Debian GNU/Linux 6.0,Squeeze, si aggiorna alla versione 6.0.4

Sabato 28 gennaio 2012, Debian GNU/Linux 6.0, in gergo Squeeze si aggiorna alla versione 6.0.4.Ovviamente questo è un aggiornamento,  non una nuova release, che corregge diversi bug di alcuni pacchetti della versione stabile, coloro che hanno fatto aggiornamenti costanti  non devono fare nulla, per tutti gli altri basta aggiornare attraverso i consueti canali, apt-get o aptitude o synaptic, in modo da correggere i vari bug come menzionati nella mail di  Adam D. Barratt:

Upcoming Debian GNU/Linux 6.0 Update (6.0.4)

An update to Debian GNU/Linux 6.0 is scheduled for Saturday, January
28th 2012.  As of now it will include the following bug fixes.  They can
be found in “squeeze-proposed-updates”, which is carried by all official

Please note that packages published through are not
listed, but will be included if possible.  Some of the updates below are
also already available through “squeeze-updates”.

Testing and feedback would be appreciated.  Bugs should be filed in the
Debian Bug Tracking System, but please make the Release Team aware of
them by copying “” on your mails.

The point release will also include a rebuild of debian-installer.

Miscellaneous Bugfixes

This stable update adds a few important corrections to the following

   Package                       Reason

   adolc                         Remove Visual C++ runtime from windows/ directory
   backuppc                      Fix data corruption in tarballs due to logging to stdout and two XSS issues
   base-files                    Update /etc/debian_version for the point release
   base-installer                Add POWER7 to the powerpc64 family
   bti                           Fix OAuth URLs
   byobu                         Correct postinst chmod semantics
   bzip2                         Fix CVE-2011-4089
   c-ares                        Fix encoded length for indirect root
   cherokee                      Avoid brute-forceable password in cherokee-admin
   cifs-utils                    Fix mtab corruption issues
   clamav                        New upstream version; fix potential DoS
   clamz                         Handle unencrypted amz files
   cpufrequtils                  Load powernow-k8 for AMD family 20 (i.e. AMD E-350 cpus); better support 3.0 kernels
   dpkg                          Add armhf to {os,triplet}table; defer hardlink renames; do not fail to unpack shared directories missing on the file system from packages being replaced by other packages
   eglibc                        New upstream stable release plus fixes from stable branch
   erlang                        Fix CVE-2011-0766 (cryptographic weakness) in the erlang ssh application
   etherape                      Null pointer dereferences
   gimp                          Fix printing when used with libcairo version 1.10 or above
   gnutls26                      Fix buffer overflow in gnutls_session_get_data()
   hplip                         Fix insecure use of temporary file
   ia32-libs                     Update packages
   ia32-libs-gtk                 Update packages
   ifupdown-extra                Handle moved location of ethtool; fix handling of "rejects" in static-route; use --tmpdir for temporary files; move /etc/network/network-routes to /e/n/routes; documentation updates
   iotop                         Give a helpful error instead of crashing when Linux denies permission to read the taskstats files
   jabberbot                     Bind callbacks after the roster has been initialised
   kernel-wedge                  Add et131x to nic-extra-modules; add isci to scsi-extra-modules; add xhci-hcd to usb-modules
   killer                        Use DNS for mail domain rather than NIS; stop cron job failing when package is removed
   ldap2zone                     Don't send mail on success; syslog instead
   libdata-formvalidator-perl    Fix possible passing of invalid data in untaint mode
   libdebian-installer           Detect IBM pSeries platform as powerpc/chrp_ibm
   libdigest-perl                Fix unsafe use of eval in Digest->new()
   libhtml-template-pro-perl     Fix XSS
   libjifty-dbi-perl             SQL injection
   libmtp                        Add support for Motorola Xoom devices
   libpar-packer-perl            Fix use of unsafe and predictable temporary directories
