Preparation of Debian GNU/Linux 2.2r7
An up-to-date version is at http://master.debian.org/~joey/2.2r7/
I am preparing another revision of the stable Debian distribution (r7)
and will infrequently send reports so people can actually comment on
it and intervene whenever this is required.
The plan is to get this revision of Debian GNU/Linux 2.2 (codename
`potato') out at the beginning of July this year (2002). James Troup
still has to give the final approval for each package since he is the
ftpmaster involved with stable revisions. However, I will try to make
his work as easy as possible in the hope to get the next revision out
properly. Thanks for your attention.
This may also be the last version of the 2.2 series, depending on how
well the woody release is making progress. There is, however, still a
possibility another update (r8, to be scheduled at the beginning of
August) has to be released before Debian 3.0.
My requirements for packages to go into stable:
1. The package fixes a security problem. An advisory by our own
Security Team would be quite helpful. I really should make this a
requirement for security uploads.
2. The package fixes a critical bug which can lead into data loss,
data corruption, or an overly broken system, or the package is
broken or not usable (anymore).
3. The stable version of the package is not installable at all due to
broken or unmet dependencies or broken installation scripts.
4. All released architectures have to be in sync.
Packages, which I will most probably reject:
. Package which fix non-critical bugs.
. Misplaced uploads, i.e. packages that were uploaded to 'stable
unstable' or `frozen unstable'.
. Packages for which its binary packages are out of sync with regard
to all supported architectures in the stable distribution.
. Binary packages for which the source got lost somehow.
Accepted packages
These packages should be installed into stable and be part of the next
revision.
| analog | stable | 2:5.22-0potato3 | alpha, arm, i386, m68k, powerpc, sparc, source | | analog | updates | 2:5.22-0potato4 | alpha, arm, i386, m68k, powerpc, sparc, source | DSA 125, backport of 5.22 for security reasons. The advisory
mentions version 5.22-0potato1, though.
|
|
|
| apache-common | stable | 1.3.9-14 | alpha, arm, i386, m68k, powerpc, sparc | | apache-common | updates | 1.3.9-14.1 | alpha, arm, i386, m68k, powerpc, sparc | | apache-dev | stable | 1.3.9-14 | alpha, arm, i386, m68k, powerpc, sparc | | apache-dev | updates | 1.3.9-14.1 | alpha, arm, i386, m68k, powerpc, sparc | | apache-doc | stable | 1.3.9-14 | all | | apache-doc | updates | 1.3.9-14.1 | all | | apache | stable | 1.3.9-14 | alpha, arm, i386, m68k, powerpc, sparc, source | | apache | updates | 1.3.9-14.1 | alpha, arm, i386, m68k, powerpc, sparc, source | DSA 131
|
|
|
| apache-perl | stable | 1.3.9-13.1-1.21.20000309-1 | alpha, arm, i386, m68k, powerpc, sparc, source | | apache-perl | updates | 1.3.9-14.1-1.21.20000309-1 | alpha, arm, i386, m68k, powerpc, sparc, source | DSA 133
|
|
|
| apache-ssl | updates | 1.3.9.13-4.1 | alpha, arm, i386, m68k, powerpc, sparc, source | DSA 132
|
|
|
| snake4 | stable | 1.0.10-1 | alpha, arm, i386, m68k, powerpc, sparc, source | | snake4 | updates | 1.0.10-1.0.1 | alpha | Binary-only non-maintainer upload for alpha; no source changes.
(See Bug#103300)
|
|
|
| cupsys-bsd | stable | 1.0.4-9 | alpha, arm, i386, m68k, powerpc, sparc | | cupsys-bsd | updates | 1.0.4-12 | alpha, arm, i386, m68k, powerpc, sparc | | cupsys | stable | 1.0.4-9 | alpha, arm, i386, m68k, powerpc, sparc, source | | cupsys | updates | 1.0.4-12 | alpha, arm, i386, m68k, powerpc, sparc, source | | libcupsys1-dev | stable | 1.0.4-9 | alpha, arm, i386, m68k, powerpc, sparc | | libcupsys1-dev | updates | 1.0.4-12 | alpha, arm, i386, m68k, powerpc, sparc | | libcupsys1 | stable | 1.0.4-9 | alpha, arm, i386, m68k, powerpc, sparc | | libcupsys1 | updates | 1.0.4-12 | alpha, arm, i386, m68k, powerpc, sparc | -10: Security upload: DSA 110, Buffer overflow
-11: More security fixes: more complete patch for attribute
buffer handling and a more correct path validation check to
prevent ".." attacks.
