of screen. - run xteld under control of tcpd to be able to restrict access to the service from network.

* Backport of annoying and easy to fix bugs from woody version of xtel: - Fixed segfaults (see #43566). - Fixed a little typo in the /etc/xtel/lignes file. - Fixed creation of the symlink to french doc directory (see #55131).

* Other annoying fixes: - bad X resource in Xtel[m].ad (missing '-o -' in a2ps printing command).

DSA 090

xxgdbstable1.12-9.3alpha, arm, i386, m68k, powerpc, sparc
xxgdbupdates1.12-9.4potatoalpha, arm, i386, m68k, powerpc, sparc

* Applied a patch from Massimo Dal Zotto <dz@cs.unitn.it>. This is a workaround for a serious bug (#94892) in libXaw.

Seems this bug makes xxgdb useless in stable

yabasicstable2.42-1arm
yabasicstable2.53-1alpha, i386, m68k, powerpc, sparc
yabasicupdates2.53-2alpha, arm, i386, m68k, powerpc, sparc

* New maintainer.

* yabasic.c: Fixed a /tmp race condition.

* Completed the FHS transition to allow building with a recent debhelper. Closes: #98875.

No DSA assigned, maintainer, please get in touch with the Security Team

zip-cryptstable2.30-1arm, i386, m68k, powerpc, sparc
zip-cryptupdates2.30-1alpha

Sync with other architectures

zshstable3.1.9.dev6-2alpha
zshstable3.1.9.dev6-7i386, m68k, powerpc, sparc
zshstable3.1.9.dev6-7.0.1arm
zshupdates3.1.9.dev6-7alpha

Get versions more in sync

Need further investigation

These packages need further investigation. One reason the package is listed here could be that I'm not yet convinced this package should go into stable, but don't want to reject it entirely at the moment. Another reason could be that released and updated architectures are not in sync yet.

dumpstable0.4b16-1alpha, arm, i386, m68k, powerpc, sparc
dumpupdates0.4b25-0.potato.1i386, m68k, powerpc

* back-port dump current version to potato at the request of Martin Schulze. The 0.4b22 upstream version included important fixes for data corruption that can occur with the version that was released with potato.


MISSING alpha
MISSING arm
MISSING sparc

glibc-docstable2.1.3-19all
glibc-docupdates2.1.3-20all
i18ndatastable2.1.3-19all
i18ndataupdates2.1.3-20all
libc6-dbgstable2.1.3-19arm, i386, m68k, powerpc, sparc
libc6-dbgupdates2.1.3-20i386, sparc
libc6-devstable2.1.3-19arm, i386, m68k, powerpc, sparc
libc6-devupdates2.1.3-20i386, sparc
libc6-picstable2.1.3-19arm, i386, m68k, powerpc, sparc
libc6-picupdates2.1.3-20i386, sparc
libc6-profstable2.1.3-19arm, i386, m68k, powerpc, sparc
libc6-profupdates2.1.3-20i386, sparc
libc6.1-dbgstable2.1.3-19alpha
libc6.1-devstable2.1.3-19alpha
libc6.1-picstable2.1.3-19alpha
libc6.1-profstable2.1.3-19alpha
libc6.1stable2.1.3-19alpha
libc6stable2.1.3-19arm, i386, m68k, powerpc, sparc
libc6updates2.1.3-20i386, sparc
libnss1-compatstable2.1.3-19alpha, i386, m68k
libnss1-compatupdates2.1.3-20i386
localesstable2.1.3-19alpha, arm, i386, m68k, powerpc, sparc
localesupdates2.1.3-20i386, sparc
nscdstable2.1.3-19alpha, arm, i386, m68k, powerpc, sparc
nscdupdates2.1.3-20i386, sparc

Glob security patch. DSA missing


MISSING alpha
MISSING arm
MISSING m68k
MISSING powerpc

man2htmlstable1.5-23alpha, arm, i386, m68k, powerpc, sparc
man2htmlupdates1.5-23.1arm, i386, m68k, powerpc, sparc

* Recompiled with correct CGIBASE to avoid bad links; closes: #104474. Grave bug, warrants inclusion into stable.


