Greetings to all. On Saturday, October 12, 2013, the second update of Debian 7 (also known by its code name "Wheezy"), which has incorporated several improvements for components such as CUPS, Intel microcodes, the latest ESR versions of Iceweasel and other system components.
To the joy of some, this security update does not involve LibreOffice as it usually is, so it is expected that in these weeks this office suite will be successfully updated in the main branch.
In addition to this update, it has recently arrived a version for education called Debian Edu, which is a special edition of the stable Debian branch focused entirely for use in educational institutions, so it is quite useful and robust as a software infrastructure.
For now, that's the news that was announced in the official website. Here is the list of updated packages.
| Package | Reason |
|---|---|
| adblock-plus | Declare compatibility with more recent Iceweasel versions |
| Apr | Don't override CFLAGS and LDFLAGS during build. This fixes the debug information being useless |
| atlas | Add Breaks: octave3.2 to try and improve some squeeze to wheezy upgrade paths |
| base files | Update version for point release |
| consistency | Fix incompatibilities with newer Twisted releases |
| cookie Monster | Declare compatibility with newer iceweasel versions |
| cups | Dnssd backend: don't crash if avahi gives a callback with no TXT record |
| curl | Fix reporting of CURLINFO_CONDITION_UNMET |
| debian-edu | Update from debian-edu-wheezy; remove chmseeRecommends |
| debian-edu-artwork | Update from debian-edu-wheezy |
| debian-edu-doc | Update from debian-edu-wheezy |
| debian-edu-install | Update from debian-edu-wheezy |
| devscripts | Fix build-rdeps to work with Wheezy being stable |
| dkimpy | Fix Gmail signature verification failures due to improper FWS regular expression |
| dpkg | Fix performance issue by correctly caching variables in Dpkg :: Arch; fix chmod () arguments order in Dpkg :: Source :: Quilt; only ignore older packages if the existing version is informative; fix user after free; fix usage of non-existent _ () function in multiple places of the Perl code; add Italian man-page translation |
| emboss explorer | Fix application menu when used with EMBOSS 6.4 |
| fai | Fix path to dpkg-divert; fix nfsroot package list; lib / task_sysinfo: make sure device is a valid block device before accessing it; documentation updates |
| firecookie | Declare compatibility with newer iceweasel versions |
| fire tray | Restore compatibility with newer iceweasel versions |
| flash-kernel | Machine database is case-sensitive so ensure that all instances of Required-Packagesare capitalized correctly |
| foxyproxy | Declare compatibility with more recent Mozilla software |
| freetds | Make libiodbc Breaks versioned now that it can load multiarch drivers |
| fwknop | Fixed failure to send SPA packets due to uninitialized variable |
| guy | Improve SSL / TLS handling; fix certificate validation |
| ghostscript | Fix endless loops related to unbalanced q / Q operators |
| glusterfs | Fix use of ext4 backend with linux> = 3.2.46-1 + deb7u1 |
| gnome-settings-daemon | Stop installing security updates without confirmation |
| gnome-shell | Improve GC deadlock handling; make the disable-restart-buttonsoption of gdm-shell work |
| gosa | Fix LDAP mass import |
| grub2 | Fix booting FreeBSD> = 9.1 amd64 kernels |
| gxine | Switch to libmozjs185-dev as the package fails to build with newer versions of libmozjs-dev |
| lbus | Fix ibus-setup breakage by setting all related packages to use –libexec = / usr / lib / ibus |
| ibus-anthy | Fix libexecdir; add python-glade2 to Depends |
| ibus-hangul | Fix libexecdir |
| ibus-m17n | Fix libexecdir |
| ibus-pinyin | Fix libexecdir |
| ibus-skk | Fix libexecdir |
| ibus-sunpinyin | Fix libexecdir |
| ibus-xkbc | Fix libexecdir |
| iceweasel | Fix builds on several architectures |
| ifmetric | Fix NETLINK: Packet too small or truncated!error |
| intel-microcode | update microcode |