-12: Remove lpd backend for security reasons.
|
|
|
| custom | stable | 1.9962-2 | all, source | | custom | updates | 1.9962-3 | all, source | New upload to fix a maintainer-side time warp (Fixes Bug#103300)
|
|
|
| erlang-base | stable | 49.1-10 | all | | erlang-base | updates | 49.1-10.1 | all | | erlang-erl | stable | 49.1-10 | all | | erlang-erl | updates | 49.1-10.1 | all | | erlang-java | stable | 49.1-10 | all | | erlang-java | updates | 49.1-10.1 | all | | erlang | stable | 49.1-10 | i386, powerpc, sparc, source | | erlang | updates | 49.1-10.1 | i386, powerpc, sparc, source | Probably from the zlib fuckup
* Non-maintainer upload by the Security Team
* Apply patch for double-free bug to included copy of zlib
|
|
|
| ethereal | stable | 0.8.0-2potato | alpha, arm, i386, m68k, powerpc, sparc, source | | ethereal | updates | 0.8.0-3potato | alpha, arm, i386, m68k, powerpc, sparc, source | Security upload (backports of 0.9.3) - DSA 130
- asn1.c: fixes zero-length g_malloc that could have caused problems.
- asn1.c: fixes possible buffer overflow.
|
|
|
| horde | stable | 2:1.2.6-0.potato.4 | all, source | | horde | updates | 2:1.2.6-0.potato.5 | all, source | | imp | stable | 2:2.2.6-0.potato.4 | all, source | | imp | updates | 2:2.2.6-0.potato.5 | all, source | DSA 126
|
|
|
| libapache-mod-ssl-doc | stable | 2.4.10-1.3.9-1potato1 | all | | libapache-mod-ssl-doc | updates | 2.4.10-1.3.9-1potato2 | all | | libapache-mod-ssl | stable | 2.4.10-1.3.9-1potato1 | alpha, arm, i386, m68k, powerpc, sparc, source | | libapache-mod-ssl | updates | 2.4.10-1.3.9-1potato2 | alpha, arm, i386, m68k, powerpc, sparc, source | DSA 135
(non-US)
|
|
|
| listar-cgi | stable | 0.129a-2.potato1 | alpha, arm, i386, m68k, powerpc, sparc | | listar-cgi | updates | 0.129a-2.potato2 | alpha, arm, i386, m68k, powerpc, sparc | | listar | stable | 0.129a-2.potato1 | alpha, arm, i386, m68k, powerpc, sparc, source | | listar | updates | 0.129a-2.potato2 | alpha, arm, i386, m68k, powerpc, sparc, source | DSA 123 - covers 0.129a-2.potato1, though. This one adds:
* SECURITY: Applied argv security fixes from the Ecartis tree.
|
|
|
| qpopper | stable | 2.53-5 | alpha, arm, i386, m68k, powerpc, sparc, source | | qpopper | updates | 2.53-7 | alpha, arm, i386, m68k, powerpc, sparc, source | Fix a bug that can cause lost data and DoS. (closes:#140784,
#114300) This only affected qpoper-2.23 and before. Thank for
Masaki Ikeda <masaki@orange.co.jp>'s patch.
!!! Not yet verified !!!
