apticron report [Sat, 12 Sep 2015 10:48:20 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
hexagon.federez.net
[ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ]
The following packages are currently pending an upgrade:
ldap-utils 2.4.40+dfsg-1+deb8u1
libldap-2.4-2 2.4.40+dfsg-1+deb8u1
libldap2-dev 2.4.40+dfsg-1+deb8u1
slapd 2.4.40+dfsg-1+deb8u1
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour openldap (ldap-utils libldap-2.4-2 libldap2-dev slapd) ---
openldap (2.4.40+dfsg-1+deb8u1) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* Add ITS8240-remove-obsolete-assert.patch patch.
Import upstream patch to remove an unnecessary assert(0) that could be
triggered remotely by an unauthenticated user by sending a malformed BER
element. (CVE-2015-6908, Closes: #798622)
-- Salvatore Bonaccorso <carnil(a)debian.org> Fri, 11 Sep 2015 10:30:43 +0200
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on hexagon.federez.net
--
apticron
apticron report [Mon, 07 Sep 2015 18:44:10 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
baldrick.crans.org
[ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ]
[ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ]
The following packages are currently pending an upgrade:
apache2 2.4.10-10+deb8u3
apache2-bin 2.4.10-10+deb8u3
apache2-data 2.4.10-10+deb8u3
apache2-utils 2.4.10-10+deb8u3
apt 1.0.9.8.1
apt-transport-https 1.0.9.8.1
apt-utils 1.0.9.8.1
base-files 8+deb8u2
cron 3.0pl1-127+deb8u1
dbus 1.8.20-0+deb8u1
dbus-x11 1.8.20-0+deb8u1
libapt-inst1.5 1.0.9.8.1
libapt-pkg4.12 1.0.9.8.1
libc6 2.19-18+deb8u1
libc6-dev 2.19-18+deb8u1
libc-bin 2.19-18+deb8u1
libc-dev-bin 2.19-18+deb8u1
libdbus-1-3 1.8.20-0+deb8u1
libgl1-mesa-dri 10.3.2-1+deb8u1
libgl1-mesa-glx 10.3.2-1+deb8u1
libglapi-mesa 10.3.2-1+deb8u1
libgnutls-deb0-28 3.3.8-6+deb8u3
libgnutls-openssl27 3.3.8-6+deb8u3
libio-socket-ssl-perl 2.002-2+deb8u1
libnss3 2:3.17.2-1.1+deb8u2
libpam-systemd 215-17+deb8u2
libpq5 9.4.4-0+deb8u1
libruby2.1 2.1.5-2+deb8u2
libsystemd0 215-17+deb8u2
libudev1 215-17+deb8u2
locales 2.19-18+deb8u1
lynx 2.8.9dev1-2+deb8u1
lynx-cur 2.8.9dev1-2+deb8u1
multiarch-support 2.19-18+deb8u1
nscd 2.19-18+deb8u1
python-apt 0.9.3.12
python-apt-common 0.9.3.12
rsyslog 8.4.2-1+deb8u1
ruby2.1 2.1.5-2+deb8u2
ruby2.1-dev 2.1.5-2+deb8u2
systemd 215-17+deb8u2
systemd-sysv 215-17+deb8u2
tcpdump 4.6.2-5+deb8u1
udev 215-17+deb8u2
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour ruby2.1 (libruby2.1 ruby2.1 ruby2.1-dev) ---
ruby2.1 (2.1.5-2+deb8u2) jessie; urgency=high
* Apply upstream patches to fix Request hijacking vulnerability in Rubygems
[CVE-2015-3900] (Closes: #790119)
-- Antonio Terceiro <terceiro(a)debian.org> Wed, 29 Jul 2015 09:27:24 -0300
--- Modifications pour apache2 (apache2 apache2-bin apache2-data apache2-utils) ---
apache2 (2.4.10-10+deb8u3) jessie; urgency=medium
* Revert fix for deferred mpm switch for now, because it is at least not
complete or maybe causes regressions (see #791902). Re-opens #789914
-- Stefan Fritsch <sf(a)debian.org> Fri, 28 Aug 2015 18:24:17 +0200
apache2 (2.4.10-10+deb8u2) jessie; urgency=medium
[ Stefan Fritsch ]
* Fix upgrade logic: When upgrading from wheezy with apache2.2-common
but without apache2 installed to jessie, part of the conffile handling
logic would not run, causing outdated conffile content to be kept.
This is part of the solution for bug #794933. The other part will be
included in the upgrade to Debian 9 (stretch).
* core: Fix -D[efined] or <Define>[d] variables lifetime accross restarts.
This could cause all kinds of strange behavior. PR 56008. PR 57328
* mpm_event: Fix process deadlock when shutting down a worker. PR 56960
* mpm_event: Fix crashes due to various race conditions. Closes: #779078
[ Jean-Michel Vourgère ]
* apache2.postinst: Fixed tests on deferred mpm switch. Closes: #789914
-- Stefan Fritsch <sf(a)debian.org> Thu, 27 Aug 2015 19:52:37 +0200
--- Modifications pour apt (apt apt-transport-https apt-utils libapt-inst1.5 libapt-pkg4.12) ---
apt (1.0.9.8.1) stable; urgency=medium
[ David Kalnischkies ]
* parse specific-arch dependencies correctly on single-arch systems
(Closes: 777760)
* remove "first package seen is native package" assumption.
Thanks to Axel Beckert for testing (Closes: 782777)
[ Michael Vogt ]
* Fix endless loop in apt-get update that can cause disk fillup
(LP: #1445239)
-- Michael Vogt <mvo(a)debian.org> Wed, 10 Jun 2015 09:40:19 +0200
--- Modifications pour cron ---
cron (3.0pl1-127+deb8u1) jessie; urgency=medium
* d/cron.service: Use KillMode=process to kill only the daemon.
The default of KillMode=control-group kills all the processes in the control
group, for example when restarting the daemon. This is a deviation from past
behavior we do not want. Thanks, Alexandre Detiste! Closes: #783683
-- Christian Kastner <debian(a)kvr.at> Sun, 03 May 2015 15:25:18 +0200
--- Modifications pour dbus (dbus dbus-x11 libdbus-1-3) ---
dbus (1.8.20-0+deb8u1) jessie; urgency=medium
* New upstream bugfix release
- fix a memory leak when GetConnectionCredentials is called
- stop dbus-monitor replying to org.freedesktop.DBus.Peer
messages, including those that another process should have
replied to
-- Simon McVittie <smcv(a)debian.org> Tue, 21 Jul 2015 17:59:42 +0100
--- Modifications pour glibc (libc6 libc6-dev libc-bin libc-dev-bin locales multiarch-support nscd) ---
glibc (2.19-18+deb8u1) stable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix pthread_mutex_trylock with lock elision. Closes: #759197,
#788999.
