This automatic mail gives an overview over security issues that were recently fixed in Debian Testing. The majority of fixed packages migrate to testing from unstable. If this would take too long, fixed packages are uploaded to the testing-security repository instead. It can also happen that vulnerable packages are removed from Debian testing.
DTSA: ===== The following issues have been fixed by uploads to testing-security: ldm 2:0.1~bzr20071217-1+lenny1: DTSA-118-1 : ldm - authentication bypass CVE-2008-1293: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1293 http://bugs.debian.org/469462 Migrated from unstable: ======================= dovecot 1:1.0.13-1: CVE-2008-1218: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1218 horde3 3.1.7-1: CVE-2008-1284: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1284 http://bugs.debian.org/470640 mediawiki 1:1.11.2-2: CVE-2008-1318: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1318 openldap2.3 2.4.7-6.1: CVE-2008-0658: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0658 http://bugs.debian.org/465875 smarty 2.6.18-1.1: CVE-2008-1066: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1066 http://bugs.debian.org/469492 How to update: -------------- Make sure the line deb http://security.debian.org lenny/updates main contrib non-free is present in your /etc/apt/sources.list. Of course, you also need the line pointing to your normal lenny mirror. You can use aptitude update && aptitude dist-upgrade to install the updates. More information: ----------------- More information about which security issues affect Debian can be found in the security tracker: http://security-tracker.debian.net/tracker/ A list of all known unfixed security issues is at http://security-tracker.debian.net/tracker/status/release/testing _______________________________________________ secure-testing-announce mailing list secure-testing-announce@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-announce
