Pop-Up Thingie

>>> Magnum BBS <<<
  • Home
  • Forum
  • Files
  • Log in

  1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE
  • Updated Debian 8: 8.2 released (1/2)

    From Neil McGovern@21:1/5 to All on Sat Sep 5 21:10:01 2015
    ------------------------------------------------------------------------
    The Debian Project https://www.debian.org/ Updated Debian 8: 8.2 released press@debian.org September 5th, 2015 https://www.debian.org/News/2015/20150905 ------------------------------------------------------------------------


    The Debian project is pleased to announce the second update of its
    stable distribution Debian 8 (codename "jessie"). This update mainly
    adds corrections for security problems to the stable release, along with
    a few adjustments for serious problems. Security advisories were
    published separately and are referenced where applicable.

    Please note that this update does not constitute a new version of Debian
    8 but only updates some of the packages included. There is no need to
    throw away old "jessie" CDs or DVDs but only to update via an up-to-date
    Debian mirror after an installation, to cause any out of date packages
    to be updated.

    Those who frequently install updates from security.debian.org won't have
    to update many packages and most updates from security.debian.org are
    included in this update.

    New installation media and CD and DVD images containing updated packages
    will be available soon at the regular locations.

    Upgrading to this revision online is usually done by pointing the
    aptitude (or apt) package tool (see the sources.list(5) manual page) to
    one of Debian's many FTP or HTTP mirrors. A comprehensive list of
    mirrors is available at:

    https://www.debian.org/mirror/list



    Miscellaneous Bugfixes
    ----------------------

    This stable update adds a few important corrections to the following
    packages:

