Preparation of Debian GNU/Linux 2.2r7
An up-to-date version is at http://master.debian.org/~joey/2.2r7/
I am preparing another revision of the stable Debian distribution (r7)
and will infrequently send reports so people can actually comment on
it and intervene whenever this is required.
The plan is to get this revision of Debian GNU/Linux 2.2 (codename
`potato') out at the beginning of July this year (2002). James Troup
still has to give the final approval for each package since he is the
ftpmaster involved with stable revisions. However, I will try to make
his work as easy as possible in the hope to get the next revision out
properly. Thanks for your attention.
This may also be the last version of the 2.2 series, depending on how
well the woody release is making progress. There is, however, still a
possibility another update (r8, to be scheduled at the beginning of
August) has to be released before Debian 3.0.
My requirements for packages to go into stable:
1. The package fixes a security problem. An advisory by our own
Security Team would be quite helpful. I really should make this a
requirement for security uploads.
2. The package fixes a critical bug which can lead into data loss,
data corruption, or an overly broken system, or the package is
broken or not usable (anymore).
3. The stable version of the package is not installable at all due to
broken or unmet dependencies or broken installation scripts.
4. All released architectures have to be in sync.
Packages, which I will most probably reject:
. Package which fix non-critical bugs.
. Misplaced uploads, i.e. packages that were uploaded to 'stable
unstable' or `frozen unstable'.
. Packages for which its binary packages are out of sync with regard
to all supported architectures in the stable distribution.
. Binary packages for which the source got lost somehow.
Accepted packages
These packages should be installed into stable and be part of the next
revision.
| analog | stable | 2:5.22-0potato3 | alpha, arm, i386, m68k, powerpc, sparc, source | | analog | updates | 2:5.22-0potato4 | alpha, arm, i386, m68k, powerpc, sparc, source | install analog_5.22-0potato4_alpha.changes
install analog_5.22-0potato4_arm.changes
install analog_5.22-0potato4_m68k.changes
install analog_5.22-0potato4_powerpc.changes
install analog_5.22-0potato4_sparc.changes | DSA 125, backport of 5.22 for security reasons. The advisory
mentions version 5.22-0potato1, though.
|
|
|
| apache-common | stable | 1.3.9-14 | alpha, arm, i386, m68k, powerpc, sparc | | apache-common | updates | 1.3.9-14.1 | alpha, arm, i386, m68k, powerpc, sparc | | apache-dev | stable | 1.3.9-14 | alpha, arm, i386, m68k, powerpc, sparc | | apache-dev | updates | 1.3.9-14.1 | alpha, arm, i386, m68k, powerpc, sparc | | apache-doc | stable | 1.3.9-14 | all | | apache-doc | updates | 1.3.9-14.1 | all | | apache | stable | 1.3.9-14 | alpha, arm, i386, m68k, powerpc, sparc, source | | apache | updates | 1.3.9-14.1 | alpha, arm, i386, m68k, powerpc, sparc, source | install apache_1.3.9-14.1_m68k.changes
install apache_1.3.9-14.1_multi.changes | DSA 131
|
|
|
| apache-perl | stable | 1.3.9-13.1-1.21.20000309-1 | alpha, arm, i386, m68k, powerpc, sparc, source | | apache-perl | updates | 1.3.9-14.1-1.21.20000309-1 | alpha, arm, i386, m68k, powerpc, sparc, source | install apache-perl_1.3.9-14.1-1.21.20000309-1_alpha.changes
install apache-perl_1.3.9-14.1-1.21.20000309-1_arm.changes
install apache-perl_1.3.9-14.1-1.21.20000309-1_i386.changes
install apache-perl_1.3.9-14.1-1.21.20000309-1_m68k.changes
install apache-perl_1.3.9-14.1-1.21.20000309-1_powerpc.changes
install apache-perl_1.3.9-14.1-1.21.20000309-1_sparc.changes | DSA 133
|
|
|
| apache-ssl | updates | 1.3.9.13-4.1 | alpha, arm, i386, m68k, powerpc, sparc, source | install apache-ssl_1.3.9.13-4.1_multi.changes | DSA 132
|
|
|
| snake4 | stable | 1.0.10-1 | alpha, arm, i386, m68k, powerpc, sparc, source | | snake4 | updates | 1.0.10-1.0.1 | alpha | install snake4_1.0.10-1.0.1_alpha.changes | Binary-only non-maintainer upload for alpha; no source changes.
