Preparation of the next stable Debian GNU/Linux update

An up-to-date version is at http://people.debian.org/~joey/3.0r4/.

I am preparing the next revision of the current stable Debian distribution (woody) and will infrequently send reports so people can actually comment on it and intervene whenever this is required.

If you disagree with one bit or another, please reply to this mail and explain why these things should be handled differently. There is still time to reconsider.

The plan is to release this revision roughly two months after the last update. However, it may be required that this happens before the release of sarge or it won't happen at all. It may be the last update if no updates to 3.0 are possible after sarge has been released.

An ftpmaster still has to give the final approval for each package since ftpmasters are responsible for the archive. However, I'm trying to make their work as easy as possible in the hope to get the next revision out properly and without too much hassle.

The regulations for updates to the stable Debian release are quite conservative.

The requirements for packages to get updated in stable are:

1. The package fixes a security problem. An advisory by our own Security Team is required. Updates need to be approved by the Security Team.

2. The package fixes a critical bug which can lead into data loss, data corruption, or an overly broken system, or the package is broken or not usable (anymore).

3. The stable version of the package is not installable at all due to broken or unmet dependencies or broken installation scripts.

4. All released architectures have to be in sync.

5. The package gets all released architectures back in sync.

It is (or (and (or 1 2 3) 4) 5)

Regular bugs and upgrade problems don't get fixed in new revisions for the stable distribution. They should instead be documented in the Release Notes which are maintained by Rob Bradford <mailto:robster@debian.org> and are found at http://www.debian.org/releases/woody/releasenotes.

Packages, which will most probably be rejected:

. Packages that fix non-critical bugs.

. Misplaced uploads, i.e. packages that were uploaded to 'stable unstable' or `frozen unstable' or similar.

. Packages for which its binary packages are out of sync with regard to all supported architectures in the stable distribution.

. Binary packages for which the source got lost somehow.

. Packages that fix an unusable minor part of a package.

If you would like to get a package updated in the stable release, you are advised to talk to the stable release manager first (see http://www.debian.org/intro/organization).

Accepted Packages

These packages will be installed into the stable Debian distribution and will be part of the next revision.

a2psstable4.13b-16alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
a2psupdates4.13b-16woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 612 a2ps - unsanitised input

abiword-commonstable1.0.2+cvs.2002.06.05-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-commonupdates1.0.2+cvs.2002.06.05-1woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-docstable1.0.2+cvs.2002.06.05-1all
abiword-docupdates1.0.2+cvs.2002.06.05-1woody2all
abiword-gnomestable1.0.2+cvs.2002.06.05-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-gnomeupdates1.0.2+cvs.2002.06.05-1woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-gtkstable1.0.2+cvs.2002.06.05-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-gtkupdates1.0.2+cvs.2002.06.05-1woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-pluginsstable1.0.2+cvs.2002.06.05-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiword-pluginsupdates1.0.2+cvs.2002.06.05-1woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
abiwordstable1.0.2+cvs.2002.06.05-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
abiwordupdates1.0.2+cvs.2002.06.05-1woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
xfonts-abistable1.0.2+cvs.2002.06.05-1all
xfonts-abiupdates1.0.2+cvs.2002.06.05-1woody2all

DSA 579 abiword - buffer overflow

apache-commonstable1.3.26-0woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
apache-commonupdates1.3.26-0woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
apache-devstable1.3.26-0woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
apache-devupdates1.3.26-0woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
apache-docstable1.3.26-0woody5all
apache-docupdates1.3.26-0woody6all
apachestable1.3.26-0woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
apacheupdates1.3.26-0woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 594 apache - buffer overflows

atari800stable1.2.2-1mipsel
atari800stable1.2.2-1woody2alpha arm hppa i386 ia64 m68k mips powerpc s390 sparc source
atari800updates1.2.2-1woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 609 atari800 - buffer overflows

DSA 359 atari800 - buffer overflows

contrib

bncstable2.6.4-3.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
bncupdates2.6.4-3.3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 595 bnc - buffer overflow

cabextractstable0.2-2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
cabextractupdates0.2-2balpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 574 cabextract - missing directory sanitising

catdocstable0.91.5-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
catdocupdates0.91.5-1.woody3alpha hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 575 catdoc - insecure temporary file

FTBFS on arm due to broken tk (Bug#278658)

cscopestable15.3-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
cscopeupdates15.3-1woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 610 cscope - insecure temporary file

cyrus-adminstable1.5.19-9.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
cyrus-adminupdates1.5.19-9.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
cyrus-commonstable1.5.19-9.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
cyrus-commonupdates1.5.19-9.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
cyrus-devstable1.5.19-9.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
cyrus-devupdates1.5.19-9.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
cyrus-imapdstable1.5.19-9.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
cyrus-imapdupdates1.5.19-9.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
cyrus-nntpstable1.5.19-9.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
cyrus-nntpupdates1.5.19-9.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
cyrus-pop3dstable1.5.19-9.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
cyrus-pop3dupdates1.5.19-9.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 597 cyrus-imapd - buffer overflow

