PointReleases

Point-Releases happen once in a while when the Stable Release Managers think it's appropriate to have updated packages in a stable release. These Point-Releases usually contain all security fixes, as well as packages which have grave bugs that need to be fixed in a stable release.

Sarge R2

Open Issues/Packages for Sarge R2:

adzapper

[DSA 966-1]

OK

affix-kernel

349396

OK

aide

[DSA 763-1] and [DSA 740-1]

statically links against zlib, rebuild against fixed zlib

OK

albatross

[DSA 942-1]

OK

antiword

[DSA 945-1]

OK

backuppc

344990

OK

bluez-hcidump

[DSA 990-1]

OK

bmv

[DSA 981-1]

OK

bomberclone

[DSA 997-1]

OK

cacti

[DSA 1031-1

OK

cernlib

340433, License problems, repackaged

OK

chipcard-tools

346527, fixes user purge

OK

ClamAV

[DSA 947-1], [DSA 947-2], [DSA-1024]

OK

crawl

[DSA 949-1]

OK

crossfire

[DSA 1001-1], [DSA 1009-1]

OK

CUPS

[DSA 950-1]

OK

curl

[DSA 919-2]

OK

cyrus-imapd

348186, fixes full purge without confirmation

OK

cyrus21-imapd

348186, fixes full purge without confirmation

OK

devmapper

342455, OK from tech-ctte, OK from d-i (fjp) not uploaded

delayed

dia

[DSA 1025-1]

OK

dhis-tools-dns

[DSA 928-1]

OK

dropbear

[DSA 923-1]

OK

drupal

[DSA 958-1], [DSA 1007-1]

OK

ekg

355257, not a valid candidate, recommended to volatile

n/a

elog

[DSA 967-1]

OK

evms

339891, fixes buffer overflow

OK

evolution

[DSA 1016-1]

OK

exim4

342619

fixes mail loss, most often with IPv6

OK

f-prot-installer

347190, fixes upstream installer script

OK

fai

Unknown bug report number, fixes three problem

OK

fetchmail

[DSA 939-1]

OK

firebird2

[DSA 1014-1]

OK

ffmpeg

[DSA 992-1]

OK

flex

[DSA 1020-1]

OK

flyspray

[DSA 953-1]

OK

freeciv

[DSA 994-1]

OK

glibc

Update timezone, see http://lists.debian.org/debian-glibc/2006/03/msg00002.html and fix 314408 about NPTL and amd64, FTBFS on 3 arches

OK

gnocatan

[DSA 964-1]

OK

gnome-cpufreq-applet

Unknown bug report number, fixes normal bugs, not suited for a stable update. maintainer notified --kink

REJECT

GnuPG

[DSA 978-1], [DSA 993-1], [DSA 993-2]

OK

gnutls11

[DSA 986-1]

OK

gpdf

[DSA 940-1], [DSA 974-1], [DSA 982-1]

OK

heimdal

[DSA 977-1]

OK

hylafax

[DSA 933-1]

OK

ilohamail

[DSA 1010-1]

OK

?ImageMagick

[DSA 957-1], [DSA 957-2]

OK

ipsec-tools

[DSA 965-1]

OK

kaffeine

[DSA 1023-1]

OK

kdelibs

[DSA 948-1]

OK

kernel-patch-vserver

[DSA 1011-1]

OK

ketm

[DSA 926-1], [DSA 926-2]

OK

koffice

[DSA 938-1], [DSA 1019-1]

OK

kpdf

[DSA 932-1], [DSA 1008-1]

OK

kronolith

[DSA 970-1]

OK

leafnode

338886, fixes CVE 2005-1911

OK

libapache2-mod-auth-pgsql

[DSA 935-1]

OK

libapache-auth-ldap

[DSA 952-1]

OK

libapreq2-perl

[DSA 1000-1]

dep ok with r2

OK

libast

[DSA 976-1]