MISSING alpa

nfs-commonstable1:0.1.9.1-1alpha, arm, i386, m68k, powerpc, sparc
nfs-commonupdates1:0.1.9.1-1.potato1i386, m68k, powerpc, sparc
nfs-kernel-serverstable1:0.1.9.1-1alpha, arm, i386, m68k, powerpc, sparc
nfs-kernel-serverupdates1:0.1.9.1-1.potato1i386, m68k, powerpc, sparc
nhfsstonestable1:0.1.9.1-1alpha, arm, i386, m68k, powerpc, sparc
nhfsstoneupdates1:0.1.9.1-1.potato1i386, m68k, powerpc, sparc

Support statd callbacks from later 2.2 kernels. (Bug#111990)

It seems that this upload fixes a disparity between late 2.2 kernels and the older nfs-utils package from stable in connection with statd/lockd.


MISSING alpha
MISSING arm

xcinstable2.3.04-1arm
xcinstable2.5.1.3-1powerpc
xcinstable2.5.1.99.pre6.1-1alpha
xcinstable2.5.2-1i386, m68k, sparc
xcinupdates2.5.2-1alpha, powerpc

Get versions back in sync

Beware: change the distribution to stable only.


MISSING arm

Rejected packages

These packages don't meet the requirements.

dvi2ps-fontdata-a2nstable1.0-5all
dvi2ps-fontdata-a2nupdates1.0-6all
dvi2ps-fontdata-bsrstable1.0-5all
dvi2ps-fontdata-bsrupdates1.0-6all
dvi2ps-fontdata-jastable1.0-5all
dvi2ps-fontdata-jaupdates1.0-6all
dvi2ps-fontdata-n2astable1.0-5all
dvi2ps-fontdata-n2aupdates1.0-6all
dvi2ps-fontdata-ptexfakestable1.0-5all
dvi2ps-fontdata-ptexfakeupdates1.0-6all
dvi2ps-fontdata-rrsstable1.0-5all
dvi2ps-fontdata-rrsupdates1.0-6all
dvi2ps-fontdata-rspstable1.0-5all
dvi2ps-fontdata-rspupdates1.0-6all
dvi2ps-fontdata-tbankstable1.0-5all
dvi2ps-fontdata-tbankupdates1.0-6all
dvi2ps-fontdata-threestable1.0-5all
dvi2ps-fontdata-threeupdates1.0-6all

Misplaced upload to 'stable unstable'

icecast-serverstable1.0.0-1alpha, arm, i386, m68k, powerpc, sparc
icecast-serverupdates1.3.10-1alpha, arm, m68k, powerpc, sparc
icecast-serverupdates1.3.10-1.1i386

Alleged security update.

Changelog says:

* Several security exploits found to icecast. No simple way to patch

* old version, so upgrade to latest stable version from icecast.org

* If questions or assistance needed join #icecast on openprojects.net IRC

Do you have a documentation about said security exploits? That's still pending

Is it something different than this one?

"icecast" is a server used to distribute audio streams to compatible clients such as winamp, mpg123, xmms and many others. Matt Messier (mmessier@prilnari.com) and John Viega (viega@list.org) have identified several buffer overflow and format strings problems in Icecast that could be remotely exploited.

Our latest update to this software changes the package to use an unprivileged user ("icecast") for the daemon, so the impact of this vulnerability is not as high. Recent distributions (CL >= 5.1) have this package compiled with StackGuard to make it more difficult to exploit buffer overflows.

It's said to be.

Clarification appreciated.

