Preparation of Debian GNU/Linux 3.0r1

An up-to-date version is at http://master.debian.org/~joey/3.0r1/.

I am preparing the first revision of the current stable Debian distribution (woody) and will infrequently send reports so people can actually comment on it and intervene whenever this is required.

If you disagree with one bit or another, please reply to this mail and explain why these things should be handled differently. There is still time to reconsider.

The plan is to release this revision at some time in the future. James Troup still has to give the final approval for each package since he is the ftpmaster involved with stable revisions. However, I will try to make his work as easy as possible in the hope to get the next revision out properly.

The regulations for stable are quite conservative. The requirements for packages to get into stable are:

1. The package fixes a security problem. An advisory by our own Security Team is required. Updates need to be approved by the security team.

2. The package fixes a critical bug which can lead into data loss, data corruption, or an overly broken system, or the package is broken or not usable (anymore).

3. The stable version of the package is not installable at all due to broken or unmet dependencies or broken installation scripts.

4. All released architectures have to be in sync.

5. If it is a kernel package, I can detect a similar amount of packages to remove, preferably older versions of the new packages.

It is ((1 OR 2 OR 3) AND 4) OR 5

Since this is the first revision of stable, I may be a little bit lax about enforcing reason 2.

Regular bugs and upgrade problems don't get fixed in new revisions for the stable distribution. They should instead be documented in the Release Notes which are maintained by Rob Bradford <mailto:robster@debian.org> and are found at http://www.debian.org/releases/woody/releasenotes.

Packages, which will most probably be rejected:

. Packages that fix non-critical bugs.

. Misplaced uploads, i.e. packages that were uploaded to 'stable unstable' or `frozen unstable' or similar.

. Packages for which its binary packages are out of sync with regard to all supported architectures in the stable distribution.

. Binary packages for which the source got lost somehow.

Accepted Packages

These packages will be installed into the stable Debian distribution and will be part of the next revision.

afterstepstable1.8.11-5woody1alpha, hppa, i386, ia64, mips, mipsel, s390, sparc, source
afterstepupdates1.8.11-5woody1arm, powerpc

Try to sync architectures.

There is an m68k package hooked up in testing-proposed-updates as well.

The arm package was built on July 4th, but didn't make it into the archive, strangely.

apache-commonstable1.3.26-0woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
apache-commonupdates1.3.26-0woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
apache-devstable1.3.26-0woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
apache-devupdates1.3.26-0woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
apache-docstable1.3.26-0woody1all
apache-docupdates1.3.26-0woody3all
apachestable1.3.26-0woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
apacheupdates1.3.26-0woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-187 apache - several vulnerabilities

apache-perlstable1.3.26-1-1.26-0woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
apache-perlupdates1.3.26-1-1.26-0woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-195 apache-perl - several vulnerabilities

apache-sslstable1.3.26.1+1.48-0woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
apache-sslupdates1.3.26.1+1.48-0woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-188 apache-ssl - several vulnerabilities

arcbootstable0.3.1mips, source
arcbootupdates0.3.3.9.woody.0mips, source
tip22updates0.3.3.9.woody.0mips

Guido writes:

- it don't lets failures to read from an ext2 fs completely crash the loader (like when you enter a non existent partition in the prom)

- it introduces tip22 as a separate binary package[1], a "piggyback" style tftp loader that is used to pack kernel and initrd into one ecoff file which can be tftpbooted. This finally solves the whole initrd issues on mips. Without that mips will not be able to use kernels > 2.4.16 since Ralf revamped head.S(among others) which breaks our current addinitrd method completely. Agreed, we could revert the head.S changes but I'd rather like to avoid that because we might trip on unwanted side effects. I already have a 2 line patch against bootfloppies to use tip22 but don't want to commit it until it's sure tip22 can go into r1.

bastillestable1:1.3.0-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
bastilleupdates1:1.3.0-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Package broken in woody

bugzillastable2.14.2-0woody1all, source
bugzillaupdates2.14.2-0woody2all, source

DSA-173 bugzilla - privilege escalation

cdrdaostable1:1.1.5-3.1alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc, source

Upstream reported: Due to license issues with the libedc_ecc library that is used by and distributed with cdrdao I have to temporarily freeze this project. All releases have been removed.

See http://sourceforge.net/forum/forum.php?forum_id=213313

See http://bugs.debian.org/162788

courier-authdaemonstable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-authdaemonupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-authmysqlstable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-authmysqlupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-basestable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-baseupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-debugstable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-debugupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-docstable0.37.3-2.1all
courier-docupdates0.37.3-2.3all
courier-imapstable1.4.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-imapupdates1.4.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-ldapstable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-ldapupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-maildropstable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-maildropupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-mlmstable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-mlmupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-mtastable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-mtaupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-pcpstable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-pcpupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-popstable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-popupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-webadminstable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courier-webadminupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
courierstable0.37.3-2.1source
courierupdates0.37.3-2.3source
sqwebmailstable0.37.3-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
sqwebmailupdates0.37.3-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc

DSA-197 courier - buffer overflow

cron-aptstable0.0.6all, source
cron-aptupdates0.0.6woody1all, source

* Added default path so the upgrade will work fine. Thanks to Donovan Baarda <abo@minkirri.apana.org.au> for pointing out the problem. Closes: #158869.

Rationale: Without the path, this package doesn't run out of the box on woody anymore.

debiandoc-sgmlstable1.1.67all, source
debiandoc-sgmlupdates1.1.67woody1all, source

On a machine which was upgraded from potato to woody a couple of months before release, there is a wrong entry in transitional.cat, which causes debiandoc to be unusable. My opinion is, it is bad enough (and simple enough to fix) so that it must go into 3.0r1.

* debian/postinst: added invocation of 'install-sgmlcatalog --remove debiandoc-sgml' to clean up cruft potentially left over from the SGML catalog transition in a potato -> woody upgrade (closes: Bug#154737)

debootstrap-udebupdates0.1.17.7woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
debootstrapstable0.1.17alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
debootstrapupdates0.1.17.7woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

* Rebuild of 0.1.17.8 for woody to pull in race condition fix and missing package dependency fixes, among others.

I've been pestered that boot-floppies/debian-installer people need this.

woody does not need Ádeb's though. Branden Robinson agreed to upload a "fixed" version that doesn't produce the Ádeb. However that hasn't yet happened.

Update: James said that udebs won't be visible in stable, so they should not cause problems. Let's hope he is correct.

defragstable0.73pjm1-1i386, source
defragupdates0.73pjm1-1.woody.0i386, source

* ext2.c: Gracefully fail on filesystems with journals (closes: #118635). This fixes a bug that causes filesystem corruption when defrag is run on ext3 filesystems.

dietlibc-devstable0.12-2alpha, arm, i386, mips, mipsel, powerpc, sparc
dietlibc-devupdates0.12-2.4alpha, arm, i386, mips, mipsel, powerpc, sparc
dietlibcstable0.12-2source
dietlibcupdates0.12-2.4source

DSA-146 dietlibc - integer overflow

docbook-xml-slidesstable1.1-2all, source
docbook-xml-slidesupdates1.1-2.1woody2all, source

Don't depend on obsolete library anymore.

This bug is just an incorrect dependency in the control file, which makes docbook-xml-slides insist on pulling the obsolete docbook-xsl-stylesheets instead of recent docbook-xsl. This in turns causes other packages to be uninstallable, because they correctly depend on the new one.

elkdocstable3.0-8.1all
elkstable3.0-8.1arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc, source
elkupdates3.0-8.1alpha

Get architectures in sync (IA-64 is missing, though, but the package doesn't seem to compile at all on that arch)

epic4-script-lightstable1:2.7.30p4-0woody1all, source
epic4-script-lightupdates1:2.7.30p5-1.1all, source

DSA-156 epic4-script-light - arbitrary script execution

eroasterstable2.1.0.0.3-1all, source
eroasterupdates2.1.0.0.3-2all, source

Fixed a typo that broke image creation with mkisofs if only the image was being created, ie if not part of create image/burn operation

ethereal-commonstable0.9.4-1woody1alpha, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
ethereal-commonupdates0.9.4-1woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
ethereal-devstable0.9.4-1woody1alpha, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
ethereal-devupdates0.9.4-1woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
etherealstable0.9.4-1woody1alpha, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc, source
etherealupdates0.9.4-1woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
tetherealstable0.9.4-1woody1alpha, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
tetherealupdates0.9.4-1woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc

DSA-162 ethereal - buffer overflow

famstable2.6.6.1-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
famupdates2.6.6.1-5.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
libfam-devstable2.6.6.1-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libfam-devupdates2.6.6.1-5.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libfam0stable2.6.6.1-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libfam0updates2.6.6.1-5.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc

DSA-154 fam - privilege escalation

fetchmail-commonstable5.9.11-6all
fetchmail-commonupdates5.9.11-6.1all
fetchmailconfstable5.9.11-6all
fetchmailconfupdates5.9.11-6.1all
fetchmailstable5.9.11-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
fetchmailupdates5.9.11-6.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-171 fetchmail - buffer overflows

fetchmail-sslstable5.9.11-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
fetchmail-sslupdates5.9.11-6.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-171 fetchmail - buffer overflows

freeswanstable1.96-1.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
freeswanupdates1.96-1.4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
kernel-patch-freeswanstable1.96-1.2all
kernel-patch-freeswanupdates1.96-1.4all

