[ddh-sys] apt-listchanges: changelogs for less
root op ddh.nl
Zo Feb 20 14:07:23 CET 2011
apache2 (2.2.9-10+lenny9) stable-security; urgency=high
* Add the new SSLInsecureRenegotiation directive to configure if clients
that have not been patched to support secure renegotiation (RFC 5746)
are allowed to connect (CVE-2009-3555).
Together with the recent openssl upgrade, this closes: #587037
This upgrade also adds support for the SSL_SECURE_RENEG variable, to
allow testing if secure renegotiation is supported by the client.
-- Stefan Fritsch <sf op debian.org> Sat, 11 Dec 2010 19:45:28 +0100
exim4 (4.69-9+lenny4) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fix regression: exim -bf no longer works as untrusted user.
-- Stefan Fritsch <sf op debian.org> Sun, 30 Jan 2011 21:37:49 +0100
exim4 (4.69-9+lenny3) stable-security; urgency=low
* 80_4.74_CVE-2011-0017.dpatch (Pulled from upstream git): Check return
values of setgid/setuid. This is a privilege escalation vulnerability
whereby the Exim run-time user can cause root to append content of the
attacker's choosing to arbitrary files.
* 80_4.74_deliverylogging.dpatch (Pulled from upstream git): If a non-debug
daemon was invoked with a non-whitelisted macro, then logs from after
attempting delivery would be silently lost, including for successful
delivery. This log-loss bug was introduced as part of the security
lockdown for fixing CVE-2010-4345. Closes: #610611
-- Andreas Metzler <ametzler op debian.org> Mon, 24 Jan 2011 19:31:06 +0100
exim4 (4.69-9+lenny2) stable-security; urgency=high
* 67_unnecessaryCopt.dpatch: Do not use exim's -C option in utility scripts.
This would not work with ALT_CONFIG_PREFIX.
* Pull changes related to fixing CVE-2010-4345 from exim 4.73 rc1.
+ 1_cfile_norw_eximuid: Don't allow a configure file which is writeable by
the Exim user or group.
+ 2_permcheck_configurefile: Check configure file permissions even for
non-default files if still privileged.
+ 3_remove_ALT_CONFIG_ROOT_ONLY: Remove ALT_CONFIG_ROOT_ONLY build option,
effectively making it always true.
+ 4_FD_CLOEXEC: Set FD_CLOEXEC on SMTP sockets after forking in the
daemon, to ensure that rogue child processes cannot use them.
+ 5_TRUSTED_CONFIG_LIST: Add TRUSTED_CONFIG_LIST compile option.
+ 6_nonroot_system_filter_user: If the system filter needs to be run as
root, let that be explicitly configured. The default is now the Exim
+ 7_filter_D_option: Add a (compiletime) whitelist of acceptable values
for the -D option.
+ 8_updatedocumentation: Update documentation to reflect the changes.
* 4_FD_CLOEXEC replaces 80_fdleak.dpatch, drop the latter.
* Build with WHITELIST_D_MACROS=OUTGOING. Post patch 7_filter_D_option exim
will not regain root privileges (usually necessary for local delivery) if
the -D option was used. Macro identifiers listed in WHITELIST_D_MACROS are
exempted from this restriction. mailscanner (4.79.11-2.2) uses -DOUTGOING.
* Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. Post patch
3_remove_ALT_CONFIG_ROOT_ONLY exim will not re-gain root privileges
(usually necessary for local delivery) if the -C option was used. This
makes it impossible to start a fully functional damon with an alternate
configuration file. /etc/exim4/trusted_configs (can) contain a list of
filenames (one per line, full path given) to which this restriction does
-- Andreas Metzler <ametzler op debian.org> Thu, 06 Jan 2011 09:53:41 +0100
freetype (2.3.7-2+lenny5) stable-security; urgency=high
* Non-maintainer during Security Team Meeting
* CVE-2010-3814 CVE-2010-3855
-- Moritz Muehlenhoff <jmm op debian.org> Sat, 15 Jan 2011 23:54:28 +0000
glibc (2.7-18lenny7) stable-security; urgency=high
* Revert incorrect upstream patch for CVE-2010-3847 and use the correct
set of patches.
-- Florian Weimer <fw op deneb.enyo.de> Fri, 07 Jan 2011 21:47:02 +0100
libxml2 (2.6.32.dfsg-5+lenny3) stable-security; urgency=high
* xpath.c: Fix a double-freeing error in XPath processing code.
(CVE-2010-4494). Closes: #607922.
