| Package | Reason |
|---|
| alien-arena |
Fix remote arbitrary code execution |
| amarok |
Apply regex update to make Wikipedia tab work again |
| apache2 |
Several issues |
| backup-manager |
Fix possible mysql password leakage to local users |
| backuppc |
Prohibit editing of client name alias to avoid
unauthorised file access |
| base-files |
Update /etc/debian_version to reflect the point
release |
| choose-mirror |
Improve suite selection and validation of suites
available on selected mirror |
| clock-setup |
Correctly handle system dates before epoch |
| consolekit |
Don't create pam-foreground-compat tag files for
remote users |
| debmirror |
Compress packages files using --rsyncable so they
match the files from the archive |
| devscripts |
Update a number of scripts to understand squeeze and
lenny-backports |
| dhcp3 |
Fix memory leak and SIGPIPE in LDAP code |
| dpkg |
Various fixes to new source package format support |
| drupal6 |
Fix XSS issues in Contact and Menu moduels |
| fam |
Fix 100% CPU usage in famd |
| fetchmail |
Fix init script dependencies; don't complain about
missing configuration when disabled |
| firebird2.0 |
Fix DOS via malformed message |
| gchempaint |
Fix segmentation fault |
| gdebi |
Fix gksu call to not pass an option that the Debian
package doesn't support |
| geneweb |
Correctly handle database with names containing
whitespace in the postinst |
| ghc6 |
Fix deadlock bug on 64-bit architectures |
| glib2.0 |
Fix g_file_copy to correctly set permissions of target
files |
| glibc |
Fix bug in realloc() when enlarging a memory
allocation |
| gnash |
Reduce messages produced by the browser plugin to
avoid filling .xsession-errors |
| gnome-system-tools |
Don't change root's home directory when editing the
user and fix group creation dialog |
| haproxy |
Several stability and crash fixes |
| kazehakase |
Disallow adding bookmarks for data:/javascript: URIs
(CVE-2007-1084) |
| killer |
Correctly handle long usernames in the ruser field |
| libcgi-pm-perl |
Fix unwanted ISO-8859-1 -> UTF-8 conversion in
CGI::Util::escape() |
| libdbd-mysql-perl |
Fix segmentation faults caused by auto_reconnect |
| libdbd-pg-perl |
Correctly handle high-bit characters |
| libfinance-quote-perl |
Fix ordering of fields in Yahoo data |
| linux-2.6 |
Several corrections |
| linux-kernel-di-alpha-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-amd64-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-arm-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-armel-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-hppa-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-i386-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-ia64-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-mips-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-mipsel-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-powerpc-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-s390-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| linux-kernel-di-sparc-2.6 |
Rebuild against linux-2.6 2.6.26-21 |
| lkl |
Rebuild to get new MD5 sum (previous sum was causing FPs
from antivirus) |
| movabletype-opensource |
Disable mt-wizard.cgi by default |
| munin |
Fix CPU usage graphs to account for changes in kernel
reporting |
| mysql-dfsg-5.0 |
Revert 'dummy thread' workaround which causes
segfaults and fix crash when using GIS functions |
| nss-ldapd |
Treat usernames and other lookups as case-sensitive |
| openttd |
Fix remote crash vulnerability |
| otrs2 |
Don't globally limit MaxRequestsPerChild on Apache or
reject valid domains |
| partman-auto-crypto |
Avoid triggering unsafe swap warning when setting up
LVM |
| planet-venus |
Enhance escaping of processed feeds |
| proftpd-dfsg |
SSL certificate verification weakness |
| pyenchant |
Make add_to_personal() work again |
| python-docutils |
Fix insecure temporary file usage in reStructuredText
Emacs mode |
| python-xml |
Fix two denials of service |
| qcontrol |
Create persistent input device to handle changes in
udev 0.125-7+lenny3 |
| redhat-cluster |
Fix problem with resource failover |
| request-tracker3.6 |
Session hijack vulnerability |
| roundup |
Fix pagination regression caused by security fix |
| samba |
Fix regression in name mangling |
| serveez |
Fix remote buffer overflow |
| shadow |
Fix handling of long lines in the user or group files |
| spamassassin |
Don't consider dates in 2010 'grossly in the future' |
| system-tools-backends |
Fix regression in operation of some elements |
| texlive-bin |
Fix crash with large files |
| tor |
Fix crash due to race condition and update authority keys |
| totem |
Update youtube plugin to match changes to the site |
| tzdata |
Update timezone data |
| usbutils |
Update USB IDs |
| user-mode-linux |
Rebuild against linux-source-2.6.26 2.6.26-21 |
| vpb-driver |
Fix Asterisk crash with missing config file |
| watchdog |
Ensure daemon really has ended before starting a new
one |
| webauth |
Avoid inadvertently including passwords in cookie test
URLs |
| wireshark |
Several vulnerabilities |
| xfs |
Fix temporary directory usage in the init script |
| xscreensaver |
Fix local screen lock bypass vulnerability |
