Bootserver Release Notes
## Release 60 {#60}
### Notable changes
- fixed an unhandled exception bug in `puavoadmins-update`
- `password_last_set`-attribute is passed to desktop session info
### Security updates
- Package `libgd2`:
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000),
[CVE-2018-5711](https://security-tracker.debian.org/tracker/CVE-2018-5711)
- Package `openjdk-7`:
[CVE-2018-2938](https://security-tracker.debian.org/tracker/CVE-2018-2938),
[CVE-2018-2952](https://security-tracker.debian.org/tracker/CVE-2018-2952)
- Package `spice`:
[CVE-2018-1087](https://security-tracker.debian.org/tracker/CVE-2018-1087)
- Package `samba`:
[CVE-2017-1110](https://security-tracker.debian.org/tracker/CVE-2017-1110),
[CVE-2017-1215](https://security-tracker.debian.org/tracker/CVE-2017-1215),
[CVE-2017-1216](https://security-tracker.debian.org/tracker/CVE-2017-1216),
[CVE-2017-1474](https://security-tracker.debian.org/tracker/CVE-2017-1474),
[CVE-2017-1527](https://security-tracker.debian.org/tracker/CVE-2017-1527),
[CVE-2017-2619](https://security-tracker.debian.org/tracker/CVE-2017-2619),
[CVE-2017-7494](https://security-tracker.debian.org/tracker/CVE-2017-7494),
[CVE-2017-9461](https://security-tracker.debian.org/tracker/CVE-2017-9461),
[CVE-2018-1050](https://security-tracker.debian.org/tracker/CVE-2018-1050),
[CVE-2018-1057](https://security-tracker.debian.org/tracker/CVE-2018-1057),
[CVE-2018-1085](https://security-tracker.debian.org/tracker/CVE-2018-1085),
[CVE-2018-1091](https://security-tracker.debian.org/tracker/CVE-2018-1091)
- Package `lcms2`:
[CVE-2016-1016](https://security-tracker.debian.org/tracker/CVE-2016-1016),
[CVE-2018-1643](https://security-tracker.debian.org/tracker/CVE-2018-1643)
- Package `intel-microcode`:
[CVE-2018-3640](https://security-tracker.debian.org/tracker/CVE-2018-3640),
[CVE-2018-3646](https://security-tracker.debian.org/tracker/CVE-2018-3646)
- Package `libxml2`:
[CVE-2016-9318](https://security-tracker.debian.org/tracker/CVE-2016-9318),
[CVE-2017-1825](https://security-tracker.debian.org/tracker/CVE-2017-1825),
[CVE-2018-1440](https://security-tracker.debian.org/tracker/CVE-2018-1440),
[CVE-2018-1456](https://security-tracker.debian.org/tracker/CVE-2018-1456)
- Package `glib2.0`:
[CVE-2018-1642](https://security-tracker.debian.org/tracker/CVE-2018-1642)
- Package `jq`:
[CVE-2015-8863](https://security-tracker.debian.org/tracker/CVE-2015-8863)
- Package `poppler`:
[CVE-2018-1398](https://security-tracker.debian.org/tracker/CVE-2018-1398)
- Package `ghostscript`:
[CVE-2018-1591](https://security-tracker.debian.org/tracker/CVE-2018-1591),
[CVE-2018-1651](https://security-tracker.debian.org/tracker/CVE-2018-1651),
[CVE-2018-1654](https://security-tracker.debian.org/tracker/CVE-2018-1654),
[CVE-2018-1680](https://security-tracker.debian.org/tracker/CVE-2018-1680)
- Package `libtirpc`:
[CVE-2016-4429](https://security-tracker.debian.org/tracker/CVE-2016-4429),
[CVE-2017-8779](https://security-tracker.debian.org/tracker/CVE-2017-8779),
[CVE-2018-1462](https://security-tracker.debian.org/tracker/CVE-2018-1462)
- Package `postgresql-9.3`:
[CVE-2018-1091](https://security-tracker.debian.org/tracker/CVE-2018-1091)
- Package `libarchive`:
[CVE-2016-1020](https://security-tracker.debian.org/tracker/CVE-2016-1020),
[CVE-2016-1034](https://security-tracker.debian.org/tracker/CVE-2016-1034),
[CVE-2016-1035](https://security-tracker.debian.org/tracker/CVE-2016-1035),
[CVE-2017-1416](https://security-tracker.debian.org/tracker/CVE-2017-1416),
[CVE-2017-1450](https://security-tracker.debian.org/tracker/CVE-2017-1450)
- Package `linux`:
[CVE-2016-1020](https://security-tracker.debian.org/tracker/CVE-2016-1020),
[CVE-2017-1147](https://security-tracker.debian.org/tracker/CVE-2017-1147),
[CVE-2017-1499](https://security-tracker.debian.org/tracker/CVE-2017-1499),
[CVE-2017-1564](https://security-tracker.debian.org/tracker/CVE-2017-1564),
[CVE-2017-1652](https://security-tracker.debian.org/tracker/CVE-2017-1652),
[CVE-2017-1653](https://security-tracker.debian.org/tracker/CVE-2017-1653),
[CVE-2017-1664](https://security-tracker.debian.org/tracker/CVE-2017-1664),
[CVE-2017-1665](https://security-tracker.debian.org/tracker/CVE-2017-1665),
[CVE-2017-1691](https://security-tracker.debian.org/tracker/CVE-2017-1691),
[CVE-2017-1755](https://security-tracker.debian.org/tracker/CVE-2017-1755),
[CVE-2017-1825](https://security-tracker.debian.org/tracker/CVE-2017-1825),
[CVE-2017-1827](https://security-tracker.debian.org/tracker/CVE-2017-1827),
[CVE-2017-1834](https://security-tracker.debian.org/tracker/CVE-2017-1834),
[CVE-2017-2583](https://security-tracker.debian.org/tracker/CVE-2017-2583),
[CVE-2017-2584](https://security-tracker.debian.org/tracker/CVE-2017-2584),
[CVE-2017-2671](https://security-tracker.debian.org/tracker/CVE-2017-2671),
[CVE-2017-5549](https://security-tracker.debian.org/tracker/CVE-2017-5549),
[CVE-2017-5715](https://security-tracker.debian.org/tracker/CVE-2017-5715),
[CVE-2017-5897](https://security-tracker.debian.org/tracker/CVE-2017-5897),
[CVE-2017-6345](https://security-tracker.debian.org/tracker/CVE-2017-6345),
[CVE-2017-6348](https://security-tracker.debian.org/tracker/CVE-2017-6348),
[CVE-2017-7518](https://security-tracker.debian.org/tracker/CVE-2017-7518),
[CVE-2017-7645](https://security-tracker.debian.org/tracker/CVE-2017-7645),
[CVE-2017-8831](https://security-tracker.debian.org/tracker/CVE-2017-8831),
[CVE-2017-9984](https://security-tracker.debian.org/tracker/CVE-2017-9984),
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000),
[CVE-2018-1002](https://security-tracker.debian.org/tracker/CVE-2018-1002),
[CVE-2018-1008](https://security-tracker.debian.org/tracker/CVE-2018-1008),
[CVE-2018-1012](https://security-tracker.debian.org/tracker/CVE-2018-1012),
[CVE-2018-1032](https://security-tracker.debian.org/tracker/CVE-2018-1032),
[CVE-2018-1067](https://security-tracker.debian.org/tracker/CVE-2018-1067),
[CVE-2018-1087](https://security-tracker.debian.org/tracker/CVE-2018-1087),
[CVE-2018-1088](https://security-tracker.debian.org/tracker/CVE-2018-1088),
[CVE-2018-1092](https://security-tracker.debian.org/tracker/CVE-2018-1092),
[CVE-2018-1093](https://security-tracker.debian.org/tracker/CVE-2018-1093),
[CVE-2018-1094](https://security-tracker.debian.org/tracker/CVE-2018-1094),
[CVE-2018-1223](https://security-tracker.debian.org/tracker/CVE-2018-1223),
[CVE-2018-1309](https://security-tracker.debian.org/tracker/CVE-2018-1309),
[CVE-2018-1340](https://security-tracker.debian.org/tracker/CVE-2018-1340),
[CVE-2018-3646](https://security-tracker.debian.org/tracker/CVE-2018-3646),
[CVE-2018-5390](https://security-tracker.debian.org/tracker/CVE-2018-5390),
[CVE-2018-5391](https://security-tracker.debian.org/tracker/CVE-2018-5391)
- Package `curl`:
[CVE-2018-1461](https://security-tracker.debian.org/tracker/CVE-2018-1461)
- Package `bind9`:
[CVE-2016-2776](https://security-tracker.debian.org/tracker/CVE-2016-2776),
[CVE-2016-8864](https://security-tracker.debian.org/tracker/CVE-2016-8864),
[CVE-2016-9131](https://security-tracker.debian.org/tracker/CVE-2016-9131),
[CVE-2016-9147](https://security-tracker.debian.org/tracker/CVE-2016-9147),
[CVE-2016-9444](https://security-tracker.debian.org/tracker/CVE-2016-9444),
[CVE-2017-3135](https://security-tracker.debian.org/tracker/CVE-2017-3135),
[CVE-2017-3136](https://security-tracker.debian.org/tracker/CVE-2017-3136),
[CVE-2017-3137](https://security-tracker.debian.org/tracker/CVE-2017-3137),
[CVE-2017-3138](https://security-tracker.debian.org/tracker/CVE-2017-3138),
[CVE-2017-3142](https://security-tracker.debian.org/tracker/CVE-2017-3142),
[CVE-2017-3143](https://security-tracker.debian.org/tracker/CVE-2017-3143),
[CVE-2017-3145](https://security-tracker.debian.org/tracker/CVE-2017-3145),
[CVE-2018-5740](https://security-tracker.debian.org/tracker/CVE-2018-5740)
- Package `libx11`:
[CVE-2016-7942](https://security-tracker.debian.org/tracker/CVE-2016-7942),
[CVE-2016-7943](https://security-tracker.debian.org/tracker/CVE-2016-7943),
[CVE-2018-1459](https://security-tracker.debian.org/tracker/CVE-2018-1459),
[CVE-2018-1460](https://security-tracker.debian.org/tracker/CVE-2018-1460)
### Typical update path from Release 59
- Need to get 175 MB of archives.
- Has impact on the availability of the end users service:
- Service `winbind` will be restarted during the update process and its estimated downtime is 82 seconds.
- Service `samba-ad-dc` will be restarted during the update process and its estimated downtime is ? seconds.
- Service `smbd` will be restarted during the update process and its estimated downtime is 78 seconds.
- Service `puavo-rest` will be restarted during the update process and its estimated downtime is 69 seconds.
- Service `nmbd` will be restarted during the update process and its estimated downtime is 78 seconds.
-
linux-headers-3.13.0-142-generic (3.13.0-142.191)
linux-headers-3.13.0-139 (3.13.0-139.188)
linux-image-extra-3.13.0-142-generic (3.13.0-142.191)
linux-headers-3.13.0-113 (3.13.0-113.160)
linux-headers-3.13.0-158 (3.13.0-158.208)
linux-headers-3.13.0-133-generic (3.13.0-133.182)
linux-headers-3.13.0-116 (3.13.0-116.163)
linux-headers-3.13.0-117 (3.13.0-117.164)
libwiretap3 (1.10.6-1)
linux-image-3.13.0-142-generic (3.13.0-142.191)
linux-image-extra-3.13.0-116-generic (3.13.0-116.163)
linux-image-extra-3.13.0-128-generic (3.13.0-128.177)
linux-headers-3.13.0-128-generic (3.13.0-128.177)
linux-headers-3.13.0-123-generic (3.13.0-123.172)
linux-image-extra-3.13.0-113-generic (3.13.0-113.160)
linux-image-extra-3.13.0-133-generic (3.13.0-133.182)
linux-image-3.13.0-116-generic (3.13.0-116.163)
libwsutil3 (1.10.6-1)
linux-image-3.13.0-139-generic (3.13.0-139.188)
linux-image-extra-3.13.0-158-generic (3.13.0-158.208)
linux-image-3.13.0-141-generic (3.13.0-141.190)
linux-headers-3.13.0-139-generic (3.13.0-139.188)
linux-headers-3.13.0-123 (3.13.0-123.172)
linux-headers-3.13.0-158-generic (3.13.0-158.208)
linux-headers-3.13.0-142 (3.13.0-142.191)
linux-headers-3.13.0-141 (3.13.0-141.190)
linux-headers-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-128 (3.13.0-128.177)
linux-headers-3.13.0-133 (3.13.0-133.182)
linux-image-3.13.0-128-generic (3.13.0-128.177)
linux-image-extra-3.13.0-141-generic (3.13.0-141.190)
linux-image-extra-3.13.0-123-generic (3.13.0-123.172)
linux-headers-3.13.0-116-generic (3.13.0-116.163)
linux-image-3.13.0-158-generic (3.13.0-158.208)
linux-image-3.13.0-133-generic (3.13.0-133.182)
linux-image-extra-3.13.0-139-generic (3.13.0-139.188)
libqpdf13 (5.1.1-1)
linux-image-extra-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-141-generic (3.13.0-141.190)
linux-image-3.13.0-123-generic (3.13.0-123.172)
linux-image-3.13.0-113-generic (3.13.0-113.160)
libwireshark3 (1.10.6-1)
linux-image-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-113-generic (3.13.0-113.160)
libavahi-glib1 (0.6.31-4ubuntu1.2)
-
libglib2.0-0 (2.40.2-0ubuntu1 => 2.40.2-0ubuntu1.1)
libgd3 (2.1.0-3ubuntu0.8 => 2.1.0-3ubuntu0.10)
libglib2.0-data (2.40.2-0ubuntu1 => 2.40.2-0ubuntu1.1)
libnss-winbind (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
libpam-winbind (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
libxml2 (2.9.1+dfsg1-3ubuntu4.12 => 2.9.1+dfsg1-3ubuntu4.13)
grub2-common (2.02~beta2-9ubuntu1.14 => 2.02~beta2-9ubuntu1.15)
libwbclient0 (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
liblcms2-dev (2.5-0ubuntu4.1 => 2.5-0ubuntu4.2)
libisc95 (9.9.5.dfsg-3ubuntu0.17 => 9.9.5.dfsg-3ubuntu0.18)
linux-libc-dev (3.13.0-153.203 => 3.13.0-158.208)
puavoadmins (0.3.1 => 0.3.2)
curl (7.35.0-1ubuntu2.16 => 7.35.0-1ubuntu2.17)
samba-libs (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
poppler-utils (0.24.5-2ubuntu4.11 => 0.24.5-2ubuntu4.12)
libx11-data (1.6.2-1ubuntu2 => 1.6.2-1ubuntu2.1)
tzdata (2017c-0ubuntu0.14.04 => 2018e-0ubuntu0.14.04)
libbind9-90 (9.9.5.dfsg-3ubuntu0.17 => 9.9.5.dfsg-3ubuntu0.18)
grub-common (2.02~beta2-9ubuntu1.14 => 2.02~beta2-9ubuntu1.15)
libarchive13 (3.1.2-7ubuntu2.4 => 3.1.2-7ubuntu2.6)
grub-pc-bin (2.02~beta2-9ubuntu1.14 => 2.02~beta2-9ubuntu1.15)
libsmbclient (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
libx11-xcb1 (1.6.2-1ubuntu2 => 1.6.2-1ubuntu2.1)
libdns100 (9.9.5.dfsg-3ubuntu0.17 => 9.9.5.dfsg-3ubuntu0.18)
amd64-microcode (3.20180524.1~ubuntu0.14.04.2+really20130710.1 => 3.20180524.1~ubuntu0.14.04.2+really20130710.1ubuntu1)
samba-common (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
samba-common-bin (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
liblwres90 (9.9.5.dfsg-3ubuntu0.17 => 9.9.5.dfsg-3ubuntu0.18)
linux-headers-generic (3.13.0.153.163 => 3.13.0.158.168)
libtirpc1 (0.2.2-5ubuntu2 => 0.2.2-5ubuntu2.1)
linux-image-generic-lts-trusty (3.13.0.153.163 => 3.13.0.158.168)
grub-pc (2.02~beta2-9ubuntu1.14 => 2.02~beta2-9ubuntu1.15)
bind9 (9.9.5.dfsg-3ubuntu0.17 => 9.9.5.dfsg-3ubuntu0.18)
libx11-dev (1.6.2-1ubuntu2 => 1.6.2-1ubuntu2.1)
python-samba (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
libx11-6 (1.6.2-1ubuntu2 => 1.6.2-1ubuntu2.1)
smbclient (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
liblcms2-2 (2.5-0ubuntu4.1 => 2.5-0ubuntu4.2)
libxml2-utils (2.9.1+dfsg1-3ubuntu4.12 => 2.9.1+dfsg1-3ubuntu4.13)
winbind (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
linux-image-generic (3.13.0.153.163 => 3.13.0.158.168)
libx11-doc (1.6.2-1ubuntu2 => 1.6.2-1ubuntu2.1)
libpq5 (9.3.23-0ubuntu0.14.04 => 9.3.24-0ubuntu0.14.04)
libspice-server1 (0.12.4-0nocelt2ubuntu1.6 => 0.12.4-0nocelt2ubuntu1.7)
jq (1.3-1.1ubuntu1 => 1.3-1.1ubuntu1.1)
libisccfg90 (9.9.5.dfsg-3ubuntu0.17 => 9.9.5.dfsg-3ubuntu0.18)
libisccc90 (9.9.5.dfsg-3ubuntu0.17 => 9.9.5.dfsg-3ubuntu0.18)
libgs9-common (9.10~dfsg-0ubuntu10.12 => 9.10~dfsg-0ubuntu10.13)
libcurl3-gnutls (7.35.0-1ubuntu2.16 => 7.35.0-1ubuntu2.17)
samba-dsdb-modules (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
libpq-dev (9.3.23-0ubuntu0.14.04 => 9.3.24-0ubuntu0.14.04)
puavo-rest-bootserver (0.11.2-24+trusty.trustyrestonly.fa138fa159d3f764e0917c3a7bdb8b4a19dea5c7 => 0.11.2-25+trusty.trustyrestonly.6046fcc89e3b002015c5eecc61259381df3357c3)
puavo-rest (0.11.2-24+trusty.trustyrestonly.fa138fa159d3f764e0917c3a7bdb8b4a19dea5c7 => 0.11.2-25+trusty.trustyrestonly.6046fcc89e3b002015c5eecc61259381df3357c3)
linux-image-server (3.13.0.153.163 => 3.13.0.158.168)
bind9-host (9.9.5.dfsg-3ubuntu0.17 => 9.9.5.dfsg-3ubuntu0.18)
dnsutils (9.9.5.dfsg-3ubuntu0.17 => 9.9.5.dfsg-3ubuntu0.18)
linux-generic (3.13.0.153.163 => 3.13.0.158.168)
ghostscript (9.10~dfsg-0ubuntu10.12 => 9.10~dfsg-0ubuntu10.13)
bind9utils (9.9.5.dfsg-3ubuntu0.17 => 9.9.5.dfsg-3ubuntu0.18)
tzdata-java (2017c-0ubuntu0.14.04 => 2018e-0ubuntu0.14.04)
intel-microcode (3.20180425.1~ubuntu0.14.04.1 => 3.20180807a.0ubuntu0.14.04.1)
libpoppler44 (0.24.5-2ubuntu4.11 => 0.24.5-2ubuntu4.12)
libxml2-dev (2.9.1+dfsg1-3ubuntu4.12 => 2.9.1+dfsg1-3ubuntu4.13)
openjdk-7-jre-headless (7u181-2.6.14-0ubuntu0.1 => 7u181-2.6.14-0ubuntu0.2)
samba (4.3.11+dfsg-0ubuntu0.14.04.14 => 4.3.11+dfsg-0ubuntu0.14.04.17)
libcurl3 (7.35.0-1ubuntu2.16 => 7.35.0-1ubuntu2.17)
libglib2.0-bin (2.40.2-0ubuntu1 => 2.40.2-0ubuntu1.1)
libgs9 (9.10~dfsg-0ubuntu10.12 => 9.10~dfsg-0ubuntu10.13)
libglib2.0-dev (2.40.2-0ubuntu1 => 2.40.2-0ubuntu1.1)
## Release 59 {#59}
### Notable changes
- Port 514 has been opened in rsyslogd (in addition to 20514).
