Greetings to all. On this occasion, I must apologize for the great absence, which kept me away from the blog and the community for a long time. Fortunately, I'm here to give you two good news: first, that the fifth Debian Wheezy update is out; and second, that Debian Squeeze will be the first version of Debian to have LTS support.
Debian Wheezy 7.5
As of the date that I am writing this post, I have happily updated both of my PC's with Debian Wheezy to version 7.5, which come with the following bugfixes (or hotfixes):
Package | Reason |
---|---|
warning | Explicitly pass latexdir to make, avoiding files ending up in non-FHS directories |
base files | Update for the point release |
calendarserver | Update zoneinfo to tzdata 2014a |
catfish | Fix untrusted search path vulnerability [CVE-2014-2093, CVE-2014-2094, CVE-2014-2095, CVE-2014-2096] |
certificate patrol | Declare compatibility with Iceweasel 24 |
clamav | New upstream release |
conkeror | Add patches for compatibility with Iceweasel 24 |
debian-installer | Add support for QNAP HS-210 |
debian-installer-netboot-images | Rebuild against the latest debian-installer |
docx2txt | Add missing dependency on unzip |
erlang: | Fix command injection via CR or LF in user, file or directory names in the FTP module [CVE-2014-1693] |
evolution-ews | Fix free / busy indicators with Exchange 2013 servers |
firebug | New upstream release; compatible with Iceweasel 24 |
flash block | New upstream release; compatible with Iceweasel 24 |
freeciv | Fix denial of service [CVE-2012-5645, CVE-2012-6083] |
freerdp | Fix libfreerdp-dev so that it can be compiled against |
glark | Force use of Ruby 1.8, as glark doesn't work with newer versions |
gorm.app | Fix build failure |
greasemonkey | New upstream release; compatible with Iceweasel 24 |
gst-plugins-bad0.10 | Fix build failure due to the libmodplug upgrade in DSA 2751 |
intel-microcode | Includes updated microcode |
ktp-filetransfer-handler | Fix broken kde-telepathy-filetransfer-handler-dbg on mips |
lcms2 | Security fixes |
libdatetime-timezone-perl | Update to tzdata 2014a |
libfinance-quote-perl | Update URLs of Yahoo! Financial services |
libpdf-api2-perl | Fix build failure |
libquvi-scripts | New upstream release |
libsoup2.4 | Fix issues with NTLM authentication against Windows 2012 |
libxml2 | Fix memory corruption when re-using the library from threaded applications |
linux | Update to stable 3.2.57, 3.2.55-rt81, drm / agp 3.4.86; several security fixes; e1000e, igb: backport changes up to Linux 3.13 |
etc | Fix remote audio on thin clients |
meep | Stop building with -march = native |
meep-openmpi | Stop building with -march = native |
mozilla noscript | New upstream release; compatible with Icweasel 24 |
mp3gain | Fix denial of service and buffer overflow issues [CVE-2003-0577, CVE-2004-0805, CVE-2004-0991, CVE-2006-1655] |
net-snmp | Fix agentx subagent issues with multiple-object requests and increasing object length [CVE-2014-2310] |
newsbeuter | Fix build failure due to json's switch from boolean to json_bool |
nvidia-graphics-drivers | New upstream release |
nvidia-graphics-modules | Build against nvidia-kernel-source 304.117 |
open blow | Fix hang when called from an OpenMP-using program |
php-getid3 | Fix potential XXE security issue [CVE-2014-2053] |
php5 | Many fixes backported from upstream |
polarssl | Fix build failure due to expired certificates |
postgresql-8.4 | New upstream micro release |
postgresql-9.1 | New upstream micro release |
whoa | Fix entry pointer for ELF kernels loaded with -kernel option; only allow real mode to access 32-bit addresses unless in long mode |
qemu-sq.m | Fix entry pointer for ELF kernels loaded with -kernel option; only allow real mode to access 32-bit addresses unless in long mode |
Quassel | Restrict clients from accessing backlogs belonging to other users [CVE-2013-6404] |
resource-agents | Fix HTTPS service checking by IP address |
ruby-passenger | Fix insecure use of / tmp [CVE-2014-1831, CVE-2014-1832] |
