Slashdot Mirror

← Back to Stories (view on slashdot.org)

Debian 2.2r5 Released

Posted by michael on from the solid-as-a-rock dept.

Debian potato has been updated to 2.2r5. See the press release for info on what has changed - mostly bugfixes, of course, since this is the stable distribution.

23 of 207 comments (clear)

  1. Accepted/rejected packages list by Chocky2 · · Score: 4, Informative

    A comprehensive list of which packages were included and which were rejected is at http://people.debian.org/~joey/2.2r5/full.html

  2. Actually, it's not bugfixes by bconway · · Score: 4, Informative

    It's a release for security updates. This is very different from a bugfix release, which would generally be a much greater undertaking and require a lot more packages to be upgraded to newer versions. Think of it this way: a security update would be when Slash code allows users to gain the access levels of other users, including elevated privileges. A bugfix release would be an increment in the Slash code that fixes broken features that do not include security compromises. Makes sense? =)

    --
    Interested in open source engine management for your Subaru?
  3. stable vs. unstable by dboyles · · Score: 5, Insightful

    I run Debian "unstable" on 3 out of the 5 boxes that I admin (personal use, not corporate). For the most part I prefer unstable because of the newer software that it allows access to. Some software isn't available in .deb form in the stable distribution ("gallery", for example, an online photo gallery system). Other software varies a lot between the stable and unstable distributions ("unstable" software being more advanced, usually). For the most part "unstable" is a misnomer.

    But... there are those times when something breaks. This is the reason you shouldn't use unstable on a production box. Earlier this week I worked out a KSpread spreadsheet that I needed for a meeting with an advisor. The day for my meeting came and KSpread wouldn't open up because of a conflict with the libpng version. To the best of my knowledge this hasn't been fixed yet. Others report similar problems. Needless to say I wasn't pleased, and I had to go to my meeting without the spreadsheet.

    Does that mean I'll stop using "unstable"? Nah. Should everybody use it? No way.

    --
    -- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
    1. Re:stable vs. unstable by reaper20 · · Score: 3, Informative

      check debianplanet.org for thee thread, i believe most of the libpng issues have been taken care of.

    2. Re:stable vs. unstable by awptic · · Score: 3, Informative

      I've run into this same problem with libpng on my system running debian unstable, I found an article discussing a fix at www.varlinux.org
      To summarize what needs to be done though:

      rm -f /usr/lib/libpng.so.3
      ln -s /usr/lib/libpng.so.2.0.1.12 /usr/lib/libpng.so.3

      I just did an apt-get upgrade a few minutes ago and it undid this, I haven't noticed any problems yet so maybe they've already fixed this issue.

    3. Re:stable vs. unstable by barawn · · Score: 3, Interesting

      Because in a cron job, you can shove "apt-get upgrade" (and some switch to get rid of the "Y/N") and all of the basic security stuff is done, good, kay, everything's great.

      You can't do that in a cron job for "unstable".

      Regarding the hand-securing thing, well, for the actual PURPOSE of the box, I agree with you - the mail should probably be configured by hand, etc., but not necessarily for EVERYTHING - especially for security holes, rather than stupid security issues. What if there's a security hole in wu-ftpd? (God, that never happens) In that case, "stable" is best, because "apt-get upgrade" will just fix that. Unstable you'd actually have to GO to each box, and make sure dependencies weren't screwed with.

    4. Re:stable vs. unstable by FlyingDragon · · Score: 5, Informative
      If you find stable a bit stoic and unstable a little wild, Debian has another distribution you may find just right: testing.

      Testing consists of packages from unstable that have gone a couple weeks without incident. The result is a very current system with the bleeding edge problems smoothed over. Most of our production boxes are now on it.

  4. Woody by MoceanWorker · · Score: 3, Interesting

    why not just upgrade to Woody? even though it's classified unstable.. i've been running it and having no problems at all with it... there was a certain way to upgrade from 2.2 to 3 (i unfortunately forgot), but if you sign on to irc.openprojects.net, join #debian and message Apt.. it should give you a few simple steps on how to upgrade to Woody...

    --


    "The ones who dont do anything are always the ones who try to pull you down" -- Henry Rollins
    1. Re:Woody by barawn · · Score: 4, Informative

      Actually, isn't "unstable" 'Sid'? I think 'Woody' is the "testing" release.

