Complete diff of packages to be included in 4.0r7: Sourceful update of linux-2.6.24: version in stable: 2.6.24-6~etchnhalf.7 version in updates: 2.6.24-6~etchnhalf.8 Rationales: - 2.6.24-6~etchnhalf.8: linux-2.6.24 - fix several issues Sourceful update of icedove: version in stable: 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1 version in updates: 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1 Rationales: - 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1: DSA 1696 icedove - several vulnerabilities Sourceful update of openssl097: version in stable: 0.9.7k-3.1etch1 version in updates: 0.9.7k-3.1etch2 Rationales: - 0.9.7k-3.1etch2: DSA 1701 openssl097 - cryptographic weakness Sourceful update of crip: version in stable: 3.7-3 version in updates: 3.7-3+etch2 Rationales: - 3.7-3+etch2: crip - fix possible symlink attack through use of a temporary directory (CVE-2008-5376) Sourceful update of courier-authlib: version in stable: 0.58-4 version in updates: 0.58-4+etch3 Rationales: - 0.58-4+etch2: DSA 1688 courier-authlib - SQL injection - 0.58-4+etch3: DSA 1688 courier-authlib - SQL injection (fixes for regression) Sourceful update of netatalk: version in stable: 2.0.3-4 version in updates: 2.0.3-4+etch2 Rationales: - 2.0.3-4+etch1: DSA 1705 netatalk - arbitrary code execution - 2.0.3-4+etch2: DSA 1705 netatalk - arbitrary code execution (additional fixes) Sourceful update of tagcoll: version in stable: 1.6.3-1 version in updates: 1.6.3-2 Rationales: - 1.6.3-2: tagcoll - drop tagcoll binary package which is also built by tagcoll2 (#510482) Sourceful update of muttprint: version in stable: 0.72d-8 version in updates: 0.72d-8etch1 Rationales: - 0.72d-8etch1: muttprint - fix possible symlink attack vector (CVE-2008-5368) Sourceful update of fai-kernels: version in stable: 1.17+etch.23etch1 version in updates: 1.17+etch.24 Rationales: - 1.17+etch.24: fai-kernels - rebuild against proposed linux-2.6 update Sourceful update of ruby1.9: version in stable: 1.9.0+20060609-1etch3 version in updates: 1.9.0+20060609-1etch4 Rationales: - 1.9.0+20060609-1etch4: DSA 1695 ruby1.9 - denial of service Sourceful update of glibc: version in stable: 2.3.6.ds1-13etch8 version in updates: 2.3.6.ds1-13etch9 Rationales: - 2.3.6.ds1-13etch9: glibc - change currency in sk_SK (Slovakia) and sl_SI (Slovenia) to Euro (#510423) - 2.3.6.ds1-13etch9+b1: glibc - Rebuild to fix nscd dependencies. (Closes: #512070) Sourceful update of perl: version in stable: 5.8.8-7etch4 version in updates: 5.8.8-7etch6 Rationales: - 5.8.8-7etch5: DSA 1678 perl - privilege escalation - 5.8.8-7etch6: DSA 1678 perl - privilege escalation (fixes for regression) Sourceful update of ruby1.8: version in stable: 1.8.5-4etch3 version in updates: 1.8.5-4etch4 Rationales: - 1.8.5-4etch4: DSA 1695 ruby1.8 - denial of service Sourceful update of user-mode-linux: version in stable: 2.6.18-1um-2etch.23etch1 version in updates: 2.6.18-1um-2etch.24 Rationales: - 2.6.18-1um-2etch.24: fai-kernels - rebuild against proposed linux-2.6 update Sourceful update of xulrunner: version in stable: 1.8.0.15~pre080614h-0etch1 version in updates: 1.8.0.15~pre080614i-0etch1 Rationales: - 1.8.0.15~pre080614i-0etch1: DSA 1704 xulrunner - several vulnerabilities Sourceful update of bind9: version in