1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
|
#use wml::debian::translation-check translation="1.4"
<define-tag pagetitle>Uppdaterad Debian 6.0: 6.0.4 utgiven</define-tag>
<define-tag release_date>2012-01-28</define-tag>
#use wml::debian::news
<define-tag release>6.0</define-tag>
<define-tag codename>squeeze</define-tag>
<define-tag revision>6.0.4</define-tag>
<define-tag dsa>
<tr><td align="center"><a href="$(HOME)/security/%0/dsa-%1">DSA-%1</a></td>
<td align="center"><:
my @p = ();
for my $p (split (/,\s*/, "%2")) {
push (@p, sprintf ('<a href="https://packages.debian.org/src:%s">%s</a>', $p, $p));
}
print join (", ", @p);
:></td><td align="left">%3</td></tr>
</define-tag>
<define-tag correction>
<tr><td><a href="https://packages.debian.org/src:%0">%0</a></td> <td>%1</td></tr>
</define-tag>
<define-tag srcpkg><a href="https://packages.debian.org/src:%0">%0</a></define-tag>
<p>
Debianprojektet tillkännager stolt den fjärde uppdateringen av dess stabila
utgåva Debian <release> (med kodnamn <q><codename></q>).
Denna uppdatering lägger främst till rättningar för säkerhetsproblem till den
stabila utgåvan, tillsammans med några korrigeringar till några allvarliga
problem. Säkerhetsbulletiner har redan publicerats separat och refereras när
dom finns tillgängliga.
</p>
<p>
Vänligen notera att denna uppdatering inte innebär en ny version av Debian
<release> utan endast uppdaterar några av de inkluderade paketen. Det finns
ingen anledning att kasta bort <release>-CDs eller DVDs utan allt som behövs
är att uppdatera via en uppdaterad Debianspegling efter en installation, för
att få alla inaktuella paket uppdaterade.
</p>
<p>
Dom som frekvent installerar uppdateringar från security.debian.org kommer
inte att behöva uppdatera många paket och de flesta uppdateringar från
security.debian.org inkluderas i denna uppdatering.
</p>
<p>
Nya installationsmedia och CD- och DVD-avbildningar med uppdaterade paket
kommer att finnas tillgängliga snart på dom vanliga platserna.
</p>
<p>
En uppgradering online till denna revision görs vanligtvis genom att peka
paketverktyget aptitude eller apt (se manualsidan för sources.list(5)) mot
en av Debians många FTP eller HTTP-speglingar. En fullständig lista på
speglar finns på:
</p>
<div class="center">
<a href="$(HOME)/mirror/list">https://www.debian.org/mirror/list</a>
</div>
<h2>Diverse Felrättningar</h2>
<p>Denna uppdatering av den stabila utgåvan lägger till några viktiga
felrättningar till följande paket:</p>
<table border=0>
<tr><th>Paket</th> <th>Orsak</th></tr>
<correction adolc "Remove Visual C++ runtime from windows/ directory">
<correction backuppc "Fix data corruption in tarballs due to logging to stdout and two XSS issues">
<correction base-files "Update /etc/debian_version for the point release">
<correction base-installer "Add POWER7 to the powerpc64 family">
<correction bti "Fix identi.ca OAuth URLs">
<correction bugzilla "Security fixes">
<correction byobu "Correct postinst chmod semantics">
<correction bzip2 "Fix CVE-2011-4089">
<correction c-ares "Fix encoded length for indirect root">
<correction cherokee "Avoid brute-forceable password in cherokee-admin">
<correction cifs-utils "Fix mtab corruption issues">
<correction clamav "New upstream version; fix potential DoS">
<correction clamz "Handle unencrypted amz files">
<correction cpufrequtils "Load powernow-k8 for AMD family 20 (i.e. AMD E-350 cpus); better support 3.0 kernels">
<correction debian-installer "Stop menu falling off the screen">
<correction debian-installer-netboot-images "Update to d-i 20110106+squeeze4">
<correction dpkg "Add armhf to {os,triplet}table; defer hardlink renames; do not fail to unpack shared directories missing on the file system from packages being replaced by other packages">
