Aggiornamenti di sicurezza importante per Ubuntu 11.04 Natty Narwhal: Unity, Debian e Network Security Services.

Sappiamo tutti quanto sia importante mantenere aggiornato il proprio sistema operativo, ma è parimenti esperienza comune che spesso siano proprio gli aggiornamenti a introdurre nuovi bug. Ubuntu segue delle linee guida ben precise per gestire questa situazione.
La chiave di volta dell’intero discorso è che, una volta rilasciata la release, gli aggiornamenti non si fanno affatto, a meno che non riguardino vulnerabilità di sicurezza o bug particolarmente significativi.
Addirittura, nell’ottica di stabilizzare la release, già durante le ultime fasi di sviluppo l’ingresso di nuovi pacchetti dei vari software è sottoposto ad un controllo particolarmente rigido (una fase nota agli sviluppatori come “Feature Freeze”, appunto).
Gli aggiornamenti proposti a continuazione fanno parte del bollettino di sicurezza settimanale rilasciato da Canonical e riguardano in particolare:

Unity.

Debian package development tools.

Italian language pack for Firefox.

Network Security Services libraries.

Unity

This package provides an extension which adds support for the Unity appmenu to Firefox
Cambiamenti per le versioni:
6.0.1+build1+nobinonly-0ubuntu0.11.04.1
6.0.2+build2+nobinonly-0ubuntu0.11.04.1
Versione 6.0.2+build2+nobinonly-0ubuntu0.11.04.1:
* New upstream stable release (FIREFOX_6_0_2_BUILD2)
   - Distrust and disable all DigiNotar certs including the Staat der
   Nederlanden Certificates (LP: #838322)

Italian language pack for Firefox.

Cambiamenti per le versioni:
6.0.1+build1+nobinonly-0ubuntu0.11.04.1
6.0.2+build2+nobinonly-0ubuntu0.11.04.1
Versione 6.0.2+build2+nobinonly-0ubuntu0.11.04.1:
* New upstream stable release (FIREFOX_6_0_2_BUILD2)
   - Distrust and disable all DigiNotar certs including the Staat der
   Nederlanden Certificates (LP: #838322)

Network Security Services libraries.

This is a set of libraries designed to support cross-platform development of security-enabled client and server applications. It can support SSLv2 and
v4, TLS, PKCS #5, #7, #11, #12, S/MIME, X.509 v3 certificates and other security standards.
Cambiamenti per le versioni:
3.12.9+ckbi-1.82-0ubuntu2
3.12.9+ckbi-1.82-0ubuntu2.1
Versione 3.12.9+ckbi-1.82-0ubuntu2.1:
* SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against
   3.12.9 to remove the DigiNotar certificates and actively distrust them;
   Thanks to Mike Hommey from Debian for the original patch (LP: #837557)
   - mozilla/security/nss/lib/ckfw/builtins/certdata.*:
   Explicitely distrust various DigiNotar CAs:
   - DigiNotar Root CA
   - DigiNotar Services 1024 CA
   - DigiNotar Cyber CA
   - DigiNotar Cyber CA 2nd
   - DigiNotar PKIoverheid
   - DigiNotar PKIoverheid G2
   - mozilla/security/nss/lib/ckfw/builtins/certdata.*:
   Remove DigiNotar Root CA.

Debian Packages Management System.

This package provides the low-level infrastructure for handling the installation and removal of Debian software packages.
For Debian package development tools, install dpkg-dev.
Cambiamenti per le versioni:
1.16.0~ubuntu7
1.16.0~ubuntu7.1
Versione 1.16.0~ubuntu7.1:
* src/packages.c: fix use of --force-depends so that it works again for
   foreign arch packages. Thanks to Raphaël Hertzog for the fix.
   LP: #767634.
* regenerate lib/dpkg/trigdeferred.c from lib/dpkg/trigdeferred.l in
   the source, to ensure we don't end up with breakage from an out-of-date
   intermediate file as happened in oneiric.
[ Guillem Jover ]
* d84b36a81088721b340e52664aa2c3379fea2a9a: be less strict in the face of
   unknown Priority: fields in /var/lib/dpkg/status, so dpkg doesn't fail
   to run on systems whose contents were previously permitted.
   LP: #773022.

Debian Packages Development Tools.

This package provides the development tools (including dpkg-source) required to unpack, build and upload Debian source packages.
Most Debian source packages will require additional tools to build; for example, most packages need make and the C compiler gcc.
Cambiamenti per le versioni:
1.16.0~ubuntu7
1.16.0~ubuntu7.1
Versione 1.16.0~ubuntu7.1:
* src/packages.c: fix use of --force-depends so that it works again for
   foreign arch packages. Thanks to Raphaël Hertzog for the fix.
   LP: #767634.
* regenerate lib/dpkg/trigdeferred.c from lib/dpkg/trigdeferred.l in
   the source, to ensure we don't end up with breakage from an out-of-date
   intermediate file as happened in oneiric.
[ Guillem Jover ]
* d84b36a81088721b340e52664aa2c3379fea2a9a: be less strict in the face of
   unknown Priority: fields in /var/lib/dpkg/status, so dpkg doesn't fail
   to run on systems whose contents were previously permitted.
   LP: #773022.

Gnome document viewer backend libraries.

Cambiamenti per le versioni:
2.32.0-0ubuntu12.2
2.32.0-0ubuntu12.3
Versione 2.32.0-0ubuntu12.3:
Evince is a simple multi-page document viewer.
It can display and print PostScript (PS), Encapsulated PostScript (EPS), DJVU, DVI and Portable Document Format (PDF) files. When supported by the document, it also allows searching for text, copying text to the clipboard, hypertext navigation, and table-of-contents bookmarks.
This package contains the libdocument documentation API shared library.
* debian/apparmor-profile: enable networking for the thumbnailer for
   people who have configured nautilus to preview remote files when using
   NFS. (LP: #778638)

Ricerca personalizzata
Se ti è piaciuto l'articolo , iscriviti al feed cliccando sull'immagine sottostante per tenerti sempre aggiornato sui nuovi contenuti del blog: Aggiornamenti di sicurezza importante per Ubuntu 11.04 Natty Narwhal: Unity, Debian e Network Security Services.