stable: 1:9.3.4-2etch3 version in updates: 1:9.3.4-2etch4 Rationales: - 9.3.4-2etch4: DSA 1703 bind9 - fix cryptographic weakness Sourceful update of git-core: version in stable: 1:1.4.4.4-4 version in updates: 1:1.4.4.4-4+etch1 Rationales: - 1.4.4.4-4+etch1: DSA 1708 git-core - fix remote code execution Sourceful update of tkman: version in stable: 2.2-2 version in updates: 2.2-2etch1 Rationales: - 2.2-2etch1: tkman - fix temporary file race (CVE-2008-5137) Sourceful update of gforge: version in stable: 4.5.14-22etch8 version in updates: 4.5.14-22etch10 Rationales: - 4.5.14-22etch10: DSA 1698 gforge - SQL injection - 4.5.14-22etch9: gforge - get this version into the morgue Sourceful update of ntp: version in stable: 1:4.2.2.p4+dfsg-2 version in updates: 1:4.2.2.p4+dfsg-2etch1 Rationales: - 4.2.2.p4+dfsg-2etch1: DSA 1702 ntp - cryptographic weakness Sourceful update of xterm: version in stable: 222-1etch2 version in updates: 222-1etch4 Rationales: - 222-1etch3: DSA 1694 xterm - remote code execution - 222-1etch4: DSA 1694 xterm - remote code execution (fixes for regression) Sourceful update of zaptel: version in stable: 1:1.2.11.dfsg-1 version in updates: 1:1.2.11.dfsg-1+etch1 Rationales: - 1.2.11.dfsg-1+etch1: DSA 1699 zaptel - fix privilege escalation Sourceful update of gnumeric: version in stable: 1.6.3-5.1+etch1 version in updates: 1.6.3-5.1+etch2 Rationales: - 1.6.3-5.1+etch2: gnumeric - fix untrusted search path vulnerability (#513418, CVE-2009-0318) Sourceful update of moodle: version in stable: 1.6.3-2 version in updates: 1.6.3-2+etch1 Rationales: - 1.6.3-2+etch1: DSA 1691 moodle - several vulnerabilities Sourceful update of lasso: version in stable: 0.6.5-3 version in updates: 0.6.5-3+etch1 Rationales: - 0.6.5-3+etch1: DSA 1700 lasso - validation bypass Sourceful update of moin: version in stable: 1.5.3-1.2etch1 version in updates: 1.5.3-1.2etch2 Rationales: - 1.5.3-1.2etch2: DSA 1715 moin - insufficient input sanitising Sourceful update of shadow: version in stable: 1:4.0.18.1-7 version in updates: 1:4.0.18.1-7+etch1 Rationales: - 4.0.18.1-7+etch1: DSA 1709 shadow - fix possible privilege escalation Sourceful update of glpi: version in stable: 0.68.2-1etch0.1 version in updates: 0.68.2-1etch0.2 Rationales: - 0.68.2-1etch0.2: glpi - Replace domxml-php5-php5.php by a LGPL version (#496071) Sourceful update of linux-ftpd-ssl: version in stable: 0.17.18+0.3-6 version in updates: 0.17.18+0.3-6etch1 Rationales: - 0.17.18+0.3-6etch1: linux-ftpd-ssl - cross-site request forgery (CVE-2008-4247) Sourceful update of iceweasel: version in stable: 2.0.0.18-0etch1 version in updates: 2.0.0.19-0etch1 Rationales: - 2.0.0.19-0etch1: DSA 1707 iceweasel - several vulnerabilities Sourceful update of ganglia-monitor-core: version in stable: 2.5.7-3.1 version in updates: 2.5.7-3.1etch1 Rationales: - 2.5.7-3.1etch1: DSA 1710 ganglia-monitor-core - remote code execution Sourceful update of iceape: version in stable: 1.0.13~pre080323b-0etch3 version in updates: 1.0.13~pre080614i-0etch1 Rationales: - 1.0.13~pre080614i-0etch1: DSA 1697 iceape - several vulnerabilities Sourceful update of php-xajax: version in stable: 0.2.4-2 version in updates: 0.2.4-2+etch1 Rationales: - 0.2.4-2+etch1: DSA 1692 php-xajax - cross-site scripting Sourceful update of linux-2.6: version in stable: 2.6.18.dfsg.1-23etch1 version in updates: 2.6.18.dfsg.1-24 Rationales: - 2.6.18.dfsg.1-24: linux-2.6 - fix several issues Sourceful update of proftpd-dfsg: version in stable: 1.3.0-19etch1 version in updates: 1.3.0-19etch2 Rationales: - 1.3.0-19etch2: DSA 1689 proftpd-dfsg - Cross-Site Request Forgery Sourceful update of openssl: version in stable: 0.9.8c-4etch3 version in updates: 0.9.8c-4etch4 Rationales: - 0.9.8c-4etch4: DSA 1701 openssl - cryptographic weakness Sourceful update of phppgadmin: version in stable: 4.0.1-3.1 version in updates: 4.0.1-3.1etch2 Rationales: - 4.0.1-3.1etch1: DSA 1693 phppgadmin - several vulnerabilities - 4.0.1-3.1etch2: DSA 1693 phppgadmin - several vulnerabilities (fixes for regression) Sourceful update of amarok: version in stable: 1.4.4-4 version in updates: 1.4.4-4etch1 Rationales: - 1.4.4-4etch1: DSA 1706 amarok - arbitrary code execution Sourceful update of uw-imap: version in stable: 7:2002edebian1-13.1 version in updates: 7:2002edebian1-13.1+etch1 Rationales: - 2002edebian1-13.1+etch1: DSA 1685 uw-imap - multiple vulnerabilities Sourceful update of no-ip: version in stable: 2.1.1-4 version in updates: 2.1.1-4+etch1 Rationales: - 2.1.1-4+etch1: DSA 1686 no-ip - arbitrary code execution Sourceful update of devscripts: version in stable: 2.9.26etch1 version in updates: 2.9.26etch2 Rationales: - 2.9.26etch2: devscripts - fix insecure creation of temporary directories in debsign (#507482) Sourceful update of avahi: version in stable: 0.6.16-3etch1 version in updates: 0.6.16-3etch2 Rationales: - 0.6.16-3etch2: DSA 1690 avahi - denial of service Security updates included in this list: DSA 1678 | perl | privilege escalation DSA 1678 | perl | privilege escalation (fixes for regression) DSA 1685 | uw-imap | multiple vulnerabilities DSA 1686 | no-ip | arbitrary code execution DSA 1688 | courier-authlib | SQL injection DSA 1688 | courier-authlib | SQL injection (fixes for regression) DSA 1689 | proftpd-dfsg | Cross-Site Request Forgery DSA 1690 | avahi | denial of service DSA 1691 | moodle | several vulnerabilities DSA 1692 | php-xajax | cross-site scripting DSA 1693 | phppgadmin | several vulnerabilities DSA 1693 | phppgadmin | several vulnerabilities (fixes for regression) DSA 1694 | xterm | remote code execution DSA 1694 | xterm | remote code execution (fixes for regression) DSA 1695 | ruby1.8 | denial of service DSA 1695 | ruby1.9 | denial of service DSA 1696 | icedove | several vulnerabilities DSA 1697 | iceape | several vulnerabilities DSA 1698 | gforge | SQL injection DSA 1699 | zaptel | fix privilege escalation DSA 1700 | lasso | validation bypass DSA 1701 | openssl097 | cryptographic weakness DSA 1701 | openssl | cryptographic weakness DSA 1702 | ntp | cryptographic weakness DSA 1703 | bind9 | fix cryptographic weakness DSA 1704 | xulrunner | several vulnerabilities DSA 1705 | netatalk | arbitrary code execution DSA 1705 | netatalk | arbitrary code execution (additional fixes) DSA 1706 | amarok | arbitrary code execution DSA 1707 | iceweasel | several vulnerabilities DSA 1708 | git-core | fix remote code execution DSA 1709 | shadow | fix possible privilege escalation DSA 1710 | ganglia-monitor-core | remote code execution DSA 1715 | moin | insufficient input sanitising