- Fix gprof entry point on ppc64el. Closes: #794222.
- Fix a buffer overflow in getanswer_r (CVE-2015-1781).
Closes: #796105.
-- Aurelien Jarno <aurel32(a)debian.org> Sat, 29 Aug 2015 10:56:31 +0200
--- Modifications pour gnutls28 (libgnutls-deb0-28 libgnutls-openssl27) ---
gnutls28 (3.3.8-6+deb8u3) jessie; urgency=medium
* Pull 50_Handle-zero-length-plaintext-for-VIA-PadLock-functio.patch from
upstream version 3.3.12 to fix a crash in VIA PadLock asm. (Thanks, Peter
Lebbing). Closes: #788704
* Pull 51_0001__gnutls_session_sign_algo_enabled-do-not-consider-an.patch
51_0002_before-falling-back-to-SHA1-as-signature-algorithm-i.patch
51_0003_tests-added-reproducer-for-the-MD5-acceptance-issue.patch (the
latter unfuzzed) from GnuTLS 3.3.15 to fix GNUTLS-SA-2015-2. - A
ServerKeyExchange signature sent by the server was not verified to be in
the acceptable by the client set of algorithms. That had the effect of
allowing MD5 signatures (which are disabled by default) in the
ServerKeyExchange message.
-- Andreas Metzler <ametzler(a)debian.org> Fri, 14 Aug 2015 18:28:30 +0200
--- Modifications pour libio-socket-ssl-perl ---
libio-socket-ssl-perl (2.002-2+deb8u1) jessie; urgency=medium
* Add 0001-make-PublicSuffix-_default_data-thread-safe-by-stori.patch.
Make PublicSuffix::_default_data thread safe by storing the default data
inside a function inside within __DATA__.
Thanks to Jonny Schulz <info(a)bloonix.org> for the report (Closes: #788035)
-- Salvatore Bonaccorso <carnil(a)debian.org> Mon, 08 Jun 2015 09:28:47 +0200
--- Modifications pour lynx-cur (lynx lynx-cur) ---
lynx-cur (2.8.9dev1-2+deb8u1) jessie; urgency=medium
* gnutls_set_default_priority.diff: Use gnutls_set_default_priority()
instead of a custom priority string. The fix for the GnuTLS issue
GNUTLS-SA-2015-2 combined with a buggy GnuTLS priority string in lynx
breaks lynx SSL support. Preemptively apply the fix to lynx before the
GnuTLS issue is fixed in stable. Closes: #784430
-- Andreas Metzler <ametzler(a)debian.org> Fri, 05 Jun 2015 13:30:14 +0200
--- Modifications pour mesa (libgl1-mesa-dri libgl1-mesa-glx libglapi-mesa) ---
mesa (10.3.2-1+deb8u1) jessie; urgency=medium
[ Timo Aaltonen ]
* radeonsi-disable-asynchronous-dma.diff: Disable asynchronous DMA
on radeonsi which can cause lockups. (Closes: #775264)
-- Julien Cristau <jcristau(a)debian.org> Tue, 18 Aug 2015 20:06:29 +0200
--- Modifications pour nss (libnss3) ---
nss (2:3.17.2-1.1+deb8u2) jessie; urgency=medium
[ Andrew Ayer ]
* Apply upstream patch (99_prefer_stronger_cert_chains.patch) to fix
certificate chain generation to prefer stronger/newer certificates
over weaker/older certs. Closes: #774195.
-- Christoph Egger <christoph(a)debian.org> Sat, 15 Aug 2015 12:40:31 +0200
--- Modifications pour postgresql-9.4 (libpq5) ---
postgresql-9.4 (9.4.4-0+deb8u1) jessie; urgency=medium
* New upstream version.
+ Fix possible failure to recover from an inconsistent database state
+ Fix rare failure to invalidate relation cache init file
-- Christoph Berg <myon(a)debian.org> Thu, 11 Jun 2015 20:35:19 +0200
--- Modifications pour python-apt (python-apt python-apt-common) ---
python-apt (0.9.3.12) jessie; urgency=medium
[ Julian Andres Klode ]
* apt/cache.py: Work around a cyclic reference from Cache to its methods
(Closes: #745487)
* python/arfile.cc: LFS: Use long long instead of long for file sizes
* python/arfile.cc: Do not allow files larger than SIZE_MAX to be mapped
* python/tarfile.cc: LFS: Handle too large file
* apt.debfile: Fix splitting of multi-lines Binary fields in dsc files
(Closes: #751770)
* apt/debfile.py: Arch-qualify in compare_to_version_in_cache()
(Closes: #750189)
[ Michael Vogt ]
* Fix apt.Package.installed_files for multi-arch packages (LP: #1313699)
-- Julian Andres Klode <jak(a)debian.org> Tue, 16 Jun 2015 11:35:11 +0200
--- Modifications pour rsyslog ---
rsyslog (8.4.2-1+deb8u1) jessie; urgency=medium
* Disable transactions in ompgsql as they were not working properly.
Patch cherry-picked from upstream Git. (Closes: #788183)
-- Michael Biebl <biebl(a)debian.org> Sat, 29 Aug 2015 13:52:34 +0200
--- Modifications pour systemd (libpam-systemd libsystemd0 libudev1 systemd systemd-sysv udev) ---
systemd (215-17+deb8u2) stable; urgency=medium
* Disable default DNS servers in systemd-resolved. In v215 they are always
added to resolv.conf as fallback entries even when DNS servers were
acquired from systemd-networkd. (Closes: #787731)
* Use strictly versioned dependendency on libsystemd-dev for the
transitional dev packages. The .pc files of the compat libraries declare
a strictly versioned dependency on libsystemd.pc, so reflect that in the
package dependencies as well. (Closes: #794290)
* udev: Increase udev event timeout to 180s. Some kernel modules, like
mptsas, can take longer then 30s to load so udevd kills the (hanging)
worker responsible for loading the module. Increase timeout from 30s to
180s to workaround this issue. Thanks Faidon Liambotis.
(Closes: #787191)
-- Michael Biebl <biebl(a)debian.org> Sat, 29 Aug 2015 17:17:04 +0200
--- Modifications pour base-files ---
base-files (8+deb8u2) stable; urgency=low
* Changed /etc/debian_version to 8.2, for Debian 8.2 point release.
