[Technik] Debian GNU/Linux 3.1 updated

Noèl Köthe noel at debian.org
Tue Jan 1 13:42:46 CET 2008 

Am Freitag, den 28.12.2007, 22:45 +0100 schrieb Martin Schulze:

> The Debian Project                                http://www.debian.org/
> Debian GNU/Linux 3.1 updated                            press at debian.org
> December 27th, 2007             http://www.debian.org/News/2007/20071228
> 
> Debian GNU/Linux 3.1 updated

Wir haben noch folgende zwei Debian 3.1 "sarge" Rechner:
yuki (Backup) und cupa (dns2, backupmx und monitor)


> Miscellaneous Bugfixes
> ----------------------

>    Package                     Reason

>    apache2                     Fix several minor vulnerabilities

auf cupa aktualisiert:
apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low

  * Fix some less critical security issues:
  * Denial of service for threaded MPMs:
    - CVE-2005-2970: mpm_worker memory leak
    - CVE-2005-3357: mod_ssl with custom errorpage
    - CVE-2007-1863: mod_cache
  * Cross site scripting:
    - CVE-2005-3352: mod_imap
    - CVE-2006-3918: via Expect header
    - CVE-2006-5752: mod_status
  * Add check for scoreboard PID protection (CVE-2007-3304)

 -- Stefan Fritsch <sf at debian.org>  Thu, 16 Aug 2007 20:16:15 +0200

>    kernel-latest-2.6-i386      Meta package for new kernel ABI
>    kernel-source-2.6.8         Several fixes and driver updates

auf cupa und yuki aktualisiert:
kernel-image-2.6.8-i386 (2.6.8-17) oldstable; urgency=high

  * Rebuild against kernel-tree-2.6.8-17
    [ Simon Horman ]
    * drivers-net-via-rhine-wol-oops.dpatch (removed):
      This patch breaks the via-rhine driver and 2.6.8 and is
      completely bogus for this version of the kernel
      (closes: #311357)

    * drivers-media-vidio-bttv-vc100xp-detect.dpatch
      Allow Leadtek WinFast VC100 XP cards to work.

    * fs-jbd-checkpoint-assertion.dpatch
      Fix possible false assertion failure in log_do_checkpoint(). We might fail
      to detect that we actually made a progress when cleaning up the checkpoint
      lists if we don't retry after writing something to disk.

    * mm-rmap-out-of-bounds-pte.dpatch
      Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap()

    * net-ipv4-netfilter-ip_queue-deadlock.dpatch
      Fix deadlock with ip_queue and tcp local input path.

    * asm-i386-mem-clobber.dpatch:
      Make sure gcc doesn't reorder memory accesses in strncmp and friends on
      i386.

    * drivers-acpi-pci_irq-elcr.dpatch:
      Make sure we call acpi_register_gsi() even for default PCI interrupt
      assignment. That's the part that keeps track of the ELCR register, and we
      want to make sure that the PCI interrupts are properly marked level/low.

    [ dann frazier ]
    * Merge in applicable fixes from 2.6.12.4
       - netfilter-deadlock-ip6_queue.dpatch
       - rocket_c-fix-ldisc-ref-count.dpatch
       - early-vlan-fix.dpatch

    [ Simon Horman ]
    * drivers-sata-promise-sataii_tx2_tx4.dpatch
      Add SATAII TX2 and TX2/TX4 support to sata promise driver
      (Closes: #317286)

    * module-per-cpu-alignment-fix.dpatch
      Module per-cpu alignment cannot always be met
      From 2.6.12.5

    * genelink-usbnet-skb-typo.dpatch
      fix gl_skb/skb type error in genelink driver in usbnet
      Backported From 2.6.12.6

    * drivers-ide-ppp-pmac-build.dpatch
      Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds
      (closes: #321442)

    * fs-ext3-nfs-parent-fix.dpatch
      ext3 file systems mounted over nfs may lookup .. in dx directories
      causing an oops.
      (closes: #323557)

    * sparc-request_irq-in-RTC-fix.dpatch
      Use SA_SHIRQ in sparc specific code.
      From 2.6.13.1

    * forcedeth-init-link-settings-in-nv_open.patch
      forcedeth: Initialize link settings in every nv_open()
      From 2.6.13.2

    * fix-MPOL_F_VERIFY.patch
      Fix MPOL_F_VERIFY
      From 2.6.13.2

    * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch
      Fix up more strange byte writes to the PCI_ROM_ADDRESS config word
      From 2.6.13.2

    * yenta-oops-fix.patch
      yenta oops fix
      From 2.6.13.3

    * fix-de_thread-BUG_ON.patch
      Fix fs/exec.c:788 (de_thread()) BUG_ON
      From 2.6.13.3

    * ipv6-fix-per-socket-multicast-filtering.patch
      fix IPv6 per-socket multicast filtering in exact-match case
      From 2.6.13.3

    * ipvs-ip_vs_ftp-breaks-connections.patch
      ipvs: ip_vs_ftp breaks connections using persistence
      From 2.6.13.3

    * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch
      ieee1394/sbp2: fixes for hot-unplug and module unloading
      From 2.6.13.4

    * fix-sparc64-fpu-register-corruption.dpatch
      [SPARC64]: Fix userland FPU state corruption.
      From 2.6.13.4

    [ dann frazier ]
    * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch:
      Fix a bug in the block layer that causes a bootloader installation
      error under certain conditions - breaks installation on cciss devices.
      (closes: #354493)
    * Fix data corruption with dm-crypt over RAID5 (closes: #336153)
    * Fix VLAN support for 3c59x/90x series hardware (closes: #349774)
    * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in
      bogus 'error during NLMSG_PUT' messages (closes: #372621)
    * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch:
      Add PCI IDs for newer Diva console ports

 -- dann frazier <dannf at debian.org>  Sat, 26 May 2007 03:59:02 -0600

-- 
Noèl Köthe <noel debian.org>
Debian GNU/Linux, www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : /archiv/technik/attachments/20080101/b547e429/attachment.pgp

More information about the Technik mailing list