    +---------------------------+-----------------------------------------+
    | Package | Reason | +---------------------------+-----------------------------------------+
    | akonadi [1] | Fix a bug that caused old files to be |
    | | kept when they should be removed |
    | | |
    | apache2 [2] | Fix conffile logic for wheezy to jessie |
    | | upgrades; fix -D[efined] or <Define>[d] |
    | | variables lifetime accross restarts; |
    | | mpm_event: Fix process deadlock when |
    | | shutting down a worker; mpm_event: Fix |
    | | crashes due to various race conditions |
    | | |
    | apt [3] | Parse specific-arch dependencies |
    | | correctly on single-arch systems; |
    | | remove "first package seen is native |
    | | package" assumption; fix endless loop |
    | | in apt-get update that can cause all |
    | | disk space to be used |
    | | |
    | bareos [4] | Fix backup corruption on multi-volume |
    | | jobs; add autopkgtests |
    | | |
    | base-files [5] | Update for the point release |
    | | |
    | binutils-mingw-w64 [6] | Apply upstream fix to handle Visual |
    | | Studio DLLs |
    | | |
    | bird [7] | Correctly migrate bird6.conf from bird6 |
    | | package |
    | | |
    | cron [8] | Cron.service: Use KillMode=process to |
    | | kill only the daemon, not running jobs |
    | | |
    | cross-gcc [9] | Require bash in rules.template makefile |
    | | |
    | dbus [10] | Fix a memory leak when |
    | | GetConnectionCredentials is called; |
    | | stop dbus-monitor replying to |
    | | org.freedesktop.DBus.Peer messages, |
    | | including those that another process |
    | | should have replied to |
    | | |
    | debian-installer [11] | Add image for Seagate DockStar; add |
    | | symlinks for OpenRD variants; append |
    | | DTB for LaCie NAS devices that require |
    | | it |
    | | |
    | debian-installer- | Set the menu icon text in the source |
    | launcher [12] | package to read "Install Debian |
    | | jessie" |
    | | |
    | debian-installer-netboot- | Rebuild against new debian-installer |
    | images [13] | |
    | | |
    | designate [14] | Fix mDNS DoS through incorrect handling |
    | | of large RecordSets [CVE-2015-5695] |
    | | |
    | dovecot [15] | Fix SSL/TLS handshake failures leading |
    | | to a crash of the login process with |
    | | newer versions of OpenSSL [CVE-2015- |
    | | 3420]; fix mbox corruption issue |
    | | |
    | ejabberd [16] | Fix logging of nicknames in muc logs |
    | | and parsing of "ldap_dn_filter" |
    | | option; postinst: restart on upgrade; |
    | | logrotate: don't signal a non-running |
    | | daemon |
    | | |
    | flash-kernel [17] | Combine i.MX53 QSB and LOCO board |
    | | entries, they are the same thing and |
    | | the LOCO variant was missing DTB |
    | | information, possibly causing issues |
    | | during wheezy to jessie upgrades |
    | | |
    | fusiondirectory [18] | Access javascript libraries via a path |
    | | relative to FusionDirectory's base path |
    | | |
    | glibc [19] | Fix pthread_mutex_trylock with lock |
    | | elision; fix gprof entry point on |
    | | ppc64el; fix a buffer overflow in |
    | | getanswer_r [CVE-2015-1781] |
    | | |
    | glusterfs [20] | Stop creating UNIX domain sockets as |
    | | FIFOs on NFS |
    | | |
    | gnome-terminal [21] | Open new tabs in working directory, |
    | | rather than home directory |
    | | |
    | gnutls28 [22] | Fix a crash in VIA PadLock asm; fix |
    | | GNUTLS-SA-2015-2, which allowed MD5 |
    | | signatures (which are disabled by |
    | | default) in the ServerKeyExchange |
    | | message |
    | | |
    | gosa [23] | Fix idGenerator for patterns like |
    | | {%sn[3-6}-{%givenName[3-6]}; enable |
    | | CSV / LDIF import on (non-Debian-Edu) |
    | | clean installations by default |
    | | |
    | groovy2 [24] | Fix remote execution of untrusted code |
    | | and possible DoS vulnerability |
    | | [CVE-2015-3253] |
    | | |
    | grub-installer [25] | Correctly propagate grub-installer/ |
    | | force-efi-extra-removable to installed |
    | | system |
    | | |
    | gtk+3.0 [26] | Fix several crashes |
    | | |
    | haproxy [27] | Fix a segfault when parsing a |
    | | configuration file containing disabled |
    | | proxy sections |
    | | |
    | how-can-i-help [28] | Use HTTPS to connect to UDD |
    | | |
    | kic [29] | configure: Do not add -L without |
    | | argument to $LIBS |
    | | |
    | lame [30] | Enable functions with SSE instructions |
    | | to maintain their own properly aligned |
    | | stack. Fixes crashes when called from |
    | | the ocaml bindings |
    | | |
    | libdatetime-timezone- | New upstream release |
    | perl [31] | |
    | | |
    | libgee-0.8 [32] | Fix default value of --enable- |
    | | consistency-check, otherwise a very |
    | | expensive debug option is turned on by |
    | | default and would make a lot of |
    | | applications unusably slow |
    | | |
    | libio-socket-ssl- | Make PublicSuffix::_default_data thread |
    | perl [33] | safe |
    | | |
    | libisocodes [34] | Fix GLib critical warning if the |
    | | environment variable LANGUAGE is not |
    | | set |
    | | |
    | libvirt [35] | Teach virt-aa-helper to use |
    | | TEMPLATE.qemu if the domain is kvm or |
    | | kqemu; fix crash on live migration; |
    | | allow access to libnl-3 configuration; |
    | | report original error when QMP probing |
    | | fails with new QEMU |
    | | |
    | linux-ftpd-ssl [36] | Fix " NLST of empty directory results |
    | | in segfault" |
    | | |
    | lynx-cur [37] | Use gnutls_set_default_priority() |
    | | instead of a custom priority string, so |
    | | fixing GNUTLS-SA-2015-2 in GnuTLS does |
    | | not break SSL support in lynx |
    | | |
    | mesa [38] | Disable asynchronous DMA on radeonsi |
    | | which can cause lockups |
    | | |
    | motif [39] | Disable fix for upstream bug #1565 |
    | | which caused segfaults in ddd and xpdf |
    | | |
    | mozilla-gnome- | Restore compatibility with newer |
    | keyring [40] | Iceweasel versions |
    | | |
    | nbd [41] | Fix authfile parsing |
    | | |
    | nss [42] | Fix certificate chain generation to |
    | | prefer stronger/newer certificates over |
    | | weaker/older certs |
    | | |
    | ocl-icd [43] | Fix "clSVMFree never called in OpenCL |
    | | ICD" |
    | | |
    | pdf.js [44] | Drop xul-ext-pdf.js package since it's |
    | | not compatible with iceweasel 38 |
    | | |
    | postgresql-9.1 [45] | New upstream release |
    | | |
    | postgresql-9.4 [46] | New upstream release |
    | | |
    | prosody [47] | Fix CNAME resolution |
    | | |
    | python-apt [48] | Work around a cyclic reference from |
    | | Cache to its methods; LFS fixes; fix |
    | | splitting of multi-lines Binary fields |
    | | in dsc files; arch-qualify in |
    | | compare_to_version_in_cache(); fix |
    | | apt.Package.installed_files for multi- |
    | | arch packages |
    | | |
    | python- | Fix S3token incorrect condition |
    | keystoneclient [49] | expression for ssl_insecure [CVE-2015- |
    | | 1852] |
    | | |
    | python- | Fix S3Token TLS cert verification |
    | keystonemiddleware [50] | option not honored [CVE-2015-1852] |
    | | |
    | python-reportlab [51] | Correctly handle PNGs containing |
    | | transparency |
    | | |
    | python-swiftclient [52] | Add missing dependency on python-pkg- |
    | | resources |
    | | |
    | r-cran-rcurl [53] | Build-Depend on libcurl4-openssl-dev, |
    | | fixing issues with PEM certificate |
    | | bundles |
    | | |
    | rawtherapee [54] | Fix dcraw imput sanitization errors |
    | | [CVE-2015-3885] |
    | | |
    | requestpolicy [55] | Restore compatibility with newer |
    | | Iceweasel versions |
    | | |
    | rsyslog [56] | Disable transactions in ompgsql as they |
    | | were not working properly |
    | | |
    | ruby2.1 [57] | Fix Request hijacking vulnerability in |
    | | Rubygems [CVE-2015-3900] |
    | | |
    | syslinux [58] | Fix booting on some Chromebooks |
    | | |
    | systemd [59] | Disable default DNS servers in systemd- |
    | | resolve; use strictly versioned |
    | | dependendency on libsystemd-dev for the |
    | | transitional dev packages; udev: |
    | | Increase udev event timeout to 180s |
    | | |
    | tabmixplus [60] | Restore compatibility with newer |
    | | Iceweasel versions |
    | | |
    | tcpdump [61] | Fix -Z confirmation log being sent to |
    | | stdout, where it can get mixed with |
    | | pcap stream data if '-w -' is used |
    | | |
    | torrus [62] | Revert broken patch refresh, thereby |
    | | fixing rrdup_notify |
    | | |
    | tzdata [63] | New upstream release |
    | | |
    | ufraw [64] | Fix buffer overflow in ljpeg_start |
    | | [CVE-2015-3885] |
    | | |
    | unattended-upgrades [65] | Make optional automatic-reboot work |
    | | again; really fix adding of jessie- |
    | | security |
    | | |
    | wesnoth-1.10 [66] | Disallow inclusion of .pbl files from |
    | | WML [CVE-2015-5069, CVE-2015-5070] |
    | | |
    | xemacs21 [67] | Conflict against old transitional |
    | | packages to make absolutely sure that |
    | | they are removed before we try to |
    | | upgrade; remove dependency from support |
    | | to binary package since the binary |
    | | package already has the equivalent |
    | | dependency |
    | | |
    | xserver-xorg-video- | Don't pretend to support rotation |
    | modesetting [68] | |
    | | | +---------------------------+-----------------------------------------+