| iso scan | Fix full search entry when no ISOs are found |
| kfreebsd-downloader | Switch to people.debian.org URL for kernel.txz download; the old location no longer works |
| krb5-auth-dialog | Fix krb5_principal_compare crashes on NULL arguments |
| ftp | Fix splits input script file after byte 4096 |
| libdatetime-timezone-perl | New upstream release |
| libdigest-sha-perl | Fix double-free when Digest :: SHA object is destroyed |
| libmodule-metadata-perl | Don't claim not to execute code |
| libmodule-signature-perl | CVE-2013-2145: Fixes arbitrary code execution when verifying SIGNATURE |
| libquvi-scripts | New upstream release |
| libvirt | Fix libvirtd crash when destroying a domain with attached console and race condition when destroying guests; make sure qemu.conf isn't world readable by default |
| linux | Update to 3.2.51 / drm / agp 3.4.6; disable SATA_INIC162X driver; improve efivars free space check |
| lm-sensors | Skip probing for EDID or graphics cards, as it might cause hardware issues |
| lvm2 | Fix udev rules to properly exclude special devices and always call udevsync |
| mapserver | Fix strict Content-Type matching; correctly enable AGG support |
| mdbtools | Version libiodbc Breaks now that it can load multiarch drivers; fix SEGV in blob data handling; fix double free SEGV in gmdb2 dissector |
| meta-gnome3 | Demote xul-ext-adblock-plus to Suggests |
| moin | Avoid creation of empty pagedir |
| multipath-tools | Fix upstream copy of kpartx rules; call PREREQS before calling scripts / functions; don't plain exit if root is on multipath device |
| mutt | Stop segfaulting when listing folders with new mails over imap; don't send saved messages to trash |
| myodbc | Version libiodbc Breaks now that it can load multiarch drivers |
| netcfg | Fix check for whether network-manager is installed |
| Nmap | Sanitize filenames to fix CVE-2013-4885 (remote arbitrary file creation vulnerability) |
| openvpn | Fix regression with multi homeoption |
| openvrml | Disable JavaScript support as newer versions of Mozilla's JS engine are not supported by openvrml |
| openvswitch | Reset upper layer protocol info on internal devices |
| perl | Fix Digest :: SHA double-free crash; fix issue with shared references disappearing on sub return; apply correctness patches from 5.14.4 |
| perspectives-extension | Fix calculation of quorum length with low number of notaries and / or low quorum percentage |
| php5 | Fix several issues relating to traits; don't reset mod_user_is_open in destroy to avoid an annoying warning when using sessions |
| postgresql-common | Handle wheezy point release versions |
| pyopencl | Remove non-free file from examples |
| python-defaults | Add symlink for / usr / bin / python2, used by various non-distro scripts |
| python-dns | Fix timeouts associated with only one of several available nameservers being unavailable |
| python-httplib2 | Fix CVE-2013-2037; close connection on certificate matching to avoid reuse |
| python-keystoneclient | Fix CVE-2013-2013: OpenStack keystone password disclosure on command line |
| redmine | Fix ruby 1.9.1 support |
| rt-tests | Fix hackbench on armhf |
| Rygel | Prevent autostart of rygel by default; the default configuration file exposes files to the LAN |
| sage-extension | Fix compatibility with iceweasel 17; ensure that links in the main window are clickable |
| samba | Fix CVE-2013-4124: Denial of service - CPU loop and memory allocation |
| shotwell | Fix crash at startup |
| shutdown-at-night | Stop client wake-up cron job complaining about unpingable machines |
| site summary | Fix robustness and kernel version parsing in nagios plugin |
| slbackup-php | Fix non-HTTPS logins; don't assume a backuphost exists in DNS; search for configuration file in a package-specific folder |
| smbldap-tools | Use correct name for net (8); fix qw () warning |
| stellarium | Prevent segfault when OpenGL is not present |
| subversion | Fix Python bindings when built against swig 2.0.5+ |