debmakestable3.6.10all source
debmakeupdates3.6.10.woody.1all source

DSA 615 debmake - insecure temporary files

dhcp-client-udebupdates2.0pl5-11woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
dhcp-clientstable2.0pl5-11alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
dhcp-clientupdates2.0pl5-11woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
dhcp-relaystable2.0pl5-11alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
dhcp-relayupdates2.0pl5-11woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
dhcpstable2.0pl5-11alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
dhcpupdates2.0pl5-11woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 584 dhcp - format string vulnerability

ethereal-commonstable0.9.4-1woody8alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
ethereal-commonupdates0.9.4-1woody9alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
ethereal-devstable0.9.4-1woody8alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
ethereal-devupdates0.9.4-1woody9alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
etherealstable0.9.4-1woody8alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
etherealupdates0.9.4-1woody9alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
tetherealstable0.9.4-1woody8alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
tetherealupdates0.9.4-1woody9alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 613 ethereal - infinite loop

ez-ipupdatestable3.0.11b5-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
ez-ipupdateupdates3.0.11b5-1woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 592 ez-ipupdate - format string

freeamp-docstable1:2.1.1.0-4all
freeamp-docupdates1:2.1.1.0-4woody2all
freeamp-extrasstable1:2.1.1.0-4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
freeamp-extrasupdates1:2.1.1.0-4woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
freeampstable1:2.1.1.0-4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
freeampupdates1:2.1.1.0-4woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
libfreeamp-alsastable1:2.1.1.0-4alpha arm i386 mips powerpc sparc
libfreeamp-alsaupdates1:2.1.1.0-4woody2alpha arm i386 mips powerpc sparc
libfreeamp-esoundstable1:2.1.1.0-4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libfreeamp-esoundupdates1:2.1.1.0-4woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 587 freeamp - buffer overflow

freesweepstable0.88-4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
freesweepupdates0.88-4woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 391 freesweep - buffer overflow

ftestable0.49.13-15alpha arm hppa i386 ia64 m68k mips mipsel sparc source
ftestable0.49.13-15.0.1powerpc s390
fteupdates0.49.13-15.woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 472 fte - several vulnerabilities

gnats-userstable3.999.beta1+cvs20020303-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
gnats-userupdates3.999.beta1+cvs20020303-2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
gnatsstable3.999.beta1+cvs20020303-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
gnatsupdates3.999.beta1+cvs20020303-2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 590 gnats - format string vulnerability

gpsstable0.9.4-1alpha arm i386 m68k mips mipsel powerpc s390 sparc source
gpsstable0.9.4-1.0.1hppa ia64
gpsupdates0.9.4-1.woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
rgpspstable0.9.4-1alpha arm i386 m68k mips mipsel powerpc s390 sparc
rgpspstable0.9.4-1.0.1hppa ia64
rgpspupdates0.9.4-1.woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 307 gps - multiple vulnerabilities

gzipstable1.3.2-3woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
gzipupdates1.3.2-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 588 gzip - insecure temporary files

hpsockdstable0.6alpha arm i386 ia64 m68k mips mipsel powerpc s390 sparc source
hpsockdstable0.6.0.1hppa
hpsockdupdates0.6.woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 604 hpsockd - missing input sanitising

htgetstable0.93-1.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
htgetupdates0.93-1.1woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 611 htget - buffer overflow

imagemagickstable4:5.4.4.5-1woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
imagemagickupdates4:5.4.4.5-1woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
libmagick++5-devstable4:5.4.4.5-1woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick++5-devupdates4:5.4.4.5-1woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick++5stable4:5.4.4.5-1woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick++5updates4:5.4.4.5-1woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick5-devstable4:5.4.4.5-1woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick5-devupdates4:5.4.4.5-1woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick5stable4:5.4.4.5-1woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libmagick5updates4:5.4.4.5-1woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
perlmagickstable4:5.4.4.5-1woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
perlmagickupdates4:5.4.4.5-1woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 547 imagemagick - buffer overflows

DSA 593 imagemagick - buffer overflow

gdk-imlib-devstable1.9.14-2wody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
gdk-imlib-devupdates1.9.14-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
gdk-imlib1stable1.9.14-2wody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
gdk-imlib1updates1.9.14-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
imlib-basestable1.9.14-2wody1all
imlib-baseupdates1.9.14-2woody2all
imlib-devstable1.9.14-2wody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
imlib-devupdates1.9.14-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
imlib-progsstable1.9.14-2wody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
imlib-progsupdates1.9.14-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
imlib1stable1.9.14-2wody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
imlib1updates1.9.14-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
imlibstable1.9.14-2wody1source
imlibupdates1.9.14-2woody2source

DSA 618 imlib - buffer overflows, integer overflows

iptables-devstable1.2.6a-5.0woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
iptables-devupdates1.2.6a-5.0woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
iptablesstable1.2.6a-5.0woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
iptablesupdates1.2.6a-5.0woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 580 iptables - missing initialisation

kannelstable1.1.5-2alpha arm hppa i386 ia64 m68k mips powerpc s390 sparc source
kannelupdates1.1.5-2mipsel

Get architectures back in sync

kernel-patch-2.4.17-s390stable0.0.20020816-0.woody.1.1all source
kernel-patch-2.4.17-s390updates0.0.20020816-0.woody.3all source