sage-extension | New upstream release; compatible with Icewasel 24 |
samba | Fix authentication bypass and insufficient protection against brute-force password guessing [CVE-2012-6150, CVE-2013-4496] |
samba4 | Remove insecure and broken samba4 and winbind4 binary packages |
spamassassin | remove xxxfrom the list of common fake TLDs, since it is not fake any more; remove rules referring to rfc-ignorant.org and NJABL, which have been shut down |
spip | Fix missing escaping; update security screen |
subversion | Fix mod_dav_svn crash when handling certain requests [CVE-2014-0032] and removal of libsvnjavahl-1.a / .la / .so from libsvn-dev |
nice | Fix CAS authentication issues; fix SQLite upgrade patch to avoid errors with perl <= 5.14; raise a warning instead of an error when the CA bundle file is not readable; provide the missing template help_suspend.tt2 |
tweepy | Use Twitter API 1.1 and SSL |
tzdata | New upstream release |
wml | Remove temporary directories (ipp. *) |
xine-lib | Fix build failure due to the libmodplug upgrade in DSA 2751 |
xine-lib-1.2 | Fix build failure due to the libmodplug upgrade in DSA 2751 |
Similarly, there are security updates, which are the following:
Advisory ID | Package |
---|---|
DSA-2848 | mysql-5.5 |
DSA-2850 | libyaml |
DSA-2852 | libgadu |
DSA-2854 | mumble |
DSA-2855 | libav |
DSA-2856 | libcommons-fileupload-java |
DSA-2857 | libspring-java |
DSA-2858 | iceweasel |
DSA-2859 | pidgin |
DSA-2860 | share |
DSA-2861 | fillet |
DSA-2862 | chromium-browser |
DSA-2863 | free |
DSA-2865 | postgresql-9.1 |
DSA-2866 | gnutls26 |
DSA-2867 | others2 |
DSA-2868 | php5 |
DSA-2869 | gnutls26 |
DSA-2870 | libyaml-libyaml-perl |
DSA-2871 | wireshark |
DSA-2872 | udisks |
DSA-2873 | fillet |
DSA-2874 | mutt |
DSA-2875 | cups-filters |
DSA-2877 | lighttpd |
DSA-2878 | virtualbox |
DSA-2879 | libssh |
DSA-2880 | python2.7 |
DSA-2881 | iceweasel |
DSA-2882 | explorer |
DSA-2883 | chromium-browser |
DSA-2884 | libyaml |
DSA-2885 | libyaml-libyaml-perl |
DSA-2886 | libxalan2-java |
DSA-2887 | ruby-actionmailer-3.2 |
DSA-2888 | ruby-activesupport-3.2 |
DSA-2888 | ruby-actionpack-3.2 |
DSA-2889 | postfixadmin |
DSA-2890 | libspring-java |
DSA-2891 | mediawiki-extensions |
DSA-2891 | mediawiki |
DSA-2892 | a2ps |
DSA-2894 | openssh |
DSA-2895 | prosody |
DSA-2895 | lua-expat |
DSA-2896 | openssl |
DSA-2897 | tomcat7 |
DSA-2898 | imagemagick |
DSA-2899 | openafs |
DSA-2900 | jbigkit |
DSA-2901 | wordpress |
DSA-2902 | curl |
DSA-2903 | strongswan |
DSA-2904 | virtualbox |
DSA-2905 | chromium-browser |
DSA-2908 | openssl |
DSA-2909 | whoa |
DSA-2910 | qemu-sq.m |
And the packages that we should say goodbye to are:
Package | Reason |
---|---|
hlbr | Broken |
hlbrw | Depends on to-be-removed hlbr |
Anyway. It only remains to remind you that, if you have your PC with Dual-boot, it may be that Windows startup does not appear, so you have to execute the following in your terminal:
sudo update-grub
Debian Squeeze LTS
For those of you who run your Debian Squeeze servers, this is your lucky day. First, this news appeared in the debian mailing lists, and later, became official.
Debian Wheezy is the first edition of Debian to receive Extended Support (LTS), which is designed to have a lifespan of practically 5 years, starting from the release date of the first version.
At the moment, it is known that Debian Squeeze will have this support as soon as it arrives on May 31 of this year, and the end of this extended support will be in February 2016. In addition, it should be noted that the extended support will include X86 platforms of 32-bit (i386) and 64-bit (amd64). However, the possibility that both Debian Wheezy and Jessie (which will soon be the successor to the current stable version) are in the LTS category is not ruled out.
For those who want to know who will maintain Debian 6.X, the Debian developers themselves stated that the LTS managers will be third parties who joined forces with the Debian developer team to fix critical bugs and security flaws.