-- Santiago Vila <sanvila(a)debian.org> Wed, 26 Aug 2015 18:30:02 +0200
--- Modifications pour tcpdump ---
tcpdump (4.6.2-5+deb8u1) stable; urgency=low
* Cherry-pick commit 3f15ae25c2 from upstream Git to fix -Z confirmation
log being sent to stdout, where it can get mixed with pcap stream
data if '-w -' is used (closes: #793479).
-- Romain Francoise <rfrancoise(a)debian.org> Sun, 02 Aug 2015 19:57:22 +0200
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on baldrick.crans.org
--
apticron
apticron report [Sun, 06 Sep 2015 18:44:11 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
baldrick.crans.org
[ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ]
[ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ]
The following packages are currently pending an upgrade:
apache2 2.4.10-10+deb8u3
apache2-bin 2.4.10-10+deb8u3
apache2-data 2.4.10-10+deb8u3
apache2-utils 2.4.10-10+deb8u3
apt 1.0.9.8.1
apt-transport-https 1.0.9.8.1
apt-utils 1.0.9.8.1
base-files 8+deb8u2
cron 3.0pl1-127+deb8u1
dbus 1.8.20-0+deb8u1
dbus-x11 1.8.20-0+deb8u1
libapt-inst1.5 1.0.9.8.1
libapt-pkg4.12 1.0.9.8.1
libc6 2.19-18+deb8u1
libc6-dev 2.19-18+deb8u1
libc-bin 2.19-18+deb8u1
libc-dev-bin 2.19-18+deb8u1
libdbus-1-3 1.8.20-0+deb8u1
libgl1-mesa-dri 10.3.2-1+deb8u1
libgl1-mesa-glx 10.3.2-1+deb8u1
libglapi-mesa 10.3.2-1+deb8u1
libgnutls-deb0-28 3.3.8-6+deb8u3
libgnutls-openssl27 3.3.8-6+deb8u3
libio-socket-ssl-perl 2.002-2+deb8u1
libnss3 2:3.17.2-1.1+deb8u2
libpam-systemd 215-17+deb8u2
libpq5 9.4.4-0+deb8u1
libruby2.1 2.1.5-2+deb8u2
libsystemd0 215-17+deb8u2
libudev1 215-17+deb8u2
locales 2.19-18+deb8u1
lynx 2.8.9dev1-2+deb8u1
lynx-cur 2.8.9dev1-2+deb8u1
multiarch-support 2.19-18+deb8u1
nscd 2.19-18+deb8u1
python-apt 0.9.3.12
python-apt-common 0.9.3.12
rsyslog 8.4.2-1+deb8u1
ruby2.1 2.1.5-2+deb8u2
ruby2.1-dev 2.1.5-2+deb8u2
systemd 215-17+deb8u2
systemd-sysv 215-17+deb8u2
tcpdump 4.6.2-5+deb8u1
udev 215-17+deb8u2
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour ruby2.1 (libruby2.1 ruby2.1 ruby2.1-dev) ---
ruby2.1 (2.1.5-2+deb8u2) jessie; urgency=high
* Apply upstream patches to fix Request hijacking vulnerability in Rubygems
[CVE-2015-3900] (Closes: #790119)
-- Antonio Terceiro <terceiro(a)debian.org> Wed, 29 Jul 2015 09:27:24 -0300
--- Modifications pour apache2 (apache2 apache2-bin apache2-data apache2-utils) ---
apache2 (2.4.10-10+deb8u3) jessie; urgency=medium
* Revert fix for deferred mpm switch for now, because it is at least not
complete or maybe causes regressions (see #791902). Re-opens #789914
-- Stefan Fritsch <sf(a)debian.org> Fri, 28 Aug 2015 18:24:17 +0200
apache2 (2.4.10-10+deb8u2) jessie; urgency=medium
[ Stefan Fritsch ]
* Fix upgrade logic: When upgrading from wheezy with apache2.2-common
but without apache2 installed to jessie, part of the conffile handling
logic would not run, causing outdated conffile content to be kept.
This is part of the solution for bug #794933. The other part will be
included in the upgrade to Debian 9 (stretch).
* core: Fix -D[efined] or <Define>[d] variables lifetime accross restarts.
This could cause all kinds of strange behavior. PR 56008. PR 57328
* mpm_event: Fix process deadlock when shutting down a worker. PR 56960
* mpm_event: Fix crashes due to various race conditions. Closes: #779078
[ Jean-Michel Vourgère ]
* apache2.postinst: Fixed tests on deferred mpm switch. Closes: #789914
-- Stefan Fritsch <sf(a)debian.org> Thu, 27 Aug 2015 19:52:37 +0200
--- Modifications pour apt (apt apt-transport-https apt-utils libapt-inst1.5 libapt-pkg4.12) ---
apt (1.0.9.8.1) stable; urgency=medium
[ David Kalnischkies ]
* parse specific-arch dependencies correctly on single-arch systems
(Closes: 777760)
* remove "first package seen is native package" assumption.
Thanks to Axel Beckert for testing (Closes: 782777)
[ Michael Vogt ]
* Fix endless loop in apt-get update that can cause disk fillup
(LP: #1445239)
-- Michael Vogt <mvo(a)debian.org> Wed, 10 Jun 2015 09:40:19 +0200
--- Modifications pour cron ---
cron (3.0pl1-127+deb8u1) jessie; urgency=medium
* d/cron.service: Use KillMode=process to kill only the daemon.
The default of KillMode=control-group kills all the processes in the control
group, for example when restarting the daemon. This is a deviation from past
behavior we do not want. Thanks, Alexandre Detiste! Closes: #783683
-- Christian Kastner <debian(a)kvr.at> Sun, 03 May 2015 15:25:18 +0200
--- Modifications pour dbus (dbus dbus-x11 libdbus-1-3) ---
dbus (1.8.20-0+deb8u1) jessie; urgency=medium
* New upstream bugfix release
- fix a memory leak when GetConnectionCredentials is called
- stop dbus-monitor replying to org.freedesktop.DBus.Peer
messages, including those that another process should have
replied to
-- Simon McVittie <smcv(a)debian.org> Tue, 21 Jul 2015 17:59:42 +0100
--- Modifications pour glibc (libc6 libc6-dev libc-bin libc-dev-bin locales multiarch-support nscd) ---
glibc (2.19-18+deb8u1) stable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix pthread_mutex_trylock with lock elision. Closes: #759197,
#788999.
- Fix gprof entry point on ppc64el. Closes: #794222.
- Fix a buffer overflow in getanswer_r (CVE-2015-1781).