    2. Re:Woody by Gannoc · · Score: 4, Informative
      it should give you a few simple steps on how to upgrade to Woody...

      Wow, you're going to get 32767 responses to this.

      1. #vi /etc/apt/sources.list

      2. Change all instances of "stable" or "potato" to "woody".

      3. #apt-get dist-upgrade

      (4.) #apt-get -f install ;apt-get dist-upgrade --yes , until it all works.

      ;)

    3. Re:Woody by nomadic · · Score: 3, Informative

      Actually I always thought the correct usage on slashdot would be to use the teletype font to denote a typed command. After a quick bit of research I discovered that single quotation marks (') should be used in place of regular quotation marks when the word or phrase you're enclosing is in another set of regular quotation marks (i.e. "His exact words were, 'I used apt-get to install that package'")

      It can also be used when referring to words in an unusual context, so I guess if you don't use teletype the single quotation marks are the way to go.

      Maybe we need a Slashdot Manual of Style.

  5. Re:ssh v1? 1:1.2.3-9.4? by Colm@TCD · · Score: 3, Informative
    The middle one. Although potato has ssh 1.2.3, it's been patched so as not to be vulnerable to the ssh1 exploit.

    There are systematic weaknesses with version 1 of the ssh protocol, which this doesn't address, of course. However, as far as I'm aware, a successful exploit has yet to be mounted against these.

  6. Re:ssh v1? 1:1.2.3-9.4? by noahm · · Score: 3, Informative
    Read the changelog for the ssh package. /usr/share/doc/ssh/changelog.Debian.gz. It is still SSH protocol 1, but the ssh daemon is patched to address recent remote exploit vulnerabilities. There are no known vulnerabilities in the version of OpenSSH included with Debian 2.2r5.

    Still, though, version 2 of the SSH protocol is better, and building updated OpenSSH packages for potato is not difficult. The 'source' command in apt-get is very helpful here.

    noah

  7. Yes! Use the debian testing distribution. by brlewis · · Score: 3, Informative

    I used to run debian stable, but switched to testing several months ago. I think testing is the dist for most users. Too bad newbies get steered toward stable. The testing dist is stable enough for just about everybody.

  8. Re:ssh v1? 1:1.2.3-9.4? by Odinson · · Score: 3, Interesting
    First, thank you both.

    I was planning on doing exactly that.

    Do Debian's rules explicitly disallow a major version upgrade? Even for security reasons? I believe that boxes are already being exploited. Even if there isn't example code, I'm sure there will be soon. Why wait?

    It seems to me that widespread use and critical funtion of this package might warrant a major version upgrade on a stable release.

    Please understand that I have infinate gratitude toward the Debian people, but I also have broadband Debian stable boxes.

    and a side note... Someone actually modded the top parent down. WTF? Even if I was wrong those are completely on topic questions. Someone metamod that guy.

    --
    Novel theory: Modern Man evolved from psychopath
  9. Re:Debian Install Problems. by NetJunkie · · Score: 3, Insightful

    The only time it asks for the rescue disk is when installing the kernel and base setup. You need to tell it to get it elsewhere when it asks. I'm setting up Debian on a server RIGHT NOW and just installed it without the rescue disk. Set up networking first and then have it get it off the Debian site. Or you should be able to just point it at the CD.

  10. Actually, it is bugfixes (and more) by hal9000 · · Score: 4, Informative

    In fact, here are the requirements for a package to make it into a Debian stable revision:
    (from http://people.debian.org/~joey/2.2r5/)

    [Joey Hess's] requirements for packages to go into stable:
    1. The package fixes a security problem. An advisory by our own Security Team would be quite helpful.
    2. The package fixes a critical bug which can lead into data loss, data corruption, or an overly broken system, or the package is broken or not usable (anymore).
    3. The stable version of the package is not installable at all due to broken or unmet dependencies or broken installation scripts
    4. The package gets all architectures in stable in sync.
    5. All released architectures have to be in sync.

    --
    Look out honey, 'cause I'm using technology; Ain't got time to make no apology
  11. Re:Debian sucks nuts by barawn · · Score: 3, Informative

    Re: ISOs:

    Limited bandwidth - that's all I have to say. Most people don't need the ISOs.