As a bonus: Debian Squeeze was not affected by the OpenSSL bug heartbleed.
Elio, I would like to install debian LXDE on my PC. But, I feel complicated. I have had problems with Lubuntu, the new version does not read wifi, I suppose it is due to the PC (Acer Aspire One 0725), which would not happen with Debian. Do you have any tutorial of the steps that I should take? Another question: Debian does not come with any mockup for example libreo office. Will I install only the ones I want?
Normally, you can choose which desktop environment to use in the Debian installer as soon as it boots.
This option is found in "Advanced >> Alternative Desktop Enviroments" and the list of desktop environments to install will appear.
The netinstall versions of Debian necessarily require connection to the ethernet cable to download the packages requested by the installer according to the desktop you have chosen.
Regarding WiFi, first type in the terminal «lspci» to see what hardware you exactly have, and put in google «site: wiki.debian.org {name of the hardware in question}» and you will see the solution according to the hardware that you makes life impossible.
Thanks, Elio
Regarding libreoffice, you just download the deb from the official page and install it and then the language deb and help the one in the repos is old
I have 4.2 in debian jessie kde and it goes without problems
A silly question how do I go to Debian 7.5 LTS since I have Debian 7, can it be done with aptitude full-upgrade? Thanks in advance
Debian 7.5 is not LTS
Hello,
To update your Debian to the latest version of version seven, all you have to do is:
apt-get update && apt-get dist-upgrade
a greeting
Hi Eliotime3000, great news from the Debian team: D. By the way .. Since when do you use XFCE as an environment? Tired of KDE?
Nope. The XFCE is for my netbook that I just received for my birthday. My KDE is for my Workstation PC, which I have also updated to Debian 7.5.
To tell the truth, XFCE has taken me back to the days when I was with GNOME 2, and the truth is that it is like KDE but for GTK.
And by the way... have you managed to customize your KDE like eOS + OpenSUSE? Because I have managed to make said desktop style, which you can see in my [url=http://foro.desdelinux.net/viewtopic.php?pid=20058#p20058]“Show your Desktop” comment[/url].
Anyway, XFCE is a good desktop environment (well, the rat has its charm), but the truth is that KDE far exceeds it (it is even more versatile than XFCE and LXDE together).
As with Ubuntu, Debian releases don't excite me anymore, although of course, I've never been excited by Stable updates 😀
You say that because you are in Arch since there is no release there :). How is Rolling: D ..
I must say that I no longer have any interest in Debian Stable releases since Slackware is in my sights and I am very happy with it: D.
There are no releases in Arch? Every day man: https://www.archlinux.org/packages/?sort=-last_update
snpashot! = launch
That pitching rhythm makes me retch.
Slackware has made better updates than RHEL and Debian combined (such as the OpenSSL and KDE update), and Arch I have to keep the wiki handy because without it, I just get lost when it comes to installing Arch (it's frustrating having to use a distro that is razor-sharp, but is, in turn, a distro RTFM).
Now, if I can't sell my old Pentium IV, I'll put Slackware 14.2 in it, and I'll give it that PC so that my mother can learn to use GNU / Linux properly (since my mother hates anything that doesn't work well, I have in mind to install it that distro due to the robustness and simplicity it has).
For those who use it as a server and / or have them installed on their obsolete PCs, yes. Also, this update has fixed the problem I had when updating the Flash Player with the updater update-flashplugin-nonfree.
Hi, and how do you upgrade to wheezy 7.5 from wheezy 7.0? Thanks
Hi. You open a terminal and put:
sudo apt-get update && sudo apt-get upgrade
It will ask for the password of your user and will update. If you don't have sudo activated you can do it with su.
A greeting!
Thanks for answering. Anyway, everything worked fine, but for security update, thanks again.
a correction: it can be read:
Debian Wheezy is the first edition of Debian to receive extended support
and it's wrong, you mean debian squeeze
regards
Thanks for the errata. Let's see if this afternoon they give me the option to edit the article.
Good afternoon ... I have wheezy 7.4 installed, how would I update it to 7.5? thanks!!
apt get upgrade
apt-get update
Glad to read the news, good job from the Debian community. Since switching to Ubuntu for Debian a few years ago, the distribution has made me quite satisfied. Today I write from Ubuntu because I decided to give it a try now with this so-called LTS 14.04. However, Debian will always be my favorite.
Install linux debian 7.6.0 and it won't boot, also 7.5.0 and it won't boot