Closes: #796105.
-- Aurelien Jarno <aurel32(a)debian.org> Sat, 29 Aug 2015 10:56:31 +0200
--- Modifications pour gnutls28 (libgnutls-deb0-28 libgnutls-openssl27) ---
gnutls28 (3.3.8-6+deb8u3) jessie; urgency=medium
* Pull 50_Handle-zero-length-plaintext-for-VIA-PadLock-functio.patch from
upstream version 3.3.12 to fix a crash in VIA PadLock asm. (Thanks, Peter
Lebbing). Closes: #788704
* Pull 51_0001__gnutls_session_sign_algo_enabled-do-not-consider-an.patch
51_0002_before-falling-back-to-SHA1-as-signature-algorithm-i.patch
51_0003_tests-added-reproducer-for-the-MD5-acceptance-issue.patch (the
latter unfuzzed) from GnuTLS 3.3.15 to fix GNUTLS-SA-2015-2. - A
ServerKeyExchange signature sent by the server was not verified to be in
the acceptable by the client set of algorithms. That had the effect of
allowing MD5 signatures (which are disabled by default) in the
ServerKeyExchange message.
-- Andreas Metzler <ametzler(a)debian.org> Fri, 14 Aug 2015 18:28:30 +0200
--- Modifications pour libio-socket-ssl-perl ---
libio-socket-ssl-perl (2.002-2+deb8u1) jessie; urgency=medium
* Add 0001-make-PublicSuffix-_default_data-thread-safe-by-stori.patch.
Make PublicSuffix::_default_data thread safe by storing the default data
inside a function inside within __DATA__.
Thanks to Jonny Schulz <info(a)bloonix.org> for the report (Closes: #788035)
-- Salvatore Bonaccorso <carnil(a)debian.org> Mon, 08 Jun 2015 09:28:47 +0200
--- Modifications pour lynx-cur (lynx lynx-cur) ---
lynx-cur (2.8.9dev1-2+deb8u1) jessie; urgency=medium
* gnutls_set_default_priority.diff: Use gnutls_set_default_priority()
instead of a custom priority string. The fix for the GnuTLS issue
GNUTLS-SA-2015-2 combined with a buggy GnuTLS priority string in lynx
breaks lynx SSL support. Preemptively apply the fix to lynx before the
GnuTLS issue is fixed in stable. Closes: #784430
-- Andreas Metzler <ametzler(a)debian.org> Fri, 05 Jun 2015 13:30:14 +0200
--- Modifications pour mesa (libgl1-mesa-dri libgl1-mesa-glx libglapi-mesa) ---
mesa (10.3.2-1+deb8u1) jessie; urgency=medium
[ Timo Aaltonen ]
* radeonsi-disable-asynchronous-dma.diff: Disable asynchronous DMA
on radeonsi which can cause lockups. (Closes: #775264)
-- Julien Cristau <jcristau(a)debian.org> Tue, 18 Aug 2015 20:06:29 +0200
--- Modifications pour nss (libnss3) ---
nss (2:3.17.2-1.1+deb8u2) jessie; urgency=medium
[ Andrew Ayer ]
* Apply upstream patch (99_prefer_stronger_cert_chains.patch) to fix
certificate chain generation to prefer stronger/newer certificates
over weaker/older certs. Closes: #774195.
-- Christoph Egger <christoph(a)debian.org> Sat, 15 Aug 2015 12:40:31 +0200
--- Modifications pour postgresql-9.4 (libpq5) ---
postgresql-9.4 (9.4.4-0+deb8u1) jessie; urgency=medium
* New upstream version.
+ Fix possible failure to recover from an inconsistent database state
+ Fix rare failure to invalidate relation cache init file
-- Christoph Berg <myon(a)debian.org> Thu, 11 Jun 2015 20:35:19 +0200
--- Modifications pour python-apt (python-apt python-apt-common) ---
python-apt (0.9.3.12) jessie; urgency=medium
[ Julian Andres Klode ]
* apt/cache.py: Work around a cyclic reference from Cache to its methods
(Closes: #745487)
* python/arfile.cc: LFS: Use long long instead of long for file sizes
* python/arfile.cc: Do not allow files larger than SIZE_MAX to be mapped
* python/tarfile.cc: LFS: Handle too large file
* apt.debfile: Fix splitting of multi-lines Binary fields in dsc files
(Closes: #751770)
* apt/debfile.py: Arch-qualify in compare_to_version_in_cache()
(Closes: #750189)
[ Michael Vogt ]
* Fix apt.Package.installed_files for multi-arch packages (LP: #1313699)
-- Julian Andres Klode <jak(a)debian.org> Tue, 16 Jun 2015 11:35:11 +0200
--- Modifications pour rsyslog ---
rsyslog (8.4.2-1+deb8u1) jessie; urgency=medium
* Disable transactions in ompgsql as they were not working properly.
Patch cherry-picked from upstream Git. (Closes: #788183)
-- Michael Biebl <biebl(a)debian.org> Sat, 29 Aug 2015 13:52:34 +0200
--- Modifications pour systemd (libpam-systemd libsystemd0 libudev1 systemd systemd-sysv udev) ---
systemd (215-17+deb8u2) stable; urgency=medium
* Disable default DNS servers in systemd-resolved. In v215 they are always
added to resolv.conf as fallback entries even when DNS servers were
acquired from systemd-networkd. (Closes: #787731)
* Use strictly versioned dependendency on libsystemd-dev for the
transitional dev packages. The .pc files of the compat libraries declare
a strictly versioned dependency on libsystemd.pc, so reflect that in the
package dependencies as well. (Closes: #794290)
* udev: Increase udev event timeout to 180s. Some kernel modules, like
mptsas, can take longer then 30s to load so udevd kills the (hanging)
worker responsible for loading the module. Increase timeout from 30s to
180s to workaround this issue. Thanks Faidon Liambotis.
(Closes: #787191)
-- Michael Biebl <biebl(a)debian.org> Sat, 29 Aug 2015 17:17:04 +0200
--- Modifications pour base-files ---
base-files (8+deb8u2) stable; urgency=low
* Changed /etc/debian_version to 8.2, for Debian 8.2 point release.
-- Santiago Vila <sanvila(a)debian.org> Wed, 26 Aug 2015 18:30:02 +0200
--- Modifications pour tcpdump ---
tcpdump (4.6.2-5+deb8u1) stable; urgency=low
* Cherry-pick commit 3f15ae25c2 from upstream Git to fix -Z confirmation
log being sent to stdout, where it can get mixed with pcap stream
data if '-w -' is used (closes: #793479).