| sysvinit | Correct the Breaks on bootchart to ensure that all broken versions are removed on upgrade |
| telepathy-gabble | Work around Facebook server behavior change with service discovery; initialize libdbus for thread-safety; fix potential FTBFS in highly-parallel builds |
| telepathy-idle | Validate TLS certificates |
| tntnet | Fix insecure default tntnet.conf |
| towers | Fix SNMPv1 max repetitions issues |
| stage fright | New upstream stable release |
| ttytter | Update to work with the Twitter 1.1 API |
| tzdata | New upstream release |
| user-mode-linux | Rebuild against linux 3.2.51-1 |
| uwsgi | Fix loading of nagios plugins |
| boil | Don't specify absolute paths to xen tools; virt-clone: properly set image type |
| wv2 | Repack to remove src / generator / generator_wword {6,8} .htm, which should have been removed in earlier uploads |
| xinetd | Fix CVE-2013-4342 making TCPMUX services change the uid |
| xmonad-contrib | Fix CVE-2013-1436 |
I have to see that educational version.
Incidentally, they announced that on November 5, 2014 Debian Jessie will be released
Pass the fountain, please. I have not been able to find that news in the maillists.
http://lists.debian.org/debian-devel-announce/2013/10/msg00004.html
Thank you.
You do not know if it will continue to have Gnome 3.4, or will it be upgraded to 3.6? 😛
No idea, because so far, there has not been an upgrade for GNOME 3.6
They're going to make the jump to gnome 3.8. There are about 44 packages to be passed for testing and 32 for sid (gnome-shell 3.8 is in sid)
Will it come with Classic Shell?
I could not tell you. Here you have the follow-up of how everything is going
http://www.0d.be/debian/debian-gnome-3.8-status.html
I'm already using gnome-shell 3.8 in Jessie, and yes, it brings classic mode 🙂
@Tuxxx:
Thank you very much for the info.
Very good Debian, although at the moment I am in Arch. 😉
Ahhh, my beautiful Debian is from the same twelve sparkling with its second major update. 😛
But I had a question, what does the Intel microcode do? Does it give benefits or what? 😮
For the rest, excellent news.
The micro code is more than anything a «Firmware» for communication with the motherboard and the set of instructions that it has, it is like a BIOS update, it generally corrects errors from previous versions and improves performance and consumption. In Windows it is quite difficult to carry out this process, not in * unix, which is enough to download the code from the manufacturer's site (Intel in this case) and "flash" it with a couple of commands.
Although the recommendation, at least on my part, is first to update the motherboard bios and then the processor MC, with this, you ensure good compatibility in the system.
Greetings.
I find it quite interesting, and since the Intel and Debian websites do not clarify much ...
So I guess I could make sure I update the BIOS first. I don't know if you could help me or explain how it's done, maybe in the forum so as not to fill the blog anymore.
Greetings.
Look, personally I have not done it, but I have been in the presence of the engineer by warming his ear about how he did it, so let me talk to him and I will answer you directly in the forum, so that he does not challenge us with elav or Gara !!
I will see if I can do a tutorial or if he is encouraged to do one.
Greetings.
Installing the intel-microcode package should suffice
regards
Seriously? Well, as I understood everything was done by hand, at least I always saw it done that way, good that now it is in package mode.
Greetings.
In fact, to verify that the microcode is updated, it should be done before and after installing the package
grep microcode / proc / cpuinfo
to see if there have really been any changes to the version
Will it be new firmware?
Testing, for the first time there is what such 😀
At the very least, the update is lighter than usual.
What about the kde version? 4.8 was on the ass: \
For me, 4.8 in Debian worked fine. Not like 4.10 or 4.11 in Arch, but I didn't go flat.