------------------------------------------------------------------------
The Debian Project https://www.debian.org/ Updated Debian 7: 7.11 released press@debian.org
June 4th, 2016 https://www.debian.org/News/2016/2016060402 ------------------------------------------------------------------------


The Debian project is pleased to announce the eleventh (and final)
update of its oldstable distribution Debian 7 (codename "wheezy"). This
update mainly adds corrections for security problems to the oldstable
release, along with a few adjustments for serious problems. Security
advisories were already published separately and are referenced where available.

The packages from DSA 3548 are not included in this point release for
technical reasons, as are some architectures for DSA 3547, DSA 3219, DSA
3482 and DSA 3246. All other security updates released during the
lifetime of "wheezy" that have not previously been part of a point
release are included in this update.

Please note that this update does not constitute a new version of Debian
7 but only updates some of the packages included. There is no need to
throw away old "wheezy" CDs or DVDs but only to update via an up-to-date
Debian mirror after an installation, to cause any out of date packages
to be updated.

Those who frequently install updates from security.debian.org won't have
to update many packages and most updates from security.debian.org are
included in this update.

New installation media and CD and DVD images containing updated packages
will be available soon at the regular locations.

Upgrading to this revision online is usually done by pointing the
aptitude (or apt) package tool (see the sources.list(5) manual page) to
one of Debian's many FTP or HTTP mirrors. A comprehensive list of
mirrors is available at:

https://www.debian.org/mirror/list



Miscellaneous Bugfixes
----------------------

This oldstable update adds a few important corrections to the following packages:

+--------------------------+------------------------------------------+
| Package | Reason | +--------------------------+------------------------------------------+
| base-files [1] | Update for the point release |
| | |
| debian-installer [2] | Rebuild for the point release |
| | |
| debian-installer- | Rebuild for the point release; swap the |
| netboot-images [3] | d-i Built-Using with the installer |
| | fetching, to fail on version mismatches |
| | earlier |
| | |
| dpkg [4] | Remove trailing space before handling |
| | blank line dot-separator in |
| | Dpkg::Control::HashCore. Regression |
| | introduced in dpkg 1.16.16; only use the |
| | SHELL environment variable for |
| | interactive shells; move tar option -- |
| | no-recursion before -T in dpkg-deb; |
| | initialize Config-Version also for |
| | packages previously in triggers-pending |
| | state; fix memory leak in dpkg infodb |
| | format upgrade logic; fix physical file |
| | offset comparison in dpkg |
| | |
| groovy [5] | Fix remote execution of untrusted code |
| | and possible DoS vulnerability |
| | [CVE-2015-3253] |
| | |
| gtk+3.0 [6] | Fix integer overflow when allocating a |
| | large block of memory in |
| | gdk_cairo_set_source_pixbuf [CVE-2013- |
| | 7447] |
| | |
| highlight [7] | Avoid segfault with undefined syntax |
| | |
| icecast2 [8] | Security fix [CVE-2014-9018] |
| | |
| libcrypto++ [9] | Fix Rijndael timing attack counter |
| | measure [CVE-2016-3995] |
| | |
| libdatetime-timezone- | Update to tzdata 2016d |
| perl [10] | |
| | |
| openldap [11] | Disable the back-mdb test suite on |
| | powerpc to work around back-mdb tests |
| | failing on buildds running the jessie |
| | ppc64 kernel, which uses 64KB pages |
| | |
| optipng [12] | Fix use-after-free vulnerability |
| | [CVE-2015-7801] |
| | |
| postgresql-9.1 [13] | New upstream release |
| | |
| tzdata [14] | New upstream version |
| | |
| xapian-core [15] | Fix possible database corruption, |
| | especially with recoll |
| | |
| zendframework [16] | Fix regression from ZF2015-08: binary |
| | data corruption; fix ZF2016-01: |
| | Potential Insufficient Entropy |
| | Vulnerability in ZF1 |
| | | +--------------------------+------------------------------------------+