-- Romain Francoise <rfrancoise(a)debian.org> Sun, 02 Aug 2015 19:57:22 +0200
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on baldrick.crans.org
--
apticron
apticron report [Sun, 06 Sep 2015 10:48:21 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
hexagon.federez.net
[ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ]
The following packages are currently pending an upgrade:
apache2 2.4.10-10+deb8u3
apache2.2-bin 2.4.10-10+deb8u3
apache2.2-common 2.4.10-10+deb8u3
apache2-bin 2.4.10-10+deb8u3
apache2-data 2.4.10-10+deb8u3
apache2-mpm-prefork 2.4.10-10+deb8u3
apache2-utils 2.4.10-10+deb8u3
apt 1.0.9.8.1
apt-utils 1.0.9.8.1
base-files 8+deb8u2
cron 3.0pl1-127+deb8u1
dbus 1.8.20-0+deb8u1
dovecot-core 1:2.2.13-12~deb8u1
dovecot-imapd 1:2.2.13-12~deb8u1
dovecot-ldap 1:2.2.13-12~deb8u1
dovecot-managesieved 1:2.2.13-12~deb8u1
dovecot-pop3d 1:2.2.13-12~deb8u1
dovecot-sieve 1:2.2.13-12~deb8u1
libapt-inst1.5 1.0.9.8.1
libapt-pkg4.12 1.0.9.8.1
libc6 2.19-18+deb8u1
libc6-dev 2.19-18+deb8u1
libc-bin 2.19-18+deb8u1
libc-dev-bin 2.19-18+deb8u1
libdbus-1-3 1.8.20-0+deb8u1
libgnutls-deb0-28 3.3.8-6+deb8u3
libgnutls-openssl27 3.3.8-6+deb8u3
libgnutlsxx28 3.3.8-6+deb8u3
libio-socket-ssl-perl 2.002-2+deb8u1
libnss3 2:3.17.2-1.1+deb8u2
libpam-systemd 215-17+deb8u2
libpq5 9.4.4-0+deb8u1
libruby2.1 2.1.5-2+deb8u2
libslp1 1.2.1-10+deb8u1
libsystemd0 215-17+deb8u2
libudev1 215-17+deb8u2
locales 2.19-18+deb8u1
multiarch-support 2.19-18+deb8u1
nscd 2.19-18+deb8u1
python-apt 0.9.3.12
python-apt-common 0.9.3.12
rsyslog 8.4.2-1+deb8u1
screen 4.2.1-3+deb8u1
systemd 215-17+deb8u2
systemd-sysv 215-17+deb8u2
tcpdump 4.6.2-5+deb8u1
udev 215-17+deb8u2
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour dovecot (dovecot-core dovecot-imapd dovecot-ldap dovecot-managesieved dovecot-pop3d dovecot-sieve) ---
dovecot (1:2.2.13-12~deb8u1) stable; urgency=high
* [6e16721] Fix a mbox corruption problem by applying two patches from
mercurial upstream.
- fix-mbox-corruption-18534.patch (changeset 18534:94bd895721d8).
- fix-mbox-corruption-18679.patch (changeset 18679:b6ea460e7cc4).
Thanks to Santiago Vila <sanvila(a)unex.es> (Closes: 776094)
-- Jaldhar H. Vyas <jaldhar(a)debian.org> Sun, 31 May 2015 01:38:40 -0400
dovecot (1:2.2.13-12) unstable; urgency=high
* [48f6fe4] Add patch cve-2015-3420.patch: Fix SSL/TLS handshake failures
leading to a crash of the login process with newer versions of OpenSSL.
Closes: #783649 (CVE-2015-3420)
-- Jelmer Vernooij <jelmer(a)debian.org> Mon, 04 May 2015 11:38:30 +0000
--- Modifications pour openslp-dfsg (libslp1) ---
openslp-dfsg (1.2.1-10+deb8u1) jessie-security; urgency=high
* QA upload from the Security Team
* Fix double free as per CVE-2015-5177
-- Alessandro Ghedini <ghedo(a)debian.org> Fri, 04 Sep 2015 11:29:38 +0200
--- Modifications pour ruby2.1 (libruby2.1) ---
ruby2.1 (2.1.5-2+deb8u2) jessie; urgency=high
* Apply upstream patches to fix Request hijacking vulnerability in Rubygems
[CVE-2015-3900] (Closes: #790119)
-- Antonio Terceiro <terceiro(a)debian.org> Wed, 29 Jul 2015 09:27:24 -0300
--- Modifications pour screen ---
screen (4.2.1-3+deb8u1) jessie-security; urgency=high
* Fix stack overflow due to too deep recursion (CVE-2015-6806).
-- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Wed, 02 Sep 2015 18:09:20 +0200
--- Modifications pour apache2 (apache2 apache2.2-bin apache2.2-common apache2-bin apache2-data apache2-mpm-prefork apache2-utils) ---
apache2 (2.4.10-10+deb8u3) jessie; urgency=medium
* Revert fix for deferred mpm switch for now, because it is at least not
complete or maybe causes regressions (see #791902). Re-opens #789914
-- Stefan Fritsch <sf(a)debian.org> Fri, 28 Aug 2015 18:24:17 +0200
apache2 (2.4.10-10+deb8u2) jessie; urgency=medium
[ Stefan Fritsch ]
* Fix upgrade logic: When upgrading from wheezy with apache2.2-common
but without apache2 installed to jessie, part of the conffile handling
logic would not run, causing outdated conffile content to be kept.
This is part of the solution for bug #794933. The other part will be
included in the upgrade to Debian 9 (stretch).
* core: Fix -D[efined] or <Define>[d] variables lifetime accross restarts.
This could cause all kinds of strange behavior. PR 56008. PR 57328
* mpm_event: Fix process deadlock when shutting down a worker. PR 56960
* mpm_event: Fix crashes due to various race conditions. Closes: #779078
[ Jean-Michel Vourgère ]
* apache2.postinst: Fixed tests on deferred mpm switch. Closes: #789914
-- Stefan Fritsch <sf(a)debian.org> Thu, 27 Aug 2015 19:52:37 +0200
--- Modifications pour apt (apt apt-utils libapt-inst1.5 libapt-pkg4.12) ---
apt (1.0.9.8.1) stable; urgency=medium
[ David Kalnischkies ]
* parse specific-arch dependencies correctly on single-arch systems
(Closes: 777760)
* remove "first package seen is native package" assumption.
