16
|
|
|
Thijs Kinkhorst |
20110609 |
13 years ago
|
|
|
15
|
|
|
Thijs Kinkhorst |
20110310 |
13 years ago
|
|
|
14
|
|
* Do not disable secure APT when downloading packages (closes: #610089) * Add security repository next to the regular Debian mirror.
* Packages updated:
[ cyrus-sasl2 (2.1.23.dfsg1-7) unstable; urgency=low ]
[ Luca Capello ] * Fix for (#601977), the idea coming from Gaudenz Steinlin <gaudenz@debian.org>: + debian/control: - cyrus-sasl2-dbg Depends: on one of the two GSSAPI dbg packages. - new cyrus-sasl2-mit-dbg package which Conflicts: with cyrus-sasl2-heimdal-dbg. - cyrus-sasl2-heimdal-dbg now Conflicts: with cyrus-sasl2-mit-dbg. + debian/cyrus-sasl2-heimdal-dbg.preinst: - remove, useless. + debian/cyrus-sasl2-heimdal-dbg.postrm: - remove, useless. + debian/cyrus-sasl2-mit-dbg.dirs: - create /usr/lib/debug/usr/lib/sasl2/. + debian/rules: - mv MIT libgssapiv2.so.2.0.23 into cyrus-sasl2-mit-dbg.
[ Roberto C. Sanchez ] * Thanks to Luca Capello for providing the patch.
[ dbus (1.2.24-4) unstable; urgency=high ]
* debian/patches/12-CVE-2010-4352-reject-deeply-nested-variants.patch - Fixes CVE-2010-4352: sending messages with excessively-nested variants can crash the bus. The existing restriction to 64-levels of nesting previously only applied to the static type signature; now it also applies to dynamic nesting using variants. Patch cherry-picked from upstream Git. * Urgency high for the security fix.
[ isdnutils (1:3.9.20060704+dfsg.2-4.1) testing-proposed-updates; urgency=low ]
* Non-maintainer upload. * debian/{ipppd,isdnvboxserver,isdnvboxserver}.postinst: Call MAKEDEV in /dev not via search path (#604219, #604211, #597926, #604216). Thanks to Alexander Reichle-Schmehl for the patch.
[ krb5 (1.8.3+dfsg-4) unstable; urgency=medium ]
* Ignore PACs without a server signature generated by OS X Open Directory rather than failing authentication, #604925
[ krb5 (1.8.3+dfsg-3) unstable; urgency=emergency ]
* MITKRB5-SA-2010-007 * CVE-2010-1324: An unauthenticated attacker can inject arbitrary content into an existing GSS connection that appears to be integrity protected from the legitimate peer under some circumstances * GSS applications may accept a PAC produced by an attacker as if it were signed by a KDC * CVE-2010-1323: attackers have a 1/256 chance of being able to produce krb_safe messages that appear to be from legitimate remote sources. Other than use in KDC database copies this may not be a huge issue only because no one actually uses krb_safe messages. Similarly, an attacker can force clients to display challenge/response values of the attacker's choice. * CVE-2010-4020: An attacker may be able to generate what is accepted as a ad-signedpath or ad-kdc-issued checksum with 1/256 probability * New Vietnamese debconf translations, Thanks Clytie Siddall, #601533 * Update standards version to 3.9.1 (no changes required
[ libasyncns (0.3-1.1) unstable; urgency=low ]
* Non-maintainer upload. * libasyncns/asyncns.c: Fix data alignment issue on armel, backported from upstream. (#566139)
[ libx11 (2:1.3.3-4) unstable; urgency=low ]
* Cherry-pick patches from upstream, 1.3-branch: - man: Fix typo in Makefile - Bug 27465 - Rewritten fi_FI.UTF-8 Compose file - Fix typo in new fi_FI.UTF-8 that was reported by "make check" - man: Redirect users from XKeycodeToKeysym to XkbKeycodeToKeysym #25732 - man: Fix return value specification of XkbKeyActionEntry - man: Return value of XkbGetState is Status and not Bool - man: Add missing geometry component flag - man: Correct the XkbAllAccessXEventsMask mask name - Fix manual typos. - Allow X11 users to compose anarchism - Clarify requirements in XRestackWindows man page - Fix typo that made configure always report "none" for man page suffix - Define FILE_MAN_DIR_SUFFIX so XCompose shadow page has correct path - Compose.man: default user compose file is .XCompose, not .Xcompose - Make Compose-comma map to Ogonek for A and E in UTF-8 locales. - Make Compose-comma map to ogonek for I and U in UTF-8 locales. - NLS: Add o/ Compose sequence - nls: Switch one of the interrobang sequences to gnaborretni - Bug 29773: aliases for nb_NO.utf8 and nn_NO.utf8
[ libxi (2:1.3-6) unstable; urgency=medium ]
* WireToEvent: Set display member of all events as well (cherry-pick from upstream).
[ libxml2 (2.7.8.dfsg-2) unstable; urgency=low ]
* xpath.c: Fix a double-freeing error in XPath processing code. (CVE-2010-4494). #607922.
[ openldap (2.4.23-7) unstable; urgency=low ]
* Updated vietnamese translation, thanks Clytie Siddall (#601537, #598575) * Updated portuguese translation, thanks Traduz (#599760) * Updated danish translation, thanks Joe Dalton (#599835)
[ openssl (0.9.8o-4) unstable; urgency=low ]
* Fix CVE-2010-4180 (#529221)
[ sane-backends (1.0.21-9) unstable; urgency=low ]
* debian/patches/fix_epson2_cancel.patch: + Added; fix handling of scanner errors by sending a cancel command (#597922).
[ sane-backends (1.0.21-8) unstable; urgency=low ]
* debian/patches/fix_epson2_commands.patch: + Added; fix list of supported commands for levels D1 and D2 (#582066).
[ util-linux (2.17.2-5) unstable; urgency=low ]
* Merge in all those NMUs that were never pushed to me in bugs.
[ util-linux (2.17.2-4) unstable; urgency=low ]
[Miklos Szeredi]
* mount: don't canonicalize "spec" with --no-canonicalize option. #593336
[Karel Zak]
* fdisk: fix freespace boundaries calculation on SGI disklabel. #510130
[LaMont Jones]
* Deliver agetty as both agetty and getty, preferring agetty. #117596 * Declare source format (1.0) * use debconf (iff installed) to warn about noauto fileysstems with non-zero pass numbers. #566072 * update lintian-overrides, actually install them in the deb
|
Thijs Kinkhorst |
20110117 |
13 years ago
|
|
|
13
|
|
|
Goswin von Brederlow |
20101129 |
13 years ago
|
|
|
12
|
|
|
Goswin von Brederlow |
20101117 |
13 years ago
|
|
|
11
|
|
* Packages updated
[ acl (2.2.49-4) unstable; urgency=low ]
* Migrate to having binaries in sbindir (#590240)
[ krb5 (1.8.3+dfsg-1) unstable; urgency=low ]
* New Upstream release; only change is version bump from beta1 to final * Bring back a libkrb53 oldlibs package. Note that this is technically a policy violation because it doesn't provide libdes425.so.3 or libkrb4.so.2 and thus provides a different ABI. However, some packages, such as postgres8.4 require the lenny version to be present for the squeeze transition, so we cannot force the removal of libkrb53's reverse dependencies. We can conflict or break with lenny packages that will not work with this libkrb53, but we may break out-of-archive packages without notice. Absent someone coming up with a patch to the modern libk5crypto-3 that allows it to work with the lenny libkrb53 (a weekend's worth of work proved this would be quite difficult), this is the best solution we've come up with, #596678
[ krb5 (1.8.3+dfsg~beta1-2) unstable; urgency=low ]
* Remove documentation that has moved to the krb5-appl package and is not shipped upstream from Debian diff
[ libdrm (2.4.21-1~squeeze3) unstable; urgency=low ]
* Update kernel drm headers.