|
|
|
| sudo | stable | 1.6.2p2-2.1 | alpha, arm, i386, m68k, powerpc, sparc, source | | sudo | updates | 1.6.2p2-2.2 | alpha, arm, i386, m68k, powerpc, sparc, source | DSA 128
|
|
|
| uucp | stable | 1.06.1-11potato2 | alpha, arm, i386, m68k, powerpc, sparc, source | | uucp | updates | 1.06.1-11potato3 | alpha, arm, i386, m68k, powerpc, sparc, source | DSA 129
|
|
|
| vrweb | stable | 1.5-5 | alpha, arm, i386, m68k, powerpc, sparc, source | | vrweb | updates | 1.5-5.1 | alpha, arm, i386, m68k, powerpc, sparc, source | * Non-maintainer upload by the security team
* Upgrade zlib to 1.1.3 and apply patch for double-free bug
Cleaning bits from the zlib disaster
|
|
|
| wmtv | stable | 0.6.5-2.0.1 | sparc | | wmtv | stable | 0.6.5-2potato2 | alpha, arm, i386, m68k, powerpc, source | | wmtv | updates | 0.6.5-3potato3 | alpha, arm, i386, m68k, powerpc, sparc, source | Security Upload, DSA 108, symlink vulnerability. This upload
fixes the sparc foobarness.
|
|
|
| xsane | stable | 0.50-5 | alpha, arm, i386, m68k, powerpc, sparc, source | | xsane | updates | 0.50-5.1 | alpha, arm, i386, m68k, powerpc, sparc, source | DSA 118 - insecure temporary files
|
|
|
Need further investigation
These packages need further investigation. One reason the package is
listed here could be that I'm not yet convinced this package should go
into stable, but don't want to reject it entirely at the moment.
Another reason could be that released and updated architectures are
not in sync yet.
| cfengine-doc | stable | 1.5.3-6 | all | | cfengine-doc | updates | 1.5.3-7 | all | | cfengine | stable | 1.5.3-6 | arm, i386, m68k, powerpc, sparc, source | | cfengine | stable | 1.5.3-6.0.1 | alpha | | cfengine | updates | 1.5.3-7 | alpha, arm, i386, m68k, powerpc, sparc, source | Changelog says: fix stat -> lstat in src/image.c, else a
symlink might be followed if we are purging. This is security
bug!
Requires attention from the security team
|
|
|
| dns-browse | stable | 1.6-4 | all, source | | dns-browse | updates | 1.6-5 | all, source | Changelog says: Fixed dns_tree so that it uses the HOME
directory for cache files (Closes: #146591)
This requires action by the Security Team
|
|
|
| fetchmailconf | stable | 5.3.3-3 | all | | fetchmailconf | updates | 5.3.3-4 | all | | fetchmail | stable | 5.3.3-3 | alpha, arm, i386, m68k, powerpc, sparc, source | | fetchmail | updates | 5.3.3-4 | alpha, i386, m68k, powerpc, sparc, source | * SECURITY FIX: avoid buffer overflow on 64bit archs (imap.c)
This is a remote-expolitable buffer overflow, if the imap
server is hostile (backported from new upstream 5.9.12). Bug
discovery and fix by Nalin Dahyabai
DSA missing
MISSING arm
|
|
|
| freeamp-doc | stable | 2.0.6-2 | all | | freeamp-doc | updates | 2.0.6-2.1 | all | | freeamp | stable | 1.3.1-5 | m68k, powerpc | | freeamp | stable | 2.0.6-1 | arm | | freeamp | stable | 2.0.6-2 | alpha, i386, sparc, source | | freeamp | updates | 2.0.6-2.1 | alpha, i386, powerpc, sparc, source | | libfreeamp-alsa | stable | 2.0.6-2 | alpha, i386, sparc | | libfreeamp-alsa | updates | 2.0.6-2.1 | alpha, i386, powerpc, sparc | | libfreeamp-esound | stable | 2.0.6-1 | arm | | libfreeamp-esound | stable | 2.0.6-2 | alpha, i386, sparc | | libfreeamp-esound | updates | 2.0.6-2.1 | alpha, i386, powerpc, sparc | * Non-maintainer upload by the security team
* Apply patch for zlib double-free bug
Looks like a leaf of the zlib disaster
MISSING arm
|
|
|
| photopc | stable | 2.1-1 | powerpc | | photopc | stable | 2.8-3 | arm | | photopc | stable | 3.02-2 | alpha, i386, sparc, source | | photopc | updates | 3.02-2 | powerpc | Get versions in sync.
MISSING arm
|
|
|
| unixcw | stable | 1.1a-2 | arm | | unixcw | stable | 1.1a-5 | alpha, i386, source | | unixcw | updates | 1.1a-5 | powerpc, sparc | Get package in sync through all architectures.