Thanks to Axel Beckert for testing (Closes: 782777)
[ Michael Vogt ]
* Fix endless loop in apt-get update that can cause disk fillup
(LP: #1445239)
-- Michael Vogt <mvo(a)debian.org> Wed, 10 Jun 2015 09:40:19 +0200
--- Modifications pour cron ---
cron (3.0pl1-127+deb8u1) jessie; urgency=medium
* d/cron.service: Use KillMode=process to kill only the daemon.
The default of KillMode=control-group kills all the processes in the control
group, for example when restarting the daemon. This is a deviation from past
behavior we do not want. Thanks, Alexandre Detiste! Closes: #783683
-- Christian Kastner <debian(a)kvr.at> Sun, 03 May 2015 15:25:18 +0200
--- Modifications pour dbus (dbus libdbus-1-3) ---
dbus (1.8.20-0+deb8u1) jessie; urgency=medium
* New upstream bugfix release
- fix a memory leak when GetConnectionCredentials is called
- stop dbus-monitor replying to org.freedesktop.DBus.Peer
messages, including those that another process should have
replied to
-- Simon McVittie <smcv(a)debian.org> Tue, 21 Jul 2015 17:59:42 +0100
--- Modifications pour glibc (libc6 libc6-dev libc-bin libc-dev-bin locales multiarch-support nscd) ---
glibc (2.19-18+deb8u1) stable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix pthread_mutex_trylock with lock elision. Closes: #759197,
#788999.
- Fix gprof entry point on ppc64el. Closes: #794222.
- Fix a buffer overflow in getanswer_r (CVE-2015-1781).
Closes: #796105.
-- Aurelien Jarno <aurel32(a)debian.org> Sat, 29 Aug 2015 10:56:31 +0200
--- Modifications pour gnutls28 (libgnutls-deb0-28 libgnutls-openssl27 libgnutlsxx28) ---
gnutls28 (3.3.8-6+deb8u3) jessie; urgency=medium
* Pull 50_Handle-zero-length-plaintext-for-VIA-PadLock-functio.patch from
upstream version 3.3.12 to fix a crash in VIA PadLock asm. (Thanks, Peter
Lebbing). Closes: #788704
* Pull 51_0001__gnutls_session_sign_algo_enabled-do-not-consider-an.patch
51_0002_before-falling-back-to-SHA1-as-signature-algorithm-i.patch
51_0003_tests-added-reproducer-for-the-MD5-acceptance-issue.patch (the
latter unfuzzed) from GnuTLS 3.3.15 to fix GNUTLS-SA-2015-2. - A
ServerKeyExchange signature sent by the server was not verified to be in
the acceptable by the client set of algorithms. That had the effect of
allowing MD5 signatures (which are disabled by default) in the
ServerKeyExchange message.
-- Andreas Metzler <ametzler(a)debian.org> Fri, 14 Aug 2015 18:28:30 +0200
--- Modifications pour libio-socket-ssl-perl ---
libio-socket-ssl-perl (2.002-2+deb8u1) jessie; urgency=medium
* Add 0001-make-PublicSuffix-_default_data-thread-safe-by-stori.patch.
Make PublicSuffix::_default_data thread safe by storing the default data
inside a function inside within __DATA__.
Thanks to Jonny Schulz <info(a)bloonix.org> for the report (Closes: #788035)
-- Salvatore Bonaccorso <carnil(a)debian.org> Mon, 08 Jun 2015 09:28:47 +0200
--- Modifications pour nss (libnss3) ---
nss (2:3.17.2-1.1+deb8u2) jessie; urgency=medium
[ Andrew Ayer ]
* Apply upstream patch (99_prefer_stronger_cert_chains.patch) to fix
certificate chain generation to prefer stronger/newer certificates
over weaker/older certs. Closes: #774195.
-- Christoph Egger <christoph(a)debian.org> Sat, 15 Aug 2015 12:40:31 +0200
--- Modifications pour postgresql-9.4 (libpq5) ---
postgresql-9.4 (9.4.4-0+deb8u1) jessie; urgency=medium
* New upstream version.
+ Fix possible failure to recover from an inconsistent database state
+ Fix rare failure to invalidate relation cache init file
-- Christoph Berg <myon(a)debian.org> Thu, 11 Jun 2015 20:35:19 +0200
--- Modifications pour python-apt (python-apt python-apt-common) ---
python-apt (0.9.3.12) jessie; urgency=medium
[ Julian Andres Klode ]
* apt/cache.py: Work around a cyclic reference from Cache to its methods
(Closes: #745487)
* python/arfile.cc: LFS: Use long long instead of long for file sizes
* python/arfile.cc: Do not allow files larger than SIZE_MAX to be mapped
* python/tarfile.cc: LFS: Handle too large file
* apt.debfile: Fix splitting of multi-lines Binary fields in dsc files
(Closes: #751770)
* apt/debfile.py: Arch-qualify in compare_to_version_in_cache()
(Closes: #750189)
[ Michael Vogt ]
* Fix apt.Package.installed_files for multi-arch packages (LP: #1313699)
-- Julian Andres Klode <jak(a)debian.org> Tue, 16 Jun 2015 11:35:11 +0200
--- Modifications pour rsyslog ---
rsyslog (8.4.2-1+deb8u1) jessie; urgency=medium
* Disable transactions in ompgsql as they were not working properly.
Patch cherry-picked from upstream Git. (Closes: #788183)
-- Michael Biebl <biebl(a)debian.org> Sat, 29 Aug 2015 13:52:34 +0200
--- Modifications pour systemd (libpam-systemd libsystemd0 libudev1 systemd systemd-sysv udev) ---
systemd (215-17+deb8u2) stable; urgency=medium
* Disable default DNS servers in systemd-resolved. In v215 they are always
added to resolv.conf as fallback entries even when DNS servers were
acquired from systemd-networkd. (Closes: #787731)
* Use strictly versioned dependendency on libsystemd-dev for the
transitional dev packages. The .pc files of the compat libraries declare
a strictly versioned dependency on libsystemd.pc, so reflect that in the
package dependencies as well. (Closes: #794290)
* udev: Increase udev event timeout to 180s. Some kernel modules, like
mptsas, can take longer then 30s to load so udevd kills the (hanging)
worker responsible for loading the module. Increase timeout from 30s to
180s to workaround this issue. Thanks Faidon Liambotis.
(Closes: #787191)
-- Michael Biebl <biebl(a)debian.org> Sat, 29 Aug 2015 17:17:04 +0200
--- Modifications pour base-files ---
base-files (8+deb8u2) stable; urgency=low
* Changed /etc/debian_version to 8.2, for Debian 8.2 point release.