To make it worse, there is now Version: 1.3.10-1.1

* Binary-only recompile by security team

* Rebuild with potato libc6

ldap-rfcstable1:1.2.12-1all
ldap-rfcupdates1:1.2.12-2all
libopenldap-devstable1:1.2.12-1alpha, arm, i386, m68k, powerpc, sparc
libopenldap-devupdates1:1.2.12-2alpha, arm, i386, m68k, powerpc, sparc
libopenldap-runtimestable1:1.2.12-1all
libopenldap-runtimeupdates1:1.2.12-2all
libopenldap1stable1:1.2.12-1alpha, arm, i386, m68k, powerpc, sparc
libopenldap1updates1:1.2.12-2alpha, arm, i386, m68k, powerpc, sparc
openldap-gatewaysstable1:1.2.12-1alpha, arm, i386, m68k, powerpc, sparc
openldap-gatewaysupdates1:1.2.12-2alpha, arm, i386, m68k, powerpc, sparc
openldap-utilsstable1:1.2.12-1alpha, arm, i386, m68k, powerpc, sparc
openldap-utilsupdates1:1.2.12-2alpha, arm, i386, m68k, powerpc, sparc
openldapdstable1:1.2.12-1alpha, arm, i386, m68k, powerpc, sparc
openldapdupdates1:1.2.12-2alpha, arm, i386, m68k, powerpc, sparc

Minor bugfix: * Include backport of billion second bug.

roxen-docstable1.3.122-13all
roxen-docupdates1.3.122-22all
roxen-sslstable1.3.122-13all
roxen-sslupdates1.3.122-22all
roxenstable1.3.122-11arm
roxenstable1.3.122-13alpha, i386, m68k, sparc
roxenupdates1.3.122-22i386

Misplaced upload:

Distribution: stable unstable

* Dropping the 'task-webserver-roxen2' package... * Updating config.{sub|guess} Closes: #111546

samba-commonstable2.0.7-3.4alpha, arm, i386, m68k, powerpc, sparc
samba-commonupdates2.0.7-4alpha, arm, i386, m68k, powerpc, sparc
sambastable2.0.7-3.4alpha, arm, i386, m68k, powerpc, sparc
sambaupdates2.0.7-4alpha, arm, i386, m68k, powerpc, sparc
smbclientstable2.0.7-3.4alpha, arm, i386, m68k, powerpc, sparc
smbclientupdates2.0.7-4alpha, arm, i386, m68k, powerpc, sparc
smbfsstable2.0.7-3.4alpha, arm, i386, m68k, powerpc, sparc
smbfsupdates2.0.7-4alpha, arm, i386, m68k, powerpc, sparc
swatstable2.0.7-3.4alpha, arm, i386, m68k, powerpc, sparc
swatupdates2.0.7-4alpha, arm, i386, m68k, powerpc, sparc

ChangeLog says:

* Permanently fix problem with NMU's being built against incorrect kernel interfaces (closes: #94380, #95015, #102226)

* add uploaders: header to control file

This upload most probably fixes the problem with the old alpha version not being able to run properly due to a bad build environment. This problem may be solved by a general change... may be... Steve Langasek should speak up...

He said:

Samba upstream takes advantage of the best system facilities (libc/kernel) available at compile time. Because Debian releases usually include a baseline kernel and an 'experimental' kernel, Eloy and I have introduced packaging code in unstable that prevents Samba from detecting facilities that it should not be compiled against. The 2.0.7-4 upload backports these packaging mods to potato, both correcting the problems with past alpha security NMUs and safeguarding against the possibility of future problems with security NMUs in potato.

Rejecting on behalf of the maintainer, see Bug#127444:

Upgrading from samba 2.0.7-3.4 to 2.0.7-4 broke printing (from windows clients) on our misc server [..]

Disclaimer

This list intends to help the ftp-masters releasing 2.2r5. They have the final power to accept a package or not. If you want to comment on this list, please send a mail to Martin Schulze <joey@debian.org>.
Last updated 2002/01/11 11:06