(See Bug#103300)
|
|
|
| cupsys-bsd | stable | 1.0.4-9 | alpha, arm, i386, m68k, powerpc, sparc | | cupsys-bsd | updates | 1.0.4-12 | alpha, arm, i386, m68k, powerpc, sparc | | cupsys | stable | 1.0.4-9 | alpha, arm, i386, m68k, powerpc, sparc, source | | cupsys | updates | 1.0.4-12 | alpha, arm, i386, m68k, powerpc, sparc, source | | libcupsys1-dev | stable | 1.0.4-9 | alpha, arm, i386, m68k, powerpc, sparc | | libcupsys1-dev | updates | 1.0.4-12 | alpha, arm, i386, m68k, powerpc, sparc | | libcupsys1 | stable | 1.0.4-9 | alpha, arm, i386, m68k, powerpc, sparc | | libcupsys1 | updates | 1.0.4-12 | alpha, arm, i386, m68k, powerpc, sparc | install-u cupsys_1.0.4-10_alpha.changes
install-u cupsys_1.0.4-10_arm.changes
install-u cupsys_1.0.4-10_i386.changes
install-u cupsys_1.0.4-10_m68k.changes
install-u cupsys_1.0.4-10_powerpc.changes
install-u cupsys_1.0.4-10_sparc.changes
install-u cupsys_1.0.4-11_alpha.changes
install-u cupsys_1.0.4-11_arm.changes
install-u cupsys_1.0.4-11_i386.changes
install-u cupsys_1.0.4-11_powerpc.changes
install-u cupsys_1.0.4-11_sparc.changes
install-u cupsys_1.0.4-11_m68k.changes
install cupsys_1.0.4-12_arm.changes
install cupsys_1.0.4-12_i386.changes
install cupsys_1.0.4-12_powerpc.changes
install cupsys_1.0.4-12_sparc.changes
install cupsys_1.0.4-12_alpha.changes
install cupsys_1.0.4-12_m68k.changes | -10: Security upload: DSA 110, Buffer overflow
-11: More security fixes: more complete patch for attribute
buffer handling and a more correct path validation check to
prevent ".." attacks.
-12: Remove lpd backend for security reasons.
|
|
|
| custom | stable | 1.9962-2 | all, source | | custom | updates | 1.9962-3 | all, source | install custom_1.9962-3_all.changes | New upload to fix a maintainer-side time warp (Fixes Bug#103300)
|
|
|
| erlang-base | stable | 49.1-10 | all | | erlang-base | updates | 49.1-10.1 | all | | erlang-erl | stable | 49.1-10 | all | | erlang-erl | updates | 49.1-10.1 | all | | erlang-java | stable | 49.1-10 | all | | erlang-java | updates | 49.1-10.1 | all | | erlang | stable | 49.1-10 | i386, powerpc, sparc, source | | erlang | updates | 49.1-10.1 | i386, powerpc, sparc, source | install erlang_49.1-10.1_i386.changes
install erlang_49.1-10.1_powerpc.changes
install erlang_49.1-10.1_sparc.changes | Probably from the zlib fuckup
* Non-maintainer upload by the Security Team
* Apply patch for double-free bug to included copy of zlib
|
|
|
| ethereal | stable | 0.8.0-2potato | alpha, arm, i386, m68k, powerpc, sparc, source | | ethereal | updates | 0.8.0-3potato | alpha, arm, i386, m68k, powerpc, sparc, source | install ethereal_0.8.0-3potato_alpha.changes
install ethereal_0.8.0-3potato_arm.changes
install ethereal_0.8.0-3potato_i386.changes
install ethereal_0.8.0-3potato_m68k.changes
install ethereal_0.8.0-3potato_powerpc.changes
install ethereal_0.8.0-3potato_sparc.changes | Security upload (backports of 0.9.3) - DSA 130
- asn1.c: fixes zero-length g_malloc that could have caused problems.
