Hi,
it would be good to e.g. run our automated test suite on an ISO built
with wheezy-proposed-updates enabled (and pinned adequately, if needed).
-------------------------------------------------------------------------
Debian Stable Updates Announcement SUA 60-1 http://www.debian.org/
debian-release@??? Adam D. Barratt
July 7th, 2014
-------------------------------------------------------------------------
Upcoming Debian 7 Update (7.6)
An update to Debian 7 is scheduled for Saturday, July 12th,
2014. As of now it will include the following bug fixes. They can be
found in "wheezy-proposed-updates", which is carried by all official
mirrors.
Please note that packages published through security.debian.org are not
listed, but will be included if possible. Some of the updates below are
also already available through "wheezy-updates".
Testing and feedback would be appreciated. Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of
them by copying "debian-release@???" on your mails.
The point release will also include a rebuild of debian-installer.
Miscellaneous Bugfixes
----------------------
This stable update adds a few important corrections to the following
packages:
Package Reason
apache2 Support ECC keys and ECDH ciphers; mod_proxy: fix crashes under load; mod_dav: fix potential DoS [CVE-2013-6438]; mod_log_config: fix cookie logging
apt-cacher-ng Fix cross-site scripting via 403 responses [CVE-2014-4510]
automake1.9-nonfree Add empty prerm to ensure a clean upgrade path in case of install-info removal
base-files Update for the point release
catfish Fix regression from previous security update
clamav New upstream release; fix a crash while using clamscan
cmus Fix build failure related to the libmodplug upgrade in DSA 2751
cups Fix XSS in the CUPS web interface; fix syntax errors in Hungarian templates
cyrus-imapd-2.4 Fix missing GUID for binary appends; fix broken nntpd
dbus Fix denial of service [CVE-2014-3477]
duo-unix Update upstream HTTPS certificates; improve support for SHA2 in HTTPS
eglibc Fix issues which could break dynamic linker on biarch systems; fix regression in IPv6 name resolution; fix February month name in de_AT locale; fix backtrace() on mips; fix nl_langinfo() when used in static binaries
elib Rebuild with current debhelper
firebug Take over xul-ext-firecookie, as firebug now provides all its functionality; remove copyrighted ICC profile
hdf5 Rebuild against current wheezy gfortran
intel-microcode Updated microcode
ldns Fix default permissions on private DNSKEYs generated by ldns-keygen [CVE-2014-3209]
libdatetime-timezone-perl New upstream release
libdbi-perl Remove dependency on to-be-removed libplrpc-perl
libflickr-api-perl Update URLs in line with upstream changes
libjpeg6b Fix memory disclosure vulnerabilities [CVE-2013-6629 CVE-2013-6630]
libjpeg8 Fix memory disclosure vulnerabilities [CVE-2013-6629 CVE-2013-6630]
libopenobex Fix segfault when transferring files
linux Update to stable 3.2.60, drm/agp 3.4.92, rt 3.2.60-rt87; security fixes [CVE-2014-3940 CVE-2014-3917 CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654, CVE-2014-4655 CVE-2014-4656 CVE-2014-4027]
maitreya Replace font to avoid copyright issues
mobile-broadband-provider-info Update included data
nostalgy Add support for newer icedove versions
openchange Remove packages which depend on previously removed samba4 packages
openssh Restore patch to disable OpenSSL version check
openssl Don't prefer ECDHE_ECDSA with some Safari versions; actually restart the services when restart-without-asking is set
policyd-weight Fix infinite loop if resolver only reachable via IPv6
proftpd-mod-geoip Remove useless and buggy proftpd-mod-geoip.postrm script
py3dns Fix timeouts associated with only one of several available nameservers being unavailable; correctly deal with source port already in use errors
pydap Add "dap" to namespace_packages in setup.py
quassel Fix certificate permissions
scheme48 Fix insecure use of temporary file [CVE-2014-4150]
sieve-extension Add support for newer icedove versions
sks Fix cross-site scripting [CVE-2014-3207]; improve Berkeley DB upgrade handling
squid3 Fix sporadic assertion failure under high load
suds Fix unsecure creation of cache paths
tor New upstream release
tzdata New upstream release
unbound Fix crash when using DNSSEC and num-threads > 1
wireless-regdb Update database
xmms2 Fix build failure related to the libmodplug upgrade in DSA 2751
A complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:
<
http://release.debian.org/proposed-updates/stable.html>
Removed packages
----------------
The following packages will be removed due to circumstances beyond our
control:
Package Reason
whatsnewfm Obsolete as freecode.com no longer accepting submissions
libplrpc-perl Security issues
firecookie Obsolete; superseded by firebug
freecode-submit Obsolete as freecode.com no longer accepting submissions
If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at "debian-release@???".
--
intrigeri