DSA 482 linux-kernel-2.4.17 - several vulnerabilities

DSA 442 linux-kernel-2.4.17 - several vulnerabilities

kernel-headers-2.4.18stable2.4.18-1woody1powerpc
kernel-headers-2.4.18updates2.4.18-1woody5powerpc
kernel-image-2.4.18-newpmacstable2.4.18-1woody1powerpc
kernel-image-2.4.18-newpmacupdates2.4.18-1woody5powerpc
kernel-image-2.4.18-powerpc-smpstable2.4.18-1woody1powerpc
kernel-image-2.4.18-powerpc-smpupdates2.4.18-1woody5powerpc
kernel-image-2.4.18-powerpcstable2.4.18-1woody1powerpc
kernel-image-2.4.18-powerpcupdates2.4.18-1woody5powerpc
kernel-patch-2.4.18-powerpcstable2.4.18-1woody1all source
kernel-patch-2.4.18-powerpcupdates2.4.18-1woody5all source

DSA 479 linux-kernel-2.4.18 - several vulnerabilities

DSA 438 linux-kernel-2.4.18 - missing function return value check

DSA 417 linux-kernel-2.4.18 - missing boundary check

l2tpdstable0.67-1.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
l2tpdupdates0.67-1.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 530 l2tpd - buffer overflow

libcrypt-passwdmd5-perlstable1.2-3all source
libcrypt-passwdmd5-perlupdates1.2-3woody1all source

Added missing dependency to make the package installable again.

libgd-devstable1.8.4-17.woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd-devupdates1.8.4-17.woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd-noxpm-devstable1.8.4-17.woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd-noxpm-devupdates1.8.4-17.woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd1-noxpmstable1.8.4-17.woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd1-noxpmupdates1.8.4-17.woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd1stable1.8.4-17.woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd1updates1.8.4-17.woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 589 libgd1 - integer overflows

DSA 601 libgd - integer overflow

libgd-toolsstable2.0.1-10alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd-toolsupdates2.0.1-10woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd2-devstable2.0.1-10alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd2-devupdates2.0.1-10woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd2-noxpmstable2.0.1-10alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd2-noxpmupdates2.0.1-10woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgd2stable2.0.1-10alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
libgd2updates2.0.1-10woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 591 libgd2 - integer overflows

DSA 602 libgd2 - integer overflow

libxml-devstable1:1.8.17-2woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxml-devupdates1:1.8.17-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxml1stable1:1.8.17-2woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxml1updates1:1.8.17-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 582 libxml1 - buffer overflow

libxml2-devstable2.4.19-4woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxml2-devupdates2.4.19-4woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxml2stable2.4.19-4woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
libxml2updates2.4.19-4woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 582 libxml2 - buffer overflow

lvm10stable1:1.0.4-5woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
lvm10updates1:1.0.4-5woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 583 lvm10 - insecure temporary directory

mantisstable0.17.1-2.5all source
mantisupdates0.17.1-3all source

DSA 335 mantis - incorrect permissions

mpg123-esdstable0.59r-13woody3alpha i386 powerpc
mpg123-esdupdates0.59r-13woody4alpha i386 powerpc
mpg123-nasstable0.59r-13woody3i386
mpg123-nasupdates0.59r-13woody4i386
mpg123-oss-3dnowstable0.59r-13woody3i386
mpg123-oss-3dnowupdates0.59r-13woody4i386
mpg123-oss-i486stable0.59r-13woody3i386
mpg123-oss-i486updates0.59r-13woody4i386
mpg123stable0.59r-13woody3alpha arm hppa i386 m68k powerpc sparc source
mpg123updates0.59r-13woody4alpha arm hppa i386 m68k powerpc sparc source

DSA 578 mpg123 - buffer overflow

netkit-telnet-sslstable0.17.17+0.1-2woody2source
netkit-telnet-sslupdates0.17.17+0.1-2woody3source
telnet-sslstable0.17.17+0.1-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
telnet-sslupdates0.17.17+0.1-2woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
telnetd-sslstable0.17.17+0.1-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
telnetd-sslupdates0.17.17+0.1-2woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 616 netkit-telnet-ssl - format string

libnetpbm9-devstable2:9.20-8.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libnetpbm9-devupdates2:9.20-8.4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libnetpbm9stable2:9.20-8.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libnetpbm9updates2:9.20-8.4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
netpbm-freestable2:9.20-8.2source
netpbm-freeupdates2:9.20-8.4source
netpbmstable2:9.20-8.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
netpbmupdates2:9.20-8.4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 426 netpbm-free - insecure temporary files

nfs-commonstable1:1.0-2woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
nfs-commonupdates1:1.0-2woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
nfs-kernel-serverstable1:1.0-2woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
nfs-kernel-serverupdates1:1.0-2woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
nfs-utilsstable1:1.0-2woody1source
nfs-utilsupdates1:1.0-2woody3source
nhfsstonestable1:1.0-2woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
nhfsstoneupdates1:1.0-2woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 606 nfs-utils - wrong signal handler

oftpdstable0.3.6-5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
oftpdupdates0.3.6-6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 473 oftpd - denial of service

libssl-devstable0.9.6c-2.woody.6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libssl-devupdates0.9.6c-2.woody.7alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libssl0.9.6stable0.9.6c-2.woody.6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libssl0.9.6updates0.9.6c-2.woody.7alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
opensslstable0.9.6c-2.woody.6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
opensslupdates0.9.6c-2.woody.7alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
ssleaystable0.9.6c-2.woody.6all
ssleayupdates0.9.6c-2.woody.7all