DSA-201 freeswan - denial of service

gaim-commonstable1:0.58-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
gaim-commonupdates1:0.58-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
gaim-gnomestable1:0.58-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
gaim-gnomeupdates1:0.58-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
gaimstable1:0.58-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
gaimupdates1:0.58-2.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-158 gaim - arbitrary program execution

gallerystable1.2.5-6all, source
galleryupdates1.2.5-7.woody.0all, source

DSA-138 gallery - remote exploit

glibcstable2.2.5-6source
glibcupdates2.2.5-11.2source
glibc-docstable2.2.5-6all
glibc-docupdates2.2.5-11.2all
libc6-dbgstable2.2.5-6arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
libc6-dbgupdates2.2.5-11.2hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
libc6-dev-sparc64stable2.2.5-6sparc
libc6-dev-sparc64updates2.2.5-11.2sparc
libc6-devstable2.2.5-6arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
libc6-devupdates2.2.5-11.2hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
libc6-picstable2.2.5-6arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
libc6-picupdates2.2.5-11.2hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
libc6-profstable2.2.5-6arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
libc6-profupdates2.2.5-11.2hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
libc6-sparc64stable2.2.5-6sparc
libc6-sparc64updates2.2.5-11.2sparc
libc6.1-dbgstable2.2.5-6alpha, ia64
libc6.1-dbgupdates2.2.5-11.2alpha, ia64
libc6.1-devstable2.2.5-6alpha, ia64
libc6.1-devupdates2.2.5-11.2alpha, ia64
libc6.1-picstable2.2.5-6alpha, ia64
libc6.1-picupdates2.2.5-11.2alpha, ia64
libc6.1-profstable2.2.5-6alpha, ia64
libc6.1-profupdates2.2.5-11.2alpha, ia64
libc6.1stable2.2.5-6alpha, ia64
libc6.1updates2.2.5-11.2alpha, ia64
libc6stable2.2.5-6arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
libc6updates2.2.5-11.2hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
localesstable2.2.5-6all
localesupdates2.2.5-11.2all
nscdstable2.2.5-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
nscdupdates2.2.5-11.2alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc

DSA-149 glibc - integer overflow

gnome-gvstable1.1.96-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
gnome-gvupdates1.1.96-3.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-179 gnome-gv - buffer overflow

gnome-pim-conduitsstable1.4.6-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
gnome-pim-conduitsupdates1.4.6-1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
gnome-pimstable1.4.6-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
gnome-pimupdates1.4.6-1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

According to the bug reports mentioned in the changelog, one program from this package crashed upon startup, rendering it useless. Hence, an update.

* Fixing RC bugs: + Closes: #145411: Gnomecal segfaults upon start + Closes: #145517: gnomecal segfaults at startup + Closes: #151781 (for stable): Problem loading GnomeCal conduit + Closes: #155221: Gnomecal segfaults upon start and no fixed version of gnome-pim is available in stable

gtetrinetstable0.4.1-9alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
gtetrinetupdates0.4.1-9woody1.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-205 gtetrinet - buffer overflow

gvstable1:3.5.8-26alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
gvupdates1:3.5.8-26.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-176 gv - buffer overflow

heartbeatstable0.4.9.0l-7.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
heartbeatupdates0.4.9.0l-7.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
ldirectordstable0.4.9.0l-7.1all
ldirectordupdates0.4.9.0l-7.2all
libstonith-devstable0.4.9.0l-7.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libstonith-devupdates0.4.9.0l-7.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libstonith0stable0.4.9.0l-7.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libstonith0updates0.4.9.0l-7.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
stonithstable0.4.9.0l-7.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
stonithupdates0.4.9.0l-7.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc

DSA-174 heartbeat - buffer overflow

htcheck-phpstable1:1.1-1all
htcheck-phpupdates1:1.1-1.1all
htcheckstable1:1.1-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
htcheckupdates1:1.1-1.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-169 htcheck - cross site scripting

html2psstable1.0b3-1all, source
html2psupdates1.0b3-1.2all, source

DSA-192 html2ps - arbitrary code execution

htmldocstable1.8.17-2alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
htmldocupdates1.8.17-2hppa

Get architectures back in sync

hylafax-clientstable1:4.1.1-1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
hylafax-clientupdates1:4.1.1-1.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
hylafax-docstable1:4.1.1-1all
hylafax-docupdates1:4.1.1-1.1all
hylafax-serverstable1:4.1.1-1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
hylafax-serverupdates1:4.1.1-1.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
hylafaxstable1:4.1.1-1source
hylafaxupdates1:4.1.1-1.1source

DSA-148 hylafax - buffer overflows and format string vulnerabilities

imstable1:141-18all, source
imupdates1:141-18.2all, source

DSA-202 im - insecure temporary files

initrd-toolsstable0.1.24all, source
initrd-toolsupdates0.1.32woody.3all, source

Lots of intrusive changes, only one is priority high and it only affects people with ataraid. Suited for unstable.

Automatic module loading is broken from 2.4.19 upwards, which means that the initrd-tools in stable will NOT work. This version is the first one that uses pivot_root which works around this and doesn't contain any major bugs unlike all previous versions uploaded to unstable.

interchange-cat-foundationstable4.8.3.20020306-1all
interchange-cat-foundationupdates4.8.3.20020306-1.woody.1all
interchange-uistable4.8.3.20020306-1all
interchange-uiupdates4.8.3.20020306-1.woody.1all
interchangestable4.8.3.20020306-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
interchangeupdates4.8.3.20020306-1.woody.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
libapache-mod-interchangestable4.8.3.20020306-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libapache-mod-interchangeupdates4.8.3.20020306-1.woody.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc

DSA-150 interchange - illegal file exposition

irssi-textstable0.8.4-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
irssi-textupdates0.8.4-3.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-157 irssi-text - denial of service

kannelstable1.1.5-2alpha, arm, hppa, i386, ia64, m68k, mips, powerpc, s390, sparc, source
kannelupdates1.1.5-2mipsel

non-US

Get architectures in sync.

kamerastable4:2.2.2-6.4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kameraupdates4:2.2.2-6.8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kcoloreditstable4:2.2.2-6.4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kcoloreditupdates4:2.2.2-6.8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kdegraphicsstable4:2.2.2-6.4source
kdegraphicsupdates4:2.2.2-6.8source
kfractstable4:2.2.2-6.4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kfractupdates4:2.2.2-6.8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kghostviewstable4:2.2.2-6.4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kghostviewupdates4:2.2.2-6.8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kiconeditstable4:2.2.2-6.4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kiconeditupdates4:2.2.2-6.8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kookastable4:2.2.2-6.4alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kookaupdates4:2.2.2-6.8alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kpaintstable4:2.2.2-6.4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kpaintupdates4:2.2.2-6.8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krulerstable4:2.2.2-6.4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krulerupdates4:2.2.2-6.8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
ksnapshotstable4:2.2.2-6.4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
ksnapshotupdates4:2.2.2-6.8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kviewstable4:2.2.2-6.4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kviewupdates4:2.2.2-6.8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkscan-devstable4:2.2.2-6.4alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkscan-devupdates4:2.2.2-6.8alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkscan1stable4:2.2.2-6.4alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkscan1updates4:2.2.2-6.8alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc

DSA-182 kdegraphics - buffer overflow

kdelibs-devstable4:2.2.2-13alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kdelibs-devupdates4:2.2.2-13.woody.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kdelibs3-binstable4:2.2.2-13alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kdelibs3-binupdates4:2.2.2-13.woody.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kdelibs3-cupsstable4:2.2.2-13alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kdelibs3-cupsupdates4:2.2.2-13.woody.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kdelibs3-docstable4:2.2.2-13all
kdelibs3-docupdates4:2.2.2-13.woody.5all
kdelibs3stable4:2.2.2-13alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kdelibs3updates4:2.2.2-13.woody.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kdelibsstable4:2.2.2-13source
kdelibsupdates4:2.2.2-13.woody.5source
libarts-alsastable4:2.2.2-13alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libarts-alsaupdates4:2.2.2-13.woody.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libarts-devstable4:2.2.2-13alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libarts-devupdates4:2.2.2-13.woody.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libartsstable4:2.2.2-13alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libartsupdates4:2.2.2-13.woody.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkmid-alsastable4:2.2.2-13alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkmid-alsaupdates4:2.2.2-13.woody.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkmid-devstable4:2.2.2-13alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkmid-devupdates4:2.2.2-13.woody.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkmidstable4:2.2.2-13alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkmidupdates4:2.2.2-13.woody.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc

DSA-155 kdelibs - privacy escalation with Konqueror

DSA-167 kdelibs - cross site scripting

DSA-204 kdelibs - arbitrary program execution

kernel-headers-2.2.20stable2.2.20-4alpha
kernel-headers-2.2.22updates2.2.22-1alpha
kernel-image-2.2.20-alphastable2.2.20-4source
kernel-image-2.2.22-alphaupdates2.2.22-1source
kernel-image-2.2.20-genericstable2.2.20-4alpha
kernel-image-2.2.22-genericupdates2.2.22-1alpha
kernel-image-2.2.20-jensenstable2.2.20-4alpha
kernel-image-2.2.22-jensenupdates2.2.22-1alpha
kernel-image-2.2.20-nautilusstable2.2.20-4alpha
kernel-image-2.2.22-nautilusupdates2.2.22-1alpha
kernel-image-2.2.20-smpstable2.2.20-4alpha
kernel-image-2.2.22-smpupdates2.2.22-1alpha

Fixed i386 lcall DoS (Petr Vandrovec).

