* Andreas Barth ([EMAIL PROTECTED]) [060412 11:07]: > as we're now directly moving towards sarge r2, we drafted an > announcement. Please see the attachement for more details. We will > notify you as soon as the mail can be sent out.
As promised, here is an updated announcement draft. Cheers, Andi
------------------------------------------------------------------------ The Debian Project http://www.debian.org/ Debian GNU/Linux 3.1 updated (r2) [EMAIL PROTECTED] April 1xth, 2006 http://www.debian.org/News/2006/2006041x ------------------------------------------------------------------------ Debian GNU/Linux 3.1 updated (r2) This is the second update of Debian GNU/Linux 3.1 (codename `sarge') which mainly adds security updates to the stable release, along with a few corrections to serious problems. Those who frequently update from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update. Please note that this update does not produce a new version of Debian GNU/Linux 3.1 but only adds a few updated packages to it. There is no need to throw away 3.1 CDs but only to update against ftp.debian.org after an installation, in order to incorporate those late changes. Upgrading to this revision online is usually done by pointing the `apt' package tool (see the sources.list(5) manual page) to one of Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is available at: <http://www.debian.org/distrib/ftplist> Notable Changes --------------- Sudo has been changed to not propagate all environment variables to subsequent programs to avoid security risks. This change might affect software that uses sudo. Please see sudo's man page for more details. Miscellaneous Bugfixes ---------------------- This revision adds important corrections to the following packages. Most of them don't affect the security of the system, but may affect data integrity. affix-kernel Fix build failures on sarge's kernel backuppc Fix possible backup archive corruption and possible data loss when changing the configuration file cernlib License problems, repackaged cyrus-imapd Don't remove mail data on package purge cyrus21-imapd Note cyrus-imapd data loss on package purge in upgrade documentation evms Fix address stack corruption leading to possible data loss when activating degraded RAID-5 volumes exim4 Fix mail delivery problems to hosts with AAAA DNS records and DNS unbalanced issues f-prot-installer Adjusted for updates fai Fix setup of lo device, replaced hardcoded name of debian distribution in fai-cd, add missing packages when calling fai-mirror glibc Update timezone data, fix NPTL for x86_64 (amd64) leafnode Fix non-DSA security issue (CVE 2005-1911) libchipcard Don't remove user account on package purge mutt Fix possible attachments data loss perl Fix problem with utf-8/taint interaction Fix possible malloc-to-death bug, #227621 rssh Fix non-DSA security issue (CVE-2005-3345) slune Adjust to security fix in py2play, #326976 sodipodi Fix segfaults on 64-bit architectures tar Fix inability to work with remote devices on non-i386, #356657 Security Updates ---------------- This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates. The security fixes of the kernel have been delayed to the next point release due to constraints with the installer, please update the kernel images from security.debian.org. Debian Security Advisory ID Package(s) DSA 740 aide DSA 763 aide DSA 856 py2play DSA 903 unzip DSA 919 curl DSA 923 dropbear DSA 924 nbd DSA 925 phpbb2 DSA 926 ketm DSA 927 tkdiff DSA 928 dhis-tools-dns DSA 929 petris DSA 930 smstools DSA 931 xpdf DSA 932 kdegraphics DSA 933 hylafax DSA 934 pound DSA 935 libapache2-mod-auth-pgsql DSA 936 libextractor DSA 937 tetex-bin DSA 938 koffice DSA 939 fetchmail DSA 940 gpdf DSA 941 tuxpaint DSA 942 albatross DSA 943 perl DSA 944 mantis DSA 945 antiword DSA 946 sudo DSA 947 clamav DSA 948 kdelibs DSA 949 crawl DSA 950 cupsys DSA 951 trac DSA 952 libapache-auth-ldap DSA 953 flyspray DSA 954 wine DSA 955 mailman DSA 956 lsh-server DSA 957 imagemagick DSA 958 drupal DSA 959 unalz DSA 960 lib-mail-audit-perl DSA 961 pdfkit.framework DSA 962 pdftohtml DSA 963 mydns DSA 964 gnocatan DSA 965 ipsec-tools DSA 966 adzapper DSA 967 elog DSA 968 noweb DSA 969 scponly DSA 970 kronolith DSA 971 xpdf DSA 972 pdfkit.framework DSA 973 otrs DSA 974 gpdf DSA 975 nfs-user-server DSA 976 libast DSA 977 heimdal DSA 978 gnupg DSA 979 pdfkit.framework DSA 980 tutos DSA 981 bmv DSA 982 gpdf DSA 983 pdftohtml DSA 984 xpdf DSA 985 libtasn1-2 DSA 986 gnutls11 DSA 987 tar DSA 988 squirrelmail DSA 989 zoph DSA 990 bluez-hcidump DSA 991 zoo DSA 992 ffmpeg DSA 993 gnupg DSA 994 freeciv DSA 995 metamail DSA 997 bomberclone DSA 998 libextractor DSA 999 lurker DSA 1000 libapreq2-perl DSA 1001 crossfire DSA 1002 webcalendar DSA 1003 xpvm DSA 1004 vlc DSA 1005 xine-lib DSA 1006 wzdftpd DSA 1007 drupal DSA 1008 kdegraphics DSA 1009 crossfire DSA 1010 ilohamail DSA 1011 kernel-patch-vserver and util-vserver DSA 1012 unzip DSA 1013 snmptrapfmt DSA 1014 firebird2 DSA 1015 sendmail DSA 1016 evolution DSA 1019 kdegraphics DSA 1020 flex DSA 1021 netpbm-free DSA 1022 storebackup DSA 1023 kaffeine DSA 1024 clamav DSA 1025 dia DSA 1026 sash DSA 1027 mailman DSA 1028 libimager-perl DSA 1029 libphp-adodb DSA 1030 moodle DSA 1031 cacti The complete list of all accepted and rejected packages together with rationale is on the preparation page for this revision: <http://release.debian.org/stable/3.1/3.1r2/> URLs ---- The current stable distribution: <http://ftp.debian.org/debian/dists/stable> Stable distribution information (release notes, errata etc.): <http://www.debian.org/releases/stable/> Security announcements and information: <http://www.debian.org/security/> About Debian ------------ The Debian Project is an organization of free software developers who volunteer their time and effort in order to produce the completely free operating systems Debian GNU/Linux. Contact Information ------------------- For further information, please visit the Debian web pages at <http://www.debian.org/> or send mail to <[EMAIL PROTECTED]>.