### Security updates
- Package `libarchive-zip-perl`:
[CVE-2018-1086](https://security-tracker.debian.org/tracker/CVE-2018-1086)
- Package `libxcursor`:
[CVE-2013-2003](https://security-tracker.debian.org/tracker/CVE-2013-2003),
[CVE-2015-9262](https://security-tracker.debian.org/tracker/CVE-2015-9262),
[CVE-2017-1661](https://security-tracker.debian.org/tracker/CVE-2017-1661)
- Package `openslp-dfsg`:
[CVE-2017-1783](https://security-tracker.debian.org/tracker/CVE-2017-1783),
[CVE-2018-1293](https://security-tracker.debian.org/tracker/CVE-2018-1293)
- Package `jasper`:
[CVE-2015-5203](https://security-tracker.debian.org/tracker/CVE-2015-5203),
[CVE-2015-5221](https://security-tracker.debian.org/tracker/CVE-2015-5221),
[CVE-2016-1024](https://security-tracker.debian.org/tracker/CVE-2016-1024),
[CVE-2016-1025](https://security-tracker.debian.org/tracker/CVE-2016-1025),
[CVE-2016-8883](https://security-tracker.debian.org/tracker/CVE-2016-8883),
[CVE-2016-8887](https://security-tracker.debian.org/tracker/CVE-2016-8887),
[CVE-2016-9262](https://security-tracker.debian.org/tracker/CVE-2016-9262),
[CVE-2016-9387](https://security-tracker.debian.org/tracker/CVE-2016-9387),
[CVE-2016-9388](https://security-tracker.debian.org/tracker/CVE-2016-9388),
[CVE-2016-9389](https://security-tracker.debian.org/tracker/CVE-2016-9389),
[CVE-2016-9390](https://security-tracker.debian.org/tracker/CVE-2016-9390),
[CVE-2016-9391](https://security-tracker.debian.org/tracker/CVE-2016-9391),
[CVE-2016-9392](https://security-tracker.debian.org/tracker/CVE-2016-9392),
[CVE-2016-9393](https://security-tracker.debian.org/tracker/CVE-2016-9393),
[CVE-2016-9394](https://security-tracker.debian.org/tracker/CVE-2016-9394),
[CVE-2016-9396](https://security-tracker.debian.org/tracker/CVE-2016-9396),
[CVE-2016-9600](https://security-tracker.debian.org/tracker/CVE-2016-9600),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-6850](https://security-tracker.debian.org/tracker/CVE-2017-6850)
- Package `file`:
[CVE-2013-1943](https://security-tracker.debian.org/tracker/CVE-2013-1943),
[CVE-2013-7345](https://security-tracker.debian.org/tracker/CVE-2013-7345),
[CVE-2014-0207](https://security-tracker.debian.org/tracker/CVE-2014-0207),
[CVE-2014-2270](https://security-tracker.debian.org/tracker/CVE-2014-2270),
[CVE-2014-3478](https://security-tracker.debian.org/tracker/CVE-2014-3478),
[CVE-2014-3479](https://security-tracker.debian.org/tracker/CVE-2014-3479),
[CVE-2014-3480](https://security-tracker.debian.org/tracker/CVE-2014-3480),
[CVE-2014-3487](https://security-tracker.debian.org/tracker/CVE-2014-3487),
[CVE-2014-3538](https://security-tracker.debian.org/tracker/CVE-2014-3538),
[CVE-2014-3587](https://security-tracker.debian.org/tracker/CVE-2014-3587),
[CVE-2014-3710](https://security-tracker.debian.org/tracker/CVE-2014-3710),
[CVE-2014-8116](https://security-tracker.debian.org/tracker/CVE-2014-8116),
[CVE-2014-8117](https://security-tracker.debian.org/tracker/CVE-2014-8117),
[CVE-2014-9620](https://security-tracker.debian.org/tracker/CVE-2014-9620),
[CVE-2014-9621](https://security-tracker.debian.org/tracker/CVE-2014-9621),
[CVE-2014-9653](https://security-tracker.debian.org/tracker/CVE-2014-9653),
[CVE-2015-8865](https://security-tracker.debian.org/tracker/CVE-2015-8865),
[CVE-2018-1036](https://security-tracker.debian.org/tracker/CVE-2018-1036)
- Package `linux`:
[CVE-2017-0627](https://security-tracker.debian.org/tracker/CVE-2017-0627),
[CVE-2017-1213](https://security-tracker.debian.org/tracker/CVE-2017-1213),
[CVE-2017-1215](https://security-tracker.debian.org/tracker/CVE-2017-1215),
[CVE-2017-1219](https://security-tracker.debian.org/tracker/CVE-2017-1219),
[CVE-2017-1322](https://security-tracker.debian.org/tracker/CVE-2017-1322),
[CVE-2017-1330](https://security-tracker.debian.org/tracker/CVE-2017-1330),
[CVE-2017-1526](https://security-tracker.debian.org/tracker/CVE-2017-1526),
[CVE-2017-1744](https://security-tracker.debian.org/tracker/CVE-2017-1744),
[CVE-2017-1807](https://security-tracker.debian.org/tracker/CVE-2017-1807),
[CVE-2017-1820](https://security-tracker.debian.org/tracker/CVE-2017-1820),
[CVE-2017-1822](https://security-tracker.debian.org/tracker/CVE-2017-1822),
[CVE-2018-1068](https://security-tracker.debian.org/tracker/CVE-2018-1068),
[CVE-2018-1130](https://security-tracker.debian.org/tracker/CVE-2018-1130),
[CVE-2018-3639](https://security-tracker.debian.org/tracker/CVE-2018-3639),
[CVE-2018-3665](https://security-tracker.debian.org/tracker/CVE-2018-3665),
[CVE-2018-5750](https://security-tracker.debian.org/tracker/CVE-2018-5750),
[CVE-2018-5803](https://security-tracker.debian.org/tracker/CVE-2018-5803),
[CVE-2018-6927](https://security-tracker.debian.org/tracker/CVE-2018-6927),
[CVE-2018-7492](https://security-tracker.debian.org/tracker/CVE-2018-7492),
[CVE-2018-7755](https://security-tracker.debian.org/tracker/CVE-2018-7755),
[CVE-2018-7757](https://security-tracker.debian.org/tracker/CVE-2018-7757),
[CVE-2018-8781](https://security-tracker.debian.org/tracker/CVE-2018-8781),
[CVE-2018-8822](https://security-tracker.debian.org/tracker/CVE-2018-8822)
- Package `curl`:
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000)
- Package `cups`:
[CVE-2017-1824](https://security-tracker.debian.org/tracker/CVE-2017-1824),
[CVE-2018-4180](https://security-tracker.debian.org/tracker/CVE-2018-4180),
[CVE-2018-4181](https://security-tracker.debian.org/tracker/CVE-2018-4181),
[CVE-2018-6553](https://security-tracker.debian.org/tracker/CVE-2018-6553)
- Package `ruby1.9.1`:
[CVE-2017-1774](https://security-tracker.debian.org/tracker/CVE-2017-1774),
[CVE-2018-8777](https://security-tracker.debian.org/tracker/CVE-2018-8777)
- Package `libgcrypt11`:
[CVE-2018-0495](https://security-tracker.debian.org/tracker/CVE-2018-0495)
- Package `git`:
[CVE-2014-9390](https://security-tracker.debian.org/tracker/CVE-2014-9390),
[CVE-2014-9938](https://security-tracker.debian.org/tracker/CVE-2014-9938),
[CVE-2015-7545](https://security-tracker.debian.org/tracker/CVE-2015-7545),
[CVE-2016-2315](https://security-tracker.debian.org/tracker/CVE-2016-2315),
[CVE-2016-2324](https://security-tracker.debian.org/tracker/CVE-2016-2324),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-1486](https://security-tracker.debian.org/tracker/CVE-2017-1486),
[CVE-2017-8386](https://security-tracker.debian.org/tracker/CVE-2017-8386),
[CVE-2018-1123](https://security-tracker.debian.org/tracker/CVE-2018-1123)
- Package `qemu`:
[CVE-2018-3639](https://security-tracker.debian.org/tracker/CVE-2018-3639),
[CVE-2018-7550](https://security-tracker.debian.org/tracker/CVE-2018-7550)
- Package `elfutils`:
[CVE-2016-1025](https://security-tracker.debian.org/tracker/CVE-2016-1025),
[CVE-2017-7607](https://security-tracker.debian.org/tracker/CVE-2017-7607),
[CVE-2017-7608](https://security-tracker.debian.org/tracker/CVE-2017-7608),
[CVE-2017-7610](https://security-tracker.debian.org/tracker/CVE-2017-7610),
[CVE-2017-7611](https://security-tracker.debian.org/tracker/CVE-2017-7611),
[CVE-2017-7612](https://security-tracker.debian.org/tracker/CVE-2017-7612),
[CVE-2017-7613](https://security-tracker.debian.org/tracker/CVE-2017-7613)
- Package `perl`:
[CVE-2018-1201](https://security-tracker.debian.org/tracker/CVE-2018-1201)
- Package `policykit-1`:
[CVE-2015-3218](https://security-tracker.debian.org/tracker/CVE-2015-3218),
[CVE-2015-3255](https://security-tracker.debian.org/tracker/CVE-2015-3255),
[CVE-2015-4625](https://security-tracker.debian.org/tracker/CVE-2015-4625),
[CVE-2018-1116](https://security-tracker.debian.org/tracker/CVE-2018-1116)
- Package `libpng`:
[CVE-2016-1008](https://security-tracker.debian.org/tracker/CVE-2016-1008)
- Package `openjdk-7`:
[CVE-2018-2579](https://security-tracker.debian.org/tracker/CVE-2018-2579),
[CVE-2018-2588](https://security-tracker.debian.org/tracker/CVE-2018-2588),
[CVE-2018-2599](https://security-tracker.debian.org/tracker/CVE-2018-2599),
[CVE-2018-2602](https://security-tracker.debian.org/tracker/CVE-2018-2602),
[CVE-2018-2603](https://security-tracker.debian.org/tracker/CVE-2018-2603),
[CVE-2018-2618](https://security-tracker.debian.org/tracker/CVE-2018-2618),
[CVE-2018-2629](https://security-tracker.debian.org/tracker/CVE-2018-2629),
[CVE-2018-2633](https://security-tracker.debian.org/tracker/CVE-2018-2633),
[CVE-2018-2634](https://security-tracker.debian.org/tracker/CVE-2018-2634),
[CVE-2018-2637](https://security-tracker.debian.org/tracker/CVE-2018-2637),
[CVE-2018-2641](https://security-tracker.debian.org/tracker/CVE-2018-2641),
[CVE-2018-2663](https://security-tracker.debian.org/tracker/CVE-2018-2663),
[CVE-2018-2677](https://security-tracker.debian.org/tracker/CVE-2018-2677),
[CVE-2018-2678](https://security-tracker.debian.org/tracker/CVE-2018-2678),
[CVE-2018-2790](https://security-tracker.debian.org/tracker/CVE-2018-2790),
[CVE-2018-2794](https://security-tracker.debian.org/tracker/CVE-2018-2794),
[CVE-2018-2795](https://security-tracker.debian.org/tracker/CVE-2018-2795),
[CVE-2018-2796](https://security-tracker.debian.org/tracker/CVE-2018-2796),
[CVE-2018-2797](https://security-tracker.debian.org/tracker/CVE-2018-2797),
[CVE-2018-2798](https://security-tracker.debian.org/tracker/CVE-2018-2798),
[CVE-2018-2799](https://security-tracker.debian.org/tracker/CVE-2018-2799),
[CVE-2018-2800](https://security-tracker.debian.org/tracker/CVE-2018-2800),
[CVE-2018-2814](https://security-tracker.debian.org/tracker/CVE-2018-2814),
[CVE-2018-2815](https://security-tracker.debian.org/tracker/CVE-2018-2815)
- Package `imagemagick`:
[CVE-2014-8716](https://security-tracker.debian.org/tracker/CVE-2014-8716),
[CVE-2014-9808](https://security-tracker.debian.org/tracker/CVE-2014-9808),
[CVE-2014-9812](https://security-tracker.debian.org/tracker/CVE-2014-9812),
[CVE-2014-9816](https://security-tracker.debian.org/tracker/CVE-2014-9816),
[CVE-2014-9820](https://security-tracker.debian.org/tracker/CVE-2014-9820),
[CVE-2014-9826](https://security-tracker.debian.org/tracker/CVE-2014-9826),
[CVE-2014-9831](https://security-tracker.debian.org/tracker/CVE-2014-9831),
[CVE-2014-9836](https://security-tracker.debian.org/tracker/CVE-2014-9836),
[CVE-2014-9840](https://security-tracker.debian.org/tracker/CVE-2014-9840),
[CVE-2014-9845](https://security-tracker.debian.org/tracker/CVE-2014-9845),
[CVE-2014-9849](https://security-tracker.debian.org/tracker/CVE-2014-9849),
[CVE-2014-9854](https://security-tracker.debian.org/tracker/CVE-2014-9854),
[CVE-2015-8896](https://security-tracker.debian.org/tracker/CVE-2015-8896),
[CVE-2015-8901](https://security-tracker.debian.org/tracker/CVE-2015-8901),
[CVE-2015-8958](https://security-tracker.debian.org/tracker/CVE-2015-8958),
[CVE-2016-1014](https://security-tracker.debian.org/tracker/CVE-2016-1014),
[CVE-2016-4564](https://security-tracker.debian.org/tracker/CVE-2016-4564),
[CVE-2016-5689](https://security-tracker.debian.org/tracker/CVE-2016-5689),
[CVE-2016-5842](https://security-tracker.debian.org/tracker/CVE-2016-5842),
[CVE-2016-7514](https://security-tracker.debian.org/tracker/CVE-2016-7514),
[CVE-2016-7518](https://security-tracker.debian.org/tracker/CVE-2016-7518),
[CVE-2016-7522](https://security-tracker.debian.org/tracker/CVE-2016-7522),
[CVE-2016-7526](https://security-tracker.debian.org/tracker/CVE-2016-7526),
[CVE-2016-7530](https://security-tracker.debian.org/tracker/CVE-2016-7530),
[CVE-2016-7534](https://security-tracker.debian.org/tracker/CVE-2016-7534),
[CVE-2016-7539](https://security-tracker.debian.org/tracker/CVE-2016-7539),
[CVE-2016-9556](https://security-tracker.debian.org/tracker/CVE-2016-9556),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-1092](https://security-tracker.debian.org/tracker/CVE-2017-1092),
[CVE-2017-1135](https://security-tracker.debian.org/tracker/CVE-2017-1135),
[CVE-2017-1145](https://security-tracker.debian.org/tracker/CVE-2017-1145),
[CVE-2017-1147](https://security-tracker.debian.org/tracker/CVE-2017-1147),
[CVE-2017-1153](https://security-tracker.debian.org/tracker/CVE-2017-1153),
[CVE-2017-1242](https://security-tracker.debian.org/tracker/CVE-2017-1242),
[CVE-2017-1243](https://security-tracker.debian.org/tracker/CVE-2017-1243),
[CVE-2017-1264](https://security-tracker.debian.org/tracker/CVE-2017-1264),
[CVE-2017-1269](https://security-tracker.debian.org/tracker/CVE-2017-1269),
[CVE-2017-1298](https://security-tracker.debian.org/tracker/CVE-2017-1298),
[CVE-2017-1314](https://security-tracker.debian.org/tracker/CVE-2017-1314),
[CVE-2017-1376](https://security-tracker.debian.org/tracker/CVE-2017-1376),
[CVE-2017-1417](https://security-tracker.debian.org/tracker/CVE-2017-1417),
[CVE-2017-1432](https://security-tracker.debian.org/tracker/CVE-2017-1432),
[CVE-2017-1440](https://security-tracker.debian.org/tracker/CVE-2017-1440),
[CVE-2017-1468](https://security-tracker.debian.org/tracker/CVE-2017-1468),
[CVE-2017-1501](https://security-tracker.debian.org/tracker/CVE-2017-1501),
[CVE-2017-1654](https://security-tracker.debian.org/tracker/CVE-2017-1654),
[CVE-2017-1791](https://security-tracker.debian.org/tracker/CVE-2017-1791),
[CVE-2017-5508](https://security-tracker.debian.org/tracker/CVE-2017-5508),
[CVE-2017-5511](https://security-tracker.debian.org/tracker/CVE-2017-5511),
[CVE-2017-6500](https://security-tracker.debian.org/tracker/CVE-2017-6500),
[CVE-2017-7943](https://security-tracker.debian.org/tracker/CVE-2017-7943),
[CVE-2017-8346](https://security-tracker.debian.org/tracker/CVE-2017-8346),
[CVE-2017-8350](https://security-tracker.debian.org/tracker/CVE-2017-8350),
[CVE-2017-8354](https://security-tracker.debian.org/tracker/CVE-2017-8354),
[CVE-2017-8765](https://security-tracker.debian.org/tracker/CVE-2017-8765),
[CVE-2017-9142](https://security-tracker.debian.org/tracker/CVE-2017-9142),
[CVE-2017-9144](https://security-tracker.debian.org/tracker/CVE-2017-9144),
[CVE-2017-9407](https://security-tracker.debian.org/tracker/CVE-2017-9407),
[CVE-2018-1125](https://security-tracker.debian.org/tracker/CVE-2018-1125),
[CVE-2018-1259](https://security-tracker.debian.org/tracker/CVE-2018-1259),
[CVE-2018-1260](https://security-tracker.debian.org/tracker/CVE-2018-1260),
[CVE-2018-1315](https://security-tracker.debian.org/tracker/CVE-2018-1315),
[CVE-2018-8960](https://security-tracker.debian.org/tracker/CVE-2018-8960)
- Package `ntp`:
[CVE-2014-9297](https://security-tracker.debian.org/tracker/CVE-2014-9297),
[CVE-2014-9298](https://security-tracker.debian.org/tracker/CVE-2014-9298),
[CVE-2015-1798](https://security-tracker.debian.org/tracker/CVE-2015-1798),
[CVE-2015-1799](https://security-tracker.debian.org/tracker/CVE-2015-1799),
[CVE-2015-5146](https://security-tracker.debian.org/tracker/CVE-2015-5146),
[CVE-2015-5194](https://security-tracker.debian.org/tracker/CVE-2015-5194),
[CVE-2015-5195](https://security-tracker.debian.org/tracker/CVE-2015-5195),
[CVE-2015-5196](https://security-tracker.debian.org/tracker/CVE-2015-5196),
[CVE-2015-5219](https://security-tracker.debian.org/tracker/CVE-2015-5219),
[CVE-2015-5300](https://security-tracker.debian.org/tracker/CVE-2015-5300),
[CVE-2015-7691](https://security-tracker.debian.org/tracker/CVE-2015-7691),
[CVE-2015-7692](https://security-tracker.debian.org/tracker/CVE-2015-7692),
[CVE-2015-7701](https://security-tracker.debian.org/tracker/CVE-2015-7701),
[CVE-2015-7702](https://security-tracker.debian.org/tracker/CVE-2015-7702),
[CVE-2015-7703](https://security-tracker.debian.org/tracker/CVE-2015-7703),
[CVE-2015-7704](https://security-tracker.debian.org/tracker/CVE-2015-7704),
[CVE-2015-7705](https://security-tracker.debian.org/tracker/CVE-2015-7705),
[CVE-2015-7850](https://security-tracker.debian.org/tracker/CVE-2015-7850),
[CVE-2015-7852](https://security-tracker.debian.org/tracker/CVE-2015-7852),
[CVE-2015-7853](https://security-tracker.debian.org/tracker/CVE-2015-7853),
[CVE-2015-7855](https://security-tracker.debian.org/tracker/CVE-2015-7855),
[CVE-2015-7871](https://security-tracker.debian.org/tracker/CVE-2015-7871),
[CVE-2015-7973](https://security-tracker.debian.org/tracker/CVE-2015-7973),
[CVE-2015-7974](https://security-tracker.debian.org/tracker/CVE-2015-7974),
[CVE-2015-7976](https://security-tracker.debian.org/tracker/CVE-2015-7976),
[CVE-2015-7977](https://security-tracker.debian.org/tracker/CVE-2015-7977),
[CVE-2015-7978](https://security-tracker.debian.org/tracker/CVE-2015-7978),
[CVE-2015-7979](https://security-tracker.debian.org/tracker/CVE-2015-7979),
[CVE-2015-8138](https://security-tracker.debian.org/tracker/CVE-2015-8138),
[CVE-2015-8158](https://security-tracker.debian.org/tracker/CVE-2015-8158),
[CVE-2016-0727](https://security-tracker.debian.org/tracker/CVE-2016-0727),
[CVE-2016-1547](https://security-tracker.debian.org/tracker/CVE-2016-1547),
[CVE-2016-1548](https://security-tracker.debian.org/tracker/CVE-2016-1548),
[CVE-2016-1550](https://security-tracker.debian.org/tracker/CVE-2016-1550),
[CVE-2016-2516](https://security-tracker.debian.org/tracker/CVE-2016-2516),
[CVE-2016-2518](https://security-tracker.debian.org/tracker/CVE-2016-2518),
[CVE-2016-4954](https://security-tracker.debian.org/tracker/CVE-2016-4954),
[CVE-2016-4955](https://security-tracker.debian.org/tracker/CVE-2016-4955),
[CVE-2016-4956](https://security-tracker.debian.org/tracker/CVE-2016-4956),
[CVE-2016-7426](https://security-tracker.debian.org/tracker/CVE-2016-7426),
[CVE-2016-7427](https://security-tracker.debian.org/tracker/CVE-2016-7427),
[CVE-2016-7428](https://security-tracker.debian.org/tracker/CVE-2016-7428),
[CVE-2016-7429](https://security-tracker.debian.org/tracker/CVE-2016-7429),
[CVE-2016-9310](https://security-tracker.debian.org/tracker/CVE-2016-9310),
[CVE-2016-9311](https://security-tracker.debian.org/tracker/CVE-2016-9311),
[CVE-2017-6458](https://security-tracker.debian.org/tracker/CVE-2017-6458),
[CVE-2017-6462](https://security-tracker.debian.org/tracker/CVE-2017-6462),
[CVE-2017-6463](https://security-tracker.debian.org/tracker/CVE-2017-6463),
[CVE-2017-6464](https://security-tracker.debian.org/tracker/CVE-2017-6464),
[CVE-2018-7183](https://security-tracker.debian.org/tracker/CVE-2018-7183),
[CVE-2018-7185](https://security-tracker.debian.org/tracker/CVE-2018-7185)
- Package `libvirt`:
[CVE-2018-1064](https://security-tracker.debian.org/tracker/CVE-2018-1064),
[CVE-2018-3639](https://security-tracker.debian.org/tracker/CVE-2018-3639)
- Package `spice`:
[CVE-2017-1219](https://security-tracker.debian.org/tracker/CVE-2017-1219)
- Package `libjpeg-turbo`:
[CVE-2014-9092](https://security-tracker.debian.org/tracker/CVE-2014-9092),
[CVE-2016-3616](https://security-tracker.debian.org/tracker/CVE-2016-3616),
[CVE-2018-1121](https://security-tracker.debian.org/tracker/CVE-2018-1121),
[CVE-2018-1152](https://security-tracker.debian.org/tracker/CVE-2018-1152)
- Package `openssl`:
[CVE-2018-0495](https://security-tracker.debian.org/tracker/CVE-2018-0495),
[CVE-2018-0732](https://security-tracker.debian.org/tracker/CVE-2018-0732),
[CVE-2018-0737](https://security-tracker.debian.org/tracker/CVE-2018-0737)
- Package `gnupg`:
[CVE-2017-7526](https://security-tracker.debian.org/tracker/CVE-2017-7526),
[CVE-2018-1202](https://security-tracker.debian.org/tracker/CVE-2018-1202)
- Package `mysql-5.5`:
[CVE-2018-3066](https://security-tracker.debian.org/tracker/CVE-2018-3066),
[CVE-2018-3081](https://security-tracker.debian.org/tracker/CVE-2018-3081)
- Package `procps`:
[CVE-2018-1122](https://security-tracker.debian.org/tracker/CVE-2018-1122),
[CVE-2018-1123](https://security-tracker.debian.org/tracker/CVE-2018-1123),
[CVE-2018-1124](https://security-tracker.debian.org/tracker/CVE-2018-1124),
[CVE-2018-1125](https://security-tracker.debian.org/tracker/CVE-2018-1125),
[CVE-2018-1126](https://security-tracker.debian.org/tracker/CVE-2018-1126)
### Typical update path from Release 58
- Need to get 146 MB of archives.