- asn1.c: fixes possible buffer overflow.
|
|
|
| horde | stable | 2:1.2.6-0.potato.4 | all, source | | horde | updates | 2:1.2.6-0.potato.5 | all, source | | imp | stable | 2:2.2.6-0.potato.4 | all, source | | imp | updates | 2:2.2.6-0.potato.5 | all, source | install horde_1.2.6-0.potato.5_i386.changes
install imp_2.2.6-0.potato.5_i386.changes | DSA 126
|
|
|
| libapache-mod-ssl-doc | stable | 2.4.10-1.3.9-1potato1 | all | | libapache-mod-ssl-doc | updates | 2.4.10-1.3.9-1potato2 | all | | libapache-mod-ssl | stable | 2.4.10-1.3.9-1potato1 | alpha, arm, i386, m68k, powerpc, sparc, source | | libapache-mod-ssl | updates | 2.4.10-1.3.9-1potato2 | alpha, arm, i386, m68k, powerpc, sparc, source | install libapache-mod-ssl_2.4.10-1.3.9-1potato2.changes
install libapache-mod-ssl_2.4.10-1.3.9-1potato2_arm.changes
install libapache-mod-ssl_2.4.10-1.3.9-1potato2_i386.changes
install libapache-mod-ssl_2.4.10-1.3.9-1potato2_m68k.changes
install libapache-mod-ssl_2.4.10-1.3.9-1potato2_powerpc.changes
install libapache-mod-ssl_2.4.10-1.3.9-1potato2_sparc.changes | DSA 135
(non-US)
|
|
|
| listar-cgi | stable | 0.129a-2.potato1 | alpha, arm, i386, m68k, powerpc, sparc | | listar-cgi | updates | 0.129a-2.potato2 | alpha, arm, i386, m68k, powerpc, sparc | | listar | stable | 0.129a-2.potato1 | alpha, arm, i386, m68k, powerpc, sparc, source | | listar | updates | 0.129a-2.potato2 | alpha, arm, i386, m68k, powerpc, sparc, source | install listar_0.129a-2.potato2_alpha.changes
install listar_0.129a-2.potato2_arm.changes
install listar_0.129a-2.potato2_i386.changes
install listar_0.129a-2.potato2_m68k.changes
install listar_0.129a-2.potato2_sparc.changes
install listar_0.129a-2.potato2_powerpc.changes | DSA 123 - covers 0.129a-2.potato1, though. This one adds:
* SECURITY: Applied argv security fixes from the Ecartis tree.
|
|
|
| qpopper | stable | 2.53-5 | alpha, arm, i386, m68k, powerpc, sparc, source | | qpopper | updates | 2.53-7 | alpha, arm, i386, m68k, powerpc, sparc, source | reject qpopper_2.53-6_i386.changes
reject qpopper_2.53-6_powerpc.changes
reject qpopper_2.53-6_sparc.changes
install qpopper_2.53-7_alpha.changes
install qpopper_2.53-7_arm.changes
install qpopper_2.53-7_i386.changes
install qpopper_2.53-7_m68k.changes
install qpopper_2.53-7_powerpc.changes
install qpopper_2.53-7_sparc.changes | Fix a bug that can cause lost data and DoS. (closes:#140784,
#114300) This only affected qpoper-2.23 and before. Thank for
Masaki Ikeda <masaki@orange.co.jp>'s patch.