<correction eglibc "New upstream stable release plus fixes from stable branch">
<correction erlang "Fix CVE-2011-0766 (cryptographic weakness) in the erlang ssh application">
<correction etherape "Null pointer dereferences">
<correction gimp "Fix printing when used with libcairo version 1.10 or above">
<correction gnutls26 "Fix buffer overflow in gnutls_session_get_data()">
<correction hplip "Fix insecure use of temporary file">
<correction ia32-libs "Update packages">
<correction ia32-libs-gtk "Update packages">
<correction ifupdown-extra "Handle moved location of ethtool; fix handling of <q>rejects</q> in static-route; use --tmpdir for temporary files; move /etc/network/network-routes to /e/n/routes; documentation updates">
<correction iotop "Give a helpful error instead of crashing when Linux denies permission to read the taskstats files">
<correction jabberbot "Bind callbacks after the roster has been initialised">
<correction kernel-wedge "Add et131x to nic-extra-modules; add isci to scsi-extra-modules; add xhci-hcd to usb-modules">
<correction killer "Use DNS for mail domain rather than NIS; stop cron job failing when package is removed">
<correction ldap2zone "Don't send mail on success; syslog instead">
<correction libdata-formvalidator-perl "Fix possible passing of invalid data in untaint mode">
<correction libdebian-installer "Detect IBM pSeries platform as powerpc/chrp_ibm">
<correction libdigest-perl "Fix unsafe use of eval in Digest->new()">
<correction libhtml-template-pro-perl "Fix XSS">
<correction libjifty-dbi-perl "SQL injection">
<correction libmtp "Add support for Motorola Xoom devices">
<correction libpar-packer-perl "Fix use of unsafe and predictable temporary directories">
<correction libpar-perl "Fix use of unsafe and predictable temporary directories">
<correction linux-2.6 "Fixes for xen regression, GRO/GSO IPv6 forwarding, ppc vserver; add stable releases 2.6.32.47-54, various fixes; fix tg3 regression; xen fixes">
<correction linux-kernel-di-amd64-2.6 "Rebuild against linux-2.6 kernel 2.6.32-41">
<correction linux-kernel-di-armel-2.6 "Rebuild against linux-2.6 kernel 2.6.32-41">
<correction linux-kernel-di-i386-2.6 "Rebuild against linux-2.6 kernel 2.6.32-41">
<correction linux-kernel-di-ia64-2.6 "Rebuild against linux-2.6 kernel 2.6.32-41">
<correction linux-kernel-di-mips-2.6 "Rebuild against linux-2.6 kernel 2.6.32-41">
<correction linux-kernel-di-mipsel-2.6 "Rebuild against linux-2.6 kernel 2.6.32-41">
<correction linux-kernel-di-powerpc-2.6 "Rebuild against linux-2.6 kernel 2.6.32-41">
<correction linux-kernel-di-s390-2.6 "Rebuild against linux-2.6 kernel 2.6.32-41">
<correction linux-kernel-di-sparc-2.6 "Rebuild against linux-2.6 kernel 2.6.32-41">
<correction masqmail "Fix improper seteuid() calls">
<correction mdadm "Quieten some cron messages; don't break when no scheduling class is specified or no devices are active; LSB header updates">
<correction mediawiki "Fix unintended exposure of hidden content through cache pollution; disable CVE-2011-4360.patch; doesn't apply to this version and causes errors">
<correction module-init-tools "Support 3.0 kernels">
<correction multipath-tools "Change HP hardware handler to hp_sw; update man pages">
<correction mutt "Fix validation of commonname (gnutls)">
<correction nfs-utils "Allow negotiated enctypes to be limited; avoid corrupting mtab">
<correction nginx "Fix compression pointer processing in DNS response greater than 255 bytes">
<correction nss-pam-ldapd "Correctly parse /etc/nsswitch.conf, detect calling process identity and fix disconnect logic">
<correction partman-target "Stop treating ISO hybrid images on USB sticks as real optical drives">
<correction pastebinit "Fix support for user configuration files">
<correction pbuilder "Rename the /run script from --execute to /runscript, for compatibility with wheezy and later which have /run as a directory replacing /var/run">