[ libdrm (2.4.21-1~squeeze2) unstable; urgency=low ]
[ Sven Joachim ] * Restore 04_fix_nouveau_bo_new_tile_segfault.diff, actually only half applied upstream.
[ libdrm (2.4.21-1~squeeze1) unstable; urgency=low ]
* Revert nouveau ABI update. * Don't build libkms and vmwgfx. * Drop 04_fix_nouveau_bo_new_tile_segfault.diff, applied upstream.
[ libdrm (2.4.21-1) experimental; urgency=low ]
[ Christopher James Halse Rogers ] * debian/rules: - Add libkms to build - Build vmwgfx experimental API. The drm module is available in the 2.6.34 kernel so we might as well build the userspace bits. * debian/control: - Add libkms1, libkms1-dbg packages on linux * debian/patches/02_build_libkms_against_in_tree_drm: - Link libkms against libdrm as it uses symbols from libdrm.
[ Robert Hooker ] * New upstream release. * Refresh 02_build_libkms_against_in_tree_drm. * Update libdrm-intel1.symbols, libdrm-radeon1.symbols and shlibs.
[ Julien Cristau ] * Update the copyright file to hopefully include all licenses variations and copyright statements from the source tree. * Mark new libdrm_radeon symbols private. They shouldn't actually be exported. * Same with libkms. Also don't set a minimum version to 2.4.20, since we didn't ship it before anyway.
[ libdrm (2.4.20-3) experimental; urgency=low ]
[ Sven Joachim ] * Update libdrm-nouveau1 to the ABI of Linux 2.6.34. - Drop 03_revert_abi_change.diff. - Bump libdrm-nouveau shlibs and symbols versions to 2.4.20-3~ to ensure that packages built against this version are not used with an older libdrm-nouveau1 version. - Add versioned Breaks against xserver-xorg-video-nouveau to force an upgrade of that package and prevent X segfaults. * Include full SONAME in libdrm-nouveau1.install. * Update xsfbs to 81fc271788605b52e85c2d11635a0371fb44605e0.
[ libdrm (2.4.20-2) experimental; urgency=low ]
* Upload again, faking a new upstream version, since a screw-up on ftpmaster side trashed all files from experimental.
[ libdrm (2.4.20-1) experimental; urgency=low ]
* New upstream release. + Cherry-pick upstream fixes 107ccd92 and 332739e3. * Update libdrm-intel1.symbols, libdrm-radeon1.symbols and shlibs. * Disable libkms for now.
[ libedit (2.11-20080614-2) unstable; urgency=high ]
* libedit2.shlibs: Fix minimal dependency version Patch by Agustin Martin 523260
[ tiff (3.9.4-4) unstable; urgency=high ]
* Incorporated fix to CVE-2010-2483, "fix crash on OOB reads in putcontig8bitYCbCr11tile". (#595064)
[ util-linux (2.17.2-3.2) unstable; urgency=low ]
* Non-maintainer upload. * Revert the switch from slang2 to ncurses5. There is no udeb for ncurses, so that change broke cfdisk-udeb (#593374, reopens: #581631).
