Miscellaneous Bugfixes
Package | Reason |
---|---|
apache2 | Support ECC keys and ECDH ciphers; mod_proxy: fix crashes under load; mod_dav: fix potential DoS [CVE-2013-6438]; mod_log_config: fix cookie logging |
apt-cacher-ng | Fix cross-site scripting via 403 responses [CVE-2014-4510] |
automake1.9-nonfree | Add empty prerm to ensure a clean upgrade path in case of install-info removal |
base-files | Update for the point release |
catfish | Fix regression from previous security update |
clamav | New upstream release; fix a crash while using clamscan |
cmus | Fix build failure related to the libmodplug upgrade in DSA 2751 |
cups | Fix XSS in the CUPS web interface; fix syntax errors in Hungarian templates |
cyrus-imapd-2.4 | Fix missing GUID for binary appends; fix broken nntpd |
dbus | Fix denial of service [CVE-2014-3477] |
duo-unix | Update upstream HTTPS certificates; improve support for SHA2 in HTTPS |
eglibc | Fix issues which could break dynamic linker on biarch systems; fix regression in IPv6 name resolution; fix February month name in de_AT locale; fix backtrace() on mips; fix nl_langinfo() when used in static binaries |
elib | Rebuild with current debhelper |
firebug | Take over xul-ext-firecookie, as firebug now provides all its functionality; remove copyrighted ICC profile |
hdf5 | Rebuild against current wheezy gfortran |
intel-microcode | Updated microcode; new upstream release |
ldns | Fix default permissions on private DNSKEYs generated by ldns-keygen [CVE-2014-3209] |
libdatetime-timezone-perl | New upstream release |
libdbi-perl | Remove dependency on to-be-removed libplrpc-perl |
libflickr-api-perl | Update URLs in line with upstream changes |
libjpeg6b | Fix memory disclosure vulnerabilities [CVE-2013-6629 CVE-2013-6630] |
libjpeg8 | Fix memory disclosure vulnerabilities [CVE-2013-6629 CVE-2013-6630] |
libopenobex | Fix segfault when transferring files |
maitreya | Replace font to avoid copyright issues |
mobile-broadband-provider-info | Update included data |
nostalgy | Add support for newer icedove versions |
openchange | Remove packages which depend on previously removed samba4 packages |
openssh | Restore patch to disable OpenSSL version check |
openssl | Don't prefer ECDHE_ECDSA with some Safari versions; actually restart the services when restart-without-asking is set |
policyd-weight | Fix infinite loop if resolver only reachable via IPv6 |
proftpd-mod-geoip | Remove useless and buggy proftpd-mod-geoip.postrm script |
py3dns | Fix timeouts associated with only one of several available nameservers being unavailable; correctly deal with source port already in use errors |
pydap | Add dapto namespace_packages in setup.py |
quassel | Fix certificate permissions |
scheme48 | Fix insecure use of temporary file [CVE-2014-4150] |
sieve-extension | Add support for newer icedove versions |
sks | Fix cross-site scripting [CVE-2014-3207]; improve Berkeley DB upgrade handling |
squid3 | Fix sporadic assertion failure under high load |
suds | Fix insecure creation of cache paths |
tor | New upstream release |
tzdata | New upstream release |
unbound | Fix crash when using DNSSEC and num-threads > 1 |
win32-loader | Update embedded dependencies |
wireless-regdb | Update data |
xmms2 | Fix build failure related to the libmodplug upgrade in DSA 2751 |
Removed packages
The following packages were removed due to circumstances beyond our control:
Package | Reason |
---|---|
whatsnewfm | Obsolete as freecode.com no longer accepting submissions |
libplrpc-perl | Security issues |
firecookie | Obsolete; superseded by firebug |
freecode-submit | Obsolete as freecode.com no longer accepting submissions |