<correction perl "Unregister signal handler before destroying my_perl; fixes segfault; minor security fixes">
<correction phppgadmin "Fix XSS">
<correction pidgin "Fix remote crash issues">
<correction postgresql-8.4 "New upstream micro-release">
<correction pure-ftpd "Fix man in the middle attack on encrypted sessions">
<correction python-debian "Allow <q>:</q> as the first character of a value">
<correction python3-defaults "Ignore binary files while checking shebangs">
<correction qemu-kvm "Fix NIC hotplug from libvirt">
<correction quassel "Fix missing translations">
<correction recoll "Plug conversion descriptor leak in unac.c::convert() error path">
<correction rng-tools "Work around VIA Nano xstore bug; add 3.0 kernel support">
<correction rpm "Fix malformed header parsing">
<correction samba "Allow using unencrypted passwords with Windows clients with KB2536276 installed">
<correction shorewall "Install missing /usr/share/shorewall/helpers">
<correction shorewall-lite "Install missing /usr/share/shorewall/helpers">
<correction shorewall6 "Install missing /usr/share/shorewall/helpers">
<correction shorewall6-lite "Install missing /usr/share/shorewall/helpers">
<correction slbackup "Fix path to configuration file in the cron job">
<correction slbackup-php "Fix login issues, deal with blanks in filenames, fix last failed timestamp">
<correction tinyproxy "Validate port number specified in configuration">
<correction tzdata "New upstream version; add DST for America/Bahia">
<correction user-mode-linux "Rebuild against linux-source-2.6.32 (2.6.32-41)">
<correction webkit "Avoid doing lots of needless NULL DNS lookups">
<correction whatsnewfm "Handle renaming of freshmeat to freshcode">
<correction xorg-server "GLX: add missing input sanitization; fix a file disclosure vulnerability and a file permission change vulnerability">
<correction xpdf "Fix insecure temporary file usage">
</table>
<h2>Säkerhetsuppdateringar</h2>
<p>
Denna revision lägger till följande säkerhetsuppgraderingar till den stabila
utgåvan. Säkerhetsgruppen har redan släppt bulletiner för följande
uppdateringar:
</p>
<table border=0>
<tr><th>Bulletin-ID</th> <th>Paket</th> <th>Rättning(ar)</th></tr>
<dsa 2011 2181 subversion "Denial of service">
<dsa 2011 2251 subversion "Multiple issues">
<dsa 2011 2283 krb5-appl "Programming error">
<dsa 2011 2284 opensaml2 "Implementation error">
<dsa 2012 2301 rails "Multiple issues">
<dsa 2011 2311 openjdk-6 "Multiple issues">
<dsa 2011 2315 openoffice.org "Multiple issues">
<dsa 2011 2318 cyrus-imapd-2.2 "Multiple issues">
<dsa 2011 2322 bugzilla "Multiple issues">
<dsa 2011 2323 radvd "Multiple issues">
<dsa 2011 2324 wireshark "Programming error">
<dsa 2011 2325 kfreebsd-8 "Privilege escalation/denial of service">
<dsa 2011 2326 pam "Multiple issues">
<dsa 2011 2327 libfcgi-perl "Authentication bypass">
<dsa 2011 2328 freetype "Missing input sanitising">
<dsa 2011 2329 torque "Buffer overflow">
<dsa 2011 2330 simplesamlphp "Multiple issues">
<dsa 2011 2331 tor "Multiple issues">
<dsa 2011 2332 python-django "Multiple issues">
<dsa 2011 2333 phpldapadmin "Multiple issues">
<dsa 2011 2334 mahara "Multiple issues">
<dsa 2011 2335 man2html "Missing input sanitization">
<dsa 2011 2337 xen "Multiple issues">
<dsa 2011 2338 moodle "Multiple issues">
<dsa 2011 2339 nss "Multiple issues">
<dsa 2011 2340 postgresql-8.4 "Weak password hashing">
<dsa 2011 2341 iceweasel "Multiple issues">
<dsa 2011 2342 iceape "Multiple issues">
<dsa 2011 2343 openssl "CA trust revocation">
<dsa 2011 2344 python-django-piston "Deserialization vulnerability">
<dsa 2011 2345 icedove "Multiple issues">
<dsa 2011 2346 proftpd-dfsg "Multiple issues">
<dsa 2011 2347 bind9 "Improper assert">