- Has impact on the availability of the end users service:
- Service `cups` will be restarted during the update process and its estimated downtime is 96 seconds.
## Release 58 {#58}
### Security updates
- Package `openjdk-7`:
[CVE-2018-2579](https://security-tracker.debian.org/tracker/CVE-2018-2579),
[CVE-2018-2588](https://security-tracker.debian.org/tracker/CVE-2018-2588),
[CVE-2018-2599](https://security-tracker.debian.org/tracker/CVE-2018-2599),
[CVE-2018-2602](https://security-tracker.debian.org/tracker/CVE-2018-2602),
[CVE-2018-2603](https://security-tracker.debian.org/tracker/CVE-2018-2603),
[CVE-2018-2618](https://security-tracker.debian.org/tracker/CVE-2018-2618),
[CVE-2018-2629](https://security-tracker.debian.org/tracker/CVE-2018-2629),
[CVE-2018-2633](https://security-tracker.debian.org/tracker/CVE-2018-2633),
[CVE-2018-2634](https://security-tracker.debian.org/tracker/CVE-2018-2634),
[CVE-2018-2637](https://security-tracker.debian.org/tracker/CVE-2018-2637),
[CVE-2018-2641](https://security-tracker.debian.org/tracker/CVE-2018-2641),
[CVE-2018-2663](https://security-tracker.debian.org/tracker/CVE-2018-2663),
[CVE-2018-2677](https://security-tracker.debian.org/tracker/CVE-2018-2677),
[CVE-2018-2678](https://security-tracker.debian.org/tracker/CVE-2018-2678)
- Package `samba`:
[CVE-2016-2123](https://security-tracker.debian.org/tracker/CVE-2016-2123),
[CVE-2016-2125](https://security-tracker.debian.org/tracker/CVE-2016-2125),
[CVE-2016-2126](https://security-tracker.debian.org/tracker/CVE-2016-2126),
[CVE-2017-1110](https://security-tracker.debian.org/tracker/CVE-2017-1110),
[CVE-2017-1215](https://security-tracker.debian.org/tracker/CVE-2017-1215),
[CVE-2017-1216](https://security-tracker.debian.org/tracker/CVE-2017-1216),
[CVE-2017-1474](https://security-tracker.debian.org/tracker/CVE-2017-1474),
[CVE-2017-1527](https://security-tracker.debian.org/tracker/CVE-2017-1527),
[CVE-2017-2619](https://security-tracker.debian.org/tracker/CVE-2017-2619),
[CVE-2017-7494](https://security-tracker.debian.org/tracker/CVE-2017-7494),
[CVE-2017-9461](https://security-tracker.debian.org/tracker/CVE-2017-9461),
[CVE-2018-1050](https://security-tracker.debian.org/tracker/CVE-2018-1050),
[CVE-2018-1057](https://security-tracker.debian.org/tracker/CVE-2018-1057)
- Package `librelp`:
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000)
- Package `perl`:
[CVE-2015-8853](https://security-tracker.debian.org/tracker/CVE-2015-8853),
[CVE-2016-6185](https://security-tracker.debian.org/tracker/CVE-2016-6185),
[CVE-2017-6512](https://security-tracker.debian.org/tracker/CVE-2017-6512),
[CVE-2018-6913](https://security-tracker.debian.org/tracker/CVE-2018-6913)
- Package `tiff`:
[CVE-2016-1026](https://security-tracker.debian.org/tracker/CVE-2016-1026),
[CVE-2016-1037](https://security-tracker.debian.org/tracker/CVE-2016-1037),
[CVE-2016-3186](https://security-tracker.debian.org/tracker/CVE-2016-3186),
[CVE-2016-5102](https://security-tracker.debian.org/tracker/CVE-2016-5102),
[CVE-2016-5318](https://security-tracker.debian.org/tracker/CVE-2016-5318),
[CVE-2017-1068](https://security-tracker.debian.org/tracker/CVE-2017-1068),
[CVE-2017-1133](https://security-tracker.debian.org/tracker/CVE-2017-1133),
[CVE-2017-1161](https://security-tracker.debian.org/tracker/CVE-2017-1161),
[CVE-2017-1294](https://security-tracker.debian.org/tracker/CVE-2017-1294),
[CVE-2017-1372](https://security-tracker.debian.org/tracker/CVE-2017-1372),
[CVE-2017-1709](https://security-tracker.debian.org/tracker/CVE-2017-1709),
[CVE-2017-1801](https://security-tracker.debian.org/tracker/CVE-2017-1801),
[CVE-2017-5563](https://security-tracker.debian.org/tracker/CVE-2017-5563),
[CVE-2017-7592](https://security-tracker.debian.org/tracker/CVE-2017-7592),
[CVE-2017-7593](https://security-tracker.debian.org/tracker/CVE-2017-7593),
[CVE-2017-7594](https://security-tracker.debian.org/tracker/CVE-2017-7594),
[CVE-2017-7595](https://security-tracker.debian.org/tracker/CVE-2017-7595),
[CVE-2017-7596](https://security-tracker.debian.org/tracker/CVE-2017-7596),
[CVE-2017-7597](https://security-tracker.debian.org/tracker/CVE-2017-7597),
[CVE-2017-7598](https://security-tracker.debian.org/tracker/CVE-2017-7598),
[CVE-2017-7599](https://security-tracker.debian.org/tracker/CVE-2017-7599),
[CVE-2017-7600](https://security-tracker.debian.org/tracker/CVE-2017-7600),
[CVE-2017-7601](https://security-tracker.debian.org/tracker/CVE-2017-7601),
[CVE-2017-7602](https://security-tracker.debian.org/tracker/CVE-2017-7602),
[CVE-2017-9117](https://security-tracker.debian.org/tracker/CVE-2017-9117),
[CVE-2017-9147](https://security-tracker.debian.org/tracker/CVE-2017-9147),
[CVE-2017-9403](https://security-tracker.debian.org/tracker/CVE-2017-9403),
[CVE-2017-9404](https://security-tracker.debian.org/tracker/CVE-2017-9404),
[CVE-2017-9815](https://security-tracker.debian.org/tracker/CVE-2017-9815),
[CVE-2017-9935](https://security-tracker.debian.org/tracker/CVE-2017-9935),
[CVE-2017-9936](https://security-tracker.debian.org/tracker/CVE-2017-9936),
[CVE-2018-5784](https://security-tracker.debian.org/tracker/CVE-2018-5784)
- Package `sharutils`:
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000)
- Package `python-crypto`:
[CVE-2018-6594](https://security-tracker.debian.org/tracker/CVE-2018-6594)
- Package `openssl`:
[CVE-2018-0737](https://security-tracker.debian.org/tracker/CVE-2018-0737),
[CVE-2018-0739](https://security-tracker.debian.org/tracker/CVE-2018-0739)
- Package `poppler`:
[CVE-2017-1826](https://security-tracker.debian.org/tracker/CVE-2017-1826),
[CVE-2018-1076](https://security-tracker.debian.org/tracker/CVE-2018-1076)
- Package `wayland`:
[CVE-2017-1661](https://security-tracker.debian.org/tracker/CVE-2017-1661)
- Package `ghostscript`:
[CVE-2016-1031](https://security-tracker.debian.org/tracker/CVE-2016-1031),
[CVE-2018-1019](https://security-tracker.debian.org/tracker/CVE-2018-1019)
- Package `linux`:
[CVE-2017-1108](https://security-tracker.debian.org/tracker/CVE-2017-1108),
[CVE-2017-1276](https://security-tracker.debian.org/tracker/CVE-2017-1276),
[CVE-2017-1744](https://security-tracker.debian.org/tracker/CVE-2017-1744),
[CVE-2017-1774](https://security-tracker.debian.org/tracker/CVE-2017-1774),
[CVE-2017-1780](https://security-tracker.debian.org/tracker/CVE-2017-1780),
[CVE-2017-5715](https://security-tracker.debian.org/tracker/CVE-2017-5715),
[CVE-2017-5753](https://security-tracker.debian.org/tracker/CVE-2017-5753),
[CVE-2017-5754](https://security-tracker.debian.org/tracker/CVE-2017-5754),
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000),
[CVE-2018-1087](https://security-tracker.debian.org/tracker/CVE-2018-1087),
[CVE-2018-5332](https://security-tracker.debian.org/tracker/CVE-2018-5332),
[CVE-2018-8897](https://security-tracker.debian.org/tracker/CVE-2018-8897)
- Package `wget`:
[CVE-2018-0494](https://security-tracker.debian.org/tracker/CVE-2018-0494)
- Package `libvorbis`:
[CVE-2018-5146](https://security-tracker.debian.org/tracker/CVE-2018-5146)
- Package `mysql-5.5`:
[CVE-2018-2773](https://security-tracker.debian.org/tracker/CVE-2018-2773),
[CVE-2018-2818](https://security-tracker.debian.org/tracker/CVE-2018-2818),
[CVE-2018-2819](https://security-tracker.debian.org/tracker/CVE-2018-2819)
- Package `patch`:
[CVE-2016-1071](https://security-tracker.debian.org/tracker/CVE-2016-1071),
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000),
[CVE-2018-6951](https://security-tracker.debian.org/tracker/CVE-2018-6951)
- Package `ruby1.9.1`:
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000),
[CVE-2018-6914](https://security-tracker.debian.org/tracker/CVE-2018-6914),
[CVE-2018-8778](https://security-tracker.debian.org/tracker/CVE-2018-8778),
[CVE-2018-8779](https://security-tracker.debian.org/tracker/CVE-2018-8779),
[CVE-2018-8780](https://security-tracker.debian.org/tracker/CVE-2018-8780)
- Package `curl`:
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000)
- Package `icu`:
[CVE-2017-1542](https://security-tracker.debian.org/tracker/CVE-2017-1542)
### Typical update path from Release 57
- Need to get 194 MB of archives.
- Has impact on the availability of the end users service:
- Service `nmbd` will be restarted during the update process and its estimated downtime is 100 seconds.
- Service `winbind` will be restarted during the update process and its estimated downtime is 105 seconds.
- Service `udev` will be restarted during the update process and its estimated downtime is 0 seconds.
- Service `isc-dhcp-server` will be restarted during the update process and its estimated downtime is 105 seconds.
- Service `samba-ad-dc` will be restarted during the update process and its estimated downtime is ? seconds.
- Service `avahi-daemon` will be restarted during the update process and its estimated downtime is 103 seconds.
- Service `smbd` will be restarted during the update process and its estimated downtime is 99 seconds.
- Service `puavo-rest` will be restarted during the update process and its estimated downtime is 67 seconds.
-
linux-headers-3.13.0-147-generic (3.13.0-147.196)
qpdf (8.0.2-3~14.04.1)
linux-headers-3.13.0-139 (3.13.0-139.188)
linux-headers-3.13.0-113 (3.13.0-113.160)
linux-headers-3.13.0-133-generic (3.13.0-133.182)
linux-headers-3.13.0-116 (3.13.0-116.163)
linux-headers-3.13.0-117 (3.13.0-117.164)
libwiretap3 (1.10.6-1)
linux-image-extra-3.13.0-116-generic (3.13.0-116.163)
linux-image-extra-3.13.0-128-generic (3.13.0-128.177)
linux-headers-3.13.0-128-generic (3.13.0-128.177)
linux-headers-3.13.0-123-generic (3.13.0-123.172)
libqpdf21 (8.0.2-3~14.04.1)
linux-image-extra-3.13.0-113-generic (3.13.0-113.160)
linux-image-extra-3.13.0-133-generic (3.13.0-133.182)
linux-image-3.13.0-116-generic (3.13.0-116.163)
libwsutil3 (1.10.6-1)
linux-headers-3.13.0-139-generic (3.13.0-139.188)
linux-headers-3.13.0-147 (3.13.0-147.196)
linux-headers-3.13.0-123 (3.13.0-123.172)
linux-image-3.13.0-139-generic (3.13.0-139.188)
linux-headers-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-128 (3.13.0-128.177)
linux-image-3.13.0-147-generic (3.13.0-147.196)
linux-headers-3.13.0-133 (3.13.0-133.182)
linux-image-3.13.0-128-generic (3.13.0-128.177)
linux-image-extra-3.13.0-123-generic (3.13.0-123.172)
linux-headers-3.13.0-116-generic (3.13.0-116.163)
linux-image-3.13.0-133-generic (3.13.0-133.182)
linux-image-extra-3.13.0-139-generic (3.13.0-139.188)
libqpdf13 (5.1.1-1)
linux-image-extra-3.13.0-117-generic (3.13.0-117.164)
linux-image-extra-3.13.0-147-generic (3.13.0-147.196)
linux-image-3.13.0-123-generic (3.13.0-123.172)
linux-image-3.13.0-113-generic (3.13.0-113.160)
libwireshark3 (1.10.6-1)
linux-image-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-113-generic (3.13.0-113.160)
libavahi-glib1 (0.6.31-4ubuntu1.2)
-
libavahi-core7 (0.6.31-4ubuntu1.1 => 0.6.31-4ubuntu1.2)
mysql-common (5.5.59-0ubuntu0.14.04.1 => 5.5.60-0ubuntu0.14.04.1)
libtiff5 (4.0.3-7ubuntu0.7 => 4.0.3-7ubuntu0.9)
samba-libs (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
samba (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
libapt-pkg4.12 (1.0.1ubuntu2.17 => 1.0.1ubuntu2.18)
libavahi-common3 (0.6.31-4ubuntu1.1 => 0.6.31-4ubuntu1.2)
avahi-daemon (0.6.31-4ubuntu1.1 => 0.6.31-4ubuntu1.2)
libsystemd-login0 (204-5ubuntu20.26 => 204-5ubuntu20.28)
linux-image-generic (3.13.0.142.152 => 3.13.0.147.157)
libvorbis0a (1.3.2-1.3ubuntu1.1 => 1.3.2-1.3ubuntu1.2)
python-samba (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
openjdk-7-jre-headless (7u151-2.6.11-2ubuntu0.14.04.1 => 7u171-2.6.13-0ubuntu0.14.04.2)
samba-dsdb-modules (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
puavo-rest-bootserver (0.11.2-22+trusty.trustyrestonly.df8ce1bc1099fb4898b8a8b7efb4a3d1efedaf87 => 0.11.2-24+trusty.trustyrestonly.fa138fa159d3f764e0917c3a7bdb8b4a19dea5c7)
ghostscript (9.10~dfsg-0ubuntu10.10 => 9.10~dfsg-0ubuntu10.12)
libapt-inst1.5 (1.0.1ubuntu2.17 => 1.0.1ubuntu2.18)
ri1.9.1 (1.9.3.484-2ubuntu1.7 => 1.9.3.484-2ubuntu1.11)
libtiff5-dev (4.0.3-7ubuntu0.7 => 4.0.3-7ubuntu0.9)
libpoppler44 (0.24.5-2ubuntu4.9 => 0.24.5-2ubuntu4.11)
libtiffxx5 (4.0.3-7ubuntu0.7 => 4.0.3-7ubuntu0.9)
libssl1.0.0 (1.0.1f-1ubuntu2.23 => 1.0.1f-1ubuntu2.25)
libmysqlclient18 (5.5.59-0ubuntu0.14.04.1 => 5.5.60-0ubuntu0.14.04.1)
libnss-winbind (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
libpam-winbind (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
libudev1 (204-5ubuntu20.26 => 204-5ubuntu20.28)
udev (204-5ubuntu20.26 => 204-5ubuntu20.28)
libavahi-client3 (0.6.31-4ubuntu1.1 => 0.6.31-4ubuntu1.2)
linux-libc-dev (3.13.0-142.191 => 3.13.0-147.196)
patch (2.7.1-4ubuntu2.3 => 2.7.1-4ubuntu2.4)
ruby1.9.1 (1.9.3.484-2ubuntu1.7 => 1.9.3.484-2ubuntu1.11)
ruby1.9.3 (1.9.3.484-2ubuntu1.7 => 1.9.3.484-2ubuntu1.11)
kmod (15-0ubuntu6 => 15-0ubuntu7)
isc-dhcp-common (4.2.4-7ubuntu12.12 => 4.2.4-7ubuntu12.13)
libvorbisenc2 (1.3.2-1.3ubuntu1.1 => 1.3.2-1.3ubuntu1.2)
libsystemd-daemon0 (204-5ubuntu20.26 => 204-5ubuntu20.28)
smbclient (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
distro-info-data (0.18ubuntu0.8 => 0.18ubuntu0.9)
winbind (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
sharutils (4.14-1ubuntu1 => 4.14-1ubuntu1.1)
debootstrap (1.0.59ubuntu0.8 => 1.0.59ubuntu0.9)
wget (1.15-1ubuntu1.14.04.3 => 1.15-1ubuntu1.14.04.4)
libwayland-server0 (1.4.0-1ubuntu1 => 1.4.0-1ubuntu1.1)
libfontembed1 (1.0.52-0ubuntu1.7 => 1.0.52-0ubuntu1.8)
openssl (1.0.1f-1ubuntu2.23 => 1.0.1f-1ubuntu2.25)
libcurl3 (7.35.0-1ubuntu2.14 => 7.35.0-1ubuntu2.15)
libgs9 (9.10~dfsg-0ubuntu10.10 => 9.10~dfsg-0ubuntu10.12)
linux-image-server (3.13.0.142.152 => 3.13.0.147.157)
poppler-utils (0.24.5-2ubuntu4.9 => 0.24.5-2ubuntu4.11)
python3-distupgrade (0.220.9 => 0.220.10)
ruby1.9.1-examples (1.9.3.484-2ubuntu1.7 => 1.9.3.484-2ubuntu1.11)
ruby1.9.1-full (1.9.3.484-2ubuntu1.7 => 1.9.3.484-2ubuntu1.11)
apt (1.0.1ubuntu2.17 => 1.0.1ubuntu2.18)
libruby1.9.1-dbg (1.9.3.484-2ubuntu1.7 => 1.9.3.484-2ubuntu1.11)
libwbclient0 (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
linux-generic (3.13.0.142.152 => 3.13.0.147.157)
libsmbclient (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
perl (5.18.2-2ubuntu1.3 => 5.18.2-2ubuntu1.4)
samba-common-bin (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
libperl5.18 (5.18.2-2ubuntu1.3 => 5.18.2-2ubuntu1.4)
linux-image-generic-lts-trusty (3.13.0.142.152 => 3.13.0.147.157)
libruby1.9.1 (1.9.3.484-2ubuntu1.7 => 1.9.3.484-2ubuntu1.11)
dpkg (1.17.5ubuntu5.7 => 1.17.5ubuntu5.8)
libgs9-common (9.10~dfsg-0ubuntu10.10 => 9.10~dfsg-0ubuntu10.12)
librelp0 (1.2.2-2ubuntu1 => 1.2.2-2ubuntu1.1)
libcurl3-gnutls (7.35.0-1ubuntu2.14 => 7.35.0-1ubuntu2.15)
libpam-systemd (204-5ubuntu20.26 => 204-5ubuntu20.28)
libavahi-glib1 (0.6.31-4ubuntu1.1 => 0.6.31-4ubuntu1.2)
cups-filters (1.0.52-0ubuntu1.7 => 1.0.52-0ubuntu1.8)
apt-utils (1.0.1ubuntu2.17 => 1.0.1ubuntu2.18)
systemd-services (204-5ubuntu20.26 => 204-5ubuntu20.28)
libgudev-1.0-0 (204-5ubuntu20.26 => 204-5ubuntu20.28)
samba-common (4.3.11+dfsg-0ubuntu0.14.04.13 => 4.3.11+dfsg-0ubuntu0.14.04.14)
curl (7.35.0-1ubuntu2.14 => 7.35.0-1ubuntu2.15)
libtcltk-ruby1.9.1 (1.9.3.484-2ubuntu1.7 => 1.9.3.484-2ubuntu1.11)
perl-modules (5.18.2-2ubuntu1.3 => 5.18.2-2ubuntu1.4)
libwayland-dev (1.4.0-1ubuntu1 => 1.4.0-1ubuntu1.1)
libssl-doc (1.0.1f-1ubuntu2.23 => 1.0.1f-1ubuntu2.25)
libicu52 (52.1-3ubuntu0.7 => 52.1-3ubuntu0.8)
linux-headers-generic (3.13.0.142.152 => 3.13.0.147.157)
cups-filters-core-drivers (1.0.52-0ubuntu1.7 => 1.0.52-0ubuntu1.8)
libssl-dev (1.0.1f-1ubuntu2.23 => 1.0.1f-1ubuntu2.25)
