Re: Debian 2.1r3

To: Martin Schulze <joey@infodrom.north.de>
Cc: debian-release@lists.debian.org
Subject: Re: Debian 2.1r3
From: Wichert Akkerman <wakkerma@cs.leidenuniv.nl>
Date: Sat, 14 Aug 1999 12:10:10 +0200
Message-id: <[🔎] 19990814121009.A6670@cs.leidenuniv.nl>
In-reply-to: <[🔎] 19990812160024.J27123@finlandia.infodrom.north.de>; from Martin Schulze on Thu, Aug 12, 1999 at 04:00:24PM +0200
References: <[🔎] 19990812160024.J27123@finlandia.infodrom.north.de>

Previously Martin Schulze wrote:
> Wichert will go through the list of packages in proposed-updates
> to prepare 2.1r3.

Here you are..

Packages I think should be installed
====================================
package: remembrance-agent
version: 1.41-6
architectures: i386, m68k
update type: copyright
  move to non-free (needs ftpmaster intervention for the overridefile)

package: lpr
version: 1:0.33-3
architectures: m68k, others are already installed?
update type: security
  security-fix (switch to different lpr fork with a better codebase)

package: mailman
version: 1.0rc2-5
architectures: alpha, i386, m68k, sparc
update type: security
  fixed version of security-fix (remote exploit iirc)

package: libc6
version: 2.0.7.19981211-6.1
architectures: m68k (only m68k updates)
update type: ?
  update m68k support, fixes hwclock amongs other things

package: egcs
version: 1.1.2-0slink2
architectures: i386, m68k
update type nonbeta release
  final 1.1.2 release, small update from beta version in slink

package: cfingerd
version: 1.3.2-18.1
architectures: alpha, i386, m68k, spac
update type: security
    backported securityfix

package: epic
version: pre2.003-0slink2
architectures: i386, m68k
update type: security
    potential DoS in the ANSI parser

package: epic-help
version: pre2.003-0slink1
architectures: all
update type: semi-security
    documentation for epic fix

package: apt
version: 0.3.11
architectures: i386, m68k
update type: upgrade/install updates
  fixes a bunch of bugs, probably very useful for people doing upgrades.
  Check with Jason on how to fix the apt-removes-bash-bug first though

package: imap 
version: 4.5-0slink3
architectures: alpha, m68k, sparc
update type: security
    fixed security-fix for remote exploit 

package: exim
version: 2.05-2
architectures: i386, m68k
update type: grave bug
  fix two major bugs in slink version, one of which caused mail lossage

package: isdnutils
version: 1:3.0-12slink13
architectures: alpha, i386
update type: security
    xmonisdn called scripts were insecurely

package: lsof
version: 4.37-4
architectures: i386, m68k
update type: semi-security
    a fix for a previous security update1

package: man-db
version: 2.3.10-69FIX.1
architectures: i386, m68k
update type: security
    open temporary files safely

package: procmail
version: 3.13.1-1
architectures: alpha, i386, m68k, sparc
update type: security
    various nasty security fixes

package: rsync
versin: 2.3.1-0.slink.1
architectures: i386, m68k
update type: security
    fix security problem with updates in some conditions

package: smtp-refuser
version: 1.0.1
architectures: i386
update type: security
    fix logging which allowed deleting arbitraty files

package: tkdesk
version: 1.1-2
architectures: i386, m68k
update type: security
    fix symlink attack

packge: jadetex
version: 2.2-1
architectures: i386
update type: important bugfix
    slink version was quite broken..

package: lam
version: 6.1-9
architectures: i386, m68k
update type: important bugfix
    slink version was quite useless..