|
Frederik Schüler |
20101012 |
13 years ago
|
|
|
10
|
|
* Make dependency on lib32bz2-1.0 [amd64] only. * Add gcc-3.3 1:3.3.6ds1-20 for libstdc++5 (Closes: #597306)
* Packages updated
[ openldap (2.4.23-5) unstable; urgency=high ]
[ Steve Langasek ] * High-urgency upload for RC bugfix. * debian/slapd.scripts-common: fix gratuitous (and wrong) use of grep in get_suffix(), which causes us to incorrectly parse any slapd.conf that uses tabs instead of spaces. #595672. * debian/slapd.init, debian/slapd.scripts-common: when $SLAPD_CONF is not set in /etc/default/slapd, we should always set a default value, giving precedence to slapd.d and falling back to slapd.conf. Users who don't want to use an existing slapd.d should point at slapd.conf explicitly. #594714, #596343. * debian/slapd.init: 'invoke-rc.d slapd stop' should not fail due to the absence of a slapd configuration; we should still exit 0 so that the package can be removed gracefully. #596100. * drop build-conflicts with libssl-dev; we explicitly pass --with-tls=gnutls to configure, so there's no risk of a misbuild here. * debian/slapd.default: now that we have a sensible default behavior in both slapd.init and the maintainer scripts, leave SLAPD_CONF empty to save pain later. * debian/slapd.scripts-common: ... and do the same in migrate_to_slapd_d_style, we just need to comment out the user's previous entry instead of blowing it away. * debian/slapd.scripts-common: call get_suffix in a way that lets us separate responses by newlines, to properly handle the case when a DN has embedded spaces. Introduces a few more stupid fd tricks to work around possible problems with debconf. #595466. * debian/slapd.scripts-common: when parsing the names of includes, handle double-quotes and escape characters as described in slapd.conf(5). #595784. * debian/slapd.scripts-common, debian/slapd.postinst: on upgrade from versions <= 2.4.23-4, explicitly grant access to cn=Subschema, which otherwise is blocked by our added olcAccess settings. #596326. * debian/slapd.init.ldif: set the acl in the default LDIF for new installs, too. * Likewise, grant access to dn.exact="" so that base dn autodiscovery works as intended. #596049. * debian/slapd.init.ldif: synchronize our behavior on new installs with that on upgrades, avoiding the non-standard cn=localroot,cn=config. * debian/slapd.scripts-common: don't run the migration code if slapd.d already exists. #593965.
[ Matthijs Mohlmann ] * Remove upgrade_supported_from_backend, implemented patch from Peter Marschall <peter@adpm.de> to automatically detect if an upgrade is supported. (#594712)
[ Peter Marschall ] * debian/slapd.init: correctly set the slapd.conf argument even when SLAPD_PIDFILE is non-empty in /etc/default/slapd. #593880. * debian/slapd.scripts-common: pass -g to slapadd/slapcat, so that subordinate databases aren't incorrectly included in the dump/restore of the parent database. #594821.
[ pam (1.1.1-6) unstable; urgency=low ]
* Updated debconf translations: - Swedish, thanks to Martin Bagge <brother@bsnet.se> (#575875)
[ pam (1.1.1-5) unstable; urgency=low ]
* debian/rules: pass getconf LFS_CFLAGS so that we get a 64-bit rlimit interface. #579402. * Update debian/source.lintian-overrides to clean up some spurious warnings. * Bump Standards-Version to 3.9.1. * Add lintian overrides for a few more spurious warnings. * debian/patches-applied/no_PATH_MAX_on_hurd: define PATH_MAX for compatibility when it's not already set. #552043. * debian/local/pam-auth-update: Don't try to pass embedded newlines to debconf; backslash-escape them instead and use CAPB escape. * debian/local/pam-auth-update: sort additional module options before writing them out, so that we don't wind up with a different config file on every invocation. Thanks to Jim Paris <jim@jtan.com> for the patch. #594123.
[ sane-backends (1.0.21-4) unstable; urgency=low ]
* debconf translations: + it.po: courtesy of Luca Monducci (#593722).
[ xorg (1:7.5+7) unstable; urgency=low ]
[ Julien Cristau ] * Nuke x11-common's Conflicts. This was needed for upgrades from the monolith, which aren't relevant anymore. * Also drop Pre-Depends on debconf. The debconf interaction in x11-common.preinst was removed in 1:7.4+2. * Drop versioned build-dep on dpkg 1.7.0. Even woody had that.. * Drop x11-common Depends on debianutils 1.13. That was also in woody. * Add xserver-xorg-video-geode to -all on i386 (#567909).
