Debian-News.net - Your one stop for news about Debian » Lenny

Upgrading Debian from lenny to squeeze

cj2003 — Tue, 07 Feb 2012 17:41:18 +0000

Debian is the OS of choice for many of our customers. As of February 2011, Debian’s latest stable release is version 6.0, code name squeeze. When a new version is released, the prior stable version becomes oldstable. As of 2011, this is version 5.0, code named lenny. Read more here

Debian GNU/Linux 5.0 “Lenny” approaches end of life

cj2003 — Sat, 10 Dec 2011 10:10:54 +0000

In a post on its security announce mailing list, the Debian Project development team has reminded users that version 5.0 of its Debian Linux distribution, also known as “Lenny”, will reach its end of life (EOL) on 6 February 2012. From that date, no further updates, including security updates and critical fixes, will be released. Read more here

Updated Debian 5.0: 5.0.9 released

cj2003 — Thu, 06 Oct 2011 17:30:31 +0000

The Debian project is pleased to announce the ninth update of its oldstable distribution Debian GNU/Linux 5.0 (codename “lenny”). This update mainly adds corrections for security problems to the oldstable release, along with a few adjustment to serious problems. Security advisories were already published separately and are referenced where available.

Please note that this update does not constitute a new version of Debian
GNU/Linux 5.0 but only updates some of the packages included. There is
no need to throw away 5.0 CDs or DVDs but only to update via an
up-to-date Debian mirror after an installation, to cause any out of date
packages to be updated.

Those who frequently install updates from security.debian.org won’t have
to update many packages and most updates from security.debian.org are
included in this update.

New installation media and CD and DVD images containing updated packages
will be available soon at the regular locations.

Upgrading to this revision online is usually done by pointing the
aptitude (or apt) package tool (see the sources.list(5) manual page)
to one of Debian’s many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:

Miscellaneous Bugfixes
———————-

This oldstable update adds a few important corrections to the following
packages:

Package Reason

aptitude Fix symlink attack in hierarchy editor
atop Insecure use of temporary files
base-files Update /etc/debian_version for the point release
conky Fix file overwrite vulnerability
dokuwiki RSS XSS security fix
klibc Escape ipconfig’s DHCP options
linux-2.6 Several security updates and select fixes from upstream 2.6.27.58/9
magpierss Fix cross-site scripting vulnerability (CVE-2011-0740)
mediawiki Protect against CSS injection vulnerability
openldap Security fixes
openssl Fix CVE-2011-3210: SSL memory handling for (EC)DH ciphersuites
pmake Fix symlink attack via temporary files
sun-java6 New upstream security update
tesseract Disable xterm-based debug windows to avoid file overwrite vulnerability
tzdata New upstream version
user-mode-linux Rebuild against linux-2.6 2.6.26-27
v86d Fix CVE-2011-1070: failure to validate netlink message sender;
do not include random kernel headers in CFLAGS
vftool Fix a buffer overflow in linetoken() in parseAFM.c
xorg-server GLX: don’t crash in SwapBuffers if we don’t have a context

Due to the timing of this point release relative to the next update for
the stable release (Debian 6.0 “squeeze”), the versions of atop and
tzdata included in this point release are higher than the corresponding
packages currently in stable. The next stable point release is planned
for one week’s time, after which the package versions in stable will
once again be higher, as expected.

We do not expect that this situation will cause any issues with upgrades
from oldstable to the stable release during this short period of time,
but please report any such issues which do arise. (See the “Contact
Information” section below).

Security Updates
—————-

This revision adds the following security updates to the stable
release. The Security Team has already released an advisory for each of
these updates:

Advisory ID Package Correction(s)