1: https://packages.debian.org/src:base-files
2: https://packages.debian.org/src:debian-installer
3: https://packages.debian.org/src:debian-installer-netboot-images
4: https://packages.debian.org/src:dpkg
5: https://packages.debian.org/src:groovy
6: https://packages.debian.org/src:gtk+3.0
7: https://packages.debian.org/src:highlight
8: https://packages.debian.org/src:icecast2
9: https://packages.debian.org/src:libcrypto++
10: https://packages.debian.org/src:libdatetime-timezone-perl
11: https://packages.debian.org/src:openldap
12: https://packages.debian.org/src:optipng
13: https://packages.debian.org/src:postgresql-9.1
14: https://packages.debian.org/src:tzdata
15: https://packages.debian.org/src:xapian-core
16: https://packages.debian.org/src:zendframework

Security Updates
----------------

This revision adds the following security updates to the oldstable
release. The Security Team has already released an advisory for each of
these updates:

+----------------+---------------------------+
| Advisory ID | Package | +----------------+---------------------------+
| DSA-2722 [17] | icedtea-web [18] |
| | |
| DSA-2727 [19] | openjdk-6 [20] |
| | |
| DSA-2768 [21] | icedtea-web [22] |
| | |
| DSA-2893 [23] | openswan [24] |
| | |
| DSA-2912 [25] | openjdk-6 [26] |
| | |
| DSA-2980 [27] | openjdk-6 [28] |
| | |
| DSA-3070 [29] | kfreebsd-9 [30] |
| | |
| DSA-3077 [31] | openjdk-6 [32] |
| | |
| DSA-3147 [33] | openjdk-6 [34] |
| | |
| DSA-3157 [35] | ruby1.9.1 [36] |
| | |
| DSA-3163 [37] | libreoffice [38] |
| | |
| DSA-3175 [39] | kfreebsd-9 [40] |
| | |
| DSA-3219 [41] | libdbd-firebird-perl [42] |
| | |
| DSA-3234 [43] | openjdk-6 [44] |
| | |
| DSA-3236 [45] | libreoffice [46] |
| | |
| DSA-3246 [47] | ruby1.9.1 [48] |
| | |
| DSA-3339 [49] | openjdk-6 [50] |
| | |
| DSA-3356 [51] | openldap [52] |
| | |
| DSA-3394 [53] | libreoffice [54] |
| | |
| DSA-3410 [55] | icedove-l10n [56] |
| | |
| DSA-3410 [57] | icedove [58] |
| | |
| DSA-3410 [59] | enigmail [60] |
| | |
| DSA-3432 [61] | icedove [62] |
| | |
| DSA-3442 [63] | isc-dhcp [64] |
| | |
| DSA-3458 [65] | openjdk-7 [66] |
| | |
| DSA-3465 [67] | openjdk-6 [68] |
| | |
| DSA-3467 [69] | tiff [70] |
| | |
| DSA-3475 [71] | postgresql-9.1 [72] |
| | |
| DSA-3480 [73] | eglibc [74] |
| | |
| DSA-3482 [75] | libreoffice [76] |
| | |
| DSA-3485 [77] | didiwiki [78] |
| | |
| DSA-3491 [79] | icedove [80] |
| | |
| DSA-3515 [81] | graphite2 [82] |
| | |
| DSA-3520 [83] | icedove [84] |
| | |
| DSA-3523 [85] | iceweasel [86] |
| | |
| DSA-3530 [87] | tomcat6 [88] |
| | |
| DSA-3534 [89] | dhcpcd [90] |
| | |
| DSA-3536 [91] | libstruts1.2-java [92] |
| | |
| DSA-3537 [93] | imlib2 [94] |
| | |
| DSA-3538 [95] | libebml [96] |
| | |
| DSA-3539 [97] | srtp [98] |
| | |
| DSA-3540 [99] | lhasa [100] |
| | |
| DSA-3541 [101] | roundcube [102] |
| | |
| DSA-3542 [103] | mercurial [104] |
| | |
| DSA-3543 [105] | oar [106] |
| | |
| DSA-3544 [107] | python-django [108] |
| | |
| DSA-3546 [109] | optipng [110] |
| | |
| DSA-3547 [111] | imagemagick [112] |
| | |
| DSA-3550 [113] | openssh [114] |
| | |
| DSA-3551 [115] | fuseiso [116] |
| | |
| DSA-3552 [117] | tomcat7 [118] |
| | |
| DSA-3553 [119] | varnish [120] |
| | |
| DSA-3555 [121] | imlib2 [122] |
| | |
| DSA-3556 [123] | libgd2 [124] |
| | |
| DSA-3559 [125] | iceweasel [126] |
| | | +----------------+---------------------------+