MISSING arm
|
|
|
| zlib-bin | stable | 1:1.1.3-5 | alpha, arm, i386, powerpc, sparc | | zlib-bin | stable | 1:1.1.3-5.0.1 | m68k | | zlib-bin | updates | 1:1.1.3-5.1 | alpha, arm, i386, m68k, powerpc, sparc | zlib1g-dev stable 1:1.1.3-5 alpha, arm, i386, powerpc, sparc
zlib1g-dev stable 1:1.1.3-5.0.1 m68k
zlib1g-dev updates 1:1.1.3-5.1 alpha, arm, i386, m68k, powerpc, sparc
zlib1g stable 1:1.1.3-5 alpha, arm, i386, powerpc, sparc
zlib1g stable 1:1.1.3-5.0.1 m68k
zlib1g updates 1:1.1.3-5.1 alpha, arm, i386, m68k, powerpc, sparc
zlib1 stable 1:1.1.3-3 sparc
zlib1 stable 1:1.1.3-5 i386
zlib1 stable 1:1.1.3-5.0.1 m68k
zlib1 updates 1:1.1.3-5.1 i386, m68k
zlib stable 1:1.1.3-5 source
zlib updates 1:1.1.3-5.1 source
delay-install zlib_1.1.3-5.1_alpha.changes
delay-install zlib_1.1.3-5.1_arm.changes
delay-install zlib_1.1.3-5.1_i386.changes
delay-install zlib_1.1.3-5.1_powerpc.changes
delay-install zlib_1.1.3-5.1_sparc.changes
delay-install zlib_1.1.3-5.1_m68k.changes
DSA 122 - zlib strikes back
No zlib1 package for sparc anymore? Is that intentional?
Query debian-sparc
|
|
|
Rejected packages
These packages don't meet the requirements.
| dvi2ps-fontdata-a2n | stable | 1.0-5 | all | | dvi2ps-fontdata-a2n | updates | 1.0-7 | all | | dvi2ps-fontdata-bsr | stable | 1.0-5 | all | | dvi2ps-fontdata-bsr | updates | 1.0-7 | all | | dvi2ps-fontdata-ja | stable | 1.0-5 | all | | dvi2ps-fontdata-ja | updates | 1.0-7 | all | | dvi2ps-fontdata-n2a | stable | 1.0-5 | all | | dvi2ps-fontdata-n2a | updates | 1.0-7 | all | | dvi2ps-fontdata-ptexfake | stable | 1.0-5 | all | | dvi2ps-fontdata-ptexfake | updates | 1.0-7 | all | | dvi2ps-fontdata-rrs | stable | 1.0-5 | all | | dvi2ps-fontdata-rrs | updates | 1.0-7 | all | | dvi2ps-fontdata-rsp | stable | 1.0-5 | all | | dvi2ps-fontdata-rsp | updates | 1.0-7 | all | | dvi2ps-fontdata-tbank | stable | 1.0-5 | all | | dvi2ps-fontdata-tbank | updates | 1.0-7 | all | | dvi2ps-fontdata-three | stable | 1.0-5 | all | | dvi2ps-fontdata-three | updates | 1.0-7 | all | Misplaced upload to 'stable unstable'
|
|
|
| efingerd | stable | 1.3 | alpha, arm, i386, m68k, powerpc, sparc, source | | efingerd | updates | 1.3.2 | alpha, arm, i386, m68k, powerpc, sparc, source | Alleged security update, .1 and .2 are broken, though.
Joey is discussion the issue with the maintainer.
|
|
|
| jtex-base | stable | 1.8-6 | all, source | | jtex-base | updates | 1.8-7 | all, source | Misplaced upload, stable+unstable
|
|
|
| rsync | stable | 2.3.2-1.2 | alpha, arm, i386, m68k, powerpc, sparc | | rsync | updates | 2.3.2-1.3 | alpha, arm, i386, m68k, powerpc, sparc | DSA 106
Broken packages, hence rejecting
|
|
|
Disclaimer
This list intends to help the ftp-masters releasing 2.2r7. They have the
final power to accept a package or not. If you want to comment on
this list, please send a mail to Martin Schulze <joey@debian.org>.
Last updated 2002/07/04 12:01 MET