DSA-2043 vlc Arbitrary code execution
DSA-2149 dbus Denial of service
DSA-2150 request-tracker3.6 Salt password hashing
DSA-2151 openoffice.org Multiple issues
DSA-2152 hplip Buffer overflow
DSA-2153 linux-2.6 Multiple issues
DSA-2153 user-mode-linux Multiple issues
DSA-2154 exim4 Privilege escalation
DSA-2155 freetype Multiple issues
DSA-2156 pcsc-lite Buffer overflow
DSA-2157 postgresql-8.3 Buffer overflow
DSA-2158 cgiirc Cross-site scripting flaw
DSA-2165 ffmpeg-debian Buffer overflow
DSA-2167 phpmyadmin SQL injection
DSA-2168 openafs Multiple issues
DSA-2169 telepathy-gabble Missing input validation
DSA-2170 mailman Multiple issues
DSA-2171 asterisk Buffer overflow
DSA-2172 moodle Multiple issues
DSA-2173 pam-pgsql Buffer overflow
DSA-2174 avahi Denial of service
DSA-2175 samba Missing input sanitising
DSA-2176 cups Multiple issues
DSA-2179 dtc SQL injection
DSA-2181 subversion Denial of service
DSA-2182 logwatch Remote code execution
DSA-2183 nbd Arbitrary code execution
DSA-2186 xulrunner Multiple issues
DSA-2191 proftpd-dfsg Multiple issues
DSA-2195 php5 Multiple issues
DSA-2196 maradns Buffer overflow
DSA-2197 quagga Denial of service
DSA-2200 nss Compromised certificate authority
DSA-2200 xulrunner Update HTTPS certificate blacklist
DSA-2201 wireshark Multiple issues
DSA-2203 nss Update HTTPS certificate blacklist
DSA-2204 imp4 Insufficient input sanitising
DSA-2206 mahara Multiple issues
DSA-2207 tomcat5.5 Multiple issues
DSA-2208 bind9 Issue with processing of new DNSSEC DS records
DSA-2210 tiff Multiple issues
DSA-2211 vlc Missing input sanitising
DSA-2213 x11-xserver-utils Missing input sanitizing
DSA-2214 ikiwiki Missing input validation
DSA-2217 dhcp3 Missing input sanitizing
DSA-2219 xmlsec1 File overwrite
DSA-2220 request-tracker3.6 Multiple issues
DSA-2225 asterisk Multiple issues
DSA-2226 libmodplug Buffer overflow
DSA-2228 xulrunner Multiple issues
DSA-2233 postfix Multiple issues
DSA-2234 zodb Multiple issues
DSA-2242 cyrus-imapd-2.2 Implementation error
DSA-2243 unbound Design flaw
DSA-2244 bind9 Wrong boundary condition
DSA-2246 mahara Multiple issues
DSA-2247 rails Multiple issues
DSA-2248 ejabberd Denial of service
DSA-2250 citadel Denial of service
DSA-2253 fontforge Buffer overflow
DSA-2254 oprofile Command injection
DSA-2255 libxml2 Buffer overflow
DSA-2260 rails Multiple issues
DSA-2264 linux-2.6 Multiple issues
DSA-2264 user-mode-linux Multiple issues
DSA-2266 php5 Multiple issues
DSA-2268 xulrunner Multiple issues
DSA-2272 bind9 Denial of service
DSA-2274 wireshark Multiple issues
DSA-2276 asterisk Multiple issues
DSA-2277 xml-security-c Buffer overflow
DSA-2278 horde3 Multiple issues
DSA-2280 libvirt Multiple issues
DSA-2286 phpmyadmin Multiple issues
DSA-2288 libsndfile Integer overflow
DSA-2289 typo3-src Multiple issues
DSA-2290 samba Cross-side scripting
DSA-2291 squirrelmail Multiple issues
DSA-2292 dhcp3 Denial of service
DSA-2293 libxfont Buffer overflow
DSA-2294 freetype Missing input sanitization
DSA-2296 xulrunner Multiple issues
DSA-2298 apache2 Denial of service
DSA-2298 apache2-mpm-itk Denial of service
DSA-2300 nss Compromised certificate authority
DSA-2301 rails Multiple issues
DSA-2302 bcfg2 Arbitrary code execution
DSA-2304 squid3 Buffer overflow
DSA-2308 mantis Multiple issues
DSA-2309 openssl Compromised certificate authority
DSA-2310 linux-2.6 Multiple issues

Debian Installer
—————-

The Debian Installer has been updated to incorporate a new kernel
containing a number of important and security-related fixes.

Removed package
—————

The following package was removed due to circumstances beyond our control:

Package Reason

pixelpost Unmaintained, multiple security issues

URLs
—-

The complete lists of packages that have changed with this revision:

The current stable distribution:

Proposed updates to the stable distribution:

Stable distribution information (release notes, errata etc.):

Security announcements and information:

About Debian
————

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian GNU/Linux.