!!! Not yet verified !!!
|
|
|
| sudo | stable | 1.6.2p2-2.1 | alpha, arm, i386, m68k, powerpc, sparc, source | | sudo | updates | 1.6.2p2-2.2 | alpha, arm, i386, m68k, powerpc, sparc, source | install sudo_1.6.2p2-2.2_multi.changes | DSA 128
|
|
|
| uucp | stable | 1.06.1-11potato2 | alpha, arm, i386, m68k, powerpc, sparc, source | | uucp | updates | 1.06.1-11potato3 | alpha, arm, i386, m68k, powerpc, sparc, source | install uucp_1.06.1-11potato3_alpha.changes
install uucp_1.06.1-11potato3_arm.changes
install uucp_1.06.1-11potato3_i386.changes
install uucp_1.06.1-11potato3_m68k.changes
install uucp_1.06.1-11potato3_powerpc.changes
install uucp_1.06.1-11potato3_sparc.changes | DSA 129
|
|
|
| vrweb | stable | 1.5-5 | alpha, arm, i386, m68k, powerpc, sparc, source | | vrweb | updates | 1.5-5.1 | alpha, arm, i386, m68k, powerpc, sparc, source | install vrweb_1.5-5.1_alpha.changes
install vrweb_1.5-5.1_arm.changes
install vrweb_1.5-5.1_i386.changes
install vrweb_1.5-5.1_m68k.changes
install vrweb_1.5-5.1_powerpc.changes
install vrweb_1.5-5.1_sparc.changes | * Non-maintainer upload by the security team
* Upgrade zlib to 1.1.3 and apply patch for double-free bug
Cleaning bits from the zlib disaster
|
|
|
| wmtv | stable | 0.6.5-2.0.1 | sparc | | wmtv | stable | 0.6.5-2potato2 | alpha, arm, i386, m68k, powerpc, source | | wmtv | updates | 0.6.5-3potato3 | alpha, arm, i386, m68k, powerpc, sparc, source | install wmtv_0.6.5-3potato3_security.changes | Security Upload, DSA 108, symlink vulnerability. This upload
fixes the sparc foobarness.
|
|
|
| xsane | stable | 0.50-5 | alpha, arm, i386, m68k, powerpc, sparc, source | | xsane | updates | 0.50-5.1 | alpha, arm, i386, m68k, powerpc, sparc, source | install xsane_0.50-5.1_security.changes | DSA 118 - insecure temporary files
|
|
|
Need further investigation
These packages need further investigation. One reason the package is
listed here could be that I'm not yet convinced this package should go
into stable, but don't want to reject it entirely at the moment.
Another reason could be that released and updated architectures are
not in sync yet.
| cfengine-doc | stable | 1.5.3-6 | all | | cfengine-doc | updates | 1.5.3-7 | all | | cfengine | stable | 1.5.3-6 | arm, i386, m68k, powerpc, sparc, source | | cfengine | stable | 1.5.3-6.0.1 | alpha | | cfengine | updates | 1.5.3-7 | alpha, arm, i386, m68k, powerpc, sparc, source | delay-install cfengine_1.5.3-7_alpha.changes
delay-install cfengine_1.5.3-7_arm.changes
delay-install cfengine_1.5.3-7_i386.changes
delay-install cfengine_1.5.3-7_m68k.changes
delay-install cfengine_1.5.3-7_powerpc.changes
delay-install cfengine_1.5.3-7_sparc.changes | Changelog says: fix stat -> lstat in src/image.c, else a
symlink might be followed if we are purging. This is security
bug!