<dsa 2011 2348 systemtap "Multiple issues">
<dsa 2011 2349 spip "Multiple issues">
<dsa 2011 2350 freetype "Missing input sanitising">
<dsa 2011 2351 wireshark "Buffer overflow">
<dsa 2011 2353 ldns "Buffer overflow">
<dsa 2011 2354 cups "Multiple issues">
<dsa 2011 2355 clearsilver "Format string vulnerability">
<dsa 2011 2356 openjdk-6 "Multiple issues">
<dsa 2011 2357 evince "Multiple issues">
<dsa 2011 2361 chasen "Buffer overflow">
<dsa 2011 2362 acpid "Multiple issues">
<dsa 2011 2363 tor "Buffer overflow">
<dsa 2011 2364 xorg "Incorrect permission check">
<dsa 2011 2366 mediawiki "Multiple issues">
<dsa 2011 2367 asterisk "Multiple issues">
<dsa 2011 2368 lighttpd "Multiple issues">
<dsa 2011 2369 libsoup2.4 "Directory traversal">
<dsa 2011 2370 unbound "Multiple issues">
<dsa 2011 2371 jasper "Buffer overflows">
<dsa 2011 2372 heimdal "Buffer overflow">
<dsa 2011 2373 inetutils "Buffer overflow">
<dsa 2011 2374 openswan "Implementation error">
<dsa 2011 2375 krb5-appl "Buffer overflow">
<dsa 2011 2376 ipmitool "Insecure pid file">
<dsa 2012 2377 cyrus-imapd-2.2 "Denial of service">
<dsa 2012 2378 ffmpeg "Multiple issues">
<dsa 2012 2379 krb5 "Multiple issues">
<dsa 2012 2380 foomatic-filters "Shell command injection">
<dsa 2012 2381 squid3 "Invalid memory deallocation">
<dsa 2012 2382 ecryptfs-utils "Multiple issues">
<dsa 2012 2383 super "Buffer overflow">
<dsa 2012 2384 cacti "Multiple issues">
<dsa 2012 2385 pdns "Packet loop">
<dsa 2012 2386 openttd "Multiple issues">
<dsa 2012 2387 simplesamlphp "Cross site scripting">
<dsa 2012 2388 t1lib "Multiple issues">
<dsa 2012 2390 openssl "Multiple issues">
<dsa 2012 2391 phpmyadmin "Multiple issues">
<dsa 2012 2392 openssl "Out-of-bounds read">
<dsa 2012 2393 bip "Buffer overflow">
</table>
<h2>Debianinstalleraren</h2>
<p>
Installeraren har uppdaterats med denna punktutgåva för att lägga till
stöd för att installera på POWER7-maskiner och för att korrigera
dimensionerna på startmenyn för att undvika problem med vissa skärmar.
</p>
<p>
Kärnan som används av installeraren har uppdaterats för att inkludera
olika säkerhetsrättningar och för att lägga till stöd för Agere
ET-1310-baserade nätverkskort (et131x-drivrutinen), SAS/SATA-styrenheter
från Intel C600-serien (isci-drivrutinen) och USB 3.0-styrenheter
(xhci-drivrutinen).
</p>
<h2>Borttagna paket</h2>
<p>
Följande paket har tagits bort som en följd av problem utom vår kontroll:
</p>
<table border=0>
<tr><th>Paket</th> <th>Orsak</th></tr>
<correction partlibrary "Icke-distribuerbart">
<correction qcad "Icke-distribuerbart">
</table>
<h2>URLer</h2>
<p>
Denna fullständiga listan på paket som vi har förändrat med denna revision:
</p>
<div class="center">
<url "http://ftp.debian.org/debian/dists/<downcase <codename>>/ChangeLog">
</div>
<p>Den aktuella stabila utgåvan:</p>
<div class="center">
<url "http://ftp.debian.org/debian/dists/stable/">
</div>
<p>Föreslagna uppdateringar till den stabila utgåvan:</p>
<div class="center">
<url "http://ftp.debian.org/debian/dists/proposed-updates">
</div>
<p>Information om den stabila utgåvan (versionsfakta, kända problem, osv.):</p>
<div class="center">
<a
href="$(HOME)/releases/stable/">https://www.debian.org/releases/stable/</a>
</div>
<p>Säkerhetsbulletiner och information:</p>
<div class="center">
<a href="$(HOME)/security/">http://security.debian.org/</a>
</div>
<h2>Om Debian</h2>
<p>Debianprojektet är en grupp av utvecklare av Fri mjukvara som donerar sin
tid och kraft för att producera det helt fria operativsystemet Debian.</p>
<h2>Kontaktinformation</h2>
<p>För mer information, besök Debians webbplats på <a
href="$(HOME)/">https://www.debian.org/</a>, skicka e-post till
<press@debian.org> (på engelska), eller kontakta gruppen för stabila utgåvor på
<debian-release@lists.debian.org> (på engelska).</p>
|
