---------- Forwarded message ----------
From: Alexander Reichle-Schmehl <tolimar at debian.org>
Date: Sun, Apr 12, 2009 at 11:23 PM
Subject: Debian GNU/Linux 5.0 updated
To: debian-announce at lists.debian.org


-------------------------------------------------------------------------
The Debian Project                                 http://www.debian.org/
Debian GNU/Linux 5.0 updated                             press at debian.org
April 11th, 2009                 http://www.debian.org/News/2009/20090411
-------------------------------------------------------------------------

Debian GNU/Linux 5.0 updated

The Debian project is pleased to announce the first update of its stable
distribution Debian GNU/Linux 5.0 (codename "lenny").  This update mainly
adds corrections for security problems to the stable release, along with
a few adjustment to serious problems.

Please note that this update does not constitute a new version of Debian
GNU/Linux 5.0 but only updates some of the packages included.  There is
no need to throw away 5.0 CDs or DVDs but only to update via an up-to-
date Debian mirror after an installation, to cause any out of date
packages to be updated.

Those who frequently install updates from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.

New CD and DVD images containing updated packages and the regular
installation media accompanied with the package archive respectively will
be available soon at the regular locations.

Upgrading to this revision online is usually done by pointing the
aptitude (or apt) package tool (see the sources.list(5) manual page) to
one of Debian's many FTP or HTTP mirrors.  A comprehensive list of
mirrors is available at:

   <http://www.debian.org/distrib/ftplist>


Miscellaneous Bugfixes
----------------------

This stable update adds several binary updates for various architectures
to packages whose version was not synchronised across all architectures.
It also adds a few important corrections to the following packages:

   Package                                      Reason

   barnowl                                      Fix for CVE-2009-0363
(through testing-security)
   base-files                                   Fix a typo to remove
"base" correctly
   bind9                                        Fix atomic operations
on alpha and ia64
   brltty                                       Upload with fixed version number
   consolekit                                   Various fixes
   fai                                          Fix typo which
prevents perl scripts to work
   firmware-nonfree                             Kernel ABI change
   flpsed                                       Fix dependency on ghostscript-x
   gdm                                          Fix a double free
   gthumb                                       Fix copying loop
   gtick                                        Add dependency on oss-compat
   gtk+2.0                                      Fix infinite loop
caused by setting color scheme
   gtkguitune                                   Add dependency on oss-compat
   heartbeat                                    Fix failover and
message corruption
   imagemagick                                  Replace non-free fonts
   irqbalance                                   Do not crash on bogus
/proc/irq entries
   kvm                                          Fix hang on reboot with virtio
   libbz2-ruby [armel]                          Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   libcgi-application-plugins-perl              Fix information leak
   libeb-ruby [armel]                           Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   libfilesystem-ruby [armel]                   Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   libfusefs-ruby [armel]                       Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   libkakasi-ruby [armel]                       Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   libodbc-ruby [armel]                         Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   libopengl-ruby [armel]                       Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   librevolution-ruby [armel]                   Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   libvorbisfile-ruby [armel]                   Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   libwrap-ruby [armel]                         Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   linux-2.6                                    Several issues
   linux-kernel-di-alpha-2.6                    New kernel for debian-installer
   linux-kernel-di-amd64-2.6                    New kernel for debian-installer
   linux-kernel-di-arm-2.6                      Add minix-modules to
orion5x kernel flavour
   linux-kernel-di-armel-2.6                    New kernel for debian-installer
   linux-kernel-di-hppa-2.6                     New kernel for debian-installer
   linux-kernel-di-i386-2.6                     New kernel for debian-installer
   linux-kernel-di-ia64-2.6                     New kernel for debian-installer
   linux-kernel-di-mips-2.6                     New kernel for debian-installer
   linux-kernel-di-mipsel-2.6                   New kernel for debian-installer
   linux-kernel-di-powerpc-2.6                  New kernel for debian-installer
   linux-kernel-di-s390-2.6                     New kernel for debian-installer
   linux-kernel-di-sparc-2.6                    New kernel for debian-installer
   linux-latest-2.6                             Kernel ABI change
   linux-modules-contrib-2.6                    Rebuild for kernel ABI change
   linux-modules-di-alpha-2.6                   New kernel modules for
debian-installer
   linux-modules-di-amd64-2.6                   New kernel modules for
debian-installer
   linux-modules-di-arm-2.6                     New kernel modules for
debian-installer
   linux-modules-di-armel-2.6                   New kernel modules for
debian-installer
   linux-modules-di-hppa-2.6                    New kernel modules for
debian-installer
   linux-modules-di-i386-2.6                    New kernel modules for
debian-installer
   linux-modules-di-ia64-2.6                    New kernel modules for
debian-installer
   linux-modules-di-mips-2.6                    New kernel modules for
debian-installer
   linux-modules-di-mipsel-2.6                  New kernel modules for
debian-installer
   linux-modules-di-powerpc-2.6                 New kernel modules for
debian-installer
   linux-modules-di-s390-2.6                    New kernel modules for
debian-installer
   linux-modules-di-sparc-2.6                   New kernel modules for
debian-installer
   linux-modules-extra-2.6                      Rebuild for kernel ABI change
   linux-modules-nonfree-2.6                    Rebuild for kernel ABI change
   live-initramfs                               Fix media timeout,
boot and shutdown issues
   lvm2                                         Fix lvm on multipath in initrd
   mediawiki                                    Fix XSS vulnerabilities
   mp3gain [i386]                               Rebuild in a clean environment
   mt-daapd                                     Fix crasher in
built-in webserver
   munin                                        Fix cgi mode
   nvidia-graphics-legacy-96xx-modules-amd64    Rebuild for kernel ABI change
   nvidia-graphics-legacy-96xx-modules-i386     Rebuild for kernel ABI change
   nvidia-graphics-modules-amd64                Rebuild for kernel ABI change
   nvidia-graphics-modules-i386                 Rebuild for kernel ABI change
   oldsys-preseed                               Add support for the
D-Link DNS-323
   open-vm-tools                                Fix builds with other
kernels than the running one
   openoffice.org                               Repacked source to
remove RFC text file, various bug fixes
   optipng                                      Fix array overflow vulnerability
   pam                                          Fix signedness error
in _pam_StrTok
   pcapy                                        Fix memory leak and
capturing on lo
   pidgin                                       Fix failure while
connecting to ICQ servers due to protocol changes
   pidgin-otr                                   Provide translation
   posixlock [armel]                            Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   postgresql-8.3                               New upstream bugfix release
   pyusb                                        Fix module for
python2.5 on 64 bit arch
   qwik [armel]                                 Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   root-system                                  Add libsm-dev as
Build-Dependency
   roundup                                      Fix several vulnerabilities
   ruby-v4l [armel]                             Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   samba                                        Fix two bugs of
severity important
   sary-ruby [armel]                            Rebuild to put modules
in arm-linux instead of arm-linux-eabi
   sbnc                                         Fix sbnc.key file location
   schroot                                      Build with pthreads
explicitly to fix a crash on alpha
   smartmontools                                Fix target not
checking for running daemon
   snort                                        Fix possible segfault
   texlive-extra                                Blacklist aurora,
non-commercial license
   toolame                                      Portability fixes
   user-mode-linux                              Rebuild against
updated linux-source
   xorg-server                                  Work around broken PCI
on sparc in lenny's kernel
   xserver-xorg-video-savage                    Do not add panel modes
when there is no panel