    1: https://packages.debian.org/src:akonadi
    2: https://packages.debian.org/src:apache2
    3: https://packages.debian.org/src:apt
    4: https://packages.debian.org/src:bareos
    5: https://packages.debian.org/src:base-files
    6: https://packages.debian.org/src:binutils-mingw-w64
    7: https://packages.debian.org/src:bird
    8: https://packages.debian.org/src:cron
    9: https://packages.debian.org/src:cross-gcc
    10: https://packages.debian.org/src:dbus
    11: https://packages.debian.org/src:debian-installer
    12: https://packages.debian.org/src:debian-installer-launcher
    13: https://packages.debian.org/src:debian-installer-netboot-images
    14: https://packages.debian.org/src:designate
    15: https://packages.debian.org/src:dovecot
    16: https://packages.debian.org/src:ejabberd
    17: https://packages.debian.org/src:flash-kernel
    18: https://packages.debian.org/src:fusiondirectory
    19: https://packages.debian.org/src:glibc
    20: https://packages.debian.org/src:glusterfs
    21: https://packages.debian.org/src:gnome-terminal
    22: https://packages.debian.org/src:gnutls28
    23: https://packages.debian.org/src:gosa
    24: https://packages.debian.org/src:groovy2
    25: https://packages.debian.org/src:grub-installer
    26: https://packages.debian.org/src:gtk+3.0
    27: https://packages.debian.org/src:haproxy
    28: https://packages.debian.org/src:how-can-i-help
    29: https://packages.debian.org/src:kic
    30: https://packages.debian.org/src:lame
    31: https://packages.debian.org/src:libdatetime-timezone-perl
    32: https://packages.debian.org/src:libgee-0.8
    33: https://packages.debian.org/src:libio-socket-ssl-perl
    34: https://packages.debian.org/src:libisocodes
    35: https://packages.debian.org/src:libvirt
    36: https://packages.debian.org/src:linux-ftpd-ssl
    37: https://packages.debian.org/src:lynx-cur
    38: https://packages.debian.org/src:mesa
    39: https://packages.debian.org/src:motif
    40: https://packages.debian.org/src:mozilla-gnome-keyring
    41: https://packages.debian.org/src:nbd
    42: https://packages.debian.org/src:nss
    43: https://packages.debian.org/src:ocl-icd
    44: https://packages.debian.org/src:pdf.js
    45: https://packages.debian.org/src:postgresql-9.1
    46: https://packages.debian.org/src:postgresql-9.4
    47: https://packages.debian.org/src:prosody
    48: https://packages.debian.org/src:python-apt
    49: https://packages.debian.org/src:python-keystoneclient
    50: https://packages.debian.org/src:python-keystonemiddleware
    51: https://packages.debian.org/src:python-reportlab
    52: https://packages.debian.org/src:python-swiftclient
    53: https://packages.debian.org/src:r-cran-rcurl
    54: https://packages.debian.org/src:rawtherapee
    55: https://packages.debian.org/src:requestpolicy
    56: https://packages.debian.org/src:rsyslog
    57: https://packages.debian.org/src:ruby2.1
    58: https://packages.debian.org/src:syslinux
    59: https://packages.debian.org/src:systemd
    60: https://packages.debian.org/src:tabmixplus
    61: https://packages.debian.org/src:tcpdump
    62: https://packages.debian.org/src:torrus
    63: https://packages.debian.org/src:tzdata
    64: https://packages.debian.org/src:ufraw
    65: https://packages.debian.org/src:unattended-upgrades
    66: https://packages.debian.org/src:wesnoth-1.10
    67: https://packages.debian.org/src:xemacs21
    68: https://packages.debian.org/src:xserver-xorg-video-modesetting