Upcoming point releases and call for test

cj2003 — Tue, 20 Sep 2011 16:29:54 +0000

The Debian Project is pleased to announce that the upcoming point releases for Debian 5 “Lenny” and Debian 6 “Squeeze” are scheduled for October 1st and October 8th respectively.

Debian “Squeeze” 6.0.3 will ship updated Linux kernel packages, including
bug fixes from the Linux “longterm” series up to 2.6.32.46, plus updated
drivers supporting new gigabit Ethernet chips from Broadcom, Intel and
Realtek. New packages for 32-bit PC, 64-bit PC and PowerPC are already
available for installation from the “stable-proposed-updates” suite [1].

1: http://wiki.debian.org/StableProposedUpdates

The Debian Project invites interested users to test these packages before
their release, especially on systems that use the updated drivers.

The drivers being updated are:

* e1000e (http://bugs.debian.org/627700)
* Add support for i82567V-4 and i82579
* Fix support for i82577, i82578 and i82583
* igb, igbvf (http://bugs.debian.org/627702)
* Add support for i82576-ET2, i82580, DH89xxCC, i340 and i350
* r8169 (http://bugs.debian.org/627704)
* Fix support for RTL8102E and RTL8168DP
* Add support for RTL8105E, RTL8168E and another variant of RTL8168DP
* Add support for D-Link DGE-530T rev C1
* tg3, broadcom (http://bugs.debian.org/627705)
* Add support for BCM5717, BCM5719 and BCM57765
* Add support for BCM50610M and BCM5241 PHYs
* Fix support for BCM5755

Any problems found in the course of these tests should be reported to the
Debian bug tracking system [2] using the “reportbug” [3] tool.

2: http://www.debian.org/Bugs/Reporting
3: http://packages.debian.org/source/stable/reportbug

Reports should preferably be sent before September 24, but later reports
of serious issues will still be taken into consideration. In case of
regressions in the updated drivers, please follow up to the bug numbers
listed above.

About Debian
————

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free
operating system Debian GNU/Linux.

Contact Information
——————-

For further information, please visit the Debian web pages at
http://www.debian.org/ or send mail to .

amon.so: Hijacking System Calls For Hardening PHP – Debian Lenny And Squeeze

cj2003 — Sat, 09 Apr 2011 18:30:16 +0000

amon.so is a library that integrates with the PHP interpreter and intercepts and manipulates the system calls provided by libc6. It replace the execve() syscall with a custom function which does extra sanity checking in order to prevent that an attacker could execute arbitrary code on the system exploiting a vulnerability in a web-based application More here

Setup Debian server for python deployment

cj2003 — Sat, 19 Mar 2011 11:56:48 +0000

We’ve got a new server and It’s debian 5.05 (Lenny). We’ll be deploying python web apps all over the server, so this is how I did it. More here

Debian 6.0 “Squeeze”: What’s New?

cj2003 — Mon, 14 Mar 2011 18:28:05 +0000

While the Debian 6 release was accompanied by much less buzz and fanfare than the previous release, “Lenny”, Debian 6 does come with gigatons of new features. Let’s have a look at it all, in this LFY-exclusive review of Debian 6.0. More here

Installing ASSP (Anti-Spam SMTP Proxy) On Ubuntu Server 10.04 / Debian 5.0

cj2003 — Mon, 14 Mar 2011 18:21:11 +0000

This How-To document guides you through installing ASSP (Anti-Spam SMTP Proxy) on an Ubuntu 10.04 (LTS) Server or Debian 5.0 in the simplest way possible. It *may* work on later versions but I have no way of knowing how these instructions will work for you. More here

How To Upgrade Debian Lenny (Debian 5.0) To Squeeze (Debian 6.0) On Xen VPS

cj2003 — Tue, 08 Mar 2011 19:11:47 +0000

This tutorial shows how to upgrade a Debian Lenny (Debian 5.0) installation on a Xen based Virtual Private Server (VPS) to Squeeze (Debian 6.0) including kernel update, dependency based boot sequencing and conversion to UUIDs. More here

Installing Nagios On Debian Lenny And Monitoring A Debian Lenny Server

cj2003 — Sat, 05 Mar 2011 18:06:30 +0000

Nagios is a monitoring solution for complex IT infrastructures, Nagios is easy to implement and can be extended by custom-modules, called plugins. In this howto I explain howto install Nagios on a Debian Lenny host and make the configuration for it. Furthermore we are going to install a second Debian machine which we monitor with remote and local plugins. More here