DSA 603 openssl - insecure temporary file

libecpg3stable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libecpg3updates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgperlstable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgperlupdates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgsql2stable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgsql2updates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgtclstable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpgtclupdates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
odbc-postgresqlstable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
odbc-postgresqlupdates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
pgaccessstable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
pgaccessupdates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-clientstable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-clientupdates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-contribstable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-contribupdates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-devstable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-devupdates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
postgresql-docstable7.2.1-2woody5all
postgresql-docupdates7.2.1-2woody6all
postgresqlstable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
postgresqlupdates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
python-pygresqlstable7.2.1-2woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
python-pygresqlupdates7.2.1-2woody6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 577 postgresql - insecure temporary file

rlprstable2.02-7alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
rlprupdates2.02-7woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 524 rlpr - several vulnerabilities

irbstable1.6.7-3woody3all
irbupdates1.6.7-3woody4all
libcurses-rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libcurses-rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libdbm-rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libdbm-rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgdbm-rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libgdbm-rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libnkf-rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libnkf-rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpty-rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libpty-rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libreadline-rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libreadline-rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
librubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
librubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libsdbm-rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libsdbm-rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libsyslog-rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libsyslog-rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtcltk-rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtcltk-rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtk-rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtk-rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
ruby-devstable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
ruby-devupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
ruby-elispstable1.6.7-3woody3all
ruby-elispupdates1.6.7-3woody4all
ruby-examplesstable1.6.7-3woody3all
ruby-examplesupdates1.6.7-3woody4all
rubystable1.6.7-3woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
rubyupdates1.6.7-3woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 586 ruby - infinite loop

loginstable20000902-12alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
loginupdates20000902-12woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
passwdstable20000902-12alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
passwdupdates20000902-12woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
shadowstable20000902-12source
shadowupdates20000902-12woody1source

DSA 585 shadow - programming error

squid-cgistable2.4.6-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
squid-cgiupdates2.4.6-2woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
squidclientstable2.4.6-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
squidclientupdates2.4.6-2woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
squidstable2.4.6-2woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
squidupdates2.4.6-2woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 576 squid - several vulnerabilities

sudostable1.6.6-1.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
sudoupdates1.6.6-1.3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 596 sudo - missing input sanitising

libkpathsea-devstable1.0.7+20011202-7.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libkpathsea-devupdates1.0.7+20011202-7.3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libkpathsea3stable1.0.7+20011202-7.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libkpathsea3updates1.0.7+20011202-7.3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
tetex-binstable1.0.7+20011202-7.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
tetex-binupdates1.0.7+20011202-7.3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 599 tetex-bin - integer overflows

libtiff-toolsstable3.5.5-6alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc
libtiff-toolsstable3.5.5-6.0.1s390
libtiff-toolsupdates3.5.5-6.woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtiff3g-devstable3.5.5-6alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc
libtiff3g-devstable3.5.5-6.0.1s390
libtiff3g-devupdates3.5.5-6.woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libtiff3gstable3.5.5-6alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc
libtiff3gstable3.5.5-6.0.1s390
libtiff3gupdates3.5.5-6.woody3alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
tiffstable3.5.5-6source
tiffupdates3.5.5-6.woody3source

DSA 617 tiff - insufficient input validation

DSA 567 tiff - heap overflows

viewcvsstable0.9.2-4all source
viewcvsupdates0.9.2-4woody1all source

DSA 605 viewcvs - settings not honored

xaosstable3.0-23alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc source
xaosstable3.0-23.0.1s390
xaosupdates3.0-23.woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 310 xaos - improper setuid-root execution