   libpar-perl                   Fix use of unsafe and predictable temporary directories
   linux-2.6                     Add stable releases, fix xen and tg3 regressions, various fixes
   linux-kernel-di-amd64-2.6     Rebuild against linux-2.6 kernel 2.6.32-41
   linux-kernel-di-armel-2.6     Rebuild against linux-2.6 kernel 2.6.32-41
   linux-kernel-di-i386-2.6      Rebuild against linux-2.6 kernel 2.6.32-41
   linux-kernel-di-ia64-2.6      Rebuild against linux-2.6 kernel 2.6.32-41
   linux-kernel-di-mips-2.6      Rebuild against linux-2.6 kernel 2.6.32-41
   linux-kernel-di-mipsel-2.6    Rebuild against linux-2.6 kernel 2.6.32-41
   linux-kernel-di-powerpc-2.6   Rebuild against linux-2.6 kernel 2.6.32-41
   linux-kernel-di-s390-2.6      Rebuild against linux-2.6 kernel 2.6.32-41
   linux-kernel-di-sparc-2.6     Rebuild against linux-2.6 kernel 2.6.32-41
   masqmail                      Fix improper seteuid() calls
   mdadm                         Quieten some cron messages; don't break when no scheduling class is specified or no devices are active; LSB header updates
   mediawiki                     Fix unintended exposure of hidden content through cache pollution; disable CVE-2011-4360.patch; doesn't apply to this version and causes errors
   module-init-tools             Support 3.0 kernels
   multipath-tools               Change HP hardware handler to hp_sw; update man pages
   mutt                          Fix validation of commonname (gnutls)
   nfs-utils                     Allow negotiated enctypes to be limited; avoid corrupting mtab
   nginx                         Fix compression pointer processing in DNS response greater than 255 bytes
   nss-pam-ldapd                 Correctly parse /etc/nsswitch.conf, detect calling process identity and fix disconnect logic
   partman-target                Stop treating ISO hybrid images on USB sticks as real optical drives
   pastebinit                    Fix support for user configuration files
   pbuilder                      Rename the /run script from --execute to /runscript, for compatibility with wheezy and later which have /run as a directory replacing /var/run
   perl                          Unregister signal handler before destroying my_perl; fixes segfault; minor security fixes
   phppgadmin                    Fix XSS
   pidgin                        Fix remote crash issues
   postgresql-8.4                New upstream micro-release
   pure-ftpd                     Fix man in the middle attack on encrypted sessions
   python-debian                 Allow ':' as the first character of a value
   python3-defaults              Ignore binary files while checking shebangs
   qemu-kvm                      Fix NIC hotplug from libvirt
   quassel                       Fix missing translations
   recoll                        Plug conversion descriptor leak in unac.c::convert() error path
   rng-tools                     Work around VIA Nano xstore bug; add 3.0 kernel support
   rpm                           Fix malformed header parsing
   samba                         Allow using unencrypted passwords with Windows clients with KB2536276 installed
   shorewall                     Install missing /usr/share/shorewall/helpers
   shorewall-lite                Install missing /usr/share/shorewall/helpers
   shorewall6                    Install missing /usr/share/shorewall/helpers
   shorewall6-lite               Install missing /usr/share/shorewall/helpers
   slbackup                      Fix path to configuration file in the cron job
   slbackup-php                  Fix login issues, deal with blanks in filenames, fix last failed timestamp
   tinyproxy                     Validate port number specified in configuration
   tzdata                        New upstream version
   user-mode-linux               Rebuild against linux-source-2.6.32 (2.6.32-41)
   webkit                        Avoid doing lots of needless NULL DNS lookups
   whatsnewfm                    Handle renaming of freshmeat to freshcode
   xorg-server                   GLX: add missing input sanitization; fix a file disclosure vulnerability and a file permission change vulnerability
   xpdf                          Fix inseucre temporary file usage

A complete list of all accepted packages together with rationale is on
the preparation page for this revision:


If there are any issues, please don't hesitate to get in touch with the
Debian Release Team at “”.