Requires attention from the security team
|
|
|
| dns-browse | stable | 1.6-4 | all, source | | dns-browse | updates | 1.6-5 | all, source | delay-install dns-browse_1.6-5_i386.changes | Changelog says: Fixed dns_tree so that it uses the HOME
directory for cache files (Closes: #146591)
This requires action by the Security Team
|
|
|
| fetchmailconf | stable | 5.3.3-3 | all | | fetchmailconf | updates | 5.3.3-4 | all | | fetchmail | stable | 5.3.3-3 | alpha, arm, i386, m68k, powerpc, sparc, source | | fetchmail | updates | 5.3.3-4 | alpha, i386, m68k, powerpc, sparc, source | delay-install fetchmail_5.3.3-4_alpha.changes
delay-install fetchmail_5.3.3-4_i386.changes
delay-install fetchmail_5.3.3-4_m68k.changes
delay-install fetchmail_5.3.3-4_powerpc.changes
delay-install fetchmail_5.3.3-4_sparc.changes | * SECURITY FIX: avoid buffer overflow on 64bit archs (imap.c)
This is a remote-expolitable buffer overflow, if the imap
server is hostile (backported from new upstream 5.9.12). Bug
discovery and fix by Nalin Dahyabai
DSA missing
MISSING arm
|
|
|
| freeamp-doc | stable | 2.0.6-2 | all | | freeamp-doc | updates | 2.0.6-2.1 | all | | freeamp | stable | 1.3.1-5 | m68k, powerpc | | freeamp | stable | 2.0.6-1 | arm | | freeamp | stable | 2.0.6-2 | alpha, i386, sparc, source | | freeamp | updates | 2.0.6-2.1 | alpha, i386, powerpc, sparc, source | | libfreeamp-alsa | stable | 2.0.6-2 | alpha, i386, sparc | | libfreeamp-alsa | updates | 2.0.6-2.1 | alpha, i386, powerpc, sparc | | libfreeamp-esound | stable | 2.0.6-1 | arm | | libfreeamp-esound | stable | 2.0.6-2 | alpha, i386, sparc | | libfreeamp-esound | updates | 2.0.6-2.1 | alpha, i386, powerpc, sparc | delay-install freeamp_2.0.6-2.1_alpha.changes
delay-install freeamp_2.0.6-2.1_i386.changes
delay-install freeamp_2.0.6-2.1_powerpc.changes
delay-install freeamp_2.0.6-2.1_sparc.changes | * Non-maintainer upload by the security team
* Apply patch for zlib double-free bug
Looks like a leaf of the zlib disaster
MISSING arm
|
|
|
| photopc | stable | 2.1-1 | powerpc | | photopc | stable | 2.8-3 | arm | | photopc | stable | 3.02-2 | alpha, i386, sparc, source | | photopc | updates | 3.02-2 | powerpc | delay-install photopc_3.02-2_powerpc.changes | Get versions in sync.
MISSING arm
|
|
|
| unixcw | stable | 1.1a-2 | arm | | unixcw | stable | 1.1a-5 | alpha, i386, source | | unixcw | updates | 1.1a-5 | powerpc, sparc | delay-install unixcw_1.1a-5_powerpc.changes
delay-install unixcw_1.1a-5_sparc.changes | Get package in sync through all architectures.
MISSING arm
|
|
|
| zlib-bin | stable | 1:1.1.3-5 | alpha, arm, i386, powerpc, sparc | | zlib-bin | stable | 1:1.1.3-5.0.1 | m68k | | zlib-bin | updates | 1:1.1.3-5.1 | alpha, arm, i386, m68k, powerpc, sparc | zlib1-altdev stable 1:1.1.3-3 sparc
zlib1-altdev stable 1:1.1.3-5 i386
zlib1-altdev stable 1:1.1.3-5.0.1 m68k
zlib1-altdev updates 1:1.1.3-5.1 i386, m68k | zlib1g-dev stable 1:1.1.3-5 alpha, arm, i386, powerpc, sparc
zlib1g-dev stable 1:1.1.3-5.0.1 m68k
zlib1g-dev updates 1:1.1.3-5.1 alpha, arm, i386, m68k, powerpc, sparc
zlib1g stable 1:1.1.3-5 alpha, arm, i386, powerpc, sparc
zlib1g stable 1:1.1.3-5.0.1 m68k
zlib1g updates 1:1.1.3-5.1 alpha, arm, i386, m68k, powerpc, sparc
zlib1 stable 1:1.1.3-3 sparc
zlib1 stable 1:1.1.3-5 i386
zlib1 stable 1:1.1.3-5.0.1 m68k
zlib1 updates 1:1.1.3-5.1 i386, m68k
zlib stable 1:1.1.3-5 source
zlib updates 1:1.1.3-5.1 source
delay-install zlib_1.1.3-5.1_alpha.changes
delay-install zlib_1.1.3-5.1_arm.changes
delay-install zlib_1.1.3-5.1_i386.changes
delay-install zlib_1.1.3-5.1_powerpc.changes
delay-install zlib_1.1.3-5.1_sparc.changes
delay-install zlib_1.1.3-5.1_m68k.changes
DSA 122 - zlib strikes back
No zlib1 package for sparc anymore? Is that intentional?