lbxproxystable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
lbxproxyupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libdps-devstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libdps-devupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libdps1-dbgstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libdps1-dbgupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libdps1stable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libdps1updates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw6-dbgstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw6-dbgupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw6-devstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw6-devupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw6stable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw6updates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw7-dbgstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw7-dbgupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw7-devstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw7-devupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw7stable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libxaw7updates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
proxymngrstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
proxymngrupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
twmstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
twmupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
x-window-system-corestable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
x-window-system-coreupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
x-window-systemstable4.1.0-16woody4all
x-window-systemupdates4.1.0-16woody5all
xbase-clientsstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xbase-clientsupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xdmstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xdmupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xfonts-100dpi-transcodedstable4.1.0-16woody4all
xfonts-100dpi-transcodedupdates4.1.0-16woody5all
xfonts-100dpistable4.1.0-16woody4all
xfonts-100dpiupdates4.1.0-16woody5all
xfonts-75dpi-transcodedstable4.1.0-16woody4all
xfonts-75dpi-transcodedupdates4.1.0-16woody5all
xfonts-75dpistable4.1.0-16woody4all
xfonts-75dpiupdates4.1.0-16woody5all
xfonts-base-transcodedstable4.1.0-16woody4all
xfonts-base-transcodedupdates4.1.0-16woody5all
xfonts-basestable4.1.0-16woody4all
xfonts-baseupdates4.1.0-16woody5all
xfonts-cyrillicstable4.1.0-16woody4all
xfonts-cyrillicupdates4.1.0-16woody5all
xfonts-pexstable4.1.0-16woody4all
xfonts-pexupdates4.1.0-16woody5all
xfonts-scalablestable4.1.0-16woody4all
xfonts-scalableupdates4.1.0-16woody5all
xfree86-commonstable4.1.0-16woody4all
xfree86-commonupdates4.1.0-16woody5all
xfree86stable4.1.0-16woody4source
xfree86updates4.1.0-16woody5source
xfsstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xfsupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xfwpstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xfwpupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlib6g-devstable4.1.0-16woody4all
xlib6g-devupdates4.1.0-16woody5all
xlib6gstable4.1.0-16woody4all
xlib6gupdates4.1.0-16woody5all
xlibmesa-devstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibmesa-devupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibmesa3-dbgstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibmesa3-dbgupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibmesa3stable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibmesa3updates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibosmesa-devstable4.1.0-16woody4alpha i386 ia64 powerpc sparc
xlibosmesa-devupdates4.1.0-16woody5alpha i386 ia64 powerpc sparc
xlibosmesa3-dbgstable4.1.0-16woody4alpha i386 ia64 powerpc sparc
xlibosmesa3-dbgupdates4.1.0-16woody5alpha i386 ia64 powerpc sparc
xlibosmesa3stable4.1.0-16woody4alpha i386 ia64 powerpc sparc
xlibosmesa3updates4.1.0-16woody5alpha i386 ia64 powerpc sparc
xlibs-dbgstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibs-dbgupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibs-devstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibs-devupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibs-picstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibs-picupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibsstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xlibsupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xmhstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xmhupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xneststable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xnestupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xprtstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xprtupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xserver-commonstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xserver-commonupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xserver-xfree86stable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc
xserver-xfree86updates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc sparc
xspecsstable4.1.0-16woody4all
xspecsupdates4.1.0-16woody5all
xtermstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xtermupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xutilsstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xutilsupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xvfbstable4.1.0-16woody4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xvfbupdates4.1.0-16woody5alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc

DSA 607 xfree86 - several vulnerabilities

xpdf-commonstable1.00-3.1all
xpdf-commonupdates1.00-3.2all
xpdf-readerstable1.00-3.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xpdf-readerupdates1.00-3.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xpdf-utilsstable1.00-3.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xpdf-utilsupdates1.00-3.2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
xpdfstable1.00-3.1all source
xpdfupdates1.00-3.2all source

DSA 581 xpdf - integer overflows

xzgvstable0.7-6alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
xzgvupdates0.7-6woody2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 614 xzgv - integer overflows

yardradiusstable1.0.20-2alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
yardradiusupdates1.0.20-2woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

DSA 598 yardradius - buffer overflow

zgvstable5.5-3i386 source
zgvupdates5.5-3woody2i386 source

DSA 608 zgv - integer overflows, unsanitised input

Requires further Investigation

These packages need further investigation. One reason the package is listed here could be that I'm not yet convinced this package should go into stable, but don't want to reject it entirely at the moment.

Another reason could be that released and updated architectures are not yet in sync.

acorn-fdiskstable3.0.6-4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
acorn-fdiskupdates3.0.6-4woody1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

Rebuilt for stable since required for working boot-floppies; otherwise identical to 3.0.6-5.

Probably only required for updated boot-floppies

console-commonstable0.7.14all source
console-commonupdates0.7.14woody1all source
dh-consoledatastable0.7.14all
dh-consoledataupdates0.7.14woody1all

Support the Acorn RiscStation architecture.

Alastair McKinstry: The console-common change for Acorn RiscStation is included in the current boot-floppies since 2002/08/12; it is in kbdconfig.c 1.68; boot-floppies 3.0.23 shipped with kbdconfig.c 1.66. As I understand it, this is not the current shipping woody, but these machines only boot with this updated, modified boot-floppies and console-common.

Hence, only needed for updated boot-floppies, probably for r3 then.