-- Santiago Vila <sanvila(a)debian.org> Wed, 26 Aug 2015 18:30:02 +0200
--- Modifications pour tcpdump ---
tcpdump (4.6.2-5+deb8u1) stable; urgency=low
* Cherry-pick commit 3f15ae25c2 from upstream Git to fix -Z confirmation
log being sent to stdout, where it can get mixed with pcap stream
data if '-w -' is used (closes: #793479).
-- Romain Francoise <rfrancoise(a)debian.org> Sun, 02 Aug 2015 19:57:22 +0200
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on hexagon.federez.net
--
apticron
apticron report [Sun, 06 Sep 2015 00:38:12 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
quigon.federez.net
[ 160.228.155.65 ]
The following packages are currently pending an upgrade:
apache2 2.4.10-10+deb8u3
apache2-bin 2.4.10-10+deb8u3
apache2-data 2.4.10-10+deb8u3
apache2-mpm-prefork 2.4.10-10+deb8u3
apache2-utils 2.4.10-10+deb8u3
apt 1.0.9.8.1
apt-utils 1.0.9.8.1
base-files 8+deb8u2
cron 3.0pl1-127+deb8u1
dbus 1.8.20-0+deb8u1
libapt-inst1.5 1.0.9.8.1
libapt-pkg4.12 1.0.9.8.1
libc6 2.19-18+deb8u1
libc6-dev 2.19-18+deb8u1
libc-bin 2.19-18+deb8u1
libc-dev-bin 2.19-18+deb8u1
libdbus-1-3 1.8.20-0+deb8u1
libgnutls-deb0-28 3.3.8-6+deb8u3
libgnutls-openssl27 3.3.8-6+deb8u3
libio-socket-ssl-perl 2.002-2+deb8u1
libpam-systemd 215-17+deb8u2
libslp1 1.2.1-10+deb8u1
libsystemd0 215-17+deb8u2
libudev1 215-17+deb8u2
locales 2.19-18+deb8u1
multiarch-support 2.19-18+deb8u1
nscd 2.19-18+deb8u1
python-apt 0.9.3.12
python-apt-common 0.9.3.12
rsyslog 8.4.2-1+deb8u1
screen 4.2.1-3+deb8u1
systemd 215-17+deb8u2
systemd-sysv 215-17+deb8u2
tcpdump 4.6.2-5+deb8u1
udev 215-17+deb8u2
ufraw-batch 0.20-2+deb8u1
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour openslp-dfsg (libslp1) ---
openslp-dfsg (1.2.1-10+deb8u1) jessie-security; urgency=high
* QA upload from the Security Team
* Fix double free as per CVE-2015-5177
-- Alessandro Ghedini <ghedo(a)debian.org> Fri, 04 Sep 2015 11:29:38 +0200
--- Modifications pour screen ---
screen (4.2.1-3+deb8u1) jessie-security; urgency=high
* Fix stack overflow due to too deep recursion (CVE-2015-6806).
-- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Wed, 02 Sep 2015 18:09:20 +0200
--- Modifications pour ufraw (ufraw-batch) ---
ufraw (0.20-2+deb8u1) jessie; urgency=high
* dcraw.cc: Apply patch from
https://bugzilla.redhat.com/attachment.cgi?id=1027072&action=diff to
prevent buffer overflow in ljpeg_start (Closes: #786783, CVE-2015-3885)
-- Hubert Chathi <uhoreg(a)debian.org> Tue, 26 May 2015 14:44:00 -0400
--- Modifications pour apache2 (apache2 apache2-bin apache2-data apache2-mpm-prefork apache2-utils) ---
apache2 (2.4.10-10+deb8u3) jessie; urgency=medium
* Revert fix for deferred mpm switch for now, because it is at least not
complete or maybe causes regressions (see #791902). Re-opens #789914
-- Stefan Fritsch <sf(a)debian.org> Fri, 28 Aug 2015 18:24:17 +0200
apache2 (2.4.10-10+deb8u2) jessie; urgency=medium
[ Stefan Fritsch ]
* Fix upgrade logic: When upgrading from wheezy with apache2.2-common
but without apache2 installed to jessie, part of the conffile handling
logic would not run, causing outdated conffile content to be kept.
This is part of the solution for bug #794933. The other part will be
included in the upgrade to Debian 9 (stretch).
* core: Fix -D[efined] or <Define>[d] variables lifetime accross restarts.
This could cause all kinds of strange behavior. PR 56008. PR 57328
* mpm_event: Fix process deadlock when shutting down a worker. PR 56960
* mpm_event: Fix crashes due to various race conditions. Closes: #779078
[ Jean-Michel Vourgère ]
* apache2.postinst: Fixed tests on deferred mpm switch. Closes: #789914
-- Stefan Fritsch <sf(a)debian.org> Thu, 27 Aug 2015 19:52:37 +0200
--- Modifications pour apt (apt apt-utils libapt-inst1.5 libapt-pkg4.12) ---
apt (1.0.9.8.1) stable; urgency=medium
[ David Kalnischkies ]
* parse specific-arch dependencies correctly on single-arch systems
(Closes: 777760)
* remove "first package seen is native package" assumption.
Thanks to Axel Beckert for testing (Closes: 782777)
[ Michael Vogt ]
* Fix endless loop in apt-get update that can cause disk fillup
(LP: #1445239)
-- Michael Vogt <mvo(a)debian.org> Wed, 10 Jun 2015 09:40:19 +0200
--- Modifications pour cron ---
cron (3.0pl1-127+deb8u1) jessie; urgency=medium
* d/cron.service: Use KillMode=process to kill only the daemon.
The default of KillMode=control-group kills all the processes in the control
group, for example when restarting the daemon. This is a deviation from past
behavior we do not want. Thanks, Alexandre Detiste! Closes: #783683
-- Christian Kastner <debian(a)kvr.at> Sun, 03 May 2015 15:25:18 +0200
--- Modifications pour dbus (dbus libdbus-1-3) ---
dbus (1.8.20-0+deb8u1) jessie; urgency=medium
* New upstream bugfix release
- fix a memory leak when GetConnectionCredentials is called
- stop dbus-monitor replying to org.freedesktop.DBus.Peer
messages, including those that another process should have
replied to
-- Simon McVittie <smcv(a)debian.org> Tue, 21 Jul 2015 17:59:42 +0100
--- Modifications pour glibc (libc6 libc6-dev libc-bin libc-dev-bin locales multiarch-support nscd) ---
glibc (2.19-18+deb8u1) stable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix pthread_mutex_trylock with lock elision. Closes: #759197,
#788999.