dpkg-dev (1.17.5ubuntu5.7 => 1.17.5ubuntu5.8)
libkmod2 (15-0ubuntu6 => 15-0ubuntu7)
libwayland-client0 (1.4.0-1ubuntu1 => 1.4.0-1ubuntu1.1)
ruby1.9.1-dev (1.9.3.484-2ubuntu1.7 => 1.9.3.484-2ubuntu1.11)
libdpkg-perl (1.17.5ubuntu5.7 => 1.17.5ubuntu5.8)
isc-dhcp-server (4.2.4-7ubuntu12.12 => 4.2.4-7ubuntu12.13)
libavahi-common-data (0.6.31-4ubuntu1.1 => 0.6.31-4ubuntu1.2)
libwayland-cursor0 (1.4.0-1ubuntu1 => 1.4.0-1ubuntu1.1)
puavo-rest (0.11.2-22+trusty.trustyrestonly.df8ce1bc1099fb4898b8a8b7efb4a3d1efedaf87 => 0.11.2-24+trusty.trustyrestonly.fa138fa159d3f764e0917c3a7bdb8b4a19dea5c7)
apt-transport-https (1.0.1ubuntu2.17 => 1.0.1ubuntu2.18)
isc-dhcp-client (4.2.4-7ubuntu12.12 => 4.2.4-7ubuntu12.13)
ubuntu-release-upgrader-core (0.220.9 => 0.220.10)
perl-base (5.18.2-2ubuntu1.3 => 5.18.2-2ubuntu1.4)
module-init-tools (15-0ubuntu6 => 15-0ubuntu7)
python-crypto (2.6.1-4ubuntu0.2 => 2.6.1-4ubuntu0.3)
libcupsfilters1 (1.0.52-0ubuntu1.7 => 1.0.52-0ubuntu1.8)
## Release 57 {#57}
### Security updates
- Package `systemd`:
[CVE-2018-1049](https://security-tracker.debian.org/tracker/CVE-2018-1049)
- Package `cups`:
[CVE-2017-1819](https://security-tracker.debian.org/tracker/CVE-2017-1819)
- Package `postgresql-9.3`:
[CVE-2018-1053](https://security-tracker.debian.org/tracker/CVE-2018-1053),
[CVE-2018-1058](https://security-tracker.debian.org/tracker/CVE-2018-1058)
- Package `w3m`:
[CVE-2018-6196](https://security-tracker.debian.org/tracker/CVE-2018-6196),
[CVE-2018-6197](https://security-tracker.debian.org/tracker/CVE-2018-6197),
[CVE-2018-6198](https://security-tracker.debian.org/tracker/CVE-2018-6198)
- Package `libvirt`:
[CVE-2016-5008](https://security-tracker.debian.org/tracker/CVE-2016-5008),
[CVE-2017-5715](https://security-tracker.debian.org/tracker/CVE-2017-5715),
[CVE-2018-5748](https://security-tracker.debian.org/tracker/CVE-2018-5748)
- Package `libvorbis`:
[CVE-2017-1463](https://security-tracker.debian.org/tracker/CVE-2017-1463),
[CVE-2018-5146](https://security-tracker.debian.org/tracker/CVE-2018-5146)
- Package `puppet`:
[CVE-2017-1068](https://security-tracker.debian.org/tracker/CVE-2017-1068)
- Package `linux`:
[CVE-2017-0750](https://security-tracker.debian.org/tracker/CVE-2017-0750),
[CVE-2017-0861](https://security-tracker.debian.org/tracker/CVE-2017-0861),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-1108](https://security-tracker.debian.org/tracker/CVE-2017-1108),
[CVE-2017-1215](https://security-tracker.debian.org/tracker/CVE-2017-1215),
[CVE-2017-1219](https://security-tracker.debian.org/tracker/CVE-2017-1219),
[CVE-2017-1276](https://security-tracker.debian.org/tracker/CVE-2017-1276),
[CVE-2017-1405](https://security-tracker.debian.org/tracker/CVE-2017-1405),
[CVE-2017-1414](https://security-tracker.debian.org/tracker/CVE-2017-1414),
[CVE-2017-1415](https://security-tracker.debian.org/tracker/CVE-2017-1415),
[CVE-2017-1448](https://security-tracker.debian.org/tracker/CVE-2017-1448),
[CVE-2017-1510](https://security-tracker.debian.org/tracker/CVE-2017-1510),
[CVE-2017-1511](https://security-tracker.debian.org/tracker/CVE-2017-1511),
[CVE-2017-1527](https://security-tracker.debian.org/tracker/CVE-2017-1527),
[CVE-2017-1586](https://security-tracker.debian.org/tracker/CVE-2017-1586),
[CVE-2017-1652](https://security-tracker.debian.org/tracker/CVE-2017-1652),
[CVE-2017-1744](https://security-tracker.debian.org/tracker/CVE-2017-1744),
[CVE-2017-1745](https://security-tracker.debian.org/tracker/CVE-2017-1745),
[CVE-2017-1774](https://security-tracker.debian.org/tracker/CVE-2017-1774),
[CVE-2017-1780](https://security-tracker.debian.org/tracker/CVE-2017-1780),
[CVE-2017-1801](https://security-tracker.debian.org/tracker/CVE-2017-1801),
[CVE-2017-5669](https://security-tracker.debian.org/tracker/CVE-2017-5669),
[CVE-2017-5715](https://security-tracker.debian.org/tracker/CVE-2017-5715),
[CVE-2017-5753](https://security-tracker.debian.org/tracker/CVE-2017-5753),
[CVE-2017-5754](https://security-tracker.debian.org/tracker/CVE-2017-5754),
[CVE-2017-7542](https://security-tracker.debian.org/tracker/CVE-2017-7542),
[CVE-2017-7889](https://security-tracker.debian.org/tracker/CVE-2017-7889),
[CVE-2017-8824](https://security-tracker.debian.org/tracker/CVE-2017-8824),
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000),
[CVE-2018-1087](https://security-tracker.debian.org/tracker/CVE-2018-1087),
[CVE-2018-5332](https://security-tracker.debian.org/tracker/CVE-2018-5332),
[CVE-2018-5333](https://security-tracker.debian.org/tracker/CVE-2018-5333),
[CVE-2018-5344](https://security-tracker.debian.org/tracker/CVE-2018-5344),
[CVE-2018-8897](https://security-tracker.debian.org/tracker/CVE-2018-8897)
- Package `isc-dhcp`:
[CVE-2016-2774](https://security-tracker.debian.org/tracker/CVE-2016-2774),
[CVE-2017-3144](https://security-tracker.debian.org/tracker/CVE-2017-3144),
[CVE-2018-5732](https://security-tracker.debian.org/tracker/CVE-2018-5732),
[CVE-2018-5733](https://security-tracker.debian.org/tracker/CVE-2018-5733)
- Package `sensible-utils`:
[CVE-2017-1751](https://security-tracker.debian.org/tracker/CVE-2017-1751)
- Package `qemu`:
[CVE-2017-1133](https://security-tracker.debian.org/tracker/CVE-2017-1133),
[CVE-2017-1416](https://security-tracker.debian.org/tracker/CVE-2017-1416),
[CVE-2017-1503](https://security-tracker.debian.org/tracker/CVE-2017-1503),
[CVE-2017-1528](https://security-tracker.debian.org/tracker/CVE-2017-1528),
[CVE-2017-1804](https://security-tracker.debian.org/tracker/CVE-2017-1804),
[CVE-2017-5715](https://security-tracker.debian.org/tracker/CVE-2017-5715),
[CVE-2018-5683](https://security-tracker.debian.org/tracker/CVE-2018-5683)
### Typical update path from Release 56
- Need to get 106 MB of archives.
- Has impact on the availability of the end users service:
- Service `isc-dhcp-server` will be restarted during the update process and its estimated downtime is 66 seconds.
- Service `cups` will be restarted during the update process and its estimated downtime is 56 seconds.
- Service `udev` will be restarted during the update process and its estimated downtime is 0 seconds.
- Service `libvirt-bin` will be restarted during the update process and its estimated downtime is 72 seconds.
-
linux-headers-3.13.0-142-generic (3.13.0-142.191)
linux-image-extra-3.13.0-142-generic (3.13.0-142.191)
linux-headers-3.13.0-113 (3.13.0-113.160)
linux-headers-3.13.0-133-generic (3.13.0-133.182)
linux-headers-3.13.0-116 (3.13.0-116.163)
linux-headers-3.13.0-117 (3.13.0-117.164)
libwiretap3 (1.10.6-1)
linux-image-extra-3.13.0-116-generic (3.13.0-116.163)
linux-image-extra-3.13.0-128-generic (3.13.0-128.177)
linux-headers-3.13.0-128-generic (3.13.0-128.177)
linux-headers-3.13.0-123-generic (3.13.0-123.172)
linux-image-extra-3.13.0-113-generic (3.13.0-113.160)
linux-image-extra-3.13.0-133-generic (3.13.0-133.182)
linux-image-3.13.0-116-generic (3.13.0-116.163)
libwsutil3 (1.10.6-1)
linux-headers-3.13.0-123 (3.13.0-123.172)
linux-headers-3.13.0-142 (3.13.0-142.191)
linux-headers-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-128 (3.13.0-128.177)
linux-headers-3.13.0-133 (3.13.0-133.182)
linux-image-3.13.0-128-generic (3.13.0-128.177)
linux-image-extra-3.13.0-123-generic (3.13.0-123.172)
linux-headers-3.13.0-116-generic (3.13.0-116.163)
linux-image-3.13.0-133-generic (3.13.0-133.182)
linux-image-3.13.0-142-generic (3.13.0-142.191)
linux-image-extra-3.13.0-117-generic (3.13.0-117.164)
linux-image-3.13.0-123-generic (3.13.0-123.172)
linux-image-3.13.0-113-generic (3.13.0-113.160)
libwireshark3 (1.10.6-1)
linux-image-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-113-generic (3.13.0-113.160)
libavahi-glib1 (0.6.31-4ubuntu1.1)
-
linux-image-server (3.13.0.141.151 => 3.13.0.142.152)
libcupscgi1 (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
linux-image-generic-lts-trusty (3.13.0.141.151 => 3.13.0.142.152)
linux-image-generic (3.13.0.141.151 => 3.13.0.142.152)
libgomp1 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
isc-dhcp-client (4.2.4-7ubuntu12.10 => 4.2.4-7ubuntu12.12)
linux-libc-dev (3.13.0-141.190 => 3.13.0-142.191)
libcupsimage2 (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
cups-client (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
qemu-keymaps (2.0.0+dfsg-2ubuntu1.36 => 2.0.0+dfsg-2ubuntu1.40)
libcups2 (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
cpp-4.8 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
libgudev-1.0-0 (204-5ubuntu20.25 => 204-5ubuntu20.26)
cups (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
update-manager-core (0.196.24 => 0.196.25)
libatomic1 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
sensible-utils (0.0.9 => 0.0.9ubuntu0.14.04.1)
libapparmor-perl (2.10.95-0ubuntu2.6~14.04.1 => 2.10.95-0ubuntu2.6~14.04.3)
libitm1 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
w3m (0.5.3-15ubuntu0.1 => 0.5.3-15ubuntu0.2)
linux-headers-generic (3.13.0.141.151 => 3.13.0.142.152)
isc-dhcp-common (4.2.4-7ubuntu12.10 => 4.2.4-7ubuntu12.12)
libvorbisenc2 (1.3.2-1.3ubuntu1 => 1.3.2-1.3ubuntu1.1)
libquadmath0 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
libsystemd-daemon0 (204-5ubuntu20.25 => 204-5ubuntu20.26)
libgfortran3 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
gcc-4.8-base (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
libpq5 (9.3.20-0ubuntu0.14.04 => 9.3.22-0ubuntu0.14.04)
qemu-system-x86 (2.0.0+dfsg-2ubuntu1.36 => 2.0.0+dfsg-2ubuntu1.40)
libcupsppdc1 (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
libvorbis0a (1.3.2-1.3ubuntu1 => 1.3.2-1.3ubuntu1.1)
libsystemd-login0 (204-5ubuntu20.25 => 204-5ubuntu20.26)
qemu-kvm (2.0.0+dfsg-2ubuntu1.36 => 2.0.0+dfsg-2ubuntu1.40)
apparmor (2.10.95-0ubuntu2.6~14.04.1 => 2.10.95-0ubuntu2.6~14.04.3)
libasan0 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
libtsan0 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
cups-core-drivers (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
cups-server-common (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
systemd-services (204-5ubuntu20.25 => 204-5ubuntu20.26)
isc-dhcp-server (4.2.4-7ubuntu12.10 => 4.2.4-7ubuntu12.12)
qemu-utils (2.0.0+dfsg-2ubuntu1.36 => 2.0.0+dfsg-2ubuntu1.40)
puppet-common (3.4.3-1ubuntu1.2 => 3.4.3-1ubuntu1.3)
udev (204-5ubuntu20.25 => 204-5ubuntu20.26)
cups-ppdc (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
libpq-dev (9.3.20-0ubuntu0.14.04 => 9.3.22-0ubuntu0.14.04)
python3-update-manager (0.196.24 => 0.196.25)
dh-apparmor (2.10.95-0ubuntu2.6~14.04.1 => 2.10.95-0ubuntu2.6~14.04.3)
cups-daemon (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
libvirt0 (1.2.2-0ubuntu13.1.23 => 1.2.2-0ubuntu13.1.26)
qemu-system-common (2.0.0+dfsg-2ubuntu1.36 => 2.0.0+dfsg-2ubuntu1.40)
gcc-4.8 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
libstdc++6 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
libgcc-4.8-dev (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
cups-common (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
resolvconf (1.69ubuntu1.3 => 1.69ubuntu1.4)
linux-generic (3.13.0.141.151 => 3.13.0.142.152)
libapparmor1 (2.10.95-0ubuntu2.6~14.04.1 => 2.10.95-0ubuntu2.6~14.04.3)
libstdc++-4.8-dev (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
libpam-systemd (204-5ubuntu20.25 => 204-5ubuntu20.26)
libudev1 (204-5ubuntu20.25 => 204-5ubuntu20.26)
g++-4.8 (4.8.4-2ubuntu1~14.04.3 => 4.8.4-2ubuntu1~14.04.4)
puppet (3.4.3-1ubuntu1.2 => 3.4.3-1ubuntu1.3)
libcupsmime1 (1.7.2-0ubuntu1.8 => 1.7.2-0ubuntu1.9)
libvirt-bin (1.2.2-0ubuntu13.1.23 => 1.2.2-0ubuntu13.1.26)
## Release 56 {#56}
### Notable changes
- Fixed `puavo-bootserver-smoke-test`.
- Fix airprinting for IOS 11.
- `puavo-rest` looks up puavo-conf values from puavoConf-ldap-attribute.
### Security updates
- Package `mysql-5.5`:
[CVE-2018-2665](https://security-tracker.debian.org/tracker/CVE-2018-2665),
[CVE-2018-2668](https://security-tracker.debian.org/tracker/CVE-2018-2668)
- Package `rsync`:
[CVE-2017-1654](https://security-tracker.debian.org/tracker/CVE-2017-1654),
[CVE-2018-5764](https://security-tracker.debian.org/tracker/CVE-2018-5764)
- Package `libtasn1-6`:
[CVE-2017-1079](https://security-tracker.debian.org/tracker/CVE-2017-1079)
- Package `curl`:
[CVE-2018-1000](https://security-tracker.debian.org/tracker/CVE-2018-1000)
- Package `linux`:
[CVE-2017-5753](https://security-tracker.debian.org/tracker/CVE-2017-5753),
[CVE-2017-5754](https://security-tracker.debian.org/tracker/CVE-2017-5754)
### Typical update path from Release 55
- Need to get 104 MB of archives.
- Has impact on the availability of the end users service:
- Service `puavo-rest` will be restarted during the update process and its estimated downtime is 41 seconds.
-
linux-headers-3.13.0-113 (3.13.0-113.160)
linux-headers-3.13.0-116 (3.13.0-116.163)
linux-headers-3.13.0-117 (3.13.0-117.164)
libwiretap3 (1.10.6-1)
linux-image-extra-3.13.0-116-generic (3.13.0-116.163)
linux-image-extra-3.13.0-128-generic (3.13.0-128.177)
linux-headers-3.13.0-128-generic (3.13.0-128.177)
linux-headers-3.13.0-123-generic (3.13.0-123.172)
linux-image-extra-3.13.0-113-generic (3.13.0-113.160)
linux-image-3.13.0-116-generic (3.13.0-116.163)
libwsutil3 (1.10.6-1)
linux-image-3.13.0-141-generic (3.13.0-141.190)
linux-headers-3.13.0-123 (3.13.0-123.172)
linux-headers-3.13.0-141 (3.13.0-141.190)
linux-headers-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-128 (3.13.0-128.177)
linux-image-3.13.0-128-generic (3.13.0-128.177)
linux-image-extra-3.13.0-141-generic (3.13.0-141.190)
linux-image-extra-3.13.0-123-generic (3.13.0-123.172)
linux-headers-3.13.0-116-generic (3.13.0-116.163)
linux-image-extra-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-141-generic (3.13.0-141.190)
linux-image-3.13.0-123-generic (3.13.0-123.172)
linux-image-3.13.0-113-generic (3.13.0-113.160)
libwireshark3 (1.10.6-1)
linux-image-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-113-generic (3.13.0-113.160)
libavahi-glib1 (0.6.31-4ubuntu1.1)
-
linux-image-server (3.13.0.139.148 => 3.13.0.141.151)
ruby-puavobs (0.21.0-1023+trusty+master.8db067ae01a7023eac3da5302f2f1a12a5e5fdea => 0.21.1-1029+trusty+master.7ad050911b719cc1503edb7db020b8605b912fb4)
rsync (3.1.0-2ubuntu0.3 => 3.1.0-2ubuntu0.4)
libcurl3-gnutls (7.35.0-1ubuntu2.13 => 7.35.0-1ubuntu2.14)
linux-image-generic-lts-trusty (3.13.0.139.148 => 3.13.0.141.151)
linux-generic (3.13.0.139.148 => 3.13.0.141.151)
linux-image-generic (3.13.0.139.148 => 3.13.0.141.151)
puavo-rules (1.23.6-432+trusty+master.3116c966b4708fe219da49147d075a8e2515140e => 1.23.6-454+trusty+master.c8e5d23487c43b86a8a248216f7d0bd1b3522da9)
puavo-ltsp-bootserver (0.21.0-1023+trusty+master.8db067ae01a7023eac3da5302f2f1a12a5e5fdea => 0.21.1-1029+trusty+master.7ad050911b719cc1503edb7db020b8605b912fb4)
linux-headers-generic (3.13.0.139.148 => 3.13.0.141.151)
libmysqlclient18 (5.5.58-0ubuntu0.14.04.1 => 5.5.59-0ubuntu0.14.04.1)
mysql-common (5.5.58-0ubuntu0.14.04.1 => 5.5.59-0ubuntu0.14.04.1)
libcurl3 (7.35.0-1ubuntu2.13 => 7.35.0-1ubuntu2.14)
linux-libc-dev (3.13.0-139.188 => 3.13.0-141.190)
curl (7.35.0-1ubuntu2.13 => 7.35.0-1ubuntu2.14)
puavo-rest-bootserver (0.11.2-18+trusty.trustyrestonly.2a584a4d281756d2a3054f94e94835d95ee4d0b4 => 0.11.2-22+trusty.trustyrestonly.df8ce1bc1099fb4898b8a8b7efb4a3d1efedaf87)
puavo-rest (0.11.2-18+trusty.trustyrestonly.2a584a4d281756d2a3054f94e94835d95ee4d0b4 => 0.11.2-22+trusty.trustyrestonly.df8ce1bc1099fb4898b8a8b7efb4a3d1efedaf87)
libtasn1-6 (3.4-3ubuntu0.5 => 3.4-3ubuntu0.6)
## Release 55 {#55}
### Notable changes
- Added support for certificate-based wireless networks to puavo-rest.
### Security updates
- Package `openjdk-7`:
[CVE-2016-1016](https://security-tracker.debian.org/tracker/CVE-2016-1016),
[CVE-2016-9841](https://security-tracker.debian.org/tracker/CVE-2016-9841),
[CVE-2017-1005](https://security-tracker.debian.org/tracker/CVE-2017-1005),
[CVE-2017-1006](https://security-tracker.debian.org/tracker/CVE-2017-1006),
[CVE-2017-1007](https://security-tracker.debian.org/tracker/CVE-2017-1007),
[CVE-2017-1008](https://security-tracker.debian.org/tracker/CVE-2017-1008),
[CVE-2017-1009](https://security-tracker.debian.org/tracker/CVE-2017-1009),
[CVE-2017-1010](https://security-tracker.debian.org/tracker/CVE-2017-1010),
[CVE-2017-1011](https://security-tracker.debian.org/tracker/CVE-2017-1011),
[CVE-2017-1013](https://security-tracker.debian.org/tracker/CVE-2017-1013),
[CVE-2017-1017](https://security-tracker.debian.org/tracker/CVE-2017-1017),
[CVE-2017-1024](https://security-tracker.debian.org/tracker/CVE-2017-1024),
[CVE-2017-1027](https://security-tracker.debian.org/tracker/CVE-2017-1027),
[CVE-2017-1028](https://security-tracker.debian.org/tracker/CVE-2017-1028),
[CVE-2017-1029](https://security-tracker.debian.org/tracker/CVE-2017-1029),
[CVE-2017-1034](https://security-tracker.debian.org/tracker/CVE-2017-1034),
[CVE-2017-1035](https://security-tracker.debian.org/tracker/CVE-2017-1035),
[CVE-2017-1038](https://security-tracker.debian.org/tracker/CVE-2017-1038)
- Package `rsync`:
[CVE-2017-1743](https://security-tracker.debian.org/tracker/CVE-2017-1743)
- Package `samba`:
[CVE-2016-2123](https://security-tracker.debian.org/tracker/CVE-2016-2123),
[CVE-2016-2125](https://security-tracker.debian.org/tracker/CVE-2016-2125),
[CVE-2016-2126](https://security-tracker.debian.org/tracker/CVE-2016-2126),
[CVE-2017-1110](https://security-tracker.debian.org/tracker/CVE-2017-1110),
[CVE-2017-1215](https://security-tracker.debian.org/tracker/CVE-2017-1215),
[CVE-2017-1216](https://security-tracker.debian.org/tracker/CVE-2017-1216),
[CVE-2017-1474](https://security-tracker.debian.org/tracker/CVE-2017-1474),
[CVE-2017-1527](https://security-tracker.debian.org/tracker/CVE-2017-1527),
[CVE-2017-2619](https://security-tracker.debian.org/tracker/CVE-2017-2619),
[CVE-2017-7494](https://security-tracker.debian.org/tracker/CVE-2017-7494),
[CVE-2017-9461](https://security-tracker.debian.org/tracker/CVE-2017-9461)
- Package `db5.3`:
[CVE-2017-1014](https://security-tracker.debian.org/tracker/CVE-2017-1014)
- Package `libxml2`:
[CVE-2017-1541](https://security-tracker.debian.org/tracker/CVE-2017-1541),
[CVE-2017-1693](https://security-tracker.debian.org/tracker/CVE-2017-1693)
- Package `python2.7`:
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000)
- Package `openssl`:
[CVE-2017-3735](https://security-tracker.debian.org/tracker/CVE-2017-3735)
- Package `perl`:
[CVE-2017-1283](https://security-tracker.debian.org/tracker/CVE-2017-1283),
[CVE-2017-1288](https://security-tracker.debian.org/tracker/CVE-2017-1288)
- Package `python3.4`:
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000)
- Package `libxcursor`:
[CVE-2013-2003](https://security-tracker.debian.org/tracker/CVE-2013-2003),
[CVE-2017-1661](https://security-tracker.debian.org/tracker/CVE-2017-1661)
- Package `linux-firmware`:
[CVE-2017-1308](https://security-tracker.debian.org/tracker/CVE-2017-1308)
- Package `linux`:
[CVE-2016-8632](https://security-tracker.debian.org/tracker/CVE-2016-8632),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-1066](https://security-tracker.debian.org/tracker/CVE-2017-1066),
[CVE-2017-1091](https://security-tracker.debian.org/tracker/CVE-2017-1091),
[CVE-2017-1117](https://security-tracker.debian.org/tracker/CVE-2017-1117),
[CVE-2017-1434](https://security-tracker.debian.org/tracker/CVE-2017-1434),
[CVE-2017-1693](https://security-tracker.debian.org/tracker/CVE-2017-1693),
[CVE-2017-5754](https://security-tracker.debian.org/tracker/CVE-2017-5754)
- Package `wget`:
[CVE-2016-7098](https://security-tracker.debian.org/tracker/CVE-2016-7098),
[CVE-2017-1308](https://security-tracker.debian.org/tracker/CVE-2017-1308),
[CVE-2017-1309](https://security-tracker.debian.org/tracker/CVE-2017-1309),
[CVE-2017-6508](https://security-tracker.debian.org/tracker/CVE-2017-6508)
- Package `mysql-5.5`:
[CVE-2017-1038](https://security-tracker.debian.org/tracker/CVE-2017-1038)
- Package `poppler`:
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-1497](https://security-tracker.debian.org/tracker/CVE-2017-1497),
[CVE-2017-1556](https://security-tracker.debian.org/tracker/CVE-2017-1556)
- Package `ruby1.9.1`:
[CVE-2017-1740](https://security-tracker.debian.org/tracker/CVE-2017-1740),
[CVE-2017-1779](https://security-tracker.debian.org/tracker/CVE-2017-1779)
- Package `curl`:
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-8817](https://security-tracker.debian.org/tracker/CVE-2017-8817)
- Package `icu`:
[CVE-2017-1495](https://security-tracker.debian.org/tracker/CVE-2017-1495)
### Typical update path from Release 54
- Need to get 225 MB of archives.
- Has impact on the availability of the end users service:
- Service `nmbd` will be restarted during the update process and its estimated downtime is 92 seconds.
- Service `winbind` will be restarted during the update process and its estimated downtime is 99 seconds.
- Service `puavo-tftpd` will be restarted during the update process and its estimated downtime is 116 seconds.
- Service `samba-ad-dc` will be restarted during the update process and its estimated downtime is ? seconds.
- Service `smbd` will be restarted during the update process and its estimated downtime is 92 seconds.
- Service `puavo-rest` will be restarted during the update process and its estimated downtime is 131 seconds.
-
linux-headers-3.13.0-139 (3.13.0-139.188)
linux-headers-3.13.0-113 (3.13.0-113.160)
linux-image-extra-3.13.0-123-generic (3.13.0-123.172)
linux-headers-3.13.0-117 (3.13.0-117.164)
libwiretap3 (1.10.6-1)
linux-image-extra-3.13.0-116-generic (3.13.0-116.163)
linux-headers-3.13.0-123-generic (3.13.0-123.172)
linux-image-extra-3.13.0-113-generic (3.13.0-113.160)
linux-image-3.13.0-116-generic (3.13.0-116.163)
libwsutil3 (1.10.6-1)
linux-headers-3.13.0-139-generic (3.13.0-139.188)
linux-headers-3.13.0-123 (3.13.0-123.172)
linux-image-3.13.0-139-generic (3.13.0-139.188)
linux-headers-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-116 (3.13.0-116.163)
linux-headers-3.13.0-116-generic (3.13.0-116.163)
linux-image-extra-3.13.0-139-generic (3.13.0-139.188)
linux-image-extra-3.13.0-117-generic (3.13.0-117.164)
linux-image-3.13.0-123-generic (3.13.0-123.172)
linux-image-3.13.0-113-generic (3.13.0-113.160)
libwireshark3 (1.10.6-1)
linux-image-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-113-generic (3.13.0-113.160)
libavahi-glib1 (0.6.31-4ubuntu1.1)
-
linux-image-server (3.13.0.133.142 => 3.13.0.139.148)
libssl1.0.0 (1.0.1f-1ubuntu2.22 => 1.0.1f-1ubuntu2.23)
libmysqlclient18 (5.5.57-0ubuntu0.14.04.1 => 5.5.58-0ubuntu0.14.04.1)
libnss-winbind (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
linux-image-generic (3.13.0.133.142 => 3.13.0.139.148)
libpam-winbind (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
libxml2 (2.9.1+dfsg1-3ubuntu4.10 => 2.9.1+dfsg1-3ubuntu4.12)
ruby1.9.1-full (1.9.3.484-2ubuntu1.5 => 1.9.3.484-2ubuntu1.7)
squashfs-tools (4.2+20130409-2ubuntu0.14.04.1 => 4.2+20130409-2ubuntu0.14.04.2)
libruby1.9.1-dbg (1.9.3.484-2ubuntu1.5 => 1.9.3.484-2ubuntu1.7)
iproute (3.12.0-2ubuntu1 => 3.12.0-2ubuntu1.1)
lshw (02.16-2ubuntu1.3 => 02.16-2ubuntu1.4)
linux-libc-dev (3.13.0-133.182 => 3.13.0-139.188)
samba-common (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
curl (7.35.0-1ubuntu2.11 => 7.35.0-1ubuntu2.13)
libperl5.18 (5.18.2-2ubuntu1.1 => 5.18.2-2ubuntu1.3)
libpython2.7-stdlib (2.7.6-8ubuntu0.3 => 2.7.6-8ubuntu0.4)
samba-libs (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
initramfs-tools (0.103ubuntu4.8 => 0.103ubuntu4.10)
poppler-utils (0.24.5-2ubuntu4.7 => 0.24.5-2ubuntu4.9)
libpython2.7-minimal (2.7.6-8ubuntu0.3 => 2.7.6-8ubuntu0.4)
libtcltk-ruby1.9.1 (1.9.3.484-2ubuntu1.5 => 1.9.3.484-2ubuntu1.7)
rsync (3.1.0-2ubuntu0.2 => 3.1.0-2ubuntu0.3)
perl-modules (5.18.2-2ubuntu1.1 => 5.18.2-2ubuntu1.3)
libpython2.7 (2.7.6-8ubuntu0.3 => 2.7.6-8ubuntu0.4)
linux-generic (3.13.0.133.142 => 3.13.0.139.148)
libsmbclient (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
ruby1.9.1 (1.9.3.484-2ubuntu1.5 => 1.9.3.484-2ubuntu1.7)
libxml2-utils (2.9.1+dfsg1-3ubuntu4.10 => 2.9.1+dfsg1-3ubuntu4.12)
python3.4-minimal (3.4.3-1ubuntu1~14.04.5 => 3.4.3-1ubuntu1~14.04.6)
python2.7-minimal (2.7.6-8ubuntu0.3 => 2.7.6-8ubuntu0.4)
libssl-doc (1.0.1f-1ubuntu2.22 => 1.0.1f-1ubuntu2.23)
libicu52 (52.1-3ubuntu0.6 => 52.1-3ubuntu0.7)
samba-common-bin (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
samba (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
linux-headers-generic (3.13.0.133.142 => 3.13.0.139.148)
puavo-tftpd-hooks (0.5.12-17+trusty+master.4df5c00c8f2d7ac3036900a9916b4e0a08a1f31f => 0.5.13-18+trusty+master.118ea358afbd216614b33ed153977b994227637c)
ruby1.9.3 (1.9.3.484-2ubuntu1.5 => 1.9.3.484-2ubuntu1.7)
linux-firmware (1.127.23 => 1.127.24)
libpq5 (9.3.19-0ubuntu0.14.04 => 9.3.20-0ubuntu0.14.04)
ruby1.9.1-examples (1.9.3.484-2ubuntu1.5 => 1.9.3.484-2ubuntu1.7)
libpython3.4-stdlib (3.4.3-1ubuntu1~14.04.5 => 3.4.3-1ubuntu1~14.04.6)
libdb5.3 (5.3.28-3ubuntu3 => 5.3.28-3ubuntu3.1)
ruby1.9.1-dev (1.9.3.484-2ubuntu1.5 => 1.9.3.484-2ubuntu1.7)
libcurl3 (7.35.0-1ubuntu2.11 => 7.35.0-1ubuntu2.13)
distro-info-data (0.18ubuntu0.7 => 0.18ubuntu0.8)
winbind (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
libssl-dev (1.0.1f-1ubuntu2.22 => 1.0.1f-1ubuntu2.23)
smbclient (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
python-samba (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
python2.7 (2.7.6-8ubuntu0.3 => 2.7.6-8ubuntu0.4)
tzdata (2016j-0ubuntu0.14.04 => 2017c-0ubuntu0.14.04)
libruby1.9.1 (1.9.3.484-2ubuntu1.5 => 1.9.3.484-2ubuntu1.7)
perl (5.18.2-2ubuntu1.1 => 5.18.2-2ubuntu1.3)
python3.4 (3.4.3-1ubuntu1~14.04.5 => 3.4.3-1ubuntu1~14.04.6)
openjdk-7-jre-headless (7u151-2.6.11-0ubuntu1.14.04.1 => 7u151-2.6.11-2ubuntu0.14.04.1)
samba-dsdb-modules (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
wget (1.15-1ubuntu1.14.04.2 => 1.15-1ubuntu1.14.04.3)
puavo-rest-bootserver (0.11.2-17+trusty.trustyrestonly.d05fd397c325ef5639421abb3f97989f0ab6db2a => 0.11.2-18+trusty.trustyrestonly.2a584a4d281756d2a3054f94e94835d95ee4d0b4)
puavo-rest (0.11.2-17+trusty.trustyrestonly.d05fd397c325ef5639421abb3f97989f0ab6db2a => 0.11.2-18+trusty.trustyrestonly.2a584a4d281756d2a3054f94e94835d95ee4d0b4)
libxml2-dev (2.9.1+dfsg1-3ubuntu4.10 => 2.9.1+dfsg1-3ubuntu4.12)
libcurl3-gnutls (7.35.0-1ubuntu2.11 => 7.35.0-1ubuntu2.13)
linux-image-generic-lts-trusty (3.13.0.133.142 => 3.13.0.139.148)
libwbclient0 (4.3.11+dfsg-0ubuntu0.14.04.12 => 4.3.11+dfsg-0ubuntu0.14.04.13)
tzdata-java (2016j-0ubuntu0.14.04 => 2017c-0ubuntu0.14.04)
puavo-tftpd (0.5.12-17+trusty+master.4df5c00c8f2d7ac3036900a9916b4e0a08a1f31f => 0.5.13-18+trusty+master.118ea358afbd216614b33ed153977b994227637c)
ri1.9.1 (1.9.3.484-2ubuntu1.5 => 1.9.3.484-2ubuntu1.7)
openssl (1.0.1f-1ubuntu2.22 => 1.0.1f-1ubuntu2.23)
libpoppler44 (0.24.5-2ubuntu4.7 => 0.24.5-2ubuntu4.9)
perl-base (5.18.2-2ubuntu1.1 => 5.18.2-2ubuntu1.3)
resolvconf (1.69ubuntu1.1 => 1.69ubuntu1.3)
initramfs-tools-bin (0.103ubuntu4.8 => 0.103ubuntu4.10)
libpython3.4-minimal (3.4.3-1ubuntu1~14.04.5 => 3.4.3-1ubuntu1~14.04.6)
iproute2 (3.12.0-2ubuntu1 => 3.12.0-2ubuntu1.1)
mysql-common (5.5.57-0ubuntu0.14.04.1 => 5.5.58-0ubuntu0.14.04.1)
libxcursor1 (1.1.14-1 => 1.1.14-1ubuntu0.14.04.1)
## Release 54 {#54}
### Notable changes
- User home directory paths change according to changing usernames.
- Enable negative caching of DNS queries with dnsmasq to reduce outward queries.
- More support for puavo-os functionality.
### Security updates
- Package `libgd2`:
[CVE-2017-6362](https://security-tracker.debian.org/tracker/CVE-2017-6362)
- Package `augeas`:
[CVE-2017-7555](https://security-tracker.debian.org/tracker/CVE-2017-7555)
- Package `texlive-base`:
[CVE-2016-1024](https://security-tracker.debian.org/tracker/CVE-2016-1024)
- Package `xen`:
[CVE-2017-1213](https://security-tracker.debian.org/tracker/CVE-2017-1213),
[CVE-2017-1285](https://security-tracker.debian.org/tracker/CVE-2017-1285),
[CVE-2017-1431](https://security-tracker.debian.org/tracker/CVE-2017-1431)
- Package `ceph`:
[CVE-2016-5009](https://security-tracker.debian.org/tracker/CVE-2016-5009),
[CVE-2016-7031](https://security-tracker.debian.org/tracker/CVE-2016-7031),
[CVE-2016-8626](https://security-tracker.debian.org/tracker/CVE-2016-8626),
[CVE-2016-9579](https://security-tracker.debian.org/tracker/CVE-2016-9579)
- Package `bluez`:
[CVE-2016-7837](https://security-tracker.debian.org/tracker/CVE-2016-7837),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000)
- Package `linux`:
[CVE-2016-1004](https://security-tracker.debian.org/tracker/CVE-2016-1004),
[CVE-2016-1020](https://security-tracker.debian.org/tracker/CVE-2016-1020),
[CVE-2016-7097](https://security-tracker.debian.org/tracker/CVE-2016-7097),
[CVE-2016-7914](https://security-tracker.debian.org/tracker/CVE-2016-7914),
[CVE-2016-8633](https://security-tracker.debian.org/tracker/CVE-2016-8633),
[CVE-2016-8650](https://security-tracker.debian.org/tracker/CVE-2016-8650),
[CVE-2016-9083](https://security-tracker.debian.org/tracker/CVE-2016-9083),
[CVE-2016-9084](https://security-tracker.debian.org/tracker/CVE-2016-9084),
[CVE-2016-9178](https://security-tracker.debian.org/tracker/CVE-2016-9178),
[CVE-2016-9191](https://security-tracker.debian.org/tracker/CVE-2016-9191),
[CVE-2016-9604](https://security-tracker.debian.org/tracker/CVE-2016-9604),
[CVE-2016-9754](https://security-tracker.debian.org/tracker/CVE-2016-9754),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-1410](https://security-tracker.debian.org/tracker/CVE-2017-1410),
[CVE-2017-5970](https://security-tracker.debian.org/tracker/CVE-2017-5970),
[CVE-2017-6214](https://security-tracker.debian.org/tracker/CVE-2017-6214),
[CVE-2017-6346](https://security-tracker.debian.org/tracker/CVE-2017-6346),
[CVE-2017-6951](https://security-tracker.debian.org/tracker/CVE-2017-6951),
[CVE-2017-7187](https://security-tracker.debian.org/tracker/CVE-2017-7187),
[CVE-2017-7261](https://security-tracker.debian.org/tracker/CVE-2017-7261),
[CVE-2017-7273](https://security-tracker.debian.org/tracker/CVE-2017-7273),
[CVE-2017-7472](https://security-tracker.debian.org/tracker/CVE-2017-7472),
[CVE-2017-7487](https://security-tracker.debian.org/tracker/CVE-2017-7487),
[CVE-2017-7495](https://security-tracker.debian.org/tracker/CVE-2017-7495),
[CVE-2017-7541](https://security-tracker.debian.org/tracker/CVE-2017-7541),
[CVE-2017-7616](https://security-tracker.debian.org/tracker/CVE-2017-7616)
- Package `curl`:
[CVE-2016-9586](https://security-tracker.debian.org/tracker/CVE-2016-9586),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-7407](https://security-tracker.debian.org/tracker/CVE-2017-7407)
- Package `nss`:
[CVE-2015-2721](https://security-tracker.debian.org/tracker/CVE-2015-2721),
[CVE-2015-2730](https://security-tracker.debian.org/tracker/CVE-2015-2730),
[CVE-2015-7181](https://security-tracker.debian.org/tracker/CVE-2015-7181),
[CVE-2015-7182](https://security-tracker.debian.org/tracker/CVE-2015-7182),
[CVE-2015-7575](https://security-tracker.debian.org/tracker/CVE-2015-7575),
[CVE-2016-1938](https://security-tracker.debian.org/tracker/CVE-2016-1938),
[CVE-2016-1950](https://security-tracker.debian.org/tracker/CVE-2016-1950),
[CVE-2016-2183](https://security-tracker.debian.org/tracker/CVE-2016-2183),
[CVE-2016-2834](https://security-tracker.debian.org/tracker/CVE-2016-2834),
[CVE-2016-5285](https://security-tracker.debian.org/tracker/CVE-2016-5285),
[CVE-2016-8635](https://security-tracker.debian.org/tracker/CVE-2016-8635),
[CVE-2016-9074](https://security-tracker.debian.org/tracker/CVE-2016-9074),
[CVE-2017-5461](https://security-tracker.debian.org/tracker/CVE-2017-5461),
[CVE-2017-7502](https://security-tracker.debian.org/tracker/CVE-2017-7502),
[CVE-2017-7805](https://security-tracker.debian.org/tracker/CVE-2017-7805)
- Package `ruby1.9.1`:
[CVE-2017-0898](https://security-tracker.debian.org/tracker/CVE-2017-0898),
[CVE-2017-0899](https://security-tracker.debian.org/tracker/CVE-2017-0899),
[CVE-2017-0900](https://security-tracker.debian.org/tracker/CVE-2017-0900),
[CVE-2017-0901](https://security-tracker.debian.org/tracker/CVE-2017-0901),
[CVE-2017-1074](https://security-tracker.debian.org/tracker/CVE-2017-1074),
[CVE-2017-1403](https://security-tracker.debian.org/tracker/CVE-2017-1403),
[CVE-2017-1406](https://security-tracker.debian.org/tracker/CVE-2017-1406)
- Package `varnish`:
[CVE-2015-8852](https://security-tracker.debian.org/tracker/CVE-2015-8852),
[CVE-2017-1242](https://security-tracker.debian.org/tracker/CVE-2017-1242)
- Package `git`:
[CVE-2014-9390](https://security-tracker.debian.org/tracker/CVE-2014-9390),
[CVE-2014-9938](https://security-tracker.debian.org/tracker/CVE-2014-9938),
[CVE-2015-7545](https://security-tracker.debian.org/tracker/CVE-2015-7545),
[CVE-2016-2315](https://security-tracker.debian.org/tracker/CVE-2016-2315),
[CVE-2016-2324](https://security-tracker.debian.org/tracker/CVE-2016-2324),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-1486](https://security-tracker.debian.org/tracker/CVE-2017-1486),
[CVE-2017-8386](https://security-tracker.debian.org/tracker/CVE-2017-8386)
- Package `qemu`:
[CVE-2017-1066](https://security-tracker.debian.org/tracker/CVE-2017-1066),
[CVE-2017-1080](https://security-tracker.debian.org/tracker/CVE-2017-1080),
[CVE-2017-1091](https://security-tracker.debian.org/tracker/CVE-2017-1091),
[CVE-2017-1143](https://security-tracker.debian.org/tracker/CVE-2017-1143),
[CVE-2017-7493](https://security-tracker.debian.org/tracker/CVE-2017-7493),
[CVE-2017-8112](https://security-tracker.debian.org/tracker/CVE-2017-8112),
[CVE-2017-9330](https://security-tracker.debian.org/tracker/CVE-2017-9330),
[CVE-2017-9373](https://security-tracker.debian.org/tracker/CVE-2017-9373),
[CVE-2017-9374](https://security-tracker.debian.org/tracker/CVE-2017-9374),
[CVE-2017-9375](https://security-tracker.debian.org/tracker/CVE-2017-9375),
[CVE-2017-9503](https://security-tracker.debian.org/tracker/CVE-2017-9503)
- Package `poppler`:
[CVE-2017-1451](https://security-tracker.debian.org/tracker/CVE-2017-1451),
[CVE-2017-1452](https://security-tracker.debian.org/tracker/CVE-2017-1452),
[CVE-2017-1461](https://security-tracker.debian.org/tracker/CVE-2017-1461),
[CVE-2017-1492](https://security-tracker.debian.org/tracker/CVE-2017-1492),
[CVE-2017-1497](https://security-tracker.debian.org/tracker/CVE-2017-1497),
[CVE-2017-9776](https://security-tracker.debian.org/tracker/CVE-2017-9776)
- Package `libxml2`:
[CVE-2017-0663](https://security-tracker.debian.org/tracker/CVE-2017-0663),
[CVE-2017-7375](https://security-tracker.debian.org/tracker/CVE-2017-7375),
[CVE-2017-7376](https://security-tracker.debian.org/tracker/CVE-2017-7376),
[CVE-2017-9047](https://security-tracker.debian.org/tracker/CVE-2017-9047),
[CVE-2017-9048](https://security-tracker.debian.org/tracker/CVE-2017-9048),
[CVE-2017-9049](https://security-tracker.debian.org/tracker/CVE-2017-9049),
[CVE-2017-9050](https://security-tracker.debian.org/tracker/CVE-2017-9050)
- Package `bind9`:
[CVE-2015-8704](https://security-tracker.debian.org/tracker/CVE-2015-8704),
[CVE-2016-1285](https://security-tracker.debian.org/tracker/CVE-2016-1285),
[CVE-2016-1286](https://security-tracker.debian.org/tracker/CVE-2016-1286),
[CVE-2016-2776](https://security-tracker.debian.org/tracker/CVE-2016-2776),
[CVE-2016-8864](https://security-tracker.debian.org/tracker/CVE-2016-8864),
[CVE-2016-9131](https://security-tracker.debian.org/tracker/CVE-2016-9131),
[CVE-2016-9147](https://security-tracker.debian.org/tracker/CVE-2016-9147),
[CVE-2016-9444](https://security-tracker.debian.org/tracker/CVE-2016-9444),
[CVE-2017-3135](https://security-tracker.debian.org/tracker/CVE-2017-3135),
[CVE-2017-3136](https://security-tracker.debian.org/tracker/CVE-2017-3136),
[CVE-2017-3137](https://security-tracker.debian.org/tracker/CVE-2017-3137),
[CVE-2017-3138](https://security-tracker.debian.org/tracker/CVE-2017-3138),
[CVE-2017-3142](https://security-tracker.debian.org/tracker/CVE-2017-3142),
[CVE-2017-3143](https://security-tracker.debian.org/tracker/CVE-2017-3143)
- Package `tcpdump`:
[CVE-2017-1110](https://security-tracker.debian.org/tracker/CVE-2017-1110),
[CVE-2017-1154](https://security-tracker.debian.org/tracker/CVE-2017-1154),
[CVE-2017-1289](https://security-tracker.debian.org/tracker/CVE-2017-1289),
[CVE-2017-1290](https://security-tracker.debian.org/tracker/CVE-2017-1290),
[CVE-2017-1298](https://security-tracker.debian.org/tracker/CVE-2017-1298),
[CVE-2017-1299](https://security-tracker.debian.org/tracker/CVE-2017-1299),
[CVE-2017-1300](https://security-tracker.debian.org/tracker/CVE-2017-1300),
[CVE-2017-1301](https://security-tracker.debian.org/tracker/CVE-2017-1301),
[CVE-2017-1302](https://security-tracker.debian.org/tracker/CVE-2017-1302),
[CVE-2017-1303](https://security-tracker.debian.org/tracker/CVE-2017-1303),
[CVE-2017-1304](https://security-tracker.debian.org/tracker/CVE-2017-1304),
[CVE-2017-1305](https://security-tracker.debian.org/tracker/CVE-2017-1305),
[CVE-2017-1368](https://security-tracker.debian.org/tracker/CVE-2017-1368),
[CVE-2017-1369](https://security-tracker.debian.org/tracker/CVE-2017-1369),
[CVE-2017-1372](https://security-tracker.debian.org/tracker/CVE-2017-1372)
- Package `openjdk-7`:
[CVE-2017-1005](https://security-tracker.debian.org/tracker/CVE-2017-1005),
[CVE-2017-1006](https://security-tracker.debian.org/tracker/CVE-2017-1006),
[CVE-2017-1007](https://security-tracker.debian.org/tracker/CVE-2017-1007),
[CVE-2017-1008](https://security-tracker.debian.org/tracker/CVE-2017-1008),
[CVE-2017-1009](https://security-tracker.debian.org/tracker/CVE-2017-1009),
[CVE-2017-1010](https://security-tracker.debian.org/tracker/CVE-2017-1010),
[CVE-2017-1011](https://security-tracker.debian.org/tracker/CVE-2017-1011),
[CVE-2017-1013](https://security-tracker.debian.org/tracker/CVE-2017-1013),
[CVE-2017-1017](https://security-tracker.debian.org/tracker/CVE-2017-1017),
[CVE-2017-1024](https://security-tracker.debian.org/tracker/CVE-2017-1024),
[CVE-2017-3509](https://security-tracker.debian.org/tracker/CVE-2017-3509),
[CVE-2017-3511](https://security-tracker.debian.org/tracker/CVE-2017-3511),
[CVE-2017-3514](https://security-tracker.debian.org/tracker/CVE-2017-3514),
[CVE-2017-3526](https://security-tracker.debian.org/tracker/CVE-2017-3526),
[CVE-2017-3533](https://security-tracker.debian.org/tracker/CVE-2017-3533),
[CVE-2017-3539](https://security-tracker.debian.org/tracker/CVE-2017-3539),
[CVE-2017-3544](https://security-tracker.debian.org/tracker/CVE-2017-3544)
- Package `libidn`:
[CVE-2017-1406](https://security-tracker.debian.org/tracker/CVE-2017-1406)
- Package `graphite2`:
[CVE-2017-7774](https://security-tracker.debian.org/tracker/CVE-2017-7774),
[CVE-2017-7778](https://security-tracker.debian.org/tracker/CVE-2017-7778)
- Package `samba`:
[CVE-2016-2123](https://security-tracker.debian.org/tracker/CVE-2016-2123),
[CVE-2016-2125](https://security-tracker.debian.org/tracker/CVE-2016-2125),
[CVE-2016-2126](https://security-tracker.debian.org/tracker/CVE-2016-2126),
[CVE-2017-1110](https://security-tracker.debian.org/tracker/CVE-2017-1110),
[CVE-2017-1215](https://security-tracker.debian.org/tracker/CVE-2017-1215),
[CVE-2017-1216](https://security-tracker.debian.org/tracker/CVE-2017-1216),
[CVE-2017-2619](https://security-tracker.debian.org/tracker/CVE-2017-2619),
[CVE-2017-7494](https://security-tracker.debian.org/tracker/CVE-2017-7494),
[CVE-2017-9461](https://security-tracker.debian.org/tracker/CVE-2017-9461)
- Package `libffi`:
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000)
- Package `c-ares`:
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000)
- Package `ghostscript`:
[CVE-2017-1171](https://security-tracker.debian.org/tracker/CVE-2017-1171),
[CVE-2017-9611](https://security-tracker.debian.org/tracker/CVE-2017-9611),
[CVE-2017-9612](https://security-tracker.debian.org/tracker/CVE-2017-9612),
[CVE-2017-9726](https://security-tracker.debian.org/tracker/CVE-2017-9726),
[CVE-2017-9727](https://security-tracker.debian.org/tracker/CVE-2017-9727),
[CVE-2017-9739](https://security-tracker.debian.org/tracker/CVE-2017-9739),
[CVE-2017-9835](https://security-tracker.debian.org/tracker/CVE-2017-9835)
- Package `postgresql-9.3`:
[CVE-2017-7546](https://security-tracker.debian.org/tracker/CVE-2017-7546),
[CVE-2017-7547](https://security-tracker.debian.org/tracker/CVE-2017-7547),
[CVE-2017-7548](https://security-tracker.debian.org/tracker/CVE-2017-7548)
- Package `dnsmasq`:
[CVE-2017-1449](https://security-tracker.debian.org/tracker/CVE-2017-1449)
### Typical update path from Release 53
- Need to get 302 MB of archives.
- Has impact on the availability of the end users service:
- Service `nmbd` will be restarted during the update process and its estimated downtime is 155 seconds.
- Service `winbind` will be restarted during the update process and its estimated downtime is 162 seconds.
- Service `udev` will be restarted during the update process and its estimated downtime is 0 seconds.
- Service `samba-ad-dc` will be restarted during the update process and its estimated downtime is ? seconds.
- Service `smbd` will be restarted during the update process and its estimated downtime is 155 seconds.
- Service `puavo-rest` will be restarted during the update process and its estimated downtime is 159 seconds.
- Service `libvirt-bin` will be restarted during the update process and its estimated downtime is 228 seconds.
-
linux-headers-3.10.89-031089-generic (3.10.89-031089.201509211852)
linux-image-3.13.0-123-generic (3.13.0-123.172)
linux-image-3.10.69-031069-generic (3.10.69-031069.201502110743)
linux-image-extra-3.13.0-101-generic (3.13.0-101.148)
linux-firmware-image (3.10.61.opinsys1+-1)
libopenwsman1 (2.4.3-0ubuntu4.1)
linux-headers-3.13.0-133 (3.13.0-133.182)
linux-headers-3.13.0-116 (3.13.0-116.163)
linux-headers-3.10.81-031081-generic (3.10.81-031081.201506230313)
libwiretap3 (1.10.6-1)
linux-headers-3.10.69-031069-generic (3.10.69-031069.201502110743)
linux-headers-3.13.0-105-generic (3.13.0-105.152)
linux-image-extra-3.13.0-133-generic (3.13.0-133.182)
linux-image-extra-3.13.0-116-generic (3.13.0-116.163)
libxen-4.1 (4.1.6.1-0ubuntu0.12.04.12)
linux-image-extra-3.13.0-105-generic (3.13.0-105.152)
linux-headers-3.13.0-123-generic (3.13.0-123.172)
libhdb9-heimdal (1.6~git20131207+dfsg-1ubuntu1.2)
linux-headers-3.13.0-113 (3.13.0-113.160)
linux-image-extra-3.13.0-113-generic (3.13.0-113.160)
linux-image-3.13.0-106-generic (3.13.0-106.153)
libmpdec2 (2.4.0-6)
linux-headers-3.13.0-24 (3.13.0-24.47)
linux-image-3.10.89-031089-generic (3.10.89-031089.201509211852)
linux-image-3.13.0-77-generic (3.13.0-77.121)
linux-image-3.13.0-24-generic (3.13.0-24.47)
linux-headers-3.13.0-108-generic (3.13.0-108.155)
libwsutil3 (1.10.6-1)
linux-image-3.13.0-116-generic (3.13.0-116.163)
libcimcclient0 (2.2.6-0ubuntu2)
libkdc2-heimdal (1.6~git20131207+dfsg-1ubuntu1.2)
linux-headers-3.2.0-113 (3.2.0-113.155)
linux-image-3.13.0-101-generic (3.13.0-101.148)
linux-headers-3.13.0-101-generic (3.13.0-101.148)
libssh2-1 (1.4.3-2ubuntu0.1)
linux-headers-3.10.89-031089 (3.10.89-031089.201509211852)
linux-headers-3.13.0-123 (3.13.0-123.172)
linux-headers-3.13.0-108 (3.13.0-108.155)
linux-headers-3.13.0-101 (3.13.0-101.148)
linux-headers-3.13.0-106 (3.13.0-106.153)
linux-headers-3.13.0-105 (3.13.0-105.152)
linux-headers-3.13.0-106-generic (3.13.0-106.153)
linux-headers-3.13.0-24-generic (3.13.0-24.47)
linux-image-extra-3.13.0-123-generic (3.13.0-123.172)
linux-headers-3.13.0-116-generic (3.13.0-116.163)
linux-image-extra-3.13.0-24-generic (3.13.0-24.47)
libntdb1 (1.0-2ubuntu1)
libhogweed2 (2.7.1-1ubuntu0.2)
linux-image-3.13.0-133-generic (3.13.0-133.182)
linux-image-3.10.61.opinsys1+ (3.10.61.opinsys1+-1)
linux-headers-3.13.0-113-generic (3.13.0-113.160)
linux-headers-3.13.0-133-generic (3.13.0-133.182)
linux-headers-3.10.81-031081 (3.10.81-031081.201506230313)
python-ntdb (1.0-2ubuntu1)
linux-image-extra-3.13.0-100-generic (3.13.0-100.147)
linux-image-extra-3.13.0-108-generic (3.13.0-108.155)
linux-image-extra-3.13.0-106-generic (3.13.0-106.153)