    Security Updates
    ----------------

    This revision adds the following security updates to the stable release.
    The Security Team has already released an advisory for each of these
    updates:

    +----------------+---------------------------+
    | Advisory ID | Package | +----------------+---------------------------+
    | DSA-3260 [69] | iceweasel [70] |
    | | |
    | DSA-3276 [71] | symfony [72] |
    | | |
    | DSA-3277 [73] | wireshark [74] |
    | | |
    | DSA-3278 [75] | libapache-mod-jk [76] |
    | | |
    | DSA-3279 [77] | redis [78] |
    | | |
    | DSA-3282 [79] | strongswan [80] |
    | | |
    | DSA-3283 [81] | cups [82] |
    | | |
    | DSA-3284 [83] | qemu [84] |
    | | |
    | DSA-3286 [85] | xen [86] |
    | | |
    | DSA-3287 [87] | openssl [88] |
    | | |
    | DSA-3288 [89] | libav [90] |
    | | |
    | DSA-3289 [91] | p7zip [92] |
    | | |
    | DSA-3291 [93] | drupal7 [94] |
    | | |
    | DSA-3292 [95] | cinder [96] |
    | | |
    | DSA-3293 [97] | pyjwt [98] |
    | | |
    | DSA-3294 [99] | wireshark [100] |
    | | |
    | DSA-3295 [101] | cacti [102] |
    | | |
    | DSA-3296 [103] | libcrypto++ [104] |
    | | |
    | DSA-3297 [105] | unattended-upgrades [106] |
    | | |
    | DSA-3298 [107] | jackrabbit [108] |
    | | |
    | DSA-3299 [109] | stunnel4 [110] |
    | | |
    | DSA-3300 [111] | iceweasel [112] |
    | | |
    | DSA-3301 [113] | haproxy [114] |
    | | |
    | DSA-3302 [115] | libwmf [116] |
    | | |
    | DSA-3303 [117] | cups-filters [118] |
    | | |
    | DSA-3304 [119] | bind9 [120] |
    | | |
    | DSA-3305 [121] | python-django [122] |
    | | |
    | DSA-3306 [123] | pdns [124] |
    | | |
    | DSA-3307 [125] | pdns-recursor [126] |
    | | |
    | DSA-3308 [127] | mysql-5.5 [128] |
    | | |
    | DSA-3309 [129] | tidy [130] |
    | | |
    | DSA-3310 [131] | freexl [132] |
    | | |
    | DSA-3312 [133] | cacti [134] |
    | | |
    | DSA-3313 [135] | linux [136] |
    | | |
    | DSA-3315 [137] | chromium-browser [138] |
    | | |
    | DSA-3317 [139] | lxc [140] |
    | | |
    | DSA-3318 [141] | expat [142] |
    | | |
    | DSA-3319 [143] | bind9 [144] |
    | | |
    | DSA-3320 [145] | openafs [146] |
    | | |
    | DSA-3321 [147] | opensaml2 [148] |
    | | |
    | DSA-3321 [149] | xmltooling [150] |
    | | |
    | DSA-3322 [151] | ruby-rack [152] |
    | | |
    | DSA-3323 [153] | icu [154] |
    | | |
    | DSA-3325 [155] | apache2 [156] |
    | | |
    | DSA-3326 [157] | ghostscript [158] |
    | | |
    | DSA-3328 [159] | wordpress [160] |
    | | |
    | DSA-3329 [161] | linux [162] |
    | | |
    | DSA-3330 [163] | activemq [164] |
    | | |
    | DSA-3331 [165] | subversion [166] |
    | | |
    | DSA-3332 [167] | wordpress [168] |
    | | |
    | DSA-3333 [169] | iceweasel [170] |
    | | |
    | DSA-3334 [171] | gnutls28 [172] |
    | | |
    | DSA-3335 [173] | request-tracker4 [174] |
    | | |
    | DSA-3336 [175] | nss [176] |
    | | |
    | DSA-3337 [177] | gdk-pixbuf [178] |
    | | |
    | DSA-3338 [179] | python-django [180] |
    | | |
    | DSA-3340 [181] | zendframework [182] |
    | | |
    | DSA-3341 [183] | conntrack [184] |
    | | |
    | DSA-3342 [185] | vlc [186] |
    | | |
    | DSA-3343 [187] | twig [188] |
    | | |
    | DSA-3345 [189] | iceweasel [190] |
    | | | +----------------+---------------------------+