    Re: what Potato comes with
    If you had looked around on Usenet for about 2 seconds - I believe it's the second or third post in response to a search for "XFree86 4 potato" you'd find out how to upgrade Potato to Woody (testing) in about 5 minutes.

    Edit sources.list, replace stable with Woody.

    Apt-get update.
    Apt-get dist-upgrade.
    Wait, relax, enjoy.

    Re: the kernel
    Please. A 2.4 kernel isn't THAT necessary.

  12. Where is Woody? by RelliK · · Score: 3, Interesting

    The big question is why Woody still has not been released? I thought going to unstable/testing/stable model was supposed to speed up release cycles. Apparently not.

    --
    ___
    If you think big enough, you'll never have to do it.
  13. Re:is being fat okay? by Faceprint · · Score: 3, Informative

    actually, apt-get install cruft, and then run cruft. It will remove old programs and libraries that aren't needed that you don't want anymore. It cleaned up my system quite a bit.

  14. Re:Debian Install Problems. by ImaLamer · · Score: 3

    if you are talking about the kernel prompt, which is something along the lines of `Insert floppy to be used as root...', the cd you made is broken

    No, no... since you've installed and used debian so many times you would know I'm speaking of the step between partitioning and installing the base system.

    Simply, the CD boots, I can partition and all. But the install craps out when you are trying to install the base system. Basically I've got a CD worth nothing... coaster.

    --
    Get your Unix fortune now!
  15. Re:And I just put 2.2r4 on yesterday.... by steveha · · Score: 4, Informative

    Let me just ask a general question then - what's the best way to install a fresh Woody system? My current system is a bastardized Potato with some ugly Sid stuff thrown in to make it complicated. I want a Woody system, upgraded to a 2.4 kernel with ipfilter, and I'm willing to start from scratch.

    Do I remove all non-Woody sources from the apt-get sources file? Do I manually remove all potato and unstable packages? Or is it best to format and start over?

    First of all, if the only thing you really want is a 2.4.x kernel and ipfilter, you don't need to upgrade everything; you could just get kernel sources, build a 2.4.x kernel, and go from there.

    But if you want to update your system, here is what to do:

    Edit your sources.list file to point to a Debian mirror for the "unstable" packages. (Or "testing" if you want to try that, but I'm perfectly happy with unstable.)

    Run "apt-get update", which fetches the list of new packages.

    Run "apt-get dist-upgrade", which downloads the new packages and installs them.

    The Debian APT system is really cool, but it isn't absolutely perfect. It will try to install packages like libc first, and then later on install packages that depend on the other packages; but sometimes it fails. Sometimes it will try to install a package, only to have the install fail because some needed package wasn't there. This especially happens when upgrading from Potato to unstable.

    The solution is simple: you just keep running "apt-get dist-upgrade", over and over, until it reports that all packages installed. Each time more packages will install, as the dependencies get installed.

    I've done this about twice, and that's what worked for me.

    steveha

    --
    lf(1): it's like ls(1) but sorts filenames by extension, tersely
  16. The problem with Debian... by aussersterne · · Score: 3, Interesting

    [Okay, I'm prepared to lose four karma points over this, offtopic, flamebait, troll, overrated, all the way to -1, just because there are so many damn Debian cheerleaders here and moderation is so damn broken]

    The problem with Debian is that it's too stable. What I mean by that is that though Debian does feel very stable, the current release also feels about 5 years behind other Linux operating systems in many ways, while not being all that much more stable than Red Hat, Caldera, or Slackware.

    I run Debian on a couple of PowerPC-based Web servers so it's not like I've never used it. I'd run Red Hat or Slackware on them if I could, though.

    And dselect has to go. Is there a new installer/package selector coming in the next major release, or will Debian still be the ugliest and clumsiest Linux to install on the face of the earth? Way back at Slackware 2.x, its installer was pretty, powerful, automatable, and easy to use.

    Red Hat installs a lot of crap, but it's got a decent record of keeping up on updates in a reasonable amount of time (i.e. no lurking glibc bug) and most of the software around the net will run on it.

    Aside from the multi-platform abilities of Debian, I really see no reason to use it, especially as .deb packaging moves farther toward the standardization fringes...

    --
    STOP . AMERICA . NOW