- Fix gprof entry point on ppc64el. Closes: #794222.
- Fix a buffer overflow in getanswer_r (CVE-2015-1781).
Closes: #796105.
-- Aurelien Jarno <aurel32(a)debian.org> Sat, 29 Aug 2015 10:56:31 +0200
--- Modifications pour gnutls28 (libgnutls-deb0-28 libgnutls-openssl27) ---
gnutls28 (3.3.8-6+deb8u3) jessie; urgency=medium
* Pull 50_Handle-zero-length-plaintext-for-VIA-PadLock-functio.patch from
upstream version 3.3.12 to fix a crash in VIA PadLock asm. (Thanks, Peter
Lebbing). Closes: #788704
* Pull 51_0001__gnutls_session_sign_algo_enabled-do-not-consider-an.patch
51_0002_before-falling-back-to-SHA1-as-signature-algorithm-i.patch
51_0003_tests-added-reproducer-for-the-MD5-acceptance-issue.patch (the
latter unfuzzed) from GnuTLS 3.3.15 to fix GNUTLS-SA-2015-2. - A
ServerKeyExchange signature sent by the server was not verified to be in
the acceptable by the client set of algorithms. That had the effect of
allowing MD5 signatures (which are disabled by default) in the
ServerKeyExchange message.
-- Andreas Metzler <ametzler(a)debian.org> Fri, 14 Aug 2015 18:28:30 +0200
--- Modifications pour libio-socket-ssl-perl ---
libio-socket-ssl-perl (2.002-2+deb8u1) jessie; urgency=medium
* Add 0001-make-PublicSuffix-_default_data-thread-safe-by-stori.patch.
Make PublicSuffix::_default_data thread safe by storing the default data
inside a function inside within __DATA__.
Thanks to Jonny Schulz <info(a)bloonix.org> for the report (Closes: #788035)
-- Salvatore Bonaccorso <carnil(a)debian.org> Mon, 08 Jun 2015 09:28:47 +0200
--- Modifications pour python-apt (python-apt python-apt-common) ---
python-apt (0.9.3.12) jessie; urgency=medium
[ Julian Andres Klode ]
* apt/cache.py: Work around a cyclic reference from Cache to its methods
(Closes: #745487)
* python/arfile.cc: LFS: Use long long instead of long for file sizes
* python/arfile.cc: Do not allow files larger than SIZE_MAX to be mapped
* python/tarfile.cc: LFS: Handle too large file
* apt.debfile: Fix splitting of multi-lines Binary fields in dsc files
(Closes: #751770)
* apt/debfile.py: Arch-qualify in compare_to_version_in_cache()
(Closes: #750189)
[ Michael Vogt ]
* Fix apt.Package.installed_files for multi-arch packages (LP: #1313699)
-- Julian Andres Klode <jak(a)debian.org> Tue, 16 Jun 2015 11:35:11 +0200
--- Modifications pour rsyslog ---
rsyslog (8.4.2-1+deb8u1) jessie; urgency=medium
* Disable transactions in ompgsql as they were not working properly.
Patch cherry-picked from upstream Git. (Closes: #788183)
-- Michael Biebl <biebl(a)debian.org> Sat, 29 Aug 2015 13:52:34 +0200
--- Modifications pour systemd (libpam-systemd libsystemd0 libudev1 systemd systemd-sysv udev) ---
systemd (215-17+deb8u2) stable; urgency=medium
* Disable default DNS servers in systemd-resolved. In v215 they are always
added to resolv.conf as fallback entries even when DNS servers were
acquired from systemd-networkd. (Closes: #787731)
* Use strictly versioned dependendency on libsystemd-dev for the
transitional dev packages. The .pc files of the compat libraries declare
a strictly versioned dependency on libsystemd.pc, so reflect that in the
package dependencies as well. (Closes: #794290)
* udev: Increase udev event timeout to 180s. Some kernel modules, like
mptsas, can take longer then 30s to load so udevd kills the (hanging)
worker responsible for loading the module. Increase timeout from 30s to
180s to workaround this issue. Thanks Faidon Liambotis.
(Closes: #787191)
-- Michael Biebl <biebl(a)debian.org> Sat, 29 Aug 2015 17:17:04 +0200
--- Modifications pour base-files ---
base-files (8+deb8u2) stable; urgency=low
* Changed /etc/debian_version to 8.2, for Debian 8.2 point release.
-- Santiago Vila <sanvila(a)debian.org> Wed, 26 Aug 2015 18:30:02 +0200
--- Modifications pour tcpdump ---
tcpdump (4.6.2-5+deb8u1) stable; urgency=low
* Cherry-pick commit 3f15ae25c2 from upstream Git to fix -Z confirmation
log being sent to stdout, where it can get mixed with pcap stream
data if '-w -' is used (closes: #793479).
-- Romain Francoise <rfrancoise(a)debian.org> Sun, 02 Aug 2015 19:57:22 +0200
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on quigon.federez.net
--
apticron
apticron report [Sat, 05 Sep 2015 18:44:12 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
baldrick.crans.org
[ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ]
[ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ]
The following packages are currently pending an upgrade:
screen 4.2.1-3+deb8u1
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour screen ---
screen (4.2.1-3+deb8u1) jessie-security; urgency=high
* Fix stack overflow due to too deep recursion (CVE-2015-6806).
-- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Wed, 02 Sep 2015 18:09:20 +0200
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on baldrick.crans.org
--
apticron
apticron report [Sat, 05 Sep 2015 10:48:18 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
hexagon.federez.net
[ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ]
The following packages are currently pending an upgrade:
screen 4.2.1-3+deb8u1
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour screen ---
screen (4.2.1-3+deb8u1) jessie-security; urgency=high
* Fix stack overflow due to too deep recursion (CVE-2015-6806).
-- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Wed, 02 Sep 2015 18:09:20 +0200
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on hexagon.federez.net
--
apticron
This is the mail system at host quigon.rez-gif.supelec.fr.
####################################################################
# THIS IS A WARNING ONLY. YOU DO NOT NEED TO RESEND YOUR MESSAGE. #
####################################################################
Your message could not be delivered for more than 4 hour(s).
It will be retried until it is 60 day(s) old.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<monitoring(a)federez.net> (expanded from <root(a)quigon.rez-gif.supelec.fr>):
connect to hexagon.federez.net[5.39.82.35]:25: No route to host
ssh: connect to host hexagon.federez.net port 22: Network is unreachable
rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
rsync error: unexplained error (code 255) at io.c(226) [Receiver=3.1.1]