-- Mike Hommey <glandium op debian.org> Sat, 25 Dec 2010 10:48:27 +0100
linux-2.6 (2.6.26-26lenny2) stable-security; urgency=high
[ dann frazier ]
* filter: make sure filters dont read uninitialized memory (CVE-2010-4158)
* bio: take care not overflow page count when mapping/copying user data
* block: check for proper length of iov entries in blk_rq_map_user_iov()
* bluetooth: Fix missing NULL check (CVE-2010-4242)
* posix-cpu-timers: workaround to suppress the problems with mt exec
* KVM: VMX: fix vmx null pointer dereference on debug register access
* exec: make argv/envp memory visible to oom-killer (CVE-2010-4243)
* af_unix: limit unix_tot_inflight (CVE-2010-4249)
* do_exit(): make sure that we run with get_fs() == USER_DS (CVE-2010-4258)
* econet: Disable auto-loading as mitigation against local exploits. This
module has been shown to be broken, so this risk of this affecting
real users is insignificant.
* econet: Fix crash in aun_incoming() (CVE-2010-4342)
* install_special_mapping skips security_file_mmap check (CVE-2010-4346)
* CAN: Use inode instead of kernel address for /proc file (CVE-2010-4565)
* IB/uverbs: Handle large number of entries in poll CQ (CVE-2010-4649)
* block: check for proper length of iov entries earlier in
* av7110: check for negative array offset (CVE-2011-0521)
* usb: iowarrior: don't trust report_size for buffer size (CVE-2010-4656)
[ Moritz Muehlenhoff ]
* blkback/blktap/netback: Fix CVE-2010-3699
* sctp: Fix a race between ICMP protocol unreachable and connect()
* sound: Prevent buffer overflow in OSS load_mixer_volumes (CVE-2010-4527)
* irda: prevent integer underflow in IRLMP_ENUMDEVICES (CVE-2010-4529)
-- dann frazier <dannf op debian.org> Mon, 24 Jan 2011 23:46:35 -0600
mailman (1:2.1.11-11+lenny2) oldstable-security; urgency=high
* Upload to lenny-security.
* CVE-2010-3089: cross-site scripting (XSS) vulnerabilities
which can be exploited by list administrators (Closes: 599833).
* CVE-2011-0707: Cross site scripting in subscriber names.
-- Thijs Kinkhorst <thijs op debian.org> Wed, 16 Feb 2011 21:02:42 +0100
mysql-dfsg-5.0 (5.0.51a-24+lenny5) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fixed CVE-2010-3677: Incorrect handling of NULL arguments could lead to a
* Fixed CVE-2010-3680: The server could crash if there were alternate reads
from two indexes on a table using the HANDLER interface.
* Fixed CVE-2010-3681: NULL pointer dereference leading to (temporary)
* Fixed CVE-2010-3682: Assertion failure leading to server abort.
* Fixed CVE-2010-3833: crash when KILL_BAD_DATA is returned
* Fixed CVE-2010-3834: user variable assignments crash server when used
* Fixed CVE-2010-3835: crash with user variables, assignments, joins.
* Fixed CVE-2010-3836: create view cause Assertion failed (crash)
* Fixed CVE-2010-3837: crash when group_concat and 'with rollup' in prepared
* Fixed CVE-2010-3838: crash with longblob and union or update with subquery
* Fixed CVE-2010-3840: crash when loading data into geometry function polyfromwkb
-- Giuseppe Iuculano <iuculano op debian.org> Wed, 29 Dec 2010 18:11:12 +0100
phpmyadmin (4:188.8.131.52-5+lenny8) oldstable-security; urgency=high
* Fixes SQL injection (PMASA-2011-2, CVE-2011-0987).
-- Michal Čihař <nijel op debian.org> Sat, 12 Feb 2011 08:55:55 +0100
phpmyadmin (4:184.108.40.206-5+lenny7) stable-security; urgency=high
* Upload to stable to fix security issues (Closes: #608290).
* Fix XSS on search (PMASA-2010-8, CVE-2010-4329).
* Fix text/link injection on error (PMASA-2010-9, CVE-2010-4480).
* Phpinfo when enabled was worldaccessible (PMASA-2010-10, CVE-2010-4481).
-- Thijs Kinkhorst <thijs op debian.org> Fri, 31 Dec 2010 14:07:44 +0100
base-files (5lenny9) stable; urgency=low
* Bump version in /etc/debian_version to "5.0.8".
-- Santiago Vila <sanvila op debian.org> Sun, 16 Jan 2011 13:02:04 +0100
bind9 (1:9.6.ESV.R3+dfsg-0+lenny1) stable-security; urgency=low
* v9.6-ESV-R3. Addresses CVE-2010-3613, CVE-2010-3614
- Fix denial of service via ncache entry and a rrsig for the
same type (CVE-2010-3613)
- answers were incorrectly marked as insecure during key algorithm
-- LaMont Jones <lamont op debian.org> Wed, 01 Dec 2010 16:41:43 -0700
bind9 (1:9.6.ESV.R2+dfsg-0+lenny1) stable-security; urgency=low
[Internet Software Consortium, Inc]
* v9.6-ESV-R2. Addresses CVE-2010-3762
- Check that named successfully skips NSEC3 records that fail to match
the NSEC3PARAM record currently in use. [RT# 21868]
- Worked around an apparent race condition in over memory conditions.
Without this fix a DNS cache DB or ADB could incorrectly stay in an
over memory state, effectively refusing further caching, which
subsequently made a BIND 9 caching server unworkable. This fix
prevents this problem from happening by polling the state of the
memory context, rather than making a copy of the state, which
appeared to cause a race. This is a "workaround" in that it doesn't
solve the possible race per se, but several experiments proved this
change solves the symptom. Also, the polling overhead hasn't been
reported to be an issue. This bug should only affect a caching
server that specifies a finite max-cache-size. It's also quite
likely that the bug happens only when enabling threads, but it's not
confirmed yet. [RT #21818]
- Named failed to accept uncachable negative responses from insecure
zones. [RT# 21555]
- The resolver could attempt to destroy a fetch context too soon.
- The placeholder negative caching element was not properly constructed
triggering a INSIST in dns_ncache_towire(). [RT #21346]
- Handle the introduction of new trusted-keys and DS, DLV RRsets better.
- Fix arguments to dns_keytable_findnextkeynode() call. [RT #20877]
- Named could return SERVFAIL for negative responses from unsigned
zones. [RT #21131]
- Handle broken DNSSEC trust chains better. [RT #15619]
* meta: drop verisoned depends from library packages, for less upgrade pain
* cleanup libisc version number. It should be libisc50, not libisc52 or
-- LaMont Jones <lamont op debian.org> Sat, 06 Nov 2010 11:34:33 -0600
dpkg (1.14.31) stable-security; urgency=low
* Fix multiple security issues with dpkg-source (CVE-2010-1679):
- Enhance checks to catch maliciously crafted patches which could modify
files outside of the unpacked source package.
- Do not consider a top-level symlink like a directory when
extracting a tarball.
- Exclude .pc while extracting the upstream tarball in 3.0 (quilt)
as patch blindly writes in that directory during unpack (and would
follow any existing symlink).
-- Raphael Hertzog <hertzog op debian.org> Wed, 05 Jan 2011 10:58:17 +0100
man-db (2.5.2-5) stable; urgency=low
* Backport from 2.5.8:
- Warnings about unrecognised locales are now suppressed if the
DPKG_RUNNING_VERSION environment variable is set (i.e. man-db is
running within a Debian package's maintainer script), since the system
locales are often out of sync with the C library in that context.
Thanks to the Debian Perl maintainers for the idea (closes: #605790).
-- Colin Watson <cjwatson op debian.org> Sat, 04 Dec 2010 17:53:21 +0000
openssl (0.9.8g-15+lenny11) stable-security; urgency=low
* Apply TLS version tolerance patch. Upstream cvs commit 19073.
* Fix CVE-2010-4180 (Closes: #529221)
-- Kurt Roeckx <kurt op roeckx.be> Sun, 05 Dec 2010 15:32:12 +0100
openssl (0.9.8g-15+lenny10) stable-security; urgency=low
* Add rfc5746 support to fix TLS renegotiation flaw. Patch based
on work done by Marc Deslauriers for Ubuntu backporting the changes.
Fixes CVE-2009-3555. (Closes: #555829)
-- Kurt Roeckx <kurt op roeckx.be> Sat, 04 Dec 2010 15:50:35 +0100
perl (5.10.0-19lenny3) stable; urgency=low
* [SECURITY] CVE-2010-2761 CVE-2010-4410 CVE-2010-4411:
fix CGI.pm MIME boundary and multiline header vulnerabilities.
* [SECURITY] CVE-2010-1168: Update to Safe-2.25, fixing code injection
and execution vulnerabilities. (Closes: #582978)
-- Niko Tyni <ntyni op debian.org> Sat, 15 Jan 2011 08:13:26 +0200
postgresql-8.3 (8.3.14-0lenny1) stable-security; urgency=low
* New upstream security/bug fix release:
- Fix buffer overrun in "contrib/intarray"'s input function for the
This bug is a security risk since the function's return address
could be overwritten. Thanks to Apple Inc's security team for
reporting this issue and supplying the fix. (CVE-2010-4015)
- Avoid failures when "EXPLAIN" tries to display a simple-form CASE
If the CASE's test expression was a constant, the planner could
simplify the CASE into a form that confused the expression-display
code, resulting in "unexpected CASE WHEN clause" errors.
- Fix assignment to an array slice that is before the existing range
If there was a gap between the newly added subscripts and the first
pre-existing subscript, the code miscalculated how many entries
needed to be copied from the old array's null bitmap, potentially
leading to data corruption or crash.
- Avoid unexpected conversion overflow in planner for very distant
The date type supports a wider range of dates than can be
represented by the timestamp types, but the planner assumed it
could always convert a date to timestamp with impunity.
- Fix pg_restore's text output for large objects (BLOBs) when
standard_conforming_strings is on.
Although restoring directly to a database worked correctly, string
escaping was incorrect if pg_restore was asked for SQL text output
and standard_conforming_strings had been enabled in the source
- Fix erroneous parsing of tsquery values containing ... &
!(subexpression) | ... .
Queries containing this combination of operators were not executed
correctly. The same error existed in "contrib/intarray"'s query_int
type and "contrib/ltree"'s ltxtquery type.
- Fix bug in "contrib/seg"'s GiST picksplit algorithm.
This could result in considerable inefficiency, though not actually
incorrect answers, in a GiST index on a seg column. If you have
such an index, consider "REINDEX"ing it after installing this
update. (This is identical to the bug that was fixed in
"contrib/cube" in the previous update.)
-- Martin Pitt <mpitt op debian.org> Tue, 01 Feb 2011 18:10:35 +0100
postgresql-8.3 (8.3.13-0lenny1) stable; urgency=low
* New upstream bug fix release:
- Force the default wal_sync_method to be fdatasync on Linux.
The default on Linux has actually been fdatasync for many years,
but recent kernel changes caused PostgreSQL to choose open_datasync
instead. This choice did not result in any performance improvement,
and caused outright failures on certain filesystems, notably ext4
with the data=journal mount option.
- Fix assorted bugs in WAL replay logic for GIN indexes.
This could result in "bad buffer id: 0" failures or corruption of
index contents during replication.
- Fix recovery from base backup when the starting checkpoint WAL
record is not in the same WAL segment as its redo point.
- Fix persistent slowdown of autovacuum workers when multiple workers
remain active for a long time.
The effective vacuum_cost_limit for an autovacuum worker could drop
to nearly zero if it processed enough tables, causing it to run
- Add support for detecting register-stack overrun on IA64.
The IA64 architecture has two hardware stacks. Full prevention of
stack-overrun failures requires checking both.
- Add a check for stack overflow in copyObject().
Certain code paths could crash due to stack overflow given a
sufficiently complex query.
- Fix detection of page splits in temporary GiST indexes.
It is possible to have a "concurrent" page split in a temporary
index, if for example there is an open cursor scanning the index
when an insertion is done. GiST failed to detect this case and
hence could deliver wrong results when execution of the cursor
- Avoid memory leakage while "ANALYZE"'ing complex index expressions.
- Ensure an index that uses a whole-row Var still depends on its
An index declared like create index i on t (foo(t.-)) would not
automatically get dropped when its table was dropped.
- Do not "inline" a SQL function with multiple OUT parameters.
This avoids a possible crash due to loss of information about the
expected result rowtype.
- Behave correctly if ORDER BY, LIMIT, FOR UPDATE, or WITH is
attached to the VALUES part of INSERT ... VALUES.
- Fix constant-folding of COALESCE() expressions.
The planner would sometimes attempt to evaluate sub-expressions
that in fact could never be reached, possibly leading to unexpected
- Fix postmaster crash when connection acceptance (accept() or one of
the calls made immediately after it) fails, and the postmaster was
compiled with GSSAPI support.
- Fix missed unlink of temporary files when log_temp_files is active.
If an error occurred while attempting to emit the log message, the
unlink was not done, resulting in accumulation of temp files.
- Add print functionality for InhRelation nodes.
This avoids a failure when debug_print_parse is enabled and certain
types of query are executed.
- Fix incorrect calculation of distance from a point to a horizontal
This bug affected several different geometric distance-measurement
- Fix PL/pgSQL's handling of "simple" expressions to not fail in
recursion or error-recovery cases.
- Fix PL/Python's handling of set-returning functions.
Attempts to call SPI functions within the iterator generating a set
result would fail.
- Fix bug in "contrib/cube"'s GiST picksplit algorithm.
This could result in considerable inefficiency, though not actually
incorrect answers, in a GiST index on a cube column. If you have
such an index, consider "REINDEX"ing it after installing this
- Don't emit "identifier will be truncated" notices in
"contrib/dblink" except when creating new connections.
- Fix potential coredump on missing public key in "contrib/pgcrypto".
- Fix memory leak in "contrib/xml2"'s XPath query functions.
-- Martin Pitt <mpitt op debian.org> Sat, 18 Dec 2010 23:15:44 +0100
spamassassin (3.2.5-2+lenny3) stable; urgency=low
* Update the list of ARIN netblock delegations in RelayEval
-- Noah Meyerhans <noahm op debian.org> Sun, 09 Jan 2011 15:06:20 -0800
Meer informatie over de ddh-sys