linux-image-3.13.0-105-generic (3.13.0-105.152)
linux-image-3.13.0-113-generic (3.13.0-113.160)
libwireshark3 (1.10.6-1)
linux-image-3.10.81-031081-generic (3.10.81-031081.201506230313)
libgnutls28 (3.2.11-2ubuntu1.1)
libavahi-glib1 (0.6.31-4ubuntu1.1)
linux-headers-3.10.69-031069 (3.10.69-031069.201502110743)
linux-image-3.13.0-108-generic (3.13.0-108.155)
-
texlive-fonts-recommended-doc (2013.20140215-1 => 2013.20140215-1ubuntu0.1)
libgd3 (2.1.0-3ubuntu0.7 => 2.1.0-3ubuntu0.8)
texlive-latex-base (2013.20140215-1 => 2013.20140215-1ubuntu0.1)
qemu-keymaps (2.0.0+dfsg-2ubuntu1.34 => 2.0.0+dfsg-2ubuntu1.36)
git-man (1.9.1-1ubuntu0.6 => 1.9.1-1ubuntu0.7)
texlive-latex-base-doc (2013.20140215-1 => 2013.20140215-1ubuntu0.1)
samba-libs (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
grub-common (2.02~beta2-9ubuntu1.12 => 2.02~beta2-9ubuntu1.14)
libdns100 (9.9.5.dfsg-3ubuntu0.15 => 9.9.5.dfsg-3ubuntu0.16)
augeas-lenses (1.2.0-0ubuntu1.2 => 1.2.0-0ubuntu1.3)
qemu-system-x86 (2.0.0+dfsg-2ubuntu1.34 => 2.0.0+dfsg-2ubuntu1.36)
libsystemd-login0 (204-5ubuntu20.24 => 204-5ubuntu20.25)
libxml2-utils (2.9.1+dfsg1-3ubuntu4.9 => 2.9.1+dfsg1-3ubuntu4.10)
linux-image-generic (3.13.0.128.137 => 3.13.0.133.142)
librados2 (0.80.11-0ubuntu1.14.04.2 => 0.80.11-0ubuntu1.14.04.3)
ca-certificates (20160104ubuntu0.14.04.1 => 20170717~14.04.1)
openjdk-7-jre-headless (7u131-2.6.9-0ubuntu0.14.04.2 => 7u151-2.6.11-0ubuntu1.14.04.1)
samba-dsdb-modules (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
libnss3-nssdb (3.28.4-0ubuntu0.14.04.2 => 3.28.4-0ubuntu0.14.04.3)
puavo-rest-bootserver (0.11.2-16+trusty.trustyrestonly.e31c633ea1c433f9448fe9e1b337b441dd5f891a => 0.11.2-17+trusty.trustyrestonly.d05fd397c325ef5639421abb3f97989f0ab6db2a)
bind9-host (9.9.5.dfsg-3ubuntu0.15 => 9.9.5.dfsg-3ubuntu0.16)
texlive-luatex (2013.20140215-1 => 2013.20140215-1ubuntu0.1)
qemu-system-common (2.0.0+dfsg-2ubuntu1.34 => 2.0.0+dfsg-2ubuntu1.36)
ghostscript (9.10~dfsg-0ubuntu10.9 => 9.10~dfsg-0ubuntu10.10)
ri1.9.1 (1.9.3.484-2ubuntu1.3 => 1.9.3.484-2ubuntu1.5)
libpoppler44 (0.24.5-2ubuntu4.5 => 0.24.5-2ubuntu4.7)
puavo-ltsp-bootserver (0.20.8-1019+trusty+master.204e42f55d0cd3508bc09ed39db1fd3c4f87dd0a => 0.21.0-1023+trusty+master.8db067ae01a7023eac3da5302f2f1a12a5e5fdea)
dnsmasq (2.68-1ubuntu0.1 => 2.68-1ubuntu0.2)
libnss-winbind (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
libidn11 (1.28-1ubuntu2.1 => 1.28-1ubuntu2.2)
libpam-winbind (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
grub2-common (2.02~beta2-9ubuntu1.12 => 2.02~beta2-9ubuntu1.14)
libudev1 (204-5ubuntu20.24 => 204-5ubuntu20.25)
udev (204-5ubuntu20.24 => 204-5ubuntu20.25)
linux-libc-dev (3.13.0-128.177 => 3.13.0-133.182)
libxen-4.4 (4.4.2-0ubuntu0.14.04.12 => 4.4.2-0ubuntu0.14.04.14)
libxenstore3.0 (4.4.2-0ubuntu0.14.04.12 => 4.4.2-0ubuntu0.14.04.14)
ruby1.9.3 (1.9.3.484-2ubuntu1.3 => 1.9.3.484-2ubuntu1.5)
liblwres90 (9.9.5.dfsg-3ubuntu0.15 => 9.9.5.dfsg-3ubuntu0.16)
libsystemd-daemon0 (204-5ubuntu20.24 => 204-5ubuntu20.25)
samba-vfs-modules (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
winbind (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
smbclient (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
libisccc90 (9.9.5.dfsg-3ubuntu0.15 => 9.9.5.dfsg-3ubuntu0.16)
qemu-utils (2.0.0+dfsg-2ubuntu1.34 => 2.0.0+dfsg-2ubuntu1.36)
git (1.9.1-1ubuntu0.6 => 1.9.1-1ubuntu0.7)
libc-ares2 (1.10.0-2ubuntu0.1 => 1.10.0-2ubuntu0.2)
texlive-fonts-recommended (2013.20140215-1 => 2013.20140215-1ubuntu0.1)
dnsutils (9.9.5.dfsg-3ubuntu0.15 => 9.9.5.dfsg-3ubuntu0.16)
linux-generic (3.13.0.128.137 => 3.13.0.133.142)
libvarnishapi1 (3.0.5-2 => 3.0.5-2ubuntu0.1)
libcurl3 (7.35.0-1ubuntu2.10 => 7.35.0-1ubuntu2.11)
libgs9 (9.10~dfsg-0ubuntu10.9 => 9.10~dfsg-0ubuntu10.10)
linux-image-server (3.13.0.128.137 => 3.13.0.133.142)
libbluetooth3 (4.101-0ubuntu13.1 => 4.101-0ubuntu13.3)
poppler-utils (0.24.5-2ubuntu4.5 => 0.24.5-2ubuntu4.7)
ruby1.9.1-examples (1.9.3.484-2ubuntu1.3 => 1.9.3.484-2ubuntu1.5)
ruby1.9.1-full (1.9.3.484-2ubuntu1.3 => 1.9.3.484-2ubuntu1.5)
libruby1.9.1-dbg (1.9.3.484-2ubuntu1.3 => 1.9.3.484-2ubuntu1.5)
libwbclient0 (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
puavo-rules (1.23.6-423+trusty+master.3d7e143e4329386843079e20d16e549cf9ca0bef => 1.23.6-432+trusty+master.3116c966b4708fe219da49147d075a8e2515140e)
libnss3 (3.28.4-0ubuntu0.14.04.2 => 3.28.4-0ubuntu0.14.04.3)
libaugeas0 (1.2.0-0ubuntu1.2 => 1.2.0-0ubuntu1.3)
grub-pc-bin (2.02~beta2-9ubuntu1.12 => 2.02~beta2-9ubuntu1.14)
libsmbclient (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
libffi6 (3.1~rc1+r3.0.13-12ubuntu0.1 => 3.1~rc1+r3.0.13-12ubuntu0.2)
samba-common-bin (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
systemd-services (204-5ubuntu20.24 => 204-5ubuntu20.25)
linux-image-generic-lts-trusty (3.13.0.128.137 => 3.13.0.133.142)
libpq5 (9.3.17-0ubuntu0.14.04 => 9.3.19-0ubuntu0.14.04)
bind9 (9.9.5.dfsg-3ubuntu0.15 => 9.9.5.dfsg-3ubuntu0.16)
tcpdump (4.9.0-1ubuntu1~ubuntu14.04.1 => 4.9.2-0ubuntu0.14.04.1)
initramfs-tools-bin (0.103ubuntu4.7 => 0.103ubuntu4.8)
libisccfg90 (9.9.5.dfsg-3ubuntu0.15 => 9.9.5.dfsg-3ubuntu0.16)
texlive-generic-recommended (2013.20140215-1 => 2013.20140215-1ubuntu0.1)
texlive-latex-recommended-doc (2013.20140215-1 => 2013.20140215-1ubuntu0.1)
libgs9-common (9.10~dfsg-0ubuntu10.9 => 9.10~dfsg-0ubuntu10.10)
libvirt0 (1.2.2-0ubuntu13.1.20 => 1.2.2-0ubuntu13.1.23)
libcurl3-gnutls (7.35.0-1ubuntu2.10 => 7.35.0-1ubuntu2.11)
libnss3-1d (3.28.4-0ubuntu0.14.04.2 => 3.28.4-0ubuntu0.14.04.3)
libgraphite2-3 (1.3.6-1ubuntu0.14.04.1 => 1.3.10-0ubuntu0.14.04.1)
libpam-systemd (204-5ubuntu20.24 => 204-5ubuntu20.25)
texlive-base (2013.20140215-1 => 2013.20140215-1ubuntu0.1)
libxml2 (2.9.1+dfsg1-3ubuntu4.9 => 2.9.1+dfsg1-3ubuntu4.10)
qemu-kvm (2.0.0+dfsg-2ubuntu1.34 => 2.0.0+dfsg-2ubuntu1.36)
samba (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
logrotate (3.8.7-1ubuntu1.1 => 3.8.7-1ubuntu1.2)
libisc95 (9.9.5.dfsg-3ubuntu0.15 => 9.9.5.dfsg-3ubuntu0.16)
libgudev-1.0-0 (204-5ubuntu20.24 => 204-5ubuntu20.25)
samba-common (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
curl (7.35.0-1ubuntu2.10 => 7.35.0-1ubuntu2.11)
initramfs-tools (0.103ubuntu4.7 => 0.103ubuntu4.8)
libtcltk-ruby1.9.1 (1.9.3.484-2ubuntu1.3 => 1.9.3.484-2ubuntu1.5)
libbind9-90 (9.9.5.dfsg-3ubuntu0.15 => 9.9.5.dfsg-3ubuntu0.16)
python-samba (4.3.11+dfsg-0ubuntu0.14.04.10 => 4.3.11+dfsg-0ubuntu0.14.04.12)
ruby1.9.1 (1.9.3.484-2ubuntu1.3 => 1.9.3.484-2ubuntu1.5)
linux-headers-generic (3.13.0.128.137 => 3.13.0.133.142)
grub-pc (2.02~beta2-9ubuntu1.12 => 2.02~beta2-9ubuntu1.14)
ruby-puavobs (0.20.8-1019+trusty+master.204e42f55d0cd3508bc09ed39db1fd3c4f87dd0a => 0.21.0-1023+trusty+master.8db067ae01a7023eac3da5302f2f1a12a5e5fdea)
ruby1.9.1-dev (1.9.3.484-2ubuntu1.3 => 1.9.3.484-2ubuntu1.5)
librbd1 (0.80.11-0ubuntu1.14.04.2 => 0.80.11-0ubuntu1.14.04.3)
vlan (1.9-3ubuntu10.4 => 1.9-3ubuntu10.5)
dnsmasq-base (2.68-1ubuntu0.1 => 2.68-1ubuntu0.2)
libruby1.9.1 (1.9.3.484-2ubuntu1.3 => 1.9.3.484-2ubuntu1.5)
puavo-rest (0.11.2-16+trusty.trustyrestonly.e31c633ea1c433f9448fe9e1b337b441dd5f891a => 0.11.2-17+trusty.trustyrestonly.d05fd397c325ef5639421abb3f97989f0ab6db2a)
texlive-latex-recommended (2013.20140215-1 => 2013.20140215-1ubuntu0.1)
bind9utils (9.9.5.dfsg-3ubuntu0.15 => 9.9.5.dfsg-3ubuntu0.16)
libvirt-bin (1.2.2-0ubuntu13.1.20 => 1.2.2-0ubuntu13.1.23)
## Release 53 {#53}
### Notable changes
- `cups-browsed` package is removed
- `puavo-bootserver-smoke-test` has been fixed for organisations that use
the new "group/role"-model
- Some fixes for `puavo-sync-printers`.
### Security updates
- Package `libgd2`:
[CVE-2017-7890](https://security-tracker.debian.org/tracker/CVE-2017-7890)
- Package `git`:
[CVE-2014-9390](https://security-tracker.debian.org/tracker/CVE-2014-9390),
[CVE-2014-9938](https://security-tracker.debian.org/tracker/CVE-2014-9938),
[CVE-2015-7545](https://security-tracker.debian.org/tracker/CVE-2015-7545),
[CVE-2016-2315](https://security-tracker.debian.org/tracker/CVE-2016-2315),
[CVE-2016-2324](https://security-tracker.debian.org/tracker/CVE-2016-2324),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-8386](https://security-tracker.debian.org/tracker/CVE-2017-8386)
- Package `ntp`:
[CVE-2014-9293](https://security-tracker.debian.org/tracker/CVE-2014-9293),
[CVE-2014-9294](https://security-tracker.debian.org/tracker/CVE-2014-9294),
[CVE-2014-9295](https://security-tracker.debian.org/tracker/CVE-2014-9295),
[CVE-2014-9296](https://security-tracker.debian.org/tracker/CVE-2014-9296),
[CVE-2014-9297](https://security-tracker.debian.org/tracker/CVE-2014-9297),
[CVE-2014-9298](https://security-tracker.debian.org/tracker/CVE-2014-9298),
[CVE-2015-1798](https://security-tracker.debian.org/tracker/CVE-2015-1798),
[CVE-2015-1799](https://security-tracker.debian.org/tracker/CVE-2015-1799),
[CVE-2015-5146](https://security-tracker.debian.org/tracker/CVE-2015-5146),
[CVE-2015-5194](https://security-tracker.debian.org/tracker/CVE-2015-5194),
[CVE-2015-5195](https://security-tracker.debian.org/tracker/CVE-2015-5195),
[CVE-2015-5196](https://security-tracker.debian.org/tracker/CVE-2015-5196),
[CVE-2015-5219](https://security-tracker.debian.org/tracker/CVE-2015-5219),
[CVE-2015-5300](https://security-tracker.debian.org/tracker/CVE-2015-5300),
[CVE-2015-7691](https://security-tracker.debian.org/tracker/CVE-2015-7691),
[CVE-2015-7692](https://security-tracker.debian.org/tracker/CVE-2015-7692),
[CVE-2015-7701](https://security-tracker.debian.org/tracker/CVE-2015-7701),
[CVE-2015-7702](https://security-tracker.debian.org/tracker/CVE-2015-7702),
[CVE-2015-7703](https://security-tracker.debian.org/tracker/CVE-2015-7703),
[CVE-2015-7704](https://security-tracker.debian.org/tracker/CVE-2015-7704),
[CVE-2015-7705](https://security-tracker.debian.org/tracker/CVE-2015-7705),
[CVE-2015-7850](https://security-tracker.debian.org/tracker/CVE-2015-7850),
[CVE-2015-7852](https://security-tracker.debian.org/tracker/CVE-2015-7852),
[CVE-2015-7853](https://security-tracker.debian.org/tracker/CVE-2015-7853),
[CVE-2015-7855](https://security-tracker.debian.org/tracker/CVE-2015-7855),
[CVE-2015-7871](https://security-tracker.debian.org/tracker/CVE-2015-7871),
[CVE-2015-7973](https://security-tracker.debian.org/tracker/CVE-2015-7973),
[CVE-2015-7974](https://security-tracker.debian.org/tracker/CVE-2015-7974),
[CVE-2015-7976](https://security-tracker.debian.org/tracker/CVE-2015-7976),
[CVE-2015-7977](https://security-tracker.debian.org/tracker/CVE-2015-7977),
[CVE-2015-7978](https://security-tracker.debian.org/tracker/CVE-2015-7978),
[CVE-2015-7979](https://security-tracker.debian.org/tracker/CVE-2015-7979),
[CVE-2015-8138](https://security-tracker.debian.org/tracker/CVE-2015-8138),
[CVE-2015-8158](https://security-tracker.debian.org/tracker/CVE-2015-8158),
[CVE-2015-9296](https://security-tracker.debian.org/tracker/CVE-2015-9296),
[CVE-2016-0727](https://security-tracker.debian.org/tracker/CVE-2016-0727),
[CVE-2016-1547](https://security-tracker.debian.org/tracker/CVE-2016-1547),
[CVE-2016-1548](https://security-tracker.debian.org/tracker/CVE-2016-1548),
[CVE-2016-1550](https://security-tracker.debian.org/tracker/CVE-2016-1550),
[CVE-2016-2516](https://security-tracker.debian.org/tracker/CVE-2016-2516),
[CVE-2016-2518](https://security-tracker.debian.org/tracker/CVE-2016-2518),
[CVE-2016-4954](https://security-tracker.debian.org/tracker/CVE-2016-4954),
[CVE-2016-4955](https://security-tracker.debian.org/tracker/CVE-2016-4955),
[CVE-2016-4956](https://security-tracker.debian.org/tracker/CVE-2016-4956),
[CVE-2016-7426](https://security-tracker.debian.org/tracker/CVE-2016-7426),
[CVE-2016-7427](https://security-tracker.debian.org/tracker/CVE-2016-7427),
[CVE-2016-7428](https://security-tracker.debian.org/tracker/CVE-2016-7428),
[CVE-2016-7429](https://security-tracker.debian.org/tracker/CVE-2016-7429),
[CVE-2016-9310](https://security-tracker.debian.org/tracker/CVE-2016-9310),
[CVE-2016-9311](https://security-tracker.debian.org/tracker/CVE-2016-9311),
[CVE-2017-6458](https://security-tracker.debian.org/tracker/CVE-2017-6458),
[CVE-2017-6462](https://security-tracker.debian.org/tracker/CVE-2017-6462),
[CVE-2017-6463](https://security-tracker.debian.org/tracker/CVE-2017-6463),
[CVE-2017-6464](https://security-tracker.debian.org/tracker/CVE-2017-6464)
- Package `expat`:
[CVE-2017-9233](https://security-tracker.debian.org/tracker/CVE-2017-9233)
- Package `heimdal`:
[CVE-2017-1110](https://security-tracker.debian.org/tracker/CVE-2017-1110)
- Package `poppler`:
[CVE-2017-2820](https://security-tracker.debian.org/tracker/CVE-2017-2820),
[CVE-2017-7511](https://security-tracker.debian.org/tracker/CVE-2017-7511),
[CVE-2017-7515](https://security-tracker.debian.org/tracker/CVE-2017-7515),
[CVE-2017-9083](https://security-tracker.debian.org/tracker/CVE-2017-9083),
[CVE-2017-9406](https://security-tracker.debian.org/tracker/CVE-2017-9406),
[CVE-2017-9408](https://security-tracker.debian.org/tracker/CVE-2017-9408),
[CVE-2017-9775](https://security-tracker.debian.org/tracker/CVE-2017-9775)
- Package `nginx`:
[CVE-2017-7529](https://security-tracker.debian.org/tracker/CVE-2017-7529)
- Package `samba`:
[CVE-2016-2119](https://security-tracker.debian.org/tracker/CVE-2016-2119),
[CVE-2016-2123](https://security-tracker.debian.org/tracker/CVE-2016-2123),
[CVE-2016-2125](https://security-tracker.debian.org/tracker/CVE-2016-2125),
[CVE-2016-2126](https://security-tracker.debian.org/tracker/CVE-2016-2126),
[CVE-2017-1110](https://security-tracker.debian.org/tracker/CVE-2017-1110),
[CVE-2017-2619](https://security-tracker.debian.org/tracker/CVE-2017-2619),
[CVE-2017-7494](https://security-tracker.debian.org/tracker/CVE-2017-7494),
[CVE-2017-9461](https://security-tracker.debian.org/tracker/CVE-2017-9461)
- Package `linux`:
[CVE-2014-9900](https://security-tracker.debian.org/tracker/CVE-2014-9900),
[CVE-2015-8944](https://security-tracker.debian.org/tracker/CVE-2015-8944),
[CVE-2015-8955](https://security-tracker.debian.org/tracker/CVE-2015-8955),
[CVE-2015-8962](https://security-tracker.debian.org/tracker/CVE-2015-8962),
[CVE-2015-8963](https://security-tracker.debian.org/tracker/CVE-2015-8963),
[CVE-2015-8964](https://security-tracker.debian.org/tracker/CVE-2015-8964),
[CVE-2015-8966](https://security-tracker.debian.org/tracker/CVE-2015-8966),
[CVE-2015-8967](https://security-tracker.debian.org/tracker/CVE-2015-8967),
[CVE-2016-1008](https://security-tracker.debian.org/tracker/CVE-2016-1008),
[CVE-2016-8405](https://security-tracker.debian.org/tracker/CVE-2016-8405),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-2618](https://security-tracker.debian.org/tracker/CVE-2017-2618),
[CVE-2017-7346](https://security-tracker.debian.org/tracker/CVE-2017-7346),
[CVE-2017-7482](https://security-tracker.debian.org/tracker/CVE-2017-7482),
[CVE-2017-7895](https://security-tracker.debian.org/tracker/CVE-2017-7895),
[CVE-2017-8924](https://security-tracker.debian.org/tracker/CVE-2017-8924),
[CVE-2017-8925](https://security-tracker.debian.org/tracker/CVE-2017-8925),
[CVE-2017-9074](https://security-tracker.debian.org/tracker/CVE-2017-9074),
[CVE-2017-9605](https://security-tracker.debian.org/tracker/CVE-2017-9605)
- Package `mysql-5.5`:
[CVE-2017-3648](https://security-tracker.debian.org/tracker/CVE-2017-3648),
[CVE-2017-3653](https://security-tracker.debian.org/tracker/CVE-2017-3653)
- Package `ruby1.9.1`:
[CVE-2009-5147](https://security-tracker.debian.org/tracker/CVE-2009-5147),
[CVE-2015-1855](https://security-tracker.debian.org/tracker/CVE-2015-1855),
[CVE-2015-9096](https://security-tracker.debian.org/tracker/CVE-2015-9096),
[CVE-2016-2337](https://security-tracker.debian.org/tracker/CVE-2016-2337),
[CVE-2016-2339](https://security-tracker.debian.org/tracker/CVE-2016-2339),
[CVE-2016-7798](https://security-tracker.debian.org/tracker/CVE-2016-7798)
- Package `spice`:
[CVE-2017-7506](https://security-tracker.debian.org/tracker/CVE-2017-7506)
### Typical update path from Release 52
- Need to get 98.2 MB of archives.
- Has impact on the availability of the end users service:
- Service `winbind` will be restarted during the update process and its estimated downtime is 87 seconds.
- Service `samba-ad-dc` will be restarted during the update process and its estimated downtime is ? seconds.
- Service `smbd` will be restarted during the update process and its estimated downtime is 78 seconds.
- Service `nmbd` will be restarted during the update process and its estimated downtime is 80 seconds.
- Service `rsyslog` will be restarted during the update process and its estimated downtime is 0 seconds.