New upstream source with several fixes.

kernel-image-2.4.17-s390stable2.4.17-2s390, source
kernel-image-2.4.17-s390updates2.4.17-2.woody.1.1s390, source

* Integrated a new kernel-patch from the IBM Developerworks website (released on 2002.06.12). This patch fixes the DASD deadlock problem and some other severe problems. * Removed NMU DASD deadlock fix. * Integrated a new kernel-patch from the IBM Developerworks website (released on 2002.08.16). This patch fixes a problem related to the IUCV driver.

This sounds like a more or less regular update to me, which should not target the stable release.

Gerhard Tonn wrote: This is not true. The woody kernel is definitely broken on s390, deadlock in I/O code. Fortunately we have a working kernel as part of the boot-floppies, so that most of our users didn't notice it, but we had already several problems with the kernel when users build their own. So please accept the update. We need not only the kernel-patch, but also an update of the kernel-image. It wasn't accepted by katie, probably because katie accepts only one .udeb per package and architecture.

kernel-headers-2.4.18-sparcstable22all
kernel-headers-2.4.19-sparcupdates26all
kernel-image-2.4.18-sun4u-smpstable22sparc
kernel-image-2.4.19-sun4u-smpupdates26sparc
kernel-image-2.4.18-sun4ustable22sparc
kernel-image-2.4.19-sun4uupdates26sparc
kernel-image-sparc-2.4stable22source
kernel-image-sparc-2.4updates26source

New kernel with security updates

The files in stable should be removed, i.e. updated by the new ones.

kernel-patch-2.4.17-s390stable0.0.20020415-1all, source
kernel-patch-2.4.17-s390updates0.0.20020816-0.woody.1all, source

* Integrated a new kernel-patch from the IBM Developerworks website (released on 2002.06.12). This patch fixes the DASD deadlock problem and some other severe problems. * Removed NMU DASD deadlock fix. * Integrated a new kernel-patch from the IBM Developerworks website (released on 2002.08.16). This patch fixes a problem related to the IUCV driver.

This sounds like a more or less regular update to me, which should not target the stable release.

Gerhard Tonn wrote: This is not true. The woody kernel is definitely broken on s390, deadlock in I/O code. Fortunately we have a working kernel as part of the boot-floppies, so that most of our users didn't notice it, but we had already several problems with the kernel when users build their own. So please accept the update. We need not only the kernel-patch, but also an update of the kernel-image. It wasn't accepted by katie, probably because katie accepts only one .udeb per package and architecture.

kernel-headers-2.4.17stable2.4.17-0.020226.2mips
kernel-headers-2.4.19updates2.4.19-0.020911.1.woody0mips
kernel-image-2.4.17-r4k-ip22stable2.4.17-0.020226.2mips
kernel-image-2.4.17-r5k-ip22stable2.4.17-0.020226.2mips
kernel-image-2.4.19-r4k-ip22updates2.4.19-0.020911.1.woody0mips
kernel-image-2.4.19-r5k-ip22updates2.4.19-0.020911.1.woody0mips
kernel-patch-2.4.19-mipsupdates2.4.19-0.020911.1.woody0all, source
mips-toolsstable2.4.17-0.020226.2mips
mips-toolsupdates2.4.19-0.020911.1.woody0mips

Kernel with security fixes

kernel-doc-2.2.20stable2.2.20-5all
kernel-doc-2.2.22updates2.2.22-1all
kernel-source-2.2.20stable2.2.20-5all, source
kernel-source-2.2.22updates2.2.22-1all, source

New kernel with security corrections. The new package should supersede an older one.

krb5-admin-serverstable1.2.4-5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-admin-serverupdates1.2.4-5woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-clientsstable1.2.4-5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-clientsupdates1.2.4-5woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-docstable1.2.4-5all
krb5-docupdates1.2.4-5woody3all
krb5-ftpdstable1.2.4-5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-ftpdupdates1.2.4-5woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-kdcstable1.2.4-5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-kdcupdates1.2.4-5woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-rsh-serverstable1.2.4-5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-rsh-serverupdates1.2.4-5woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-telnetdstable1.2.4-5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-telnetdupdates1.2.4-5woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-userstable1.2.4-5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5-userupdates1.2.4-5woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
krb5stable1.2.4-5source
krb5updates1.2.4-5woody3source
libkadm55stable1.2.4-5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkadm55updates1.2.4-5woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkrb5-devstable1.2.4-5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkrb5-devupdates1.2.4-5woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkrb53stable1.2.4-5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkrb53updates1.2.4-5woody3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc

DSA-143 krb5 - integer overflow

DSA-183 krb5 - buffer overflow

l2tpdstable0.67-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
l2tpdupdates0.67-1.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-152 l2tpd - missing random seed

libgd-devstable1.8.4-16alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libgd-devupdates1.8.4-17.woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libgd-noxpm-devstable1.8.4-16alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libgd-noxpm-devupdates1.8.4-17.woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libgd1-noxpmstable1.8.4-16alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libgd1-noxpmupdates1.8.4-17.woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libgd1stable1.8.4-16alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libgd1updates1.8.4-17.woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libgdstable1.8.4-16source
libgdupdates1.8.4-17.woody2source

* "Major Brown Bag"-release. * Make shlibs depend on libgd1-noxpm (not the non-existing libgd1- xpm). This closes: bug#143856 - thanks to Ben Finney <bignose@zip.com.au> for being awake when I am not. * Set urgency=high - same reasoning as -16.

woody2 fix uninstallable on ia32 due to broken dependencies, fixed packages are to be uploaded soon.

libgnupg-perlstable0.9-1all, source
libgnupg-perlupdates0.9-1.woody.1all, source

Move from non-US to main.

libpng2-devstable1.0.12-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libpng2-devupdates1.0.12-3.woody.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libpng2stable1.0.12-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libpng2updates1.0.12-3.woody.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libpngstable1.0.12-3source
libpngupdates1.0.12-3.woody.2source

DSA-140 libpng - buffer overflow

libquota-perlstable1.4.1-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
libquota-perlupdates1.4.1-2alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Backported change for C code from unstable version (1.4.6) to fix major brokenness (Closes: #162385)

The changes are too instrusive and large for me to check or author them. An inquiry to the bug reporter is sent and should help clarification.

log2mailstable0.2.5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
log2mailupdates0.2.5.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-186 log2mail - buffer overflow

logtoolstable1.0.6-7alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
logtoolupdates1.0.6-7.woody.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

* Backported fix for file-existence-error bug from unstable version. (Closes: #153414). Release manager: this is just a one-character change from 'test -f' to 'test -L', where the latter is the right thing to do, is being done so for the other three cases, and works as is for a few months now in unstable

The bug report demonstrates that the package is not installable under certain circumstances without this fix.

luxmanstable0.41-17i386, source
luxmanupdates0.41-17.1i386, source

DSA-189 luxman - local root exploit

mailmanstable2.0.11-1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
mailmanupdates2.0.11-1woody5alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-147 mailman - cross-site scripting

Plus: Fix a permission bug that renders the package uninstallable (upgrade with corrected perms would work, though)

mantisstable0.17.1-2all, source
mantisupdates0.17.1-2.5all, source

DSA-153 mantis - cross site code execution and privilege escalation

DSA-161 mantis - privilege escalation

masqmailstable0.1.16-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
masqmailupdates0.1.16-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-194 masqmail - buffer overflows

mhonarcstable2.5.2-1all, source
mhonarcupdates2.5.2-1.2all, source

DSA-163 mhonarc - cross site scripting

DSA-199 mhonarc - cross site scripting

libmm11-devstable1.1.3-6alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libmm11-devstable1.1.3-6.0.1hppa
libmm11-devupdates1.1.3-6.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libmm11stable1.1.3-6alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libmm11stable1.1.3-6.0.1hppa
libmm11updates1.1.3-6.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
mmstable1.1.3-6source
mmupdates1.1.3-6.1source

DSA-137 mm - insecure temporary files

mpackstable1.5-7alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
mpackupdates1.5-7woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-141 mpack - buffer overflow

libsc-devstable2.0.4-1alpha, hppa, i386, ia64, m68k, powerpc, s390, sparc
libsc-devupdates2.0.4-1.1hppa, i386, ia64, m68k, powerpc, s390, sparc
libsc-docstable2.0.4-1all
libsc-docupdates2.0.4-1.1all
libsc2stable2.0.4-1alpha, hppa, i386, ia64, m68k, powerpc, s390, sparc
libsc2updates2.0.4-1.1hppa, i386, ia64, m68k, powerpc, s390, sparc
mpqcstable2.0.4-1alpha, hppa, i386, ia64, m68k, powerpc, s390, sparc, source
mpqcupdates2.0.4-1.1hppa, i386, ia64, m68k, powerpc, s390, sparc, source

Rebuilt against current atlas-dev from stable to fix broken dependencies (similar to octave2.1)

Doesn't build on alpha due to lapack problems, but alpha packages didn't suffer from the atlas brokeness anyway, so that's no problem.