17: https://www.debian.org/security/2013/dsa-2722
18: https://packages.debian.org/src:icedtea-web
19: https://www.debian.org/security/2013/dsa-2727
20: https://packages.debian.org/src:openjdk-6
21: https://www.debian.org/security/2013/dsa-2768
22: https://packages.debian.org/src:icedtea-web
23: https://www.debian.org/security/2014/dsa-2893
24: https://packages.debian.org/src:openswan
25: https://www.debian.org/security/2014/dsa-2912
26: https://packages.debian.org/src:openjdk-6
27: https://www.debian.org/security/2014/dsa-2980
28: https://packages.debian.org/src:openjdk-6
29: https://www.debian.org/security/2014/dsa-3070
30: https://packages.debian.org/src:kfreebsd-9
31: https://www.debian.org/security/2014/dsa-3077
32: https://packages.debian.org/src:openjdk-6
33: https://www.debian.org/security/2015/dsa-3147
34: https://packages.debian.org/src:openjdk-6
35: https://www.debian.org/security/2015/dsa-3157
36: https://packages.debian.org/src:ruby1.9.1
37: https://www.debian.org/security/2015/dsa-3163
38: https://packages.debian.org/src:libreoffice
39: https://www.debian.org/security/2015/dsa-3175
40: https://packages.debian.org/src:kfreebsd-9
41: https://www.debian.org/security/2015/dsa-3219
42: https://packages.debian.org/src:libdbd-firebird-perl
43: https://www.debian.org/security/2015/dsa-3234
44: https://packages.debian.org/src:openjdk-6
45: https://www.debian.org/security/2015/dsa-3236
46: https://packages.debian.org/src:libreoffice
47: https://www.debian.org/security/2015/dsa-3246
48: https://packages.debian.org/src:ruby1.9.1
49: https://www.debian.org/security/2015/dsa-3339
50: https://packages.debian.org/src:openjdk-6
51: https://www.debian.org/security/2015/dsa-3356
52: https://packages.debian.org/src:openldap
53: https://www.debian.org/security/2015/dsa-3394
54: https://packages.debian.org/src:libreoffice
55: https://www.debian.org/security/2015/dsa-3410
56: https://packages.debian.org/src:icedove-l10n
57: https://www.debian.org/security/2015/dsa-3410
58: https://packages.debian.org/src:icedove
59: https://www.debian.org/security/2015/dsa-3410
60: https://packages.debian.org/src:enigmail
61: https://www.debian.org/security/2016/dsa-3432
62: https://packages.debian.org/src:icedove
63: https://www.debian.org/security/2016/dsa-3442
64: https://packages.debian.org/src:isc-dhcp
65: https://www.debian.org/security/2016/dsa-3458
66: https://packages.debian.org/src:openjdk-7
67: https://www.debian.org/security/2016/dsa-3465
68: https://packages.debian.org/src:openjdk-6
69: https://www.debian.org/security/2016/dsa-3467
70: https://packages.debian.org/src:tiff
71: https://www.debian.org/security/2016/dsa-3475
72: https://packages.debian.org/src:postgresql-9.1
73: https://www.debian.org/security/2016/dsa-3480
74: https://packages.debian.org/src:eglibc
75: https://www.debian.org/security/2016/dsa-3482
76: https://packages.debian.org/src:libreoffice
77: https://www.debian.org/security/2016/dsa-3485
78: https://packages.debian.org/src:didiwiki
79: https://www.debian.org/security/2016/dsa-3491
80: https://packages.debian.org/src:icedove
81: https://www.debian.org/security/2016/dsa-3515
82: https://packages.debian.org/src:graphite2
83: https://www.debian.org/security/2016/dsa-3520
84: https://packages.debian.org/src:icedove
85: https://www.debian.org/security/2016/dsa-3523
86: https://packages.debian.org/src:iceweasel
87: https://www.debian.org/security/2016/dsa-3530
88: https://packages.debian.org/src:tomcat6
89: https://www.debian.org/security/2016/dsa-3534
90: https://packages.debian.org/src:dhcpcd
91: https://www.debian.org/security/2016/dsa-3536
92: https://packages.debian.org/src:libstruts1.2-java
93: https://www.debian.org/security/2016/dsa-3537
94: https://packages.debian.org/src:imlib2
95: https://www.debian.org/security/2016/dsa-3538
96: https://packages.debian.org/src:libebml
97: https://www.debian.org/security/2016/dsa-3539
98: https://packages.debian.org/src:srtp
99: https://www.debian.org/security/2016/dsa-3540
100: https://packages.debian.org/src:lhasa
101: https://www.debian.org/security/2016/dsa-3541
102: https://packages.debian.org/src:roundcube
103: https://www.debian.org/security/2016/dsa-3542
104: https://packages.debian.org/src:mercurial
105: https://www.debian.org/security/2016/dsa-3543
106: https://packages.debian.org/src:oar
107: https://www.debian.org/security/2016/dsa-3544
108: https://packages.debian.org/src:python-django
109: https://www.debian.org/security/2016/dsa-3546
110: https://packages.debian.org/src:optipng
111: https://www.debian.org/security/2016/dsa-3547
112: https://packages.debian.org/src:imagemagick
113: https://www.debian.org/security/2016/dsa-3550
114: https://packages.debian.org/src:openssh
115: https://www.debian.org/security/2016/dsa-3551
116: https://packages.debian.org/src:fuseiso
117: https://www.debian.org/security/2016/dsa-3552
118: https://packages.debian.org/src:tomcat7
119: https://www.debian.org/security/2016/dsa-3553
120: https://packages.debian.org/src:varnish
121: https://www.debian.org/security/2016/dsa-3555
122: https://packages.debian.org/src:imlib2
123: https://www.debian.org/security/2016/dsa-3556
124: https://packages.debian.org/src:libgd2
125: https://www.debian.org/security/2016/dsa-3559
126: https://packages.debian.org/src:iceweasel

