6 Sep
2015
6 Sep
'15
00:38
apticron report [Sun, 06 Sep 2015 00:38:12 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
quigon.federez.net
[ 160.228.155.65 ]
The following packages are currently pending an upgrade:
apache2 2.4.10-10+deb8u3
apache2-bin 2.4.10-10+deb8u3
apache2-data 2.4.10-10+deb8u3
apache2-mpm-prefork 2.4.10-10+deb8u3
apache2-utils 2.4.10-10+deb8u3
apt 1.0.9.8.1
apt-utils 1.0.9.8.1
base-files 8+deb8u2
cron 3.0pl1-127+deb8u1
dbus 1.8.20-0+deb8u1
libapt-inst1.5 1.0.9.8.1
libapt-pkg4.12 1.0.9.8.1
libc6 2.19-18+deb8u1
libc6-dev 2.19-18+deb8u1
libc-bin 2.19-18+deb8u1
libc-dev-bin 2.19-18+deb8u1
libdbus-1-3 1.8.20-0+deb8u1
libgnutls-deb0-28 3.3.8-6+deb8u3
libgnutls-openssl27 3.3.8-6+deb8u3
libio-socket-ssl-perl 2.002-2+deb8u1
libpam-systemd 215-17+deb8u2
libslp1 1.2.1-10+deb8u1
libsystemd0 215-17+deb8u2
libudev1 215-17+deb8u2
locales 2.19-18+deb8u1
multiarch-support 2.19-18+deb8u1
nscd 2.19-18+deb8u1
python-apt 0.9.3.12
python-apt-common 0.9.3.12
rsyslog 8.4.2-1+deb8u1
screen 4.2.1-3+deb8u1
systemd 215-17+deb8u2
systemd-sysv 215-17+deb8u2
tcpdump 4.6.2-5+deb8u1
udev 215-17+deb8u2
ufraw-batch 0.20-2+deb8u1
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour openslp-dfsg (libslp1) ---
openslp-dfsg (1.2.1-10+deb8u1) jessie-security; urgency=high
* QA upload from the Security Team
* Fix double free as per CVE-2015-5177
-- Alessandro Ghedini <ghedo(a)debian.org> Fri, 04 Sep 2015 11:29:38 +0200
--- Modifications pour screen ---
screen (4.2.1-3+deb8u1) jessie-security; urgency=high
* Fix stack overflow due to too deep recursion (CVE-2015-6806).
-- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Wed, 02 Sep 2015 18:09:20 +0200
--- Modifications pour ufraw (ufraw-batch) ---
ufraw (0.20-2+deb8u1) jessie; urgency=high
* dcraw.cc: Apply patch from
https://bugzilla.redhat.com/attachment.cgi?id=1027072&action=diff to
prevent buffer overflow in ljpeg_start (Closes: #786783, CVE-2015-3885)
-- Hubert Chathi <uhoreg(a)debian.org> Tue, 26 May 2015 14:44:00 -0400
--- Modifications pour apache2 (apache2 apache2-bin apache2-data apache2-mpm-prefork
apache2-utils) ---
apache2 (2.4.10-10+deb8u3) jessie; urgency=medium
* Revert fix for deferred mpm switch for now, because it is at least not
complete or maybe causes regressions (see #791902). Re-opens #789914
-- Stefan Fritsch <sf(a)debian.org> Fri, 28 Aug 2015 18:24:17 +0200
apache2 (2.4.10-10+deb8u2) jessie; urgency=medium
[ Stefan Fritsch ]
* Fix upgrade logic: When upgrading from wheezy with apache2.2-common
but without apache2 installed to jessie, part of the conffile handling
logic would not run, causing outdated conffile content to be kept.
This is part of the solution for bug #794933. The other part will be
included in the upgrade to Debian 9 (stretch).
* core: Fix -D[efined] or <Define>[d] variables lifetime accross restarts.
This could cause all kinds of strange behavior. PR 56008. PR 57328
* mpm_event: Fix process deadlock when shutting down a worker. PR 56960
* mpm_event: Fix crashes due to various race conditions. Closes: #779078
[ Jean-Michel Vourgère ]
* apache2.postinst: Fixed tests on deferred mpm switch. Closes: #789914
-- Stefan Fritsch <sf(a)debian.org> Thu, 27 Aug 2015 19:52:37 +0200
--- Modifications pour apt (apt apt-utils libapt-inst1.5 libapt-pkg4.12) ---
apt (1.0.9.8.1) stable; urgency=medium
[ David Kalnischkies ]
* parse specific-arch dependencies correctly on single-arch systems
(Closes: 777760)
* remove "first package seen is native package" assumption.
Thanks to Axel Beckert for testing (Closes: 782777)
[ Michael Vogt ]
* Fix endless loop in apt-get update that can cause disk fillup
(LP: #1445239)
-- Michael Vogt <mvo(a)debian.org> Wed, 10 Jun 2015 09:40:19 +0200
--- Modifications pour cron ---
cron (3.0pl1-127+deb8u1) jessie; urgency=medium
* d/cron.service: Use KillMode=process to kill only the daemon.
The default of KillMode=control-group kills all the processes in the control
group, for example when restarting the daemon. This is a deviation from past
behavior we do not want. Thanks, Alexandre Detiste! Closes: #783683
-- Christian Kastner <debian(a)kvr.at> Sun, 03 May 2015 15:25:18 +0200
--- Modifications pour dbus (dbus libdbus-1-3) ---
dbus (1.8.20-0+deb8u1) jessie; urgency=medium
* New upstream bugfix release
- fix a memory leak when GetConnectionCredentials is called
- stop dbus-monitor replying to org.freedesktop.DBus.Peer
messages, including those that another process should have
replied to
-- Simon McVittie <smcv(a)debian.org> Tue, 21 Jul 2015 17:59:42 +0100
--- Modifications pour glibc (libc6 libc6-dev libc-bin libc-dev-bin locales
multiarch-support nscd) ---
glibc (2.19-18+deb8u1) stable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix pthread_mutex_trylock with lock elision. Closes: #759197,
#788999.