MISSING alpha

msttcorefontsstable1.0.0all, source
msttcorefontsupdates1.0.2all, source

The woody package was useless since the path was changed.

muddleftpdstable1.3.11-7woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
muddleftpdupdates1.3.11-7woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Corrected the logfile security fix.

murasakistable0.5.4-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
murasakiupdates0.5.4-2.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

The package in woody will break violently if you are installing it on a kernel without hotplug support, and will refuse to be removed if your kernel doesn't have hotplug support.

nano-tinystable1.0.6-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
nano-tinyupdates1.0.6-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
nano-udebupdates1.0.6-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
nanostable1.0.6-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
nanoupdates1.0.6-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

nano.c: hardcode a --disable-wrapping-as-root backport to the stable version. If, as root, you want to enable wrapping, use the Meta-W toggle to enable it after starting nano (fixes: #127634 + 5 more).

Why do people think Ádebs are good for woody? They aren't. Try again.

Update: James said that udebs won't be visible in stable, so they should not cause problems. Let's hope he is correct.

libnessus-devstable1.0.10-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libnessus-devupdates1.0.10-2.0.1s390
libnessus1stable1.0.10-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libnessus1updates1.0.10-2.0.1s390
nessus-corestable1.0.10-2source
nessus-devstable1.0.10-2all
nessus-librariesstable1.0.10-2source
nessusdstable1.0.10-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, sparc
nessusdupdates1.0.10-2powerpc
nessusdupdates1.0.10-2.0.1s390
nessusstable1.0.10-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, sparc
nessusupdates1.0.10-2powerpc
nessusupdates1.0.10-2.0.1s390

Get architectures in sync (despite BNMU)

nisstable3.9-6alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
nisstable3.9-6.0.2hppa
nisupdates3.9-6.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-180 nis - information leak

nullmailerstable1.00RC5-16alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
nullmailerupdates1.00RC5-16.1woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-198 nullmailer - denial of service

ocaml-basestable3.04-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
ocaml-baseupdates3.04-14alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
ocaml-native-compilersstable3.04-12alpha, arm, i386, powerpc, sparc
ocaml-native-compilersupdates3.04-14alpha, arm, i386, powerpc, sparc
ocaml-sourcestable3.04-12all
ocaml-sourceupdates3.04-14all
ocamlstable3.04-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
ocamlupdates3.04-14alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Fixed postinst-ocamlld so it will now do its work also when upgrading a package, and not only when removing it.

octave2.1-docstable2.1.35-7all
octave2.1-docupdates2.1.35-7woody1all
octave2.1-emacsenstable2.1.35-7all
octave2.1-emacsenupdates2.1.35-7woody1all
octave2.1-headersstable2.1.35-7alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
octave2.1-headersupdates2.1.35-7woody1alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
octave2.1-htmldocstable2.1.35-7all
octave2.1-htmldocupdates2.1.35-7woody1all
octave2.1-infostable2.1.35-7all
octave2.1-infoupdates2.1.35-7woody1all
octave2.1stable2.1.35-7alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
octave2.1updates2.1.35-7woody1alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Rebuilt against current atlas*-dev package with corrected shlibs.default to ensure proper handling of virtual depends on blas2 with default of blas and atlas2-base

libopenafs-devstable1.2.3final2-5alpha, i386, powerpc, s390, sparc
libopenafs-devupdates1.2.3final2-6alpha, i386, powerpc, s390, sparc
openafs-clientstable1.2.3final2-5alpha, i386, powerpc, s390, sparc
openafs-clientupdates1.2.3final2-6alpha, i386, powerpc, s390, sparc
openafs-dbserverstable1.2.3final2-5alpha, i386, powerpc, s390, sparc
openafs-dbserverupdates1.2.3final2-6alpha, i386, powerpc, s390, sparc
openafs-fileserverstable1.2.3final2-5alpha, i386, powerpc, s390, sparc
openafs-fileserverupdates1.2.3final2-6alpha, i386, powerpc, s390, sparc
openafs-kpasswdstable1.2.3final2-5alpha, i386, powerpc, s390, sparc
openafs-kpasswdupdates1.2.3final2-6alpha, i386, powerpc, s390, sparc
openafs-modules-sourcestable1.2.3final2-5all
openafs-modules-sourceupdates1.2.3final2-6all
openafsstable1.2.3final2-5source
openafsupdates1.2.3final2-6source

DSA-142 openafs - integer overflow

opensshstable1:3.4p1-1source
ssh-askpass-gnomestable1:3.4p1-1alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
ssh-askpass-gnomeupdates1:3.4p1-1ia64
sshstable1:3.4p1-1alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
sshupdates1:3.4p1-1ia64

Get architectures in sync

pcmcia-modules-2.2.20-compactstable3.1.33-6k5i386
pcmcia-modules-2.2.22-compactupdates3.1.33-6k1i386
pcmcia-modules-2.2.20-idepcistable3.1.33-6k5i386
pcmcia-modules-2.2.22-idepciupdates3.1.33-6k1i386
pcmcia-modules-2.2.20-reiserfsstable3.1.33-5k4i386
pcmcia-modules-2.2.20stable3.1.33-6k5i386
pcmcia-modules-2.2.22updates3.1.33-6k1i386

Built for kernel-image-2.2.22-*.

There should probably be a reiserfs update as well, but it's currently missing. Older packages should be replaced.

php3-cgi-gdstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-gdupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-imapstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-imapupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-ldapstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-ldapupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-magickstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-magickupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-mhashstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-mhashupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-mysqlstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-mysqlupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-snmpstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-snmpupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-xmlstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgi-xmlupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgistable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-cgiupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-devstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-devupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-docstable3:3.0.18-23all
php3-docupdates3:3.0.18-23.1woody1all
php3-gdstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-gdupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-imapstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-imapupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-ldapstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-ldapupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-magickstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-magickupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-mhashstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-mhashupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-mysqlstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-mysqlupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-snmpstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-snmpupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3-xmlstable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc
php3-xmlupdates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php3stable3:3.0.18-23alpha, arm, hppa, i386, m68k, mips, mipsel, powerpc, s390, sparc, source
php3updates3:3.0.18-23.1woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-168 php - bypassing safe_mode, CRLF injection

caudium-php4stable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
caudium-php4updates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-cgistable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-cgiupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-curlstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-curlupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-devstable4:4.1.2-4all
php4-devupdates4:4.1.2-6all
php4-domxmlstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-domxmlupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-gdstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-gdupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-imapstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-imapupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-ldapstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-ldapupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-mcalstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-mcalupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-mhashstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-mhashupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-mysqlstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-mysqlupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-odbcstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-odbcupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-pearstable4:4.1.2-4all
php4-pearupdates4:4.1.2-6all
php4-recodestable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-recodeupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-snmpstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-snmpupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-sybasestable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-sybaseupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-xsltstable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4-xsltupdates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
php4stable4:4.1.2-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
php4updates4:4.1.2-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-168 php - bypassing safe_mode, CRLF injection

-6 is: Backport fix from 4.2.3 to avoid using pread() and pwrite() functions from glibc, as they are broken on many architectures in Debian.

postfix-tlsstable1.1.11+tls0.7.15-0.woody1alpha, hppa, i386, ia64, mips, mipsel, powerpc, s390, source
postfix-tlsupdates1.1.11+tls0.7.15-0.woody1arm, m68k, sparc

Get architectures in sync

puritystable1-14alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
purityupdates1-14.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-166 purity - buffer overflows

python1.5stable1.5.2-23alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
python1.5updates1.5.2-23.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-159 python - insecure temporary files

qpopper-dracstable4.0.4-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
qpopper-dracupdates4.0.4-2.woody.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
qpopperstable4.0.4-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
qpopperupdates4.0.4-2.woody.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

qpopper couldn't work with Eudora clients and openssl 0.9.6c-2.woody.1 that was provided in DSA-136. This verison fixed that bug.

librio500-devstable0.7-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
librio500-devupdates0.7-7woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
rio500stable0.7-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
rio500updates0.7-7woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

* Include debconf templates (backported fix for Bug#158578). Their omission caused installation to fail on non-devfs systems, unless the /dev/usb/rio500 device node had already been created.

libpam-smbpassstable2.2.3a-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libpam-smbpassupdates2.2.3a-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libsmbclient-devstable2.2.3a-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libsmbclient-devupdates2.2.3a-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libsmbclientstable2.2.3a-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libsmbclientupdates2.2.3a-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
samba-commonstable2.2.3a-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
samba-commonupdates2.2.3a-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
samba-docstable2.2.3a-6all
samba-docupdates2.2.3a-12all
sambastable2.2.3a-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
sambaupdates2.2.3a-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
smbclientstable2.2.3a-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
smbclientupdates2.2.3a-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
smbfsstable2.2.3a-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
smbfsupdates2.2.3a-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
swatstable2.2.3a-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
swatupdates2.2.3a-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
winbindstable2.2.3a-6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
winbindupdates2.2.3a-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc

DSA-200 samba - remote exploit

libscrollkeeper-devstable0.3.6-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libscrollkeeper-devupdates0.3.6-3.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libscrollkeeper0stable0.3.6-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libscrollkeeper0updates0.3.6-3.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
scrollkeeperstable0.3.6-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
scrollkeeperupdates0.3.6-3.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-160 scrollkeeper - insecure temporary file creation

silostable1.2.5-1sparc, source
siloupdates1.2.5-2sparc, source

The silo I've uploaded to proposed-updates adds a patch from DaveM to support the newest UltraSPARC III+ machines. Without it, they cannot be booted from disk.

Add patch for UltraSPARC III+ (Cheetah+) support from DaveM.

snort-commonstable1.8.4beta1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
snort-commonupdates1.8.4beta1-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
snort-docstable1.8.4beta1-2all
snort-docupdates1.8.4beta1-3all
snort-mysqlstable1.8.4beta1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
snort-mysqlupdates1.8.4beta1-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
snort-rules-defaultstable1.8.4beta1-2all
snort-rules-defaultupdates1.8.4beta1-3all
snortstable1.8.4beta1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
snortupdates1.8.4beta1-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

I was told that snort doesn't work in woody, so the update is accepted.

Changelog says:

+ Mandatory upload to stable because the previous package had serious problems that were fixed only one package release later that JUST didn't get into woody.

! Fixed 'snort.debian.conf is empty at fresh install'

+ New 'snort-stat' included, fixes 'Empty subject' bugs

+ Fixes to daily cronjob's email thingy. Now honours DEBIAN_SNORT_STAT_TRESHOLD

squirrelmailstable1:1.2.6-1all, source
squirrelmailupdates1:1.2.6-1.2all, source

DSA-191 squirrelmail - cross site scripting

superstable3.16.1-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
superupdates3.16.1-1.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-139 super - format string vulnerability

sympastable3.3.3-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
sympaupdates3.3.3-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
wwsympastable3.3.3-2all
wwsympaupdates3.3.3-3all

Package in woody was uninstallable due to a mising dependency

tcpdumpstable3.6.2-2.0.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
tcpdumpupdates3.6.2-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-206 tcpdump - denial of service

tendrastable4.1.2-9i386, source
tendraupdates4.1.2-9.woody1i386, source

Don't copy runtime files.

This was a GCC license violation.

libkpathsea-devstable1.0.7+20011202-7alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkpathsea-devupdates1.0.7+20011202-7.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkpathsea3stable1.0.7+20011202-7alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkpathsea3updates1.0.7+20011202-7.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
tetex-binstable1.0.7+20011202-7alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
tetex-binupdates1.0.7+20011202-7.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-207 tetex-bin - arbitrary command execution

tinyproxystable1.4.3-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
tinyproxyupdates1.4.3-2woody2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-145 tinyproxy - doubly freed memory

tkmailstable4.0beta9-8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
tkmailupdates4.0beta9-8.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-172 tkmail - insecure temporary files

libtomcat4-javastable4.0.3-3all
libtomcat4-javaupdates4.0.3-3woody1all
tomcat4-webappsstable4.0.3-3all
tomcat4-webappsupdates4.0.3-3woody1all
tomcat4stable4.0.3-3all, source
tomcat4updates4.0.3-3woody1all, source

DSA-170 tomcat4 - source code disclosure

uptimedstable1:0.1.7-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
uptimedupdates1:0.1.7-2woody0alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Fixed upgrade path from potato (Closes: #157918)

This does not warrant an updated package, though. Hmm, this could be considered as data desctruction during upgrade, hence it may warrant an upgrade.

weexstable2.6.1-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
weexupdates2.6.1-4woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Really fixed the mkstemp patch which could make weex core dump.

wwwofflestable2.7a-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
wwwoffleupdates2.7a-1.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-144 wwwoffle - improper input handling

xinetdstable1:2.3.4-1.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
xinetdupdates1:2.3.4-1.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-151 xinetd - pipe exposure

yaclcstable1.3.6alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
yaclcupdates1.3.6.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Fixed a regular expression to parse the current BTS. Please consider for stable: old version does not work anymore, and this is a one-character change.

Requires further Investigation

These packages need further investigation. One reason the package is listed here could be that I'm not yet convinced this package should go into stable, but don't want to reject it entirely at the moment.

Another reason could be that released and updated architectures are not yet in sync.

bind-devstable1:8.3.3-0.woody.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
bind-devupdates1:8.3.3-2.0woody1alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
bind-docstable1:8.3.3-0.woody.1all
bind-docupdates1:8.3.3-2.0woody1all
bindstable1:8.3.3-0.woody.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
bindupdates1:8.3.3-2.0woody1alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA-196 bind - several vulnerabilities


MISSING arm

debianutilsstable1.16alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
debianutilsupdates1.16.1woody0s390
debianutilsupdates1.16.2woody0alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, sparc, source

There is a race condition with the receiving of SIGCHLD before select is called.

1.16.1woody0 consumed infinite CPU power. It should be fixed in 1.16.2woody0 which happens to be just another version from sid recompiled. That's a reason to delay it alone, this requires testing!


MISSING s390

chill-2.95stable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
chill-2.95updates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
cpp-2.95-docstable1:2.95.4-7all
cpp-2.95-docupdates1:2.95.4-11woody1all
cpp-2.95stable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
cpp-2.95updates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
g++-2.95stable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
g++-2.95updates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
g77-2.95-docstable1:2.95.4-7all
g77-2.95-docupdates1:2.95.4-11woody1all
g77-2.95stable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
g77-2.95updates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
gcc-2.95-docstable1:2.95.4-7all
gcc-2.95-docupdates1:2.95.4-11woody1all
gcc-2.95stable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
gcc-2.95stable2.95.4.ds11-7source
gcc-2.95updates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
gcc-2.95updates2.95.4.ds13-11woody1source
gobjc-2.95stable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
gobjc-2.95updates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
gpc-2.95-docstable1:2.95.4-7all
gpc-2.95-docupdates1:2.95.4-11woody1all
gpc-2.95stable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
gpc-2.95updates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
libg++2.8.1.3-dbgstable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
libg++2.8.1.3-dbgupdates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
libg++2.8.1.3-devstable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
libg++2.8.1.3-devupdates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
libg++2.8.1.3-glibc2.2stable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
libg++2.8.1.3-glibc2.2updates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
libstdc++2.10-dbgstable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
libstdc++2.10-dbgstable1:2.96-8ia64
libstdc++2.10-dbgupdates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
libstdc++2.10-devstable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
libstdc++2.10-devstable1:2.96-8ia64
libstdc++2.10-devupdates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
libstdc++2.10-glibc2.2stable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
libstdc++2.10-glibc2.2stable1:2.96-8ia64
libstdc++2.10-glibc2.2updates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390
protoize-2.95stable1:2.95.4-7alpha, arm, i386, m68k, mips, mipsel, powerpc, s390, sparc
protoize-2.95updates1:2.95.4-11woody1alpha, arm, i386, m68k, powerpc, s390

Important update for ARM and S/390 systems.


MISSING mips
MISSING mipsel
MISSING sparc

kernel-headers-2.2.20-compactstable2.2.20-5i386
kernel-headers-2.2.22-compactupdates2.2.22-1i386
kernel-headers-2.2.20-idepcistable2.2.20-5i386
kernel-headers-2.2.22-idepciupdates2.2.22-1i386
kernel-headers-2.2.20stable2.2.20-5i386
kernel-headers-2.2.22updates2.2.22-1i386
kernel-image-2.2.20-compactstable2.2.20-5i386
kernel-image-2.2.22-compactupdates2.2.22-1i386
kernel-image-2.2.20-i386stable2.2.20-5source
kernel-image-2.2.22-i386updates2.2.22-1source
kernel-image-2.2.20-idepcistable2.2.20-5i386
kernel-image-2.2.22-idepciupdates2.2.22-1i386
kernel-image-2.2.20stable2.2.20-5i386
kernel-image-2.2.22updates2.2.22-1i386

Fixed i386 lcall DoS (Petr Vandrovec).