    69: https://www.debian.org/security/2015/dsa-3260
    70: https://packages.debian.org/src:iceweasel
    71: https://www.debian.org/security/2015/dsa-3276
    72: https://packages.debian.org/src:symfony
    73: https://www.debian.org/security/2015/dsa-3277
    74: https://packages.debian.org/src:wireshark
    75: https://www.debian.org/security/2015/dsa-3278
    76: https://packages.debian.org/src:libapache-mod-jk
    77: https://www.debian.org/security/2015/dsa-3279
    78: https://packages.debian.org/src:redis
    79: https://www.debian.org/security/2015/dsa-3282
    80: https://packages.debian.org/src:strongswan
    81: https://www.debian.org/security/2015/dsa-3283
    82: https://packages.debian.org/src:cups
    83: https://www.debian.org/security/2015/dsa-3284
    84: https://packages.debian.org/src:qemu
    85: https://www.debian.org/security/2015/dsa-3286
    86: https://packages.debian.org/src:xen
    87: https://www.debian.org/security/2015/dsa-3287
    88: https://packages.debian.org/src:openssl
    89: https://www.debian.org/security/2015/dsa-3288
    90: https://packages.debian.org/src:libav
    91: https://www.debian.org/security/2015/dsa-3289
    92: https://packages.debian.org/src:p7zip
    93: https://www.debian.org/security/2015/dsa-3291
    94: https://packages.debian.org/src:drupal7
    95: https://www.debian.org/security/2015/dsa-3292
    96: https://packages.debian.org/src:cinder
    97: https://www.debian.org/security/2015/dsa-3293
    98: https://packages.debian.org/src:pyjwt
    99: https://www.debian.org/security/2015/dsa-3294
    100: https://packages.debian.org/src:wireshark
    101: https://www.debian.org/security/2015/dsa-3295
    102: https://packages.debian.org/src:cacti
    103: https://www.debian.org/security/2015/dsa-3296
    104: https://packages.debian.org/src:libcrypto++
    105: https://www.debian.org/security/2015/dsa-3297
    106: https://packages.debian.org/src:unattended-upgrades

    [continued in next message]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • Who's Online

  • System Info

    Sysop: Keyop
    Location: Huddersfield, West Yorkshire, UK
    Users: 489
    Nodes: 16 (2 / 14)
    Uptime: 37:50:40
    Calls: 9,669
    Files: 13,716
    Messages: 6,169,514

© >>> Magnum BBS <<<, 2025