[Tails-dev] Fwd: [SUA 60-1] Upcoming Debian 7 Update (7.6)

Delete this message

Reply to this message
Author: intrigeri
Date:  
To: tails-dev
Subject: [Tails-dev] Fwd: [SUA 60-1] Upcoming Debian 7 Update (7.6)
Hi,

it would be good to e.g. run our automated test suite on an ISO built
with wheezy-proposed-updates enabled (and pinned adequately, if needed).

-------------------------------------------------------------------------
Debian Stable Updates Announcement SUA 60-1        http://www.debian.org/
debian-release@???                           Adam D. Barratt
July 7th, 2014
-------------------------------------------------------------------------


Upcoming Debian 7 Update (7.6)

An update to Debian 7 is scheduled for Saturday, July 12th,
2014. As of now it will include the following bug fixes. They can be
found in "wheezy-proposed-updates", which is carried by all official
mirrors.

Please note that packages published through security.debian.org are not
listed, but will be included if possible. Some of the updates below are
also already available through "wheezy-updates".

Testing and feedback would be appreciated. Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of
them by copying "debian-release@???" on your mails.

The point release will also include a rebuild of debian-installer.

Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

    Package                         Reason


    apache2                         Support ECC keys and ECDH ciphers; mod_proxy: fix crashes under load; mod_dav: fix potential DoS [CVE-2013-6438]; mod_log_config: fix cookie logging
    apt-cacher-ng                   Fix cross-site scripting via 403 responses [CVE-2014-4510]
    automake1.9-nonfree             Add empty prerm to ensure a clean upgrade path in case of install-info removal
    base-files                      Update for the point release
    catfish                         Fix regression from previous security update
    clamav                          New upstream release; fix a crash while using clamscan
    cmus                            Fix build failure related to the libmodplug upgrade in DSA 2751
    cups                            Fix XSS in the CUPS web interface; fix syntax errors in Hungarian templates
    cyrus-imapd-2.4                 Fix missing GUID for binary appends; fix broken nntpd
    dbus                            Fix denial of service [CVE-2014-3477]
    duo-unix                        Update upstream HTTPS certificates; improve support for SHA2 in HTTPS
    eglibc                          Fix issues which could break dynamic linker on biarch systems; fix regression in IPv6 name resolution; fix February month name in de_AT locale; fix backtrace() on mips; fix nl_langinfo() when used in static binaries
    elib                            Rebuild with current debhelper
    firebug                         Take over xul-ext-firecookie, as firebug now provides all its functionality; remove copyrighted ICC profile
    hdf5                            Rebuild against current wheezy gfortran
    intel-microcode                 Updated microcode
    ldns                            Fix default permissions on private DNSKEYs generated by ldns-keygen [CVE-2014-3209]
    libdatetime-timezone-perl       New upstream release
    libdbi-perl                     Remove dependency on to-be-removed libplrpc-perl
    libflickr-api-perl              Update URLs in line with upstream changes
    libjpeg6b                       Fix memory disclosure vulnerabilities [CVE-2013-6629 CVE-2013-6630]
    libjpeg8                        Fix memory disclosure vulnerabilities [CVE-2013-6629 CVE-2013-6630]
    libopenobex                     Fix segfault when transferring files
    linux                           Update to stable 3.2.60, drm/agp 3.4.92, rt 3.2.60-rt87; security fixes [CVE-2014-3940 CVE-2014-3917 CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654, CVE-2014-4655 CVE-2014-4656 CVE-2014-4027]
    maitreya                        Replace font to avoid copyright issues
    mobile-broadband-provider-info  Update included data
    nostalgy                        Add support for newer icedove versions
    openchange                      Remove packages which depend on previously removed samba4 packages
    openssh                         Restore patch to disable OpenSSL version check
    openssl                         Don't prefer ECDHE_ECDSA with some Safari versions; actually restart the services when restart-without-asking is set
    policyd-weight                  Fix infinite loop if resolver only reachable via IPv6
    proftpd-mod-geoip               Remove useless and buggy proftpd-mod-geoip.postrm script
    py3dns                          Fix timeouts associated with only one of several available nameservers being unavailable; correctly deal with source port already in use errors
    pydap                           Add "dap" to namespace_packages in setup.py
    quassel                         Fix certificate permissions
    scheme48                        Fix insecure use of temporary file [CVE-2014-4150]
    sieve-extension                 Add support for newer icedove versions
    sks                             Fix cross-site scripting [CVE-2014-3207]; improve Berkeley DB upgrade handling
    squid3                          Fix sporadic assertion failure under high load
    suds                            Fix unsecure creation of cache paths
    tor                             New upstream release
    tzdata                          New upstream release
    unbound                         Fix crash when using DNSSEC and num-threads > 1
    wireless-regdb                  Update database
    xmms2                           Fix build failure related to the libmodplug upgrade in DSA 2751


A complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:

<http://release.debian.org/proposed-updates/stable.html>

Removed packages
----------------

The following packages will be removed due to circumstances beyond our
control:

    Package                    Reason


    whatsnewfm          Obsolete as freecode.com no longer accepting submissions
    libplrpc-perl       Security issues
    firecookie          Obsolete; superseded by firebug
    freecode-submit     Obsolete as freecode.com no longer accepting submissions



If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at "debian-release@???".

--
intrigeri