chill-2.95stable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
chill-2.95stable1:2.95.4-7mips mipsel sparc
chill-2.95updates1:2.95.4-11woody1mips mipsel
cpp-2.95-docstable1:2.95.4-11woody1all
cpp-2.95stable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
cpp-2.95stable1:2.95.4-7mips mipsel sparc
cpp-2.95updates1:2.95.4-11woody1mips mipsel
g++-2.95stable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
g++-2.95stable1:2.95.4-7mips mipsel sparc
g++-2.95updates1:2.95.4-11woody1mips mipsel
g77-2.95-docstable1:2.95.4-11woody1all
g77-2.95stable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
g77-2.95stable1:2.95.4-7mips mipsel sparc
g77-2.95updates1:2.95.4-11woody1mips mipsel
gcc-2.95-docstable1:2.95.4-11woody1all
gcc-2.95stable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
gcc-2.95stable1:2.95.4-7mips mipsel sparc
gcc-2.95stable2.95.4.ds13-11woody1source
gcc-2.95updates1:2.95.4-11woody1mips mipsel
gobjc-2.95stable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
gobjc-2.95stable1:2.95.4-7mips mipsel sparc
gobjc-2.95updates1:2.95.4-11woody1mips mipsel
gpc-2.95-docstable1:2.95.4-11woody1all
gpc-2.95stable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
gpc-2.95stable1:2.95.4-7mips mipsel sparc
gpc-2.95updates1:2.95.4-11woody1mips mipsel
libg++2.8.1.3-dbgstable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
libg++2.8.1.3-dbgstable1:2.95.4-7mips mipsel sparc
libg++2.8.1.3-dbgupdates1:2.95.4-11woody1mips mipsel
libg++2.8.1.3-devstable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
libg++2.8.1.3-devstable1:2.95.4-7mips mipsel sparc
libg++2.8.1.3-devupdates1:2.95.4-11woody1mips mipsel
libg++2.8.1.3-glibc2.2stable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
libg++2.8.1.3-glibc2.2stable1:2.95.4-7mips mipsel sparc
libg++2.8.1.3-glibc2.2updates1:2.95.4-11woody1mips mipsel
libstdc++2.10-dbgstable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
libstdc++2.10-dbgstable1:2.95.4-7mips mipsel sparc
libstdc++2.10-dbgstable1:2.96-8ia64
libstdc++2.10-dbgupdates1:2.95.4-11woody1mips mipsel
libstdc++2.10-devstable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
libstdc++2.10-devstable1:2.95.4-7mips mipsel sparc
libstdc++2.10-devstable1:2.96-8ia64
libstdc++2.10-devupdates1:2.95.4-11woody1mips mipsel
libstdc++2.10-glibc2.2stable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
libstdc++2.10-glibc2.2stable1:2.95.4-7mips mipsel sparc
libstdc++2.10-glibc2.2stable1:2.96-8ia64
libstdc++2.10-glibc2.2updates1:2.95.4-11woody1mips mipsel
protoize-2.95stable1:2.95.4-11woody1alpha arm i386 m68k powerpc s390
protoize-2.95stable1:2.95.4-7mips mipsel sparc
protoize-2.95updates1:2.95.4-11woody1mips mipsel

Bring architectures back in sync


MISSING sparc

kernel-headers-2.2.20-reiserfsstable2.2.20-4i386
kernel-headers-2.2.20-reiserfsupdates2.2.20-4woody1i386
kernel-image-2.2.20-reiserfs-i386stable2.2.20-4source
kernel-image-2.2.20-reiserfs-i386updates2.2.20-4woody1source
kernel-image-2.2.20-reiserfsstable2.2.20-4i386
kernel-image-2.2.20-reiserfsupdates2.2.20-4woody1i386

DSA 453 linux-kernel-2.2.20 - failing function and TLB flush

pcmcia-modules-2.2.20-reiserfs: Depends: kernel-image-2.2.20-reiserfs (= 2.2.20-4)

*Bummer*

kernel-headers-2.4.18-1-genericupdates2.4.18-15alpha
kernel-headers-2.4.18-1-smpupdates2.4.18-15alpha
kernel-headers-2.4.18-1updates2.4.18-15alpha
kernel-image-2.4.18-1-alphaupdates2.4.18-15source
kernel-image-2.4.18-1-genericupdates2.4.18-15alpha
kernel-image-2.4.18-1-smpupdates2.4.18-15alpha

DSA 479 linux-kernel-2.4.18 - several vulnerabilities

DSA 438 linux-kernel-2.4.18 - missing function return value check

DSA 417 linux-kernel-2.4.18 - missing boundary check

New package + incompatible ABI = *Bummer*

kernel-headers-2.4.18-1-386updates2.4.18-13.1i386
kernel-headers-2.4.18-1-586tscupdates2.4.18-13.1i386
kernel-headers-2.4.18-1-686-smpupdates2.4.18-13.1i386
kernel-headers-2.4.18-1-686updates2.4.18-13.1i386
kernel-headers-2.4.18-1-k6updates2.4.18-13.1i386
kernel-headers-2.4.18-1-k7updates2.4.18-13.1i386
kernel-headers-2.4.18-1updates2.4.18-13.1i386
kernel-image-2.4.18-1-386updates2.4.18-13.1i386
kernel-image-2.4.18-1-586tscupdates2.4.18-13.1i386
kernel-image-2.4.18-1-686-smpupdates2.4.18-13.1i386
kernel-image-2.4.18-1-686updates2.4.18-13.1i386
kernel-image-2.4.18-1-i386updates2.4.18-13.1source
kernel-image-2.4.18-1-k6updates2.4.18-13.1i386
kernel-image-2.4.18-1-k7updates2.4.18-13.1i386
kernel-pcmcia-modules-2.4.18-1-386updates2.4.18-13.1i386
kernel-pcmcia-modules-2.4.18-1-586tscupdates2.4.18-13.1i386
kernel-pcmcia-modules-2.4.18-1-686-smpupdates2.4.18-13.1i386
kernel-pcmcia-modules-2.4.18-1-686updates2.4.18-13.1i386
kernel-pcmcia-modules-2.4.18-1-k6updates2.4.18-13.1i386
kernel-pcmcia-modules-2.4.18-1-k7updates2.4.18-13.1i386

