This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing.
Migrated from unstable: ======================= enscript 1.6.4-13: CVE-2008-4306: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4306 http://bugs.debian.org/506261 libxml2 2.6.32.dfsg-5: CVE-2008-4225: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 CVE-2008-4226: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 movabletype-opensource 4.2.1-3: CVE-2008-4634: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4634 http://bugs.debian.org/503114 no-ip 2.1.7-11: <no CVE yet> : no-ip DUC remote code execution http://bugs.debian.org/506179 typo3-src 4.2.3-1: <no CVE yet> : typo3: XSS vulnerability in Typo3 backendmodul "fileadmin" http://bugs.debian.org/505324 <no CVE yet> : typo3: XSS vulnerability in Typo3 sysext "felogin" http://bugs.debian.org/505325 <no CVE yet> : typo3: passwords are not changeable bug in the backend http://bugs.debian.org/505326 wordpress 2.5.1-10: CVE-2008-5113: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5113 http://bugs.debian.org/504771 How to update: -------------- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update && aptitude dist-upgrade to install the updates. More information: ----------------- More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