New upstream source with several fixes.

cdrom-modules-2.4.19-386-udebupdates2.4.19-0woody.1i386
floppy-modules-2.4.19-386-udebupdates2.4.19-0woody.1i386
ide-modules-2.4.19-386-udebupdates2.4.19-0woody.1i386
isa-pnp-modules-2.4.19-386-udebupdates2.4.19-0woody.1i386
kernel-headers-2.4.16-386stable2.4.16-1i386
kernel-headers-2.4.18-386stable2.4.18-5i386
kernel-headers-2.4.19-386updates2.4.19-0woody.2i386
kernel-headers-2.4.16-586tscstable2.4.16-1i386
kernel-headers-2.4.18-586tscstable2.4.18-5i386
kernel-headers-2.4.19-586tscupdates2.4.19-0woody.2i386
kernel-headers-2.4.16-686-smpstable2.4.16-1i386
kernel-headers-2.4.18-686-smpstable2.4.18-5i386
kernel-headers-2.4.19-686-smpupdates2.4.19-0woody.2i386
kernel-headers-2.4.16-686stable2.4.16-1i386
kernel-headers-2.4.18-686stable2.4.18-5i386
kernel-headers-2.4.19-686updates2.4.19-0woody.2i386
kernel-headers-2.4.16-k6stable2.4.16-1i386
kernel-headers-2.4.18-k6stable2.4.18-5i386
kernel-headers-2.4.19-k6updates2.4.19-0woody.2i386
kernel-headers-2.4.19-k7-smpupdates2.4.19-0woody.2i386
kernel-headers-2.4.16-k7stable2.4.16-1i386
kernel-headers-2.4.18-k7stable2.4.18-5i386
kernel-headers-2.4.19-k7updates2.4.19-0woody.2i386
kernel-headers-2.4.16stable2.4.16-1i386
kernel-headers-2.4.18stable2.4.18-5i386
kernel-headers-2.4.19updates2.4.19-0woody.2i386
kernel-image-2.4-386updates2.4.19-0woody.2i386
kernel-image-2.4-586tscupdates2.4.19-0woody.2i386
kernel-image-2.4-686-smpupdates2.4.19-0woody.2i386
kernel-image-2.4-686updates2.4.19-0woody.2i386
kernel-image-2.4-k6updates2.4.19-0woody.2i386
kernel-image-2.4-k7-smpupdates2.4.19-0woody.2i386
kernel-image-2.4-k7updates2.4.19-0woody.2i386
kernel-image-2.4.19-386-udebupdates2.4.19-0woody.1i386
kernel-image-2.4.16-386stable2.4.16-1i386
kernel-image-2.4.18-386stable2.4.18-5i386
kernel-image-2.4.19-386updates2.4.19-0woody.2i386
kernel-image-2.4.16-586stable2.4.16-1i386
kernel-image-2.4.16-586tscstable2.4.16-1i386
kernel-image-2.4.18-586tscstable2.4.18-5i386
kernel-image-2.4.19-586tscupdates2.4.19-0woody.2i386
kernel-image-2.4.16-686-smpstable2.4.16-1i386
kernel-image-2.4.18-686-smpstable2.4.18-5i386
kernel-image-2.4.19-686-smpupdates2.4.19-0woody.2i386
kernel-image-2.4.16-686stable2.4.16-1i386
kernel-image-2.4.18-686stable2.4.18-5i386
kernel-image-2.4.19-686updates2.4.19-0woody.2i386
kernel-image-2.4.16-i386stable2.4.16-1source
kernel-image-2.4.18-i386stable2.4.18-5source
kernel-image-2.4.19-i386updates2.4.19-0woody.2source
kernel-image-2.4.16-k6stable2.4.16-1i386
kernel-image-2.4.18-k6stable2.4.18-5i386
kernel-image-2.4.19-k6updates2.4.19-0woody.2i386
kernel-image-2.4.19-k7-smpupdates2.4.19-0woody.2i386
kernel-image-2.4.16-k7stable2.4.16-1i386
kernel-image-2.4.18-k7stable2.4.18-5i386
kernel-image-2.4.19-k7updates2.4.19-0woody.2i386
kernel-pcmcia-modules-2.4.18-386stable2.4.18-5i386
kernel-pcmcia-modules-2.4.19-386updates2.4.19-0woody.2i386
kernel-pcmcia-modules-2.4.18-586tscstable2.4.18-5i386
kernel-pcmcia-modules-2.4.19-586tscupdates2.4.19-0woody.2i386
kernel-pcmcia-modules-2.4.18-686-smpstable2.4.18-5i386
kernel-pcmcia-modules-2.4.19-686-smpupdates2.4.19-0woody.2i386
kernel-pcmcia-modules-2.4.18-686stable2.4.18-5i386
kernel-pcmcia-modules-2.4.19-686updates2.4.19-0woody.2i386
kernel-pcmcia-modules-2.4.18-k6stable2.4.18-5i386
kernel-pcmcia-modules-2.4.19-k6updates2.4.19-0woody.2i386
kernel-pcmcia-modules-2.4.19-k7-smpupdates2.4.19-0woody.2i386
kernel-pcmcia-modules-2.4.18-k7stable2.4.18-5i386
kernel-pcmcia-modules-2.4.19-k7updates2.4.19-0woody.2i386
nic-modules-2.4.19-386-udebupdates2.4.19-0woody.1i386
nic-modules-extra-2.4.19-386-udebupdates2.4.19-0woody.1i386
nic-modules-shared-2.4.19-386-udebupdates2.4.19-0woody.1i386
plip-modules-2.4.19-386-udebupdates2.4.19-0woody.1i386
ppp-modules-2.4.19-386-udebupdates2.4.19-0woody.1i386
scsi-modules-2.4.19-386-udebupdates2.4.19-0woody.1i386
serial-modules-2.4.19-386-udebupdates2.4.19-0woody.1i386
socket-modules-2.4.19-386-udebupdates2.4.19-0woody.1i386

Important updates

The Ádebs should not enter stable, though.

The stable packages above should be removed when the new kernel packages are added. Hope that works...

There's still kernel-image-2.4.18-bf2.4 and kernel-headers-2.4.18-bf2.4. Eduard Bloch told me that they need to stay.

Junichi says: that leaves ALSA etc. modules out of sync, doesn't it? There are several module packages that would be made uninstallable if you remove those kernel packages.

Hence, we'll need to wait for all modules packages to appear as well until the kernel may be installed.

kernel-headers-2.4.19updates2.4.19-0.woody.1s390
kernel-image-2.4.19-s390-tape-udebupdates2.4.19-0.woody.1s390
kernel-image-2.4.19-s390updates2.4.19-0.woody.1s390, source

More or less important updates...

The Ádebs should not enter stable, though. Needs a rebuild.

Need a kernel to remove from woody, though.

Update: James said that udebs won't be visible in stable, so they should not cause problems. Let's hope he is correct.

kernel-patch-2.4.17-s390stable0.0.20020415-1source
kernel-patch-2.4.19-s390updates0.0.20021024-0.woody.1all, source

New kernel with security fixes and S/390 specific corrections or improvements. This package should supersede an older one.

Gerhard Tonn: as long as the kernel image 2.4.19 for s390 hasn't been accepted, the kernel-patch for 2.4.17 shouldn't be removed.

Joey: There is no kernel image 2.4.19 for s390 yet, hence postponing.

kernel-doc-2.4.16stable2.4.16-1all
kernel-doc-2.4.18stable2.4.18-5all
kernel-doc-2.4.19updates2.4.19-0woody.3all
kernel-source-2.4.16stable2.4.16-1all, source
kernel-source-2.4.18stable2.4.18-5all, source
kernel-source-2.4.19updates2.4.19-0woody.3all, source

New kernel with security updates. Should replace the current packages.

Junichi says: that leaves ALSA etc. modules out of sync, doesn't it? There are several module packages that would be made uninstallable if you remove those kernel packages.

Hence, we'll need to wait for all modules packages to appear as well until the kernel may be installed.

kerberos4kth-clients-xstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kerberos4kth-clients-xupdates1.1-8-2sparc
kerberos4kth-clients-xupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
kerberos4kth-clientsstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kerberos4kth-clientsupdates1.1-8-2sparc
kerberos4kth-clientsupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
kerberos4kth-dev-commonstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kerberos4kth-dev-commonupdates1.1-8-2sparc
kerberos4kth-dev-commonupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
kerberos4kth-devstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kerberos4kth-devupdates1.1-8-2sparc
kerberos4kth-devupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
kerberos4kth-docsstable1.1-8-2all
kerberos4kth-docsupdates1.1-8-2all
kerberos4kth-kdcstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kerberos4kth-kdcupdates1.1-8-2sparc
kerberos4kth-kdcupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
kerberos4kth-kipstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kerberos4kth-kipupdates1.1-8-2sparc
kerberos4kth-kipupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
kerberos4kth-servers-xstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kerberos4kth-servers-xupdates1.1-8-2sparc
kerberos4kth-servers-xupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
kerberos4kth-serversstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
kerberos4kth-serversupdates1.1-8-2sparc
kerberos4kth-serversupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
kerberos4kth-servicesstable1.1-8-2all
kerberos4kth-servicesupdates1.1-8-2all
kerberos4kth-userstable1.1-8-2all
kerberos4kth-userupdates1.1-8-2all
kerberos4kth-x11stable1.1-8-2all
kerberos4kth-x11updates1.1-8-2all
kerberos4kth1stable1.1-8-2all
kerberos4kth1updates1.1-8-2all
krb4stable1.1-8-2source
krb4updates1.1-8-2source
libacl1-kerberos4kthstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libacl1-kerberos4kthupdates1.1-8-2sparc
libacl1-kerberos4kthupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
libkadm1-kerberos4kthstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkadm1-kerberos4kthupdates1.1-8-2sparc
libkadm1-kerberos4kthupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
libkdb-1-kerberos4kthstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkdb-1-kerberos4kthupdates1.1-8-2sparc
libkdb-1-kerberos4kthupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
libkrb-1-kerberos4kthstable1.1-8-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libkrb-1-kerberos4kthupdates1.1-8-2sparc
libkrb-1-kerberos4kthupdates1.1-8-2.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390

DSA-184 krb4 - buffer overflow

The sparc upload got lost somehow. Katie broken, won't accept it, ftpmaster informed on Nov 2nd.

liblocale-gettext-perlstable1.01-11alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
liblocale-gettext-perlupdates1.01-11a.woodyalpha, arm, hppa, i386, ia64, m68k, mipsel, powerpc, s390, sparc, source

* The bugs #156381 is also in the stable version of the package. Since it renders basic packages like debconf unusable when it's installed, I'm providing this updated package to fix it. * Added the include <libintl.h> in the .xs file this time. * Really stupid version number to have a version number lower than 1.01-11bis which is in unstable...