DSA 479 linux-kernel-2.4.18 - several vulnerabilities

DSA 438 linux-kernel-2.4.18 - missing function return value check

New package + incompatible ABI = *Bummer*

kernel-headers-2.4.18-bf2.4stable2.4.18-5i386
kernel-headers-2.4.18-bf2.4updates2.4.18-5woody8i386
kernel-image-2.4.18-bf2.4stable2.4.18-5i386
kernel-image-2.4.18-bf2.4updates2.4.18-5woody8i386
kernel-image-2.4.18-i386bfstable2.4.18-5source
kernel-image-2.4.18-i386bfupdates2.4.18-5woody8source

DSA 479 linux-kernel-2.4.18 - several vulnerabilities

DSA 403 - kernel-image-2.4.18-1 - local root exploit

But: pcmcia-modules-2.4.18-bf2.4

Depends: kernel-image-2.4.18-bf2.4 (= 2.4.18-5)

*Bummer*

kernel-headers-2.4.17-ia64stable011226.13ia64
kernel-image-2.4.17-ia64stable011226.13source
kernel-image-2.4.17-itanium-smpstable011226.13ia64
kernel-image-2.4.17-itaniumstable011226.13ia64
kernel-image-2.4.17-mckinley-smpstable011226.13ia64
kernel-image-2.4.17-mckinleystable011226.13ia64
kernel-source-2.4.17-ia64stable011226.13all
kernel-headers-2.4.19-ia64updates020821.1ia64
kernel-image-2.4.19-ia64updates020821.1source
kernel-image-2.4.19-itanium-smpupdates020821.1ia64
kernel-image-2.4.19-itaniumupdates020821.1ia64
kernel-image-2.4.19-mckinley-smpupdates020821.1ia64
kernel-image-2.4.19-mckinleyupdates020821.1ia64
kernel-source-2.4.19-ia64updates020821.1all

* initial release of kernel image packages for ia64 based on 2.4.19

* turn off broadcom gigE driver, change tg3 from module to built-in

* lose several patches from previous kernel builds now merged upstream

* update config files for 2.4.19

New packages, rationale still:

The 2.4.17 bits which were used to generate the original woody boot floppies have some ugly bugs, are not being updated, and generally are not useful any more. Every problem reported on debian-ia64 starts with a request that the user move to at least 2.4.19.

HP has shipped products using the 2.4.19 and 2.4.20 kernel images currently in Debian's mirror network, which means they've been through serious testing and meet HP product quality standards. The same is not true of the 2.4.17 images, as woody was released before HP shipped our first Itanium 2 products.

Some newer systems cannot even be installed with 2.4.17 based boot floppies, we work around that by making alternate installation media available from HP based on fresher kernels. Even on the systems where 2.4.17 is ok for install, I don't recommend anyone run a 2.4.17 kernel on any real system.

When new boot-floppies are uploaded, they'll use this kernel, then the kernel will be updated as well.

TODO: New boot-floppies, contact Bdale

TODO: Apply security fixes

TODO: remove actual kernel source and use a kernel-patch instead

TODO: Build now boot-floppies

kernel-patch-2.4-grsecuritystable1.9.4-1all source
kernel-patch-2.4-grsecurityupdates1.9.4-3all source

-3:

* Removed patch bit that sets EXTRAVERSION. (closes: Bug#182183)

* Fix to work with ptrace fixed 2.4.18 (otherwise the patch fails to apply rendering it useless, hence medium urgency). (closes: Bug#194523)

-4:

* Fixed around some security patches in 2.4.18 kernel (otherwise the patch fails to apply rendering it useless, hence medium urgency). (refer to Bug#231858).

-5:

* Fixed a stupid cut'n'paste bug in the patch for the 2.4.18 kernel, which renders the patch unappliable.

ptrace/2.4 can't go into stable due to binary-incompatibility.

lhastable1.14i-2alpha arm i386 ia64 m68k powerpc s390 sparc source
lhastable1.14i-2.0.1hppa
lhaupdates1.14i-2.woody4alpha arm hppa i386 ia64 m68k powerpc s390 sparc source

DSA 515 lha - several vulnerabilities

Security update for non-free

debian/patch.CAN-2004-0234_0235: Add to fix CAN-2004-0234 (buffer overflows), CAN-2004-0235 (directory traversal). See: http://marc.theaimsgroup.com/?l=full-disclosure&m=108345064008698&w=2 * debian/control: Change my mail address.

1.14i-2.woody4: said security update, too many changes

libpam-radius-authstable1.3.14-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
libpam-radius-authupdates1.3.14-1.1i386 source

SECURITY: fix /etc/pam_radius_auth.conf permissions

Several non-important yada fixes


MISSING alpha
MISSING arm
MISSING hppa
MISSING ia64
MISSING m68k
MISSING mips
MISSING mipsel
MISSING powerpc
MISSING s390
MISSING sparc

lsbstable1.1.0-11all source
lsbupdates1.2-5.woody.1all source

Support LSB 1.2 in woody. Includes all changes through 1.2-6 in sid.

