Debian GNU/Linux 3.1 updated
April 7th, 2007
The Debian project has updated the stable distribution Debian GNU/Linux
3.1 (codename sarge
). This update mainly adds security updates to the
stable release, along with a few corrections to serious problems. Those
who frequently update from security.debian.org won't have to update many
packages and most updates from security.debian.org are included in this
update.
In preparation for the upcoming release of Debian GNU/Linux 4.0
(codename etch
), Debian GNU/Linux 3.1 will be moved to the oldstable
part of the archive. Users who would like to continue using Debian
GNU/Linux 3.1 are advised to update their /etc/apt/sources.list network
source to refer to sarge
instead of stable
.
Please note that this update does not constitute a new version of
Debian GNU/Linux 3.1 but only updates some of the packages included in
the stable release. There is no need to throw away 3.1 CDs or DVDs
but only to update against ftp.debian.org after an installation, in
order to incorporate those late changes. New CD and DVD images will be delayed until
after the release of etch
and will be available at the regular
locations.
Upgrading to this revision online is usually done by pointing the
apt
package tool (see the sources.list(5) manual page) to one of
Debian's many FTP or HTTP mirrors. A comprehensive list of mirrors is
available at:
Miscellaneous Bugfixes
This stable update adds a few important corrections to the following packages:
Package | Reason |
---|---|
base-installer | Fix for kernel ABI bump (fix regression from 3.1r5) |
glibc | Get architectures back in sync |
Security Updates
This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates:
Advisory ID | Package(s) | Correction(s) |
---|---|---|
DSA-1240 | links2 | Arbitrary shell command execution |
DSA-1262 | gnomemeeting | Arbitrary code execution |
DSA-1263 | clamav | Denial of service |
DSA-1264 | php4 | Several vulnerabilities |
DSA-1265 | mozilla | Several vulnerabilities |
DSA-1266 | gnupg | Signature forgery |
DSA-1267 | webcalendar | Remote file inclusion |
DSA-1268 | libwpd | Arbitrary code execution |
DSA-1269 | lookup-el | Insecure temporary file |
DSA-1270 | openoffice.org | Several vulnerabilities |
DSA-1271 | openafs | Remote privilege escalation |
DSA-1272 | tcpdump | Denial of service |
DSA-1273 | nas | Multiple remote vulnerabilities |
DSA-1274 | file | Arbitrary code execution |
DSA-1275 | zope2.7 | Cross-site scripting flaw |
DSA-1276 | krb5 | Several vulnerabilities |
DSA-1277 | xmms | Arbitrary code execution |
DSA-1278 | man-db | Arbitrary code execution |
A complete list of all accepted and rejected packages together with rationale is on the preparation page for this revision:
URLs
The complete lists of packages that have changed with this release:
The current stable distribution:
Proposed updates to the stable distribution:
Stable distribution information (release notes, errata, etc.):
Security announcements and information:
About Debian
The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian GNU/Linux.
Contact Information
For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>.