Debian GNU/Linux 2.1r4 Released

December 15th, 1999

A new update of the Debian GNU/Linux 2.1 release (aka slink) has been released. The new release, version 2.1r4, includes both security and Y2K updates.

We are currently not aware of any outstanding Y2K problems. If we learn of new problems we will report them on our Y2K page at http://www.debian.org/y2k/.

Here is a complete list of the packages that have changed with this release:

Security updates:
  package      : amd
  version      : 102-23.slink2
  architectures: alpha i386 m68k sparc
  vulnerability: remote exploit

  package      : bind
  version      : 8.2.2p5-0slink1
  architectures: alpha i386 m68k sparc
  vulnerability: remote DoS

  package      : dump
  version      : 0.4b9-0slink1
  architectures: alpha i386 m68k sparc
  vulnerability: local exploit

  package      : kernel-source-2.0.38
  version      : 2.0.38-0
  architectures: i386
  vulnerability: various

  package      : htdig
  version      : 3.1.2-4slink6
  architectures: alpha i386 m68k sparc
  vulnerability: remote exploit

  package      : inn
  version      : 1.7.2-4.1
  architectures: alpha i386 m68k sparc
  vulnerability: fix buffer overflow in inews

  package      : lpr
  version      : 0.46-1-0slink1
  architectures: alpha i386 m68k sparc
  vulnerability: local exploit (users could print files they couldn't read)

  package      : mirror
  version      : 2.9-2.1
  architectures: all
  vulnerability: remote exploit

  package      : netkit-telnet
  version      : 0.12-4slink.1
  architectures: alpha i386 m68k sparc
  vulnerability: remote DoS

  package      : nfs-server
  version      : 2.2beta37-1slink.1
  architectures: alpha i386 m68k sparc
  vulnerability: remote exploit

  package      : nis
  version      : 3.5-2
  architectures: alpha i386 m68k sparc
  vulnerability: remote exploit

  package      : proftpd
  version      : 1.2.0pre9-4
  architectures: alpha i386 m68k sparc
  vulnerability: remote exploit

  package      : pvm
  version      : 3.4beta7-4
  architectures: i386
  vulnerability: local exploit

  package      : rvplayer
  version      : 5.0-9
  architectures: i386
  vulnerability: local exploit

  package      : termcap-compat
  version      : 1.1.2
  architectures: i386 m68k (not applicable to alpha)
  vulnerability: local exploit (buffer overflows)

  package      : sendmail
  version      : 8.9.3-3slink1.0.1
  architectures: alpha i386 m68k sparc
  vulnerability: local exploit

  package      : sendmail-wide
  version      : 8.9.3+3.2W-3slink1
  architectures: alpha i386 m68k sparc
  vulnerability: local exploit


Y2K updates:
  package      : cvs
  version      : 1.10.7-1.99.slink.y2k.0
  architectures: alpha i386 m68k sparc
  issue        : date in logs

  package      : egcs
  version      : 1.1.2-0slink1 and 1.1.2-0slink2
  architectures: alpha i386 m68k sparc
  issue        : date handling in g77

  package      : elm-me+
  version      : 2.4pl25ME+65-0.slink.0
  architectures: alpha i386 m68k sparc
  issue        : incorrect handling of long numbers causing errors
                 in date sorting

  package      : enscript
  version      : 1.6.2-3.99.slink.y2k.0
  architectures: alpha i386 m68k sparc
  issue        : Versions < 1.6.1 are known to have problems with y2k dates.

  package      : gnats
  version      : 3.113-0slink1
  architectures: alpha i386 m68k sparc
  issue        : fix y2k problem

  package      : gs
  version      : 5.10-3.99.slink.1
  architectures: alpha i386 m68k sparc
  issue        : fix y2k problem

  package      : sharutils
  version      : 1:4.2.1-1
  architectures: alpha i386 m68k sparc
  issue        : date handling in shar files

  package      : smartlist
  version      : 3.13-2
  architectures: alpha i386 m68k sparc
  issue        : volume number in digest processing

Other updates:
  package      : boot-floppies
  version      : 2.1.12
  architecture : i386
  problem      : update to new 2.0.38 kernel

  package      : mew
  version      : 1.93-2
  architectures: m68k
  problem      : sync with other archs.

  package      : pcmcia-cs
  version      : 3.0.5-10.slink.1
  architectures: i386
  problem      : recompile for new 2.0.38 kernel

  package      : selfhtml
  version      : 7.0-3
  architectures: alpha i386 m68k sparc
  problem      : trademark violation

  package      : trn
  version      : 3.6-9.3.2
  architectures: m68k
  problem      : sync with other archs.

  package      : vflib2
  version      : 2.24.2-2.99.slink.0
  architectures: alpha i386 m68k sparc
  issue        : needed by new gs.

Notes:
* the update for nfs-server for the sparc architecture has a lower version than the version that was used in previous slink releases. You will need to upgrade manually to the new version.