New version of debian-installer
-------------------------------

debian-installer was updated to incorporate the updated Linux kernel
(DSA-1749), to add support for the D-Link DNS-323 (a NAS device) and to
incorporate new archive keys.

Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

   Advisory ID    Package                 Correction(s)

   DSA-1719       gnutls26                Certificate validation
   DSA-1725       websvn                  Information leak
   DSA-1726       python-crypto           Denial of service
   DSA-1728       dkim-milter             Denial of service
   DSA-1730       proftpd-dfsg            SQL injection vulnerabilities
   DSA-1734       opensc                  Information disclosure
   DSA-1735       znc                     Privilege escalation
   DSA-1736       mahara                  Cross-site scripting
   DSA-1737       wesnoth                 Several vulnerabilities
   DSA-1738       curl                    Arbitrary file access
   DSA-1739       mldonkey                Double slash vulnerability
   DSA-1740       yaws                    Denial of service
   DSA-1741       psi                     Denial of service
   DSA-1742       libsndfile              Arbitrary code execution
   DSA-1743       libtk-img               Arbitrary code execution
   DSA-1744       weechat                 Denial of service
   DSA-1745       lcms                    Arbitrary code execution
   DSA-1746       ghostscript             Arbitrary code execution
   DSA-1747       glib2.0                 Arbitrary code execution
   DSA-1749       linux-2.6               Several issues
   DSA-1750       libpng                  Several vulnerabilities
   DSA-1751       xulrunner               Several vulnerabilities
   DSA-1752       webcit                  Potential remote code execution
   DSA-1755       systemtap               Local privilege escalation
   DSA-1756       xulrunner               Multiple vulnerabilities
   DSA-1757       auth2db                 SQL injection
   DSA-1758       nss-ldapd               Information disclosure
   DSA-1759       strongswan              Possible denial of service
   DSA-1760       openswan                Possible denial of service


URLs
----

The complete lists of packages that have changed with this revision:

 <http://ftp.debian.org/debian/dists/lenny/ChangeLog>

The current stable distribution:

 <http://ftp.debian.org/debian/dists/stable>

Proposed updates to the stable distribution:

 <http://ftp.debian.org/debian/dists/proposed-updates>

stable distribution information (release notes, errata etc.):

 <http://www.debian.org/releases/stable/>

Security announcements and information:

 <http://www.debian.org/security/>


About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating systems Debian GNU/Linux.


Contact Information
-------------------

For further information, please visit the Debian web pages at
<http://www.debian.org/>, send mail to <press at debian.org>, or contact the
stable release team at <debian-release at lists.debian.org>



--
To UNSUBSCRIBE, email to debian-announce-REQUEST at lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster at lists.debian.org




-- 
$B2F at 6A3(B
Xia Qingran
qingran.xia at gmail.com
Sent from Beijing, 11, China
Norman Mailer  - &quot;Writing books is the closest men ever come to
childbearing.&quot; -
http://www.brainyquote.com/quotes/authors/n/norman_mailer.html