The bug report demonstrates that this problem may render an entire installation/upgrade broken. Hence, an update is required.


MISSING mips

libpng-devstable1.2.1-1.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libpng-devupdates1.2.1-1.1.woody.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, sparc
libpng3stable1.2.1-1.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
libpng3updates1.2.1-1.1.woody.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, sparc, source

DSA-140 libpng - buffer overflow


MISSING s390

lsbstable1.1.0-11all, source
lsbupdates1.2-5.woody.1all, source

Too intrusive changes

* Support LSB 1.2 in woody. Includes all changes through 1.2-6 in sid.

* Fix call to shadowconfig in postinst. (Closed: #166041)

* Add text to the debconf template that lets the user know that shadow passwords are not needed by most LSB applications.

* Remove duplicate --retry 5 from start-stop-daemon call. (Closed: #165395)

* Fix bugs in the init script registry code. (Closed: #165038)

* Support more specifications for the signal in "killproc". (Closed: #163109)

* Return non-zero exit status if "pidofproc" can't find the process. (Closed: #157314)

* Fix silly typos in install_initd. (Closed: #152544)

* Fix duplicated --retry 5. (Closed: #152552)

* Added support for facilities introduced in gLSB 1.2. (Closed: #148568) - $time: start >= S24, stop <= K21 - $portmap: start >= S19, stop <= K34

* Removed support for the $netdaemons facility, which vanished from the specification. Hopefully nobody is using it...

* Call pidof if it's available and /var/run/$1.pid doesn't exist.

libmysqlclient10-devstable3.23.49-8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libmysqlclient10-devupdates3.23.51-1woody4alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
libmysqlclient10stable3.23.49-8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libmysqlclient10updates3.23.51-1woody4alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
mysql-clientstable3.23.49-8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
mysql-clientupdates3.23.51-1woody4alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
mysql-commonstable3.23.49-8all
mysql-commonupdates3.23.51-1woody4all
mysqlstable3.23.49-8source
mysql-dfsgupdates3.23.51-1woody4source
mysql-serverstable3.23.49-8alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
mysql-serverupdates3.23.51-1woody4alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390

The Changelog says:

* Please see 3.23.51-1woody2 for reasons that justify the woody update! * As ps doesn't work on all autobuilders (maybe no /proc in chroot) I now disabled this check in ./configure as our target system will be the same Linux anyway.

Christian Hammers explained that 3.23.50 contains a fix against a bug resulting in a segementation fault that was fixed upstream. 3.23.51 also has some scripts changed.

Creating a diff through both versions is not possible. Many differences are made in documentation and file locations, and the source package was renamed as well. I'm not convinced this should go into stable.

Apart from that, arm and sparc ar mising, and .changes files for alpha, i386, ia64, mips, mipsel, powerpc and s390 are missing as well.


MISSING arm
MISSING sparc

partedstable1.4.24-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
partedupdates1.4.24-4.woody.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, sparc, source

* Backported upstream's patch for MacOS X partition issue from 1.6 series. The patch is simply a 2 line addition which comments out a check that the boot region starts at the start of the partition. Since the MacOS X doesn't have the boot region at the start of the partition, this check caused a fatal error on all MacOS X / Debian systems, and means that the parted-using PGI can't be used to install the system. (closes: 145214)


MISSING s390

seti-appletstable0.2.2-1.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
seti-appletupdates0.2.2-2alpha, arm, hppa, i386, ia64, m68k, mips, powerpc, s390, sparc, source

Amaya: The version in stable didn't build from source or install. This upload fixes that. No changes in the orignial package, just in the debian/ dir. No new features, no new bugs.


MISSING mipsel

libprinterconf-devstable0.4-2alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libprinterconf-devupdates0.5-4.woody.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libprinterconf0stable0.4-2alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libprinterconf0updates0.5-4.woody.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libprinterconfstable0.4-2source
libprinterconfupdates0.5-4.woody.2source
libsnmpkit-devstable0.9-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libsnmpkit-devupdates0.9-4.woody.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libsnmpkit1stable0.9-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libsnmpkit2updates0.9-4.woody.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
pconf-detectstable0.4-2alpha, arm, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
pconf-detectupdates0.5-4.woody.2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
snmpkitstable0.9-1source
snmpkitupdates0.9-4.woody.2source

Due to a maintainer bug the package libsnmpkit1 did not only contain libsnmpkit2.so.* but also lacked the libsnmpkit2.so link. Hence, it's not exactly usable in woody. In turn this renders packages like pconf-detect, gnulpr and printtool useless.

Buildds are hopefully catching up.


MISSING sparc
MISSING sparc

tilpstable5.03-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
tilpupdates5.03-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, source

Changelog only says:

* Fixed postrm script to not barf on purge (closes: Bug#153718).

* Fixed segfault when opening a directory not readable by user.

* Fixed permissions on newly-created directories (closes: Bug#153517).


MISSING sparc

xncstable4.4.7-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
xncupdates4.4.7-3.woody.1alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Previous version was causing Debian menu system breakage when installed.


MISSING arm

Rejected Packages

These packages don't meet the requirements and will be rejected (if katie supports that, otherwise we'll just carry them with us until the end of time).

cactistable0.6.7-2all, source
cactiupdates0.6.7-3all, source

DSA-164 cacti - arbitrary code execution

0.6.7-3 contains a tempfile race condition

0.6.7-2.1 would've been the version from security.debian.org, bummer.

cfengine-docstable1.6.3-9all
cfengine-docupdates1.6.4-0woody1all
cfenginestable1.6.3-9alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
cfengineupdates1.6.4-0woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Intrusive changes. New upstream version. Changed libraries. Changed behaviour. Moved from non-US to main for no apparent reason. Missing .changes files.

fvwmstable2.4.6-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
fvwmupdates2.4.6-2woody1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, source

Changelog says:

* "No, restart Fvwm" command correction. Previous was to run /usr/bin/X11/fvwm2, even fvwm is in /usr/bin since 2.4.5-2 (closes: #153983)

This upload only corrects the path in the Debian menu. The correction looks clean. However, this problem only occurs to rather few people who restart fvwm. This upload does not correct the font problem mentioned in the same bug report (not sure if it's fvwm's fault at all, though). This problem is not critical enough for a fix to be included in a stable update


MISSING sparc

galeon-commonstable1.2.5-0.woody.1all
galeon-commonupdates1.2.5-0.woody.2all
galeon-nautilusstable1.2.5-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
galeon-nautilusupdates1.2.5-0.woody.2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
galeonstable1.2.5-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc, source
galeonupdates1.2.5-0.woody.2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc, source

Rebuild for woody against new mozilla package (closes: #170331)

There is no new Mozilla package.

iamericanstable3.1.20-21.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
iamericanupdates3.1.20.0-0woody1alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
ibritishstable3.1.20-21.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
ibritishupdates3.1.20.0-0woody1alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390
ispellstable3.1.20-21.1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
ispellupdates3.1.20.0-0woody1alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, source
wbritishstable3.1.20-21.1all
wbritishupdates3.1.20.0-0woody1all

* for stable, same as 3.1.20.0-1, urgency low

Probably no package that needs to be required in stable


MISSING arm

kernel-headers-2.2.20-compactstable2.2.20-5i386
kernel-headers-2.2.20-compactupdates2.2.20-6i386
kernel-headers-2.2.20-idepcistable2.2.20-5i386
kernel-headers-2.2.20-idepciupdates2.2.20-6i386
kernel-headers-2.2.20stable2.2.20-5i386
kernel-headers-2.2.20updates2.2.20-6i386
kernel-image-2.2.20-compactstable2.2.20-5i386
kernel-image-2.2.20-compactupdates2.2.20-6i386
kernel-image-2.2.20-i386stable2.2.20-5source
kernel-image-2.2.20-i386updates2.2.20-6source
kernel-image-2.2.20-idepcistable2.2.20-5i386
kernel-image-2.2.20-idepciupdates2.2.20-6i386
kernel-image-2.2.20stable2.2.20-5i386
kernel-image-2.2.20updates2.2.20-6i386

Fixed i386 lcall DoS (Petr Vandrovec).

