[Monitoring] 14 Debian package update(s) for baldrick.crans.org

apticron report [Thu, 28 Jan 2016 20:44:13 +0100] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 ] The following packages are currently pending an upgrade: curl 7.38.0-4+deb8u3 libcurl3 7.38.0-4+deb8u3 libcurl3-gnutls 7.38.0-4+deb8u3 libcurl4-openssl-dev 7.38.0-4+deb8u3 libmysqlclient18 5.5.47-0+deb8u1 libmysqlclient-dev 5.5.47-0+deb8u1 mysql-client 5.5.47-0+deb8u1 mysql-client-5.5 5.5.47-0+deb8u1 mysql-common 5.5.47-0+deb8u1 mysql-server 5.5.47-0+deb8u1 mysql-server-5.5 5.5.47-0+deb8u1 mysql-server-core-5.5 5.5.47-0+deb8u1 openjdk-7-jre 7u95-2.6.4-1~deb8u1 openjdk-7-jre-headless 7u95-2.6.4-1~deb8u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour mysql-5.5 (libmysqlclient18 libmysqlclient-dev mysql-client mysql-client-5.5 mysql-common mysql-server mysql-server-5.5 mysql-server-core-5.5) --- mysql-5.5 (5.5.47-0+deb8u1) jessie-security; urgency=high * Imported Upstream version 5.5.47 to fix security issues: - http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html - CVE-2016-0546 CVE-2016-0505 CVE-2016-0596 CVE-2016-0597 CVE-2016-0616 CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609 (Closes: #811428) * fix-test-suite-failure-caused-by-arbitrary-date-in-the-future-patch is no longer needed, as bug is fixed in new Upstream version -- Lars Tangvald <lars.tangvald(a)oracle.com> Wed, 13 Jan 2016 12:53:26 +0100 --- Modifications pour openjdk-7 (openjdk-7-jre openjdk-7-jre-headless) --- openjdk-7 (7u95-2.6.4-1~deb8u1) jessie-security; urgency=medium * Rebuild for jessie-security -- Moritz Mühlenhoff <jmm(a)debian.org> Tue, 26 Jan 2016 00:42:03 +0100 openjdk-7 (7u95-2.6.4-1) unstable; urgency=high [ Tiago Stürmer Daitx ] * IcedTea release 2.6.4 (based on 7u95): * Security fixes - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962, CVE-2016-0466: More general limits - S8137060: JMX memory management improvements - S8139012: Better font substitutions - S8139017, CVE-2016-0483: More stable image decoding - S8140543, CVE-2016-0494: Arrange font actions - S8143185: Cleanup for handling proxies - S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays - S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH) * debian/patches/it-debian-build-flags.diff: refreshed * debian/patches/it-set-compiler.diff: refreshed * debian/patches/it-use-quilt.diff: refreshed * debian/patches/it-jamvm-2.0.diff: refreshed * debian/patches/icedtea-pretend-memory.diff: refreshed * debian/patches/fix_extra_flags-default.diff: refreshed * debian/patches/zero-sparc.diff: refreshed [ Matthias Klose ] * Remove obsolete IcedTea configure options. * Fix build failure on squeeze (Thorsten Glaser). Closes: #809205. * Don't run the test on mips, still having stone age buildd hardware and empty promises to fix these issues since 2010. -- Matthias Klose <doko(a)ubuntu.com> Thu, 21 Jan 2016 13:17:54 +0100 openjdk-7 (7u91-2.6.3-3) unstable; urgency=medium * Fix stripping packages (use bash instead of expr substring). * openjdk-jre-headless: Add dependency on the package containing the mountpoint binary. Closes: #803717. * openjdk-7-jdk: Fix typo in sdk provides. Closes: #803150. * Build using giflib 5. -- Matthias Klose <doko(a)ubuntu.com> Mon, 30 Nov 2015 06:27:48 +0100 openjdk-7 (7u91-2.6.3-2) unstable; urgency=medium * Enable sparc64 for hotspot (John Paul Adrian Glaubitz). * Add debian/patches/sparc-libproc-fix.diff to include missing headers on sparc64 (David Matthew Mattli). Closes: #805846. -- Matthias Klose <doko(a)ubuntu.com> Wed, 25 Nov 2015 23:38:54 +0100 openjdk-7 (7u91-2.6.3-1) unstable; urgency=medium [ Tiago Stürmer Daitx ] * Icedtea release 2.6.3 (based on 7u91): * Security fixes - S8142882, CVE-2015-4871: rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed -- Matthias Klose <doko(a)ubuntu.com> Thu, 19 Nov 2015 01:27:25 +0100 --- Modifications pour curl (curl libcurl3 libcurl3-gnutls libcurl4-openssl-dev) --- curl (7.38.0-4+deb8u3) jessie-security; urgency=medium * Fix NTLM credentials not-checked for proxy connection re-use as per CVE-2016-0755 http://curl.haxx.se/docs/adv_20160127A.htm -- Alessandro Ghedini <ghedo(a)debian.org> Tue, 26 Jan 2016 22:39:38 +0000 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron