Resent-Date: Mon, 7 Jul 2014 22:56:24 +0000 (UTC)
Resent-From: debian-stable-announce@???
-------------------------------------------------------------------------
Debian Stable Updates Announcement SUA 60-1 http://www.debian.org/
debian-release@??? Adam D. Barratt
July 7th, 2014
-------------------------------------------------------------------------
Upcoming Debian 7 Update (7.6)
An update to Debian 7 is scheduled for Saturday, July 12th,
2014. As of now it will include the following bug fixes. They can be
found in "wheezy-proposed-updates", which is carried by all official
mirrors.
Please note that packages published through security.debian.org are not
listed, but will be included if possible. Some of the updates below are
also already available through "wheezy-updates".
Testing and feedback would be appreciated. Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of
them by copying "debian-release@???" on your mails.
The point release will also include a rebuild of debian-installer.
Miscellaneous Bugfixes
----------------------
This stable update adds a few important corrections to the following
packages:
Package Reason
apache2 Support ECC keys and ECDH ciphers;
mod_proxy: fix crashes under load; mod_dav: fix potential DoS
[CVE-2013-6438]; mod_log_config: fix cookie logging
apt-cacher-ng Fix cross-site scripting via 403
responses [CVE-2014-4510]
automake1.9-nonfree Add empty prerm to ensure a clean
upgrade path in case of install-info removal
base-files Update for the point release
catfish Fix regression from previous
security update
clamav New upstream release; fix a crash
while using clamscan
cmus Fix build failure related to the
libmodplug upgrade in DSA 2751
cups Fix XSS in the CUPS web interface;
fix syntax errors in Hungarian templates
cyrus-imapd-2.4 Fix missing GUID for binary appends;
fix broken nntpd
dbus Fix denial of service [CVE-2014-3477]
duo-unix Update upstream HTTPS certificates;
improve support for SHA2 in HTTPS
eglibc Fix issues which could break dynamic
linker on biarch systems; fix regression in IPv6 name resolution; fix
February month name in de_AT locale; fix backtrace() on mips; fix
nl_langinfo() when used in static binaries
elib Rebuild with current debhelper
firebug Take over xul-ext-firecookie, as
firebug now provides all its functionality; remove copyrighted ICC profile
hdf5 Rebuild against current wheezy gfortran
intel-microcode Updated microcode
ldns Fix default permissions on private
DNSKEYs generated by ldns-keygen [CVE-2014-3209]
libdatetime-timezone-perl New upstream release
libdbi-perl Remove dependency on to-be-removed
libplrpc-perl
libflickr-api-perl Update URLs in line with upstream
changes
libjpeg6b Fix memory disclosure
vulnerabilities [CVE-2013-6629 CVE-2013-6630]
libjpeg8 Fix memory disclosure
vulnerabilities [CVE-2013-6629 CVE-2013-6630]
libopenobex Fix segfault when transferring files
linux Update to stable 3.2.60, drm/agp
3.4.92, rt 3.2.60-rt87; security fixes [CVE-2014-3940 CVE-2014-3917
CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654, CVE-2014-4655
CVE-2014-4656 CVE-2014-4027]
maitreya Replace font to avoid copyright issues
mobile-broadband-provider-info Update included data
nostalgy Add support for newer icedove versions
openchange Remove packages which depend on
previously removed samba4 packages
openssh Restore patch to disable OpenSSL
version check
openssl Don't prefer ECDHE_ECDSA with some
Safari versions; actually restart the services when
restart-without-asking is set
policyd-weight Fix infinite loop if resolver only
reachable via IPv6
proftpd-mod-geoip Remove useless and buggy
proftpd-mod-geoip.postrm script
py3dns Fix timeouts associated with only
one of several available nameservers being unavailable; correctly deal
with source port already in use errors
pydap Add "dap" to namespace_packages in
setup.py
quassel Fix certificate permissions
scheme48 Fix insecure use of temporary file
[CVE-2014-4150]
sieve-extension Add support for newer icedove versions
sks Fix cross-site scripting
[CVE-2014-3207]; improve Berkeley DB upgrade handling
squid3 Fix sporadic assertion failure under
high load
suds Fix unsecure creation of cache paths
tor New upstream release
tzdata New upstream release
unbound Fix crash when using DNSSEC and
num-threads > 1
wireless-regdb Update database
xmms2 Fix build failure related to the
libmodplug upgrade in DSA 2751
A complete list of all accepted and rejected packages together with
rationale is on the preparation page for this revision:
<
http://release.debian.org/proposed-updates/stable.html>
Removed packages
----------------
The following packages will be removed due to circumstances beyond our
control:
Package Reason
whatsnewfm Obsolete as freecode.com no longer accepting
submissions
libplrpc-perl Security issues
firecookie Obsolete; superseded by firebug
freecode-submit Obsolete as freecode.com no longer accepting
submissions
If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at "debian-release@???".