This package is not sufficient to make Debian stable LSB 1.3 compliant. The only approved LSB version is 1.3. According to Anthony also required: alien, kernel-(headers|source|image) 2.4.19 and glibc, pax. According to Tobias Burnus start-stop-daemon needs to be altered as well. lsb.deb needs another backport.

Matt Taggart wrote: The separate OpenI18N standard was merged into the LSB at 1.3 so there are additional requirements that are being tested for now. These are mostly requirements on the commands provided by the LSB and _will_ require patches to fix. I do not know if the patches have been accepted upstream yet. There's a rumor that they affect performance. there may need to be additional changes to glibc for the new test suites.

I don't think that we can meet the LSB 1.3 with Debian stable without too many changes, hence LSB updates will be rejected.

Newsflash: Maybe it's still possible to meet the LSB testsuite. To be discussed after 3.0r2.

libparted1.4-dbgstable1.4.24-4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libparted1.4-dbgupdates1.4.24-4.woody.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libparted1.4-devstable1.4.24-4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libparted1.4-devupdates1.4.24-4.woody.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libparted1.4-i18nstable1.4.24-4all
libparted1.4-i18nupdates1.4.24-4.woody.1all
libparted1.4stable1.4.24-4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
libparted1.4updates1.4.24-4.woody.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
parted-bfstable1.4.24-4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
parted-bfupdates1.4.24-4.woody.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
parted-docstable1.4.24-4all
parted-docupdates1.4.24-4.woody.1all
partedstable1.4.24-4alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
partedupdates1.4.24-4.woody.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source

TODO: Why should this be added to Debian stable?

qpopper-dracstable4.0.4-2.woody.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
qpopper-dracupdates4.0.4-2.woody.4mipsel
qpopperstable4.0.4-2.woody.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
qpopperupdates4.0.4-2.woody.4mipsel source

DSA 259 qpopper - mail user privilege escalation


MISSING alpha
MISSING arm
MISSING hppa
MISSING ia64
MISSING i386
MISSING m68k
MISSING mips
MISSING powerpc
MISSING s390
MISSING sparc

slocatestable2.6-1.3.1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
slocateupdates2.6-1.3.3mipsel source

DSA 428 slocate - buffer overflow


MISSING alpha
MISSING arm
MISSING hppa
MISSING ia64
MISSING i386
MISSING m68k
MISSING mips
MISSING powerpc
MISSING s390
MISSING sparc

spellcaststable1.0-12alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
spellcastupdates1.0-12.1i386 source

* Moved to non-free due to licensing which was incorrectly considered free by the previous maintainer. See http://lists.debian.org/debian-legal/2003/debian-legal-200310/msg00136.html

* Added a rant on why spellcast is not GPL describing the issue in the README.Debian file with more detail than the information available in the copyright file.


MISSING alpha
MISSING arm
MISSING hppa
MISSING ia64
MISSING m68k
MISSING mips
MISSING mipsel
MISSING powerpc
MISSING s390
MISSING sparc

spellcast-docstable1.0alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
spellcast-docupdates1.0.1i386 source

* Moved to non-free due to licensing which was incorrectly considered free by the previous maintainer. See http://lists.debian.org/debian-legal/2003/debian-legal-200310/msg00136.html

* Added a rant on why spellcast is not GPL describing the issue in the README.Debian file with more detail than the information available in the copyright file.


MISSING alpha
MISSING arm
MISSING hppa
MISSING ia64
MISSING m68k
MISSING mips
MISSING mipsel
MISSING powerpc
MISSING s390
MISSING sparc

ssedstable3.57a-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
ssedupdates3.57a-2woodyalpha i386 m68k mips powerpc
ssedupdates3.57a-2woody1hppa mipsel source
ssedupdates3.57a-2woody1hppa mipsel source
t
t
t
t
t
d
d


MISSING alpha
MISSING arm
MISSING hppa
MISSING ia64
MISSING m68k
MISSING mips
MISSING powerpc
MISSING s390
MISSING sparc

syslog-ngstable1.5.15-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
syslog-ngupdates1.5.15-1.2hppa mipsel

1.5.15-1.2 would be DSA 175 syslog-ng - buffer overflow

1.5.15-2 was a bogus fix and removes the DSA, congratulations.

And since it has had a newer source, there is no source anymore. Congratulations. I love it when maintainers think properly.

yabootstable1.3.6-1powerpc source
yabootupdates1.3.10-0woody1powerpc source

* Backport yaboot 1.3.10 to stable (See bug #190439).

- This is necessary to boot/install on recent Apple hardware.

- Ethan reports that the one line change between 1.3.9 and 1.3.10 is critical.

Unly required for new boot-floppies

Rejected Packages

These packages don't meet the requirements and will be rejected (if katie supports that, otherwise we'll just carry them with us until the end of time).

nasmstable0.98.28cvs-1alpha arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source
nasmupdates0.98.28cvs-1woody1alpha arm i386 ia64 mips mipsel powerpc s390 sparc source

Misdirected security update

Removed Packages

These packages will be removed from the stable Debian distribution. This normally only a result of license problems when the license prohibits their distribution.

Disclaimer

This list intends to help the ftp-masters releasing 3.0r4. They have the final power to accept a package or not. If you want to comment on this list, please send a mail to Martin Schulze <joey@debian.org>.
Last updated 2004/12/30 16:24 MET