OK

libcrypt-cbc-perl

[DSA 996-1]

see http://lists.debian.org/debian-security/2006/03/msg00147.html. There have also been some persons in #debian.de complaining about this update, see also http://www.madness.at/~mad/test_cbc.txt. update: i talked to the maintainer and this should be fixed witha 2.12-1sarge2 release -- robert

delayed to r3

libextractor

[DSA 936-1], [DSA 998-1]

OK

libimager-perl

[DSA 1028-1]

OK

libmail-audit-perl

[DSA 960-1], [DSA 960-2], [DSA 960-3]

OK

libphp-adodb

[DSA 1029-1]

OK

libtasn1-2

[DSA 985-1]

OK

lsh-utils

[DSA 956-1]

OK

lurker

[DSA 999-1]

OK

mailman

[DSA 955-1]

OK

mantis

[DSA 944-1]

OK

metamail

[DSA 995-1]

OK

moodle

[DSA 1030-1]

OK

mutt

332972, OK, fixes attachments dataloss

OK

mydns

[DSA 963-1]

OK

nbd

[DSA 924-1]

OK

netpbm-free

[DSA 1021-1]

OK

nfs-user-server

[DSA 975-1]

OK

mailman

[DSA 1027-1]

OK

noweb

[DSA 968-1]

OK

octaviz

341676, 304162 -- m68k missing

delayed

OTRS

[DSA 973-1]

OK

pdfkit.framework

[DSA 961-1], [DSA 972-1], [DSA 979-1]

OK

pdftohtml

[DSA 962-1], [DSA 983-1]

OK

Perl

[DSA 943-1]

additional changes, ok by aba

OK

petris

[DSA 929-1]

OK

phpbb2

[DSA 925-1]

OK

pound

[DSA 934-1]

OK

rssh

344424, CVE-2005-3345

OK

sash

[DSA 1026-1

OK

scponly

[DSA 969-1]

OK

sendmail

[DSA 1015-1

OK

slune

Unknown bug report number, needed to fix DSA 856

OK

smstools

[DSA 930-1], [DSA 930-2]

OK

snmptrapfmt

[DSA 1013-1

OK

sodipodi

287925, fixes segfaults on 64bit

OK

squirrelmail

[DSA 988-1]

OK

storebackup

[DSA 1022-1]

re CVE-2005-3147, ok by jmm

OK

sudo

[DSA 946-1]

OK

tar

[DSA 987-1]

OK

tetex-bin

[DSA 937-1]

OK

tkdiff

[DSA 927-1], [DSA 927-2]

OK

trac

[DSA 951-1], [DSA 951-2]

OK

tutos

[DSA 980-1]

OK

tuxpaint

[DSA 941-1]

OK

unalz

[DSA 959-1]

OK

unzip

[DSA 903-2], [DSA 1012-1]

OK

util-vserver

[DSA 1011-1]

OK

vlc

[DSA 1004-1]

OK

webcalendar

[DSA 1002-1]

OK

wine

[DSA 954-1]

OK

wzdftpd

[DSA 1006-1]

OK

xine-lib

[DSA 1005-1

OK

xpdf

[DSA 931-1], [DSA 971-1], [DSA 984-1]

OK

xpvm

[DSA 1003-1]

OK

zoo

[DSA 991-1]

OK

zoph

[DSA 989-1]

OK

Side note: NOT OK or NOT YET OKAY does NOT automaticaly mean the package is not okay, but that a) the stable release management team hasn't yet time to have a deeper look into it or b) that they are not yet convienced.

DebianKernelSargeUpdateStatus tracks kernel work.

Sarge R2 Release Notes

devmapper:

LVM users using the lvm2 package will see the default ownership and permissions of LVM logical volume (LV) devices change from root:root 0600 to root:disk 0660. This will allow programs using the disk group to access LVM LVs, for example the Amanda backup system, which may need access to dump and restore backups. The ownership and permissions are changed when the LVM device node under /dev/mapper is recreated. This will happen when the system is restarted, LVM is restarted (/etc/init.d/lvm restart), or vgchange or lvchange are used, for example. Only users needing to use the disk group with LVM LVs need to do this.