Query debian-sparc
|
|
|
Rejected packages
These packages don't meet the requirements.
| dvi2ps-fontdata-a2n | stable | 1.0-5 | all | | dvi2ps-fontdata-a2n | updates | 1.0-7 | all | | dvi2ps-fontdata-bsr | stable | 1.0-5 | all | | dvi2ps-fontdata-bsr | updates | 1.0-7 | all | | dvi2ps-fontdata-ja | stable | 1.0-5 | all | | dvi2ps-fontdata-ja | updates | 1.0-7 | all | | dvi2ps-fontdata-n2a | stable | 1.0-5 | all | | dvi2ps-fontdata-n2a | updates | 1.0-7 | all | | dvi2ps-fontdata-ptexfake | stable | 1.0-5 | all | | dvi2ps-fontdata-ptexfake | updates | 1.0-7 | all | | dvi2ps-fontdata-rrs | stable | 1.0-5 | all | | dvi2ps-fontdata-rrs | updates | 1.0-7 | all | | dvi2ps-fontdata-rsp | stable | 1.0-5 | all | | dvi2ps-fontdata-rsp | updates | 1.0-7 | all | | dvi2ps-fontdata-tbank | stable | 1.0-5 | all | | dvi2ps-fontdata-tbank | updates | 1.0-7 | all | | dvi2ps-fontdata-three | stable | 1.0-5 | all | | dvi2ps-fontdata-three | updates | 1.0-7 | all | reject dvi2ps-fontdata_1.0-7_i386.changes | Misplaced upload to 'stable unstable'
|
|
|
| efingerd | stable | 1.3 | alpha, arm, i386, m68k, powerpc, sparc, source | | efingerd | updates | 1.3.2 | alpha, arm, i386, m68k, powerpc, sparc, source | reject efingerd_1.3.1_alpha.changes
reject efingerd_1.3.1_arm.changes
reject efingerd_1.3.1_i386.changes
reject efingerd_1.3.1_m68k.changes
reject efingerd_1.3.1_powerpc.changes
reject efingerd_1.3.2_alpha.changes
reject efingerd_1.3.2_arm.changes
reject efingerd_1.3.2_i386.changes
reject efingerd_1.3.2_m68k.changes
reject efingerd_1.3.2_powerpc.changes
reject efingerd_1.3.2_sparc.changes | Alleged security update, .1 and .2 are broken, though.
Joey is discussion the issue with the maintainer.
|
|
|
| jtex-base | stable | 1.8-6 | all, source | | jtex-base | updates | 1.8-7 | all, source | reject jtex-base_1.8-7_i386.changes | Misplaced upload, stable+unstable
|
|
|
| rsync | stable | 2.3.2-1.2 | alpha, arm, i386, m68k, powerpc, sparc | | rsync | updates | 2.3.2-1.3 | alpha, arm, i386, m68k, powerpc, sparc | reject rsync_2.3.2-1.3_multi.changes | DSA 106
Broken packages, hence rejecting
|
|
|
Disclaimer
This list intends to help the ftp-masters releasing 2.2r7. They have the
final power to accept a package or not. If you want to comment on
this list, please send a mail to Martin Schulze <joey@debian.org>.
Last updated 2002/07/04 12:01 MET