Superseded by kernel-image-2.2.22

kernel-headers-2.4.18-bf2.4stable2.4.18-5i386
kernel-headers-2.4.19-bf2.4updates2.4.19-1i386
kernel-image-2.4.18-bf2.4stable2.4.18-5i386
kernel-image-2.4.19-bf2.4updates2.4.19-1i386
kernel-image-2.4.18-i386bfstable2.4.18-5source
kernel-image-2.4.19-i386bfupdates2.4.19-1source
kernel-pcmcia-modules-2.4.19-bf2.4updates2.4.19-1i386

There's still kernel-image-2.4.18-bf2.4 and kernel-headers-2.4.18-bf2.4 in woody. Eduard Bloch told me that they need to stay, so new packages can't go i..

libnspr-devstable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
libnspr-devupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
libnspr4stable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
libnspr4updates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
libnss-devstable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
libnss-devupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
libnss3stable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
libnss3updates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-browserstable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-browserupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-chatzillastable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-chatzillaupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-devstable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-devupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-dom-inspectorstable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-dom-inspectorupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-js-debuggerstable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-js-debuggerupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-mailnewsstable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-mailnewsupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-psmstable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-psmupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-xmltermstable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozilla-xmltermupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc
mozillastable2:1.0.0-0.woody.1alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc, source
mozillaupdates2:1.0.1-2alpha, arm, hppa, i386, ia64, m68k, powerpc, s390, sparc, source

New upstream release includes security update.

New upstream release is a nogo for a beast like Mozilla.

libssl-devstable0.9.6c-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libssl-devupdates0.9.6c-2.woody.0m68k
libssl-devupdates0.9.6g-0.woody.1alpha, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
libssl0.9.6stable0.9.6c-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libssl0.9.6updates0.9.6c-2.woody.0m68k
libssl0.9.6updates0.9.6g-0.woody.1alpha, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
opensslstable0.9.6c-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
opensslupdates0.9.6c-2.woody.0m68k
opensslupdates0.9.6g-0.woody.1alpha, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc, source
ssleaystable0.9.6c-2all
ssleayupdates0.9.6g-0.woody.1all

0.9.6c-2.woody.0: DSA-136 openssl - multiple remote exploits

0.9.6c-2.woody.1: DSA-136 openssl - multiple remote exploits (update on security.debian.org)

0.9.6g-0.woody.1 says:

* new upstream version

* fix manpage names (closes: #156717, #156718, #156719, #156721)

* Use proper error handling instead of 'assertions' in buffer overflow checks added in 0.9.6e. This prevents DoS (the assertions could call abort()). (closes: #155985, #156495)

* Fix ASN1 checks. Check for overflow by comparing with LONG_MAX and get fix the header length calculation.

* include support for new sh* architectures (closes: #155117)


MISSING m68k

partimagestable0.6.1-13arm, i386, m68k, mips, mipsel, powerpc, s390, sparc, source
partimageupdates0.6.1-13woody1arm, i386, m68k, mips, mipsel, powerpc, s390, sparc, source

Changelog says:

* This package doesn't contains documentation so, the call to install-docs fails. Now, install-docs it's only called if there are something in /usr/share/doc-base. Closes: #155023

* Last package was a critical bug that becomes it on uninstable. The problem was on a non existant directory needed by the postinstall script. This package closes: #153835

The package in woody installs, upgrades and reinstalls fine, so no upgrade is required.

perlstable5.6.1-7alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
perlupdates5.6.1-8alpha, i386, mips, mipsel, powerpc, s390, sparc, source

Security update for Safe.pm

Will be superseded by a DSA in week 50

libecpg3stable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libecpg3updates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390
libpgperlstable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libpgperlupdates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390
libpgsql2stable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libpgsql2updates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390
libpgtclstable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libpgtclupdates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390
odbc-postgresqlstable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
odbc-postgresqlupdates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390
pgaccessstable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
pgaccessupdates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390
postgresql-clientstable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
postgresql-clientupdates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390
postgresql-contribstable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
postgresql-contribupdates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390
postgresql-devstable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
postgresql-devupdates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390
postgresql-docstable7.2.1-2all
postgresql-docupdates7.2.2-0.woody.1all
postgresqlstable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
postgresqlupdates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390, source
python-pygresqlstable7.2.1-2alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
python-pygresqlupdates7.2.2-0.woody.1alpha, hppa, i386, m68k, mips, mipsel, s390

Version 7.2.1-2woody2 would be DSA-165 postgresql - buffer overflows

Version 7.2.2-0.woody.1 is a new upstream version and hence not authorized .

Files from DSA-165 got lost though

python2.1stable2.1.3-3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
python2.1updates2.1.3-4.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
python2.2stable2.2.1-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
python2.2updates2.2.1-4.3alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

DSA 159-1: 2.1.3-3.1, 2.2.1-4.1 DSA 159-2: 2.1.3-3.2, 2.2.1-4.2

python2.1_2.1.3-3.2 is missing for 8 architectures, which got lost during the transfer from security.debian.org to ftp-master.

The packages are completely fucked up except for python 1.5, hence, separated. I guess we need mechanisms to avoid such situations. Random maintainers uploading packages with higher versions than security updates, partially render the packages from security.debian.org unreachable and hence unusable.

libmilter-devstable8.12.3-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libmilter-devupdates8.12.6-6Woodyalpha, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390
sendmail-docstable8.12.3-4all
sendmail-docupdates8.12.6-6Woodyall
sendmailstable8.12.3-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
sendmailupdates8.12.6-6Woodyalpha, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, source

New upstream version.

libsocks4stable4.3.beta2-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libsocks4updates4.3.beta2-12.woody.0alpha, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
socks4-clientsstable4.3.beta2-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
socks4-clientsupdates4.3.beta2-12.woody.0alpha, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
socks4-serverstable4.3.beta2-12alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
socks4-serverupdates4.3.beta2-12.woody.0alpha, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc, source

Changelog only says:

* changed priority of libsocks4 to optional

* fix building of rtelnet


MISSING arm
MISSING m68k

syslog-ngstable1.5.15-1alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
syslog-ngupdates1.5.15-3alpha, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source

Version 1.5.15-1.1 would be DSA-175 syslog-ng - buffer overflow

Version 1.5.15-3 is not an authorized version.

Files from DSA-175 got lost though

systemimager-bin-i386stable2.0.1-3woody0all
systemimager-bin-i386updates2.0.1-3woody1all
systemimager-clientstable2.0.1-3woody0all
systemimager-clientupdates2.0.1-3woody1all
systemimager-commonstable2.0.1-3woody0all
systemimager-commonupdates2.0.1-3woody1all
systemimager-docstable2.0.1-3woody0all
systemimager-docupdates2.0.1-3woody1all
systemimager-initrd-i386stable2.0.1-3woody0all
systemimager-initrd-i386updates2.0.1-3woody1all
systemimager-kernel-i386stable2.0.1-3woody0all
systemimager-kernel-i386updates2.0.1-3woody1all
systemimager-serverstable2.0.1-3woody0all
systemimager-serverupdates2.0.1-3woody1all
systemimagerstable2.0.1-3woody0source
systemimagerupdates2.0.1-3woody1source

fixed manpages which were corrupted in stable. Closes: 153065

Documentation fixes don't justify an upload to stable.

libwine-devstable0.0.20020411-1i386
libwine-devupdates0.0.20020411-2i386
libwinestable0.0.20020411-1i386
libwineupdates0.0.20020411-2i386
wine-docstable0.0.20020411-1i386
wine-docupdates0.0.20020411-2i386
wine-utilsstable0.0.20020411-1i386
wine-utilsupdates0.0.20020411-2i386
winestable0.0.20020411-1i386, source
wineupdates0.0.20020411-2i386, source

Changelog says:

* Explicitly depend on libfreetype6, and changed Wine code to look for libfreetype.so.6 instead of libfreetype.so. Closes: #147571.

* Removed README.Debian reference to my old apt repository on WineHQ; since they no longer run Debian, I can't host it there anymore.

* Merged a few other small packaging fixes from unstable:

- doubled size of MAX_FONTS

- fixed wine-doc.doc-base

- updated debconf template translations

libwings-devstable0.80.0-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libwings-devupdates0.80.0-4.1alpha, arm, hppa, i386, ia64, m68k, mips, powerpc, s390, sparc
libwings-devupdates0.80.0-4woody1mipsel
libwmaker0-devstable0.80.0-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libwmaker0-devupdates0.80.0-4.1alpha, arm, hppa, i386, ia64, m68k, mips, powerpc, s390, sparc
libwmaker0-devupdates0.80.0-4woody1mipsel
libwraster2-devstable0.80.0-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libwraster2-devupdates0.80.0-4.1alpha, arm, hppa, i386, ia64, m68k, mips, powerpc, s390, sparc
libwraster2-devupdates0.80.0-4woody1mipsel
libwraster2stable0.80.0-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc
libwraster2updates0.80.0-4.1alpha, arm, hppa, i386, ia64, m68k, mips, powerpc, s390, sparc
libwraster2updates0.80.0-4woody1mipsel
wmakerstable0.80.0-4alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390, sparc, source
wmakerupdates0.80.0-4.1alpha, arm, hppa, i386, ia64, m68k, mips, powerpc, s390, sparc, source
wmakerupdates0.80.0-4woody1mipsel

DSA-190 wmaker - buffer overflow

Broken security update, requires an update

Disclaimer

This list intends to help the ftp-masters releasing 3.0r1. They have the final power to accept a package or not. If you want to comment on this list, please send a mail to Martin Schulze <joey@debian.org>.
Last updated 2003/02/23 22:51 MET