Debian Installer
----------------

URLs
----

The complete lists of packages that have changed with this revision:

http://ftp.debian.org/debian/dists/wheezy/ChangeLog


The current oldstable distribution:

http://ftp.debian.org/debian/dists/oldstable/


Proposed updates to the oldstable distribution:

http://ftp.debian.org/debian/dists/oldstable-proposed-updates


oldstable distribution information (release notes, errata etc.):

https://www.debian.org/releases/oldstable/


Security announcements and information:

https://security.debian.org/ [127]

127: https://www.debian.org/security/


About Debian
------------

The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce the completely free operating system Debian.


Contact Information
-------------------

For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the
stable release team at <debian-release@lists.debian.org>.




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Signed by Ana Guerrero

iQIcBAEBCAAGBQJXUw6eAAoJELNGT4lqoVlIyMIP/0kWcwtZWWcsDp0VSq273ogA j8i6o2NQjN2Wdy1B5+FcoEzaGG6g6l+BuFIWHfOJPVdpBQY9ikTbT7p2J/rAj9qY yOx5dTAIHPO/cPYCmP5EPzmnbB+448O5YMcaL4KKrJtMr9p4FEUsUu+E9sm/2YWc fAWb17VI7NFk/oKH3P8TgQZy1cJVK6Df2cI9s7tSc9Gya45lKnR3J6N4jg89BZzo Hd04NFnLLHj1HMajDXXQNPWf1XtwPngTNTpxXRhyRaKvxM88Ia0HC5yARTEm1WQr 9ls6Ge34/Pj68E/CF0AdNXmQONGfgEk3fYm99YFo0/YehhJXO/XxVm4iBayxuofJ wYThSVWL34l9FJl5OlQODR3QY+edM5zWdSoBA75H5MFmqPmNo1iMVFumudvbO0ir pOZV1zQSFswffzfFt//m9Jsqo0RWAefUqVfq2ChWx2OieIYlhIsgn85IXclqFHEx xs6GpY78Jx24zaKLreQZZ0TtHPhDFWJaqzk8ltj/aP7i+HPAPD4/7KFCCtPDR6XQ X1Tu8vthle0mTm+OTaNlEBwlS+Y+OjNVumxrXEKqMVU60Us2Z5uMh+uMheOfrHEV fSjjzLcFB+oqE1GQ3m12I1rzOtaIT6/Vv9/kSSvMejPzhpjpDQ6NwANm4y0vKlOG NG+Uu3U749WBsUBTzQVp
=AE7f
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)