package: makedev
version: 2.3.1-23
architectures: i386
update type: important bugfix
    fix some stupid and really nasty bugs, especially for sparc
	
package: open
version: 1.4-10.1
architectures: i386, m68k
update type: important bugfix
    undo previous changes which broke open in slink

package: sendmail
version: 8.9.3-3
architectures: alpha, i386, m68k
update type: important bugfix
  allow .forward to work on group-writeable homedirs by default. otherwise
  no user could use .forward files since homedirs are made groupwriteable

package: lprng
version: 3.5.2-2
architectures: m68k, sparc
update type: security
  don't allow connections from unprivilidged by default

package: libdb
version: 1.85.4-4
architectures: alpha
update type: security
   don't build broken snprintf, which ignores the bounds check, making programs
   which just *happen* to use libdb vulnerable...

package: boot-floppies
version: 2.1.9.1
architectures: m68k (others aren't changed)
update type: fixed install
  update various bugs in the m68k install

Packages I think should NOT be installed
========================================
package: ascdc
version: 0.3-5.1
  minor bugfix, doesn't fit update criteria

package: auto-pgp
version: 1.04-2
  minor bugfix, doesn't fit update criteria

package: bsdgames-nonfree
version: 2.5-2
  minor bugfix, doesn't fit update criteria

package: dhcpcd
version: 1:0.70-5
  minor bugfix (tokenring support fixed), doesn't fit update criteria

package: dmalloc
version: 3.3.1-3
  minor bugfix (small manpage update), doesn't fit update criteria 

package: dpkg
version: 1.4.0.35
  disabling gettext is a nasty surprised for a lot of people.. I think
  we are better of with the few bugreport we are getting
 
package: fidogate
version: 4.2.8-4
  bugfixes meant for unstable

package: frotz
version: 2.32r2-12
  recompile only to remove the versioned libc dependency, which doesn't hurt
  us anyway

package: ftape
version: 4.03pre2.1999.04.25-1
  major update over slink, don't think it meets the update criteria

package: fvwm2
version: 2.0.46-BETA-3.1
  some alpha update, but I'm not convinced we need to include it. We
  should probably check with some alpha people for this one

package: gdb
version: 4.17-4.m68k.objc.threads.hwwp.fpu.gnat.3.1
  some sparc update, but I'm not convinced we need to include it. We
  should probably check with some sparc people for this one

package: gettyps
version: 2.0.7j-7
  fixes a normal bug, ie doesn't fit update criteria

package: infocom
version: 4.01pl2-7
  should have only been uploaded to unstable, doesn't fix anything
  important
 
package: inform
version: 6.14-4
  should have only been uploaded to unstable, doesn't fix anything

package: kdrill
version: 4.0-1
  new package, should have been uploaded only to unstable

package: kernel-image-*
  not sure, someone needs to check those

package: libpcap
version: 0.4a6-2.1
  update for a non-released architecture only

package: linuxlogo
version:  various
  minor updates only

package: mingetty
version: 0.9.4-3.2
  update for a non-released architecture only

package: nana
version: 2.3-1
  new upstream version, no bugfixes

package: selfhtml
version: 7.0-3
  interesting one: should probably be removed entirely from slink due to
  patent problem

package: yorick
version: 1.4-12
  changelog doesn't say enough to warrant inclusion imho

Wichert.

-- 
==============================================================================
This combination of bytes forms a message written to you by Wichert Akkerman.
E-Mail: wakkerma@cs.leidenuniv.nl
WWW: http://www.wi.leidenuniv.nl/~wichert/

Attachment: pgphFpt0DyAsI.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Debian 2.1r3
  - From: Raphael Hertzog <rhertzog@hrnet.fr>
- Re: Debian 2.1r3
  - From: Christian Meder <meder@isr.uni-stuttgart.de>
- Re: Debian 2.1r3
  - From: Vincent Renardias <vincent@ldsol.com>

References:
- Debian 2.1r3
  - From: Martin Schulze <joey@finlandia.Infodrom.North.DE>

Prev by Date: Debian 2.1r3
Next by Date: Re: Debian 2.1r3
Previous by thread: Debian 2.1r3
Next by thread: Re: Debian 2.1r3
Index(es):
- Date
- Thread