- Fix gprof entry point on ppc64el. Closes: #794222.
- Fix a buffer overflow in getanswer_r (CVE-2015-1781).
Closes: #796105.
-- Aurelien Jarno <aurel32(a)debian.org> Sat, 29 Aug 2015 10:56:31 +0200
--- Modifications pour gnutls28 (libgnutls-deb0-28 libgnutls-openssl27) ---
gnutls28 (3.3.8-6+deb8u3) jessie; urgency=medium
* Pull 50_Handle-zero-length-plaintext-for-VIA-PadLock-functio.patch from
upstream version 3.3.12 to fix a crash in VIA PadLock asm. (Thanks, Peter
Lebbing). Closes: #788704
* Pull 51_0001__gnutls_session_sign_algo_enabled-do-not-consider-an.patch
51_0002_before-falling-back-to-SHA1-as-signature-algorithm-i.patch
51_0003_tests-added-reproducer-for-the-MD5-acceptance-issue.patch (the
latter unfuzzed) from GnuTLS 3.3.15 to fix GNUTLS-SA-2015-2. - A
ServerKeyExchange signature sent by the server was not verified to be in
the acceptable by the client set of algorithms. That had the effect of
allowing MD5 signatures (which are disabled by default) in the
ServerKeyExchange message.
-- Andreas Metzler <ametzler(a)debian.org> Fri, 14 Aug 2015 18:28:30 +0200
--- Modifications pour libio-socket-ssl-perl ---
libio-socket-ssl-perl (2.002-2+deb8u1) jessie; urgency=medium
* Add 0001-make-PublicSuffix-_default_data-thread-safe-by-stori.patch.
Make PublicSuffix::_default_data thread safe by storing the default data
inside a function inside within __DATA__.
Thanks to Jonny Schulz <info(a)bloonix.org> for the report (Closes: #788035)
-- Salvatore Bonaccorso <carnil(a)debian.org> Mon, 08 Jun 2015 09:28:47 +0200
--- Modifications pour python-apt (python-apt python-apt-common) ---
python-apt (0.9.3.12) jessie; urgency=medium
[ Julian Andres Klode ]
* apt/cache.py: Work around a cyclic reference from Cache to its methods
(Closes: #745487)
* python/arfile.cc: LFS: Use long long instead of long for file sizes
* python/arfile.cc: Do not allow files larger than SIZE_MAX to be mapped
* python/tarfile.cc: LFS: Handle too large file
* apt.debfile: Fix splitting of multi-lines Binary fields in dsc files
(Closes: #751770)
* apt/debfile.py: Arch-qualify in compare_to_version_in_cache()
(Closes: #750189)
[ Michael Vogt ]
* Fix apt.Package.installed_files for multi-arch packages (LP: #1313699)
-- Julian Andres Klode <jak(a)debian.org> Tue, 16 Jun 2015 11:35:11 +0200
--- Modifications pour rsyslog ---
rsyslog (8.4.2-1+deb8u1) jessie; urgency=medium
* Disable transactions in ompgsql as they were not working properly.
Patch cherry-picked from upstream Git. (Closes: #788183)
-- Michael Biebl <biebl(a)debian.org> Sat, 29 Aug 2015 13:52:34 +0200
--- Modifications pour systemd (libpam-systemd libsystemd0 libudev1 systemd systemd-sysv
udev) ---
systemd (215-17+deb8u2) stable; urgency=medium
* Disable default DNS servers in systemd-resolved. In v215 they are always
added to resolv.conf as fallback entries even when DNS servers were
acquired from systemd-networkd. (Closes: #787731)
* Use strictly versioned dependendency on libsystemd-dev for the
transitional dev packages. The .pc files of the compat libraries declare
a strictly versioned dependency on libsystemd.pc, so reflect that in the
package dependencies as well. (Closes: #794290)
* udev: Increase udev event timeout to 180s. Some kernel modules, like
mptsas, can take longer then 30s to load so udevd kills the (hanging)
worker responsible for loading the module. Increase timeout from 30s to
180s to workaround this issue. Thanks Faidon Liambotis.
(Closes: #787191)
-- Michael Biebl <biebl(a)debian.org> Sat, 29 Aug 2015 17:17:04 +0200
--- Modifications pour base-files ---
base-files (8+deb8u2) stable; urgency=low
* Changed /etc/debian_version to 8.2, for Debian 8.2 point release.
-- Santiago Vila <sanvila(a)debian.org> Wed, 26 Aug 2015 18:30:02 +0200
--- Modifications pour tcpdump ---
tcpdump (4.6.2-5+deb8u1) stable; urgency=low
* Cherry-pick commit 3f15ae25c2 from upstream Git to fix -Z confirmation
log being sent to stdout, where it can get mixed with pcap stream
data if '-w -' is used (closes: #793479).
-- Romain Francoise <rfrancoise(a)debian.org> Sun, 02 Aug 2015 19:57:22 +0200
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on quigon.federez.net
--
apticron
Afficher les réponses par date
3519
jours sans activité
3519
depuis la dernière activité
0 commentaires
1 participants
participants (1)
-
root@quigon.rez-gif.supelec.fr