[ Cyril Brulebois ] * Add myself to Uploaders. * Update Debian po files by running debconf-updatepo (through debian/rules clean).
|
Goswin von Brederlow |
20100919 |
13 years ago
|
|
|
9
|
|
[ Goswin von Brederlow ] * Depend on lib32bz2-1.0 instead of Conflicts/Replaces. Lib is no longer in ia32-libs, use native package or ia32-libs-core (Closes: #596727). * Add libdbus-1-dev, unixodbc-dev, libopenal1, libopenal-dev, libedit2, libmpg123-0, libmpg123-dev, libvorbisfile3, libbsd0. (Closes: #559438, #559440, #575206, #527521, #578256). * Conflict ia32-libs-libidn11, ia32-libs-libssh2, ia32-libs-libnspr4, ia32-libs-libnss3, ia32-libs-libcurl3 from debian-multimedia.org. (Closes: #596058) * Update README.Debian (Closes: #542931). * Shorten and line wrap debian/control entries (Closes: #593238).
* Packages updated
[ libusb (2:0.1.12-16) unstable; urgency=low ]
* Add debian/patches/07_altsetting_alloc.patch based on a patch from Pawel Kot to fix crashes with some USB devices, due to calls to free() with uninitialized pointers. * Upgraded policy compliance to 3.9.0 (no changes).
[ libxmu (2:1.0.5-2) unstable; urgency=high ]
[ Julien Cristau ] * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no good reason. Thanks, Colin Watson! * Remove myself from Uploaders * Don't pass both -s and -Nfoo/-pfoo to dh_strip. This resulted in an empty libxmuu1-dbg (#594500). Thanks to Luca Falavigna for the report.
[ Cyril Brulebois ] * Add myself to Uploaders. * Bump urgency to “high” for the RC bugfix. Thanks to Jakub Wilk as well for the report.
|
Frederik Schüler |
20100914 |
13 years ago
|
|
|
8
|
|
|
Goswin von Brederlow |
20100908 |
13 years ago
|
|
|
7
|
|
* Non-maintainer upload. * Fix ld-linux.so.2 symlink on ia64. (Closes: #563402) * Update packages (with the versions of squeeze, not sid). * Add libc-bin to get ldd on ia64. * Fix libpulse-simple.so, libpng.so, libpng12.so and libpulse.so symlinks to not be dangling with the new libraries. * Remove udev scripts installed by sane. * Include libnss3-1d, libnspr4-0d, libcurl3, libssh2-1 and libidn11. (Closes: #499043) * Bump libraries: - odbcinst1debian1 -> odbcinst1debian2 (Needed by unixodbc.) - libdirectfb-1.2-0 -> libdirectfb-1.2-9 (Needed by libsdl1.2debian-alsa.) * Dump libraries: - libxtrap6 (No longer available, not even a newer ABI.) * Bump shlibs version from 20080808 (sic!) to 20100905. * Declare `Conflicts' against ia32-libs-core on ia64. It seems that the intention was to move libraries there, which this upload does not accommodate yet. (Despite ia32-libs-core anticipating it by using a `Breaks' on a non-existent version.) * Include libavahi-client3, libavahi-common3, libdb4.8, libdrm-intel1, libdrm-radeon1, libgdbm3, libsndfile1, libsqlite3-0, libsysfs2, libts-0.0-0 and libwrap0 to satisfy runtime linking dependencies.
|
Philipp Kern |
20100905 |
13 years ago
|
|
|
6
|
|
|
Mark Hymers |
20090808 |
14 years ago
|
|
|
5
|
|
|
Mark Hymers |
20090804 |
14 years ago
|
|
|
4
|
|
|
Frederik Schüler |
2.7 |
15 years ago
|
|
|
3
|
|
|
Frederik Schüler |
1.19 |
17 years ago
|
|
|
2
|
|
|
Tollef Fog Heen |
1.4 |
19 years ago
|
|
|
1
|
|
|
Bdale Garbee |
0.3 |
22 years ago
|
|
|