-
linux-headers-3.10.89-031089-generic (3.10.89-031089.201509211852)
linux-image-3.10.69-031069-generic (3.10.69-031069.201502110743)
linux-image-extra-3.13.0-101-generic (3.13.0-101.148)
linux-firmware-image (3.10.61.opinsys1+-1)
libopenwsman1 (2.4.3-0ubuntu4.1)
linux-headers-3.13.0-116 (3.13.0-116.163)
linux-headers-3.10.81-031081-generic (3.10.81-031081.201506230313)
libwiretap3 (1.10.6-1)
linux-headers-3.10.69-031069-generic (3.10.69-031069.201502110743)
linux-headers-3.13.0-105-generic (3.13.0-105.152)
linux-image-extra-3.13.0-116-generic (3.13.0-116.163)
libxen-4.1 (4.1.6.1-0ubuntu0.12.04.12)
linux-image-extra-3.13.0-105-generic (3.13.0-105.152)
linux-image-3.13.0-101-generic (3.13.0-101.148)
libhdb9-heimdal (1.6~git20131207+dfsg-1ubuntu1.2)
linux-headers-3.13.0-128-generic (3.13.0-128.177)
linux-headers-3.13.0-113 (3.13.0-113.160)
linux-image-extra-3.13.0-113-generic (3.13.0-113.160)
linux-image-3.13.0-106-generic (3.13.0-106.153)
libmpdec2 (2.4.0-6)
linux-headers-3.13.0-24 (3.13.0-24.47)
linux-image-3.10.89-031089-generic (3.10.89-031089.201509211852)
linux-image-extra-3.13.0-128-generic (3.13.0-128.177)
linux-image-3.13.0-77-generic (3.13.0-77.121)
linux-image-3.13.0-24-generic (3.13.0-24.47)
linux-headers-3.13.0-108-generic (3.13.0-108.155)
libwsutil3 (1.10.6-1)
linux-image-3.13.0-116-generic (3.13.0-116.163)
libcimcclient0 (2.2.6-0ubuntu2)
libkdc2-heimdal (1.6~git20131207+dfsg-1ubuntu1.2)
linux-headers-3.2.0-113 (3.2.0-113.155)
linux-headers-3.13.0-101 (3.13.0-101.148)
libssh2-1 (1.4.3-2ubuntu0.1)
linux-headers-3.10.89-031089 (3.10.89-031089.201509211852)
linux-headers-3.13.0-108 (3.13.0-108.155)
linux-headers-3.13.0-128 (3.13.0-128.177)
linux-headers-3.13.0-101-generic (3.13.0-101.148)
linux-headers-3.13.0-106 (3.13.0-106.153)
linux-headers-3.13.0-105 (3.13.0-105.152)
linux-headers-3.13.0-106-generic (3.13.0-106.153)
linux-image-3.13.0-128-generic (3.13.0-128.177)
linux-headers-3.13.0-24-generic (3.13.0-24.47)
linux-headers-3.13.0-116-generic (3.13.0-116.163)
linux-image-extra-3.13.0-24-generic (3.13.0-24.47)
libntdb1 (1.0-2ubuntu1)
libhogweed2 (2.7.1-1ubuntu0.2)
linux-image-3.10.61.opinsys1+ (3.10.61.opinsys1+-1)
linux-headers-3.13.0-113-generic (3.13.0-113.160)
linux-headers-3.10.81-031081 (3.10.81-031081.201506230313)
python-ntdb (1.0-2ubuntu1)
linux-image-extra-3.13.0-100-generic (3.13.0-100.147)
linux-image-extra-3.13.0-108-generic (3.13.0-108.155)
linux-image-extra-3.13.0-106-generic (3.13.0-106.153)
linux-image-3.13.0-105-generic (3.13.0-105.152)
linux-image-3.13.0-113-generic (3.13.0-113.160)
libwireshark3 (1.10.6-1)
linux-image-3.10.81-031081-generic (3.10.81-031081.201506230313)
libgnutls28 (3.2.11-2ubuntu1.1)
linux-headers-3.10.69-031069 (3.10.69-031069.201502110743)
linux-image-3.13.0-108-generic (3.13.0-108.155)
-
linux-image-server (3.13.0.123.133 => 3.13.0.128.137)
libgd3 (2.1.0-3ubuntu0.6 => 2.1.0-3ubuntu0.7)
libmysqlclient18 (5.5.55-0ubuntu0.14.04.1 => 5.5.57-0ubuntu0.14.04.1)
libnss-winbind (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
linux-image-generic (3.13.0.123.133 => 3.13.0.128.137)
libpam-winbind (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
ruby1.9.1-examples (1.9.3.484-2ubuntu1.2 => 1.9.3.484-2ubuntu1.3)
libhcrypto4-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
libdrm-radeon1 (2.4.67-1ubuntu0.14.04.1 => 2.4.67-1ubuntu0.14.04.2)
libwind0-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
rsyslog-relp (7.4.4-1ubuntu2.6 => 7.4.4-1ubuntu2.7)
libruby1.9.1-dbg (1.9.3.484-2ubuntu1.2 => 1.9.3.484-2ubuntu1.3)
kexec-tools (2.0.6-0ubuntu2.2 => 2.0.6-0ubuntu2.3)
libroken18-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
git-man (1.9.1-1ubuntu0.5 => 1.9.1-1ubuntu0.6)
python3-update-manager (0.196.23 => 0.196.24)
libgssapi3-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
linux-libc-dev (3.13.0-123.172 => 3.13.0-128.177)
samba-common (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
libxen-4.4 (4.4.2-0ubuntu0.14.04.11 => 4.4.2-0ubuntu0.14.04.12)
rsyslog (7.4.4-1ubuntu2.6 => 7.4.4-1ubuntu2.7)
libxenstore3.0 (4.4.2-0ubuntu0.14.04.11 => 4.4.2-0ubuntu0.14.04.12)
puavo-client (2.1.0-115+trusty.master.80d910857567b92c8331e2cb22095fd6db04a715 => 2.1.1-118+trusty.master.b7bb7bb873314ebc4e9d9a701f43140a753f05fc)
ruby1.9.3 (1.9.3.484-2ubuntu1.2 => 1.9.3.484-2ubuntu1.3)
poppler-utils (0.24.5-2ubuntu4.4 => 0.24.5-2ubuntu4.5)
libhdb9-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
libtcltk-ruby1.9.1 (1.9.3.484-2ubuntu1.2 => 1.9.3.484-2ubuntu1.3)
git (1.9.1-1ubuntu0.5 => 1.9.1-1ubuntu0.6)
linux-generic (3.13.0.123.133 => 3.13.0.128.137)
libsmbclient (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
libasn1-8-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
nginx-common (1.4.6-1ubuntu3.7 => 1.4.6-1ubuntu3.8)
samba-libs (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
samba-common-bin (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
linux-headers-generic (3.13.0.123.133 => 3.13.0.128.137)
linux-image-generic-lts-trusty (3.13.0.123.133 => 3.13.0.128.137)
libdrm2 (2.4.67-1ubuntu0.14.04.1 => 2.4.67-1ubuntu0.14.04.2)
libkdc2-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
ntp (4.2.6.p5+dfsg-3ubuntu2.14.04.11 => 4.2.6.p5+dfsg-3ubuntu2.14.04.12)
ruby-puavobs (0.20.3-1012+trusty+master.63aa1e84376d8c83adb1e38d1f9ff3f841921271 => 0.20.8-1019+trusty+master.204e42f55d0cd3508bc09ed39db1fd3c4f87dd0a)
ruby1.9.1-dev (1.9.3.484-2ubuntu1.2 => 1.9.3.484-2ubuntu1.3)
ruby1.9.1-full (1.9.3.484-2ubuntu1.2 => 1.9.3.484-2ubuntu1.3)
update-manager-core (0.196.23 => 0.196.24)
winbind (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
libdrm-intel1 (2.4.67-1ubuntu0.14.04.1 => 2.4.67-1ubuntu0.14.04.2)
smbclient (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
python-samba (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
libspice-server1 (0.12.4-0nocelt2ubuntu1.4 => 0.12.4-0nocelt2ubuntu1.5)
libruby1.9.1 (1.9.3.484-2ubuntu1.2 => 1.9.3.484-2ubuntu1.3)
nginx (1.4.6-1ubuntu3.7 => 1.4.6-1ubuntu3.8)
ruby1.9.1 (1.9.3.484-2ubuntu1.2 => 1.9.3.484-2ubuntu1.3)
samba (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
samba-dsdb-modules (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
debootstrap (1.0.59ubuntu0.7 => 1.0.59ubuntu0.8)
libdrm-nouveau2 (2.4.67-1ubuntu0.14.04.1 => 2.4.67-1ubuntu0.14.04.2)
libheimntlm0-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
libheimbase1-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
libkrb5-26-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
libwbclient0 (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
ri1.9.1 (1.9.3.484-2ubuntu1.2 => 1.9.3.484-2ubuntu1.3)
libseccomp2 (2.1.1-1ubuntu1~trusty3 => 2.1.1-1ubuntu1~trusty4)
libpoppler44 (0.24.5-2ubuntu4.4 => 0.24.5-2ubuntu4.5)
nginx-full (1.4.6-1ubuntu3.7 => 1.4.6-1ubuntu3.8)
samba-vfs-modules (4.3.11+dfsg-0ubuntu0.14.04.9 => 4.3.11+dfsg-0ubuntu0.14.04.10)
puavo-ltsp-bootserver (0.20.3-1012+trusty+master.63aa1e84376d8c83adb1e38d1f9ff3f841921271 => 0.20.8-1019+trusty+master.204e42f55d0cd3508bc09ed39db1fd3c4f87dd0a)
libhx509-5-heimdal (1.6~git20131207+dfsg-1ubuntu1.1 => 1.6~git20131207+dfsg-1ubuntu1.2)
ntpdate (4.2.6.p5+dfsg-3ubuntu2.14.04.11 => 4.2.6.p5+dfsg-3ubuntu2.14.04.12)
mysql-common (5.5.55-0ubuntu0.14.04.1 => 5.5.57-0ubuntu0.14.04.1)
libexpat1 (2.1.0-4ubuntu1.3 => 2.1.0-4ubuntu1.4)
## Release 52 {#52}
### Notable changes
- Adds a new public ssh-key for backup purposes.
### Security updates
- Package `tiff`:
[CVE-2016-9448](https://security-tracker.debian.org/tracker/CVE-2016-9448)
- Package `sudo`:
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000)
- Package `eglibc`:
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000)
- Package `puppet`:
[CVE-2014-3248](https://security-tracker.debian.org/tracker/CVE-2014-3248),
[CVE-2017-2295](https://security-tracker.debian.org/tracker/CVE-2017-2295)
- Package `linux`:
[CVE-2014-9940](https://security-tracker.debian.org/tracker/CVE-2014-9940),
[CVE-2016-8645](https://security-tracker.debian.org/tracker/CVE-2016-8645),
[CVE-2017-0605](https://security-tracker.debian.org/tracker/CVE-2017-0605),
[CVE-2017-1000](https://security-tracker.debian.org/tracker/CVE-2017-1000),
[CVE-2017-1003](https://security-tracker.debian.org/tracker/CVE-2017-1003),
[CVE-2017-7294](https://security-tracker.debian.org/tracker/CVE-2017-7294),
[CVE-2017-8890](https://security-tracker.debian.org/tracker/CVE-2017-8890),
[CVE-2017-9074](https://security-tracker.debian.org/tracker/CVE-2017-9074),
[CVE-2017-9075](https://security-tracker.debian.org/tracker/CVE-2017-9075),
[CVE-2017-9076](https://security-tracker.debian.org/tracker/CVE-2017-9076),
[CVE-2017-9077](https://security-tracker.debian.org/tracker/CVE-2017-9077),
[CVE-2017-9242](https://security-tracker.debian.org/tracker/CVE-2017-9242)
- Package `nss`:
[CVE-2014-1569](https://security-tracker.debian.org/tracker/CVE-2014-1569),
[CVE-2015-2721](https://security-tracker.debian.org/tracker/CVE-2015-2721),
[CVE-2015-2730](https://security-tracker.debian.org/tracker/CVE-2015-2730),
[CVE-2015-7181](https://security-tracker.debian.org/tracker/CVE-2015-7181),
[CVE-2015-7182](https://security-tracker.debian.org/tracker/CVE-2015-7182),
[CVE-2015-7575](https://security-tracker.debian.org/tracker/CVE-2015-7575),
[CVE-2016-1938](https://security-tracker.debian.org/tracker/CVE-2016-1938),
[CVE-2016-1950](https://security-tracker.debian.org/tracker/CVE-2016-1950),
[CVE-2016-2183](https://security-tracker.debian.org/tracker/CVE-2016-2183),
[CVE-2016-2834](https://security-tracker.debian.org/tracker/CVE-2016-2834),
[CVE-2016-5285](https://security-tracker.debian.org/tracker/CVE-2016-5285),
[CVE-2016-8635](https://security-tracker.debian.org/tracker/CVE-2016-8635),
[CVE-2016-9074](https://security-tracker.debian.org/tracker/CVE-2016-9074),
[CVE-2017-5461](https://security-tracker.debian.org/tracker/CVE-2017-5461),
[CVE-2017-7502](https://security-tracker.debian.org/tracker/CVE-2017-7502)
- Package `qemu`:
[CVE-2017-7377](https://security-tracker.debian.org/tracker/CVE-2017-7377),
[CVE-2017-7718](https://security-tracker.debian.org/tracker/CVE-2017-7718),
[CVE-2017-7980](https://security-tracker.debian.org/tracker/CVE-2017-7980),
[CVE-2017-8086](https://security-tracker.debian.org/tracker/CVE-2017-8086),
[CVE-2017-8309](https://security-tracker.debian.org/tracker/CVE-2017-8309),
[CVE-2017-8379](https://security-tracker.debian.org/tracker/CVE-2017-8379)
- Package `libgcrypt11`:
[CVE-2017-7526](https://security-tracker.debian.org/tracker/CVE-2017-7526)
- Package `libsndfile`:
[CVE-2017-7742](https://security-tracker.debian.org/tracker/CVE-2017-7742),
[CVE-2017-8365](https://security-tracker.debian.org/tracker/CVE-2017-8365)
- Package `samba`:
[CVE-2016-2119](https://security-tracker.debian.org/tracker/CVE-2016-2119),
[CVE-2016-2123](https://security-tracker.debian.org/tracker/CVE-2016-2123),
[CVE-2016-2125](https://security-tracker.debian.org/tracker/CVE-2016-2125),
[CVE-2016-2126](https://security-tracker.debian.org/tracker/CVE-2016-2126),
[CVE-2017-2619](https://security-tracker.debian.org/tracker/CVE-2017-2619),
[CVE-2017-7494](https://security-tracker.debian.org/tracker/CVE-2017-7494),
[CVE-2017-9461](https://security-tracker.debian.org/tracker/CVE-2017-9461)
- Package `gnutls26`:
[CVE-2017-7869](https://security-tracker.debian.org/tracker/CVE-2017-7869)
- Package `openvpn`:
[CVE-2016-6329](https://security-tracker.debian.org/tracker/CVE-2016-6329),
[CVE-2017-7479](https://security-tracker.debian.org/tracker/CVE-2017-7479),
[CVE-2017-7508](https://security-tracker.debian.org/tracker/CVE-2017-7508),
[CVE-2017-7512](https://security-tracker.debian.org/tracker/CVE-2017-7512),
[CVE-2017-7520](https://security-tracker.debian.org/tracker/CVE-2017-7520),
[CVE-2017-7521](https://security-tracker.debian.org/tracker/CVE-2017-7521)
- Package `libnl3`:
[CVE-2017-0553](https://security-tracker.debian.org/tracker/CVE-2017-0553)
- Package `bind9`:
[CVE-2015-8000](https://security-tracker.debian.org/tracker/CVE-2015-8000),
[CVE-2015-8704](https://security-tracker.debian.org/tracker/CVE-2015-8704),
[CVE-2016-1285](https://security-tracker.debian.org/tracker/CVE-2016-1285),
[CVE-2016-1286](https://security-tracker.debian.org/tracker/CVE-2016-1286),
[CVE-2016-2776](https://security-tracker.debian.org/tracker/CVE-2016-2776),
[CVE-2016-8864](https://security-tracker.debian.org/tracker/CVE-2016-8864),
[CVE-2016-9131](https://security-tracker.debian.org/tracker/CVE-2016-9131),
[CVE-2016-9147](https://security-tracker.debian.org/tracker/CVE-2016-9147),
[CVE-2016-9444](https://security-tracker.debian.org/tracker/CVE-2016-9444),
[CVE-2017-3135](https://security-tracker.debian.org/tracker/CVE-2017-3135),
[CVE-2017-3136](https://security-tracker.debian.org/tracker/CVE-2017-3136),
[CVE-2017-3137](https://security-tracker.debian.org/tracker/CVE-2017-3137),
[CVE-2017-3138](https://security-tracker.debian.org/tracker/CVE-2017-3138),
[CVE-2017-3142](https://security-tracker.debian.org/tracker/CVE-2017-3142),
[CVE-2017-3143](https://security-tracker.debian.org/tracker/CVE-2017-3143)
- Package `wireshark`:
[CVE-2015-6241](https://security-tracker.debian.org/tracker/CVE-2015-6241),
[CVE-2015-6242](https://security-tracker.debian.org/tracker/CVE-2015-6242),
[CVE-2015-6243](https://security-tracker.debian.org/tracker/CVE-2015-6243),
[CVE-2015-6244](https://security-tracker.debian.org/tracker/CVE-2015-6244),
[CVE-2015-6245](https://security-tracker.debian.org/tracker/CVE-2015-6245),
[CVE-2015-6246](https://security-tracker.debian.org/tracker/CVE-2015-6246),
[CVE-2015-6247](https://security-tracker.debian.org/tracker/CVE-2015-6247),
[CVE-2015-6248](https://security-tracker.debian.org/tracker/CVE-2015-6248),
[CVE-2015-6249](https://security-tracker.debian.org/tracker/CVE-2015-6249),
[CVE-2015-7830](https://security-tracker.debian.org/tracker/CVE-2015-7830),
[CVE-2015-8711](https://security-tracker.debian.org/tracker/CVE-2015-8711),
[CVE-2015-8713](https://security-tracker.debian.org/tracker/CVE-2015-8713),
[CVE-2015-8714](https://security-tracker.debian.org/tracker/CVE-2015-8714),
[CVE-2015-8715](https://security-tracker.debian.org/tracker/CVE-2015-8715),
[CVE-2015-8716](https://security-tracker.debian.org/tracker/CVE-2015-8716),
[CVE-2015-8717](https://security-tracker.debian.org/tracker/CVE-2015-8717),
[CVE-2015-8718](https://security-tracker.debian.org/tracker/CVE-2015-8718),
[CVE-2015-8719](https://security-tracker.debian.org/tracker/CVE-2015-8719),
[CVE-2015-8720](https://security-tracker.debian.org/tracker/CVE-2015-8720),
[CVE-2015-8721](https://security-tracker.debian.org/tracker/CVE-2015-8721),
[CVE-2015-8722](https://security-tracker.debian.org/tracker/CVE-2015-8722),
[CVE-2015-8724](https://security-tracker.debian.org/tracker/CVE-2015-8724),
[CVE-2015-8725](https://security-tracker.debian.org/tracker/CVE-2015-8725),
[CVE-2015-8726](https://security-tracker.debian.org/tracker/CVE-2015-8726),
[CVE-2015-8727](https://security-tracker.debian.org/tracker/CVE-2015-8727),
[CVE-2015-8728](https://security-tracker.debian.org/tracker/CVE-2015-8728),
[CVE-2015-8729](https://security-tracker.debian.org/tracker/CVE-2015-8729),
[CVE-2015-8730](https://security-tracker.debian.org/tracker/CVE-2015-8730),
[CVE-2015-8731](https://security-tracker.debian.org/tracker/CVE-2015-8731),
[CVE-2015-8732](https://security-tracker.debian.org/tracker/CVE-2015-8732),
[CVE-2015-8733](https://security-tracker.debian.org/tracker/CVE-2015-8733),
[CVE-2016-2523](https://security-tracker.debian.org/tracker/CVE-2016-2523),
[CVE-2016-2531](https://security-tracker.debian.org/tracker/CVE-2016-2531),
[CVE-2016-2532](https://security-tracker.debian.org/tracker/CVE-2016-2532),
[CVE-2016-4006](https://security-tracker.debian.org/tracker/CVE-2016-4006),
[CVE-2016-4079](https://security-tracker.debian.org/tracker/CVE-2016-4079),
[CVE-2016-4081](https://security-tracker.debian.org/tracker/CVE-2016-4081),
[CVE-2016-4082](https://security-tracker.debian.org/tracker/CVE-2016-4082),
[CVE-2016-4085](https://security-tracker.debian.org/tracker/CVE-2016-4085),
[CVE-2016-5350](https://security-tracker.debian.org/tracker/CVE-2016-5350),
[CVE-2016-5351](https://security-tracker.debian.org/tracker/CVE-2016-5351),
[CVE-2016-5353](https://security-tracker.debian.org/tracker/CVE-2016-5353),
[CVE-2016-5354](https://security-tracker.debian.org/tracker/CVE-2016-5354),
[CVE-2016-5355](https://security-tracker.debian.org/tracker/CVE-2016-5355),
[CVE-2016-5356](https://security-tracker.debian.org/tracker/CVE-2016-5356),
[CVE-2016-5357](https://security-tracker.debian.org/tracker/CVE-2016-5357),
[CVE-2016-5359](https://security-tracker.debian.org/tracker/CVE-2016-5359),
[CVE-2016-6504](https://security-tracker.debian.org/tracker/CVE-2016-6504),
[CVE-2016-6505](https://security-tracker.debian.org/tracker/CVE-2016-6505),
[CVE-2016-6506](https://security-tracker.debian.org/tracker/CVE-2016-6506),
[CVE-2016-6507](https://security-tracker.debian.org/tracker/CVE-2016-6507),
[CVE-2016-6508](https://security-tracker.debian.org/tracker/CVE-2016-6508),
[CVE-2016-6509](https://security-tracker.debian.org/tracker/CVE-2016-6509),
[CVE-2016-6510](https://security-tracker.debian.org/tracker/CVE-2016-6510),
[CVE-2016-6511](https://security-tracker.debian.org/tracker/CVE-2016-6511),
[CVE-2016-7176](https://security-tracker.debian.org/tracker/CVE-2016-7176),
[CVE-2016-7177](https://security-tracker.debian.org/tracker/CVE-2016-7177),
[CVE-2016-7178](https://security-tracker.debian.org/tracker/CVE-2016-7178),
[CVE-2016-7179](https://security-tracker.debian.org/tracker/CVE-2016-7179),
[CVE-2016-7180](https://security-tracker.debian.org/tracker/CVE-2016-7180),
[CVE-2016-9373](https://security-tracker.debian.org/tracker/CVE-2016-9373),
[CVE-2016-9374](https://security-tracker.debian.org/tracker/CVE-2016-9374),
[CVE-2016-9375](https://security-tracker.debian.org/tracker/CVE-2016-9375),
[CVE-2016-9376](https://security-tracker.debian.org/tracker/CVE-2016-9376),
[CVE-2017-5596](https://security-tracker.debian.org/tracker/CVE-2017-5596),
[CVE-2017-5597](https://security-tracker.debian.org/tracker/CVE-2017-5597),
[CVE-2017-6014](https://security-tracker.debian.org/tracker/CVE-2017-6014),
[CVE-2017-6467](https://security-tracker.debian.org/tracker/CVE-2017-6467),
[CVE-2017-6468](https://security-tracker.debian.org/tracker/CVE-2017-6468),
[CVE-2017-6469](https://security-tracker.debian.org/tracker/CVE-2017-6469),
[CVE-2017-6470](https://security-tracker.debian.org/tracker/CVE-2017-6470),
[CVE-2017-6471](https://security-tracker.debian.org/tracker/CVE-2017-6471),
[CVE-2017-6472](https://security-tracker.debian.org/tracker/CVE-2017-6472),
[CVE-2017-6473](https://security-tracker.debian.org/tracker/CVE-2017-6473),
[CVE-2017-6474](https://security-tracker.debian.org/tracker/CVE-2017-6474)
- Package `ntp`:
[CVE-2014-9293](https://security-tracker.debian.org/tracker/CVE-2014-9293),
[CVE-2014-9294](https://security-tracker.debian.org/tracker/CVE-2014-9294),
[CVE-2014-9295](https://security-tracker.debian.org/tracker/CVE-2014-9295),
[CVE-2014-9296](https://security-tracker.debian.org/tracker/CVE-2014-9296),
[CVE-2014-9297](https://security-tracker.debian.org/tracker/CVE-2014-9297),
[CVE-2014-9298](https://security-tracker.debian.org/tracker/CVE-2014-9298),
[CVE-2015-1798](https://security-tracker.debian.org/tracker/CVE-2015-1798),
[CVE-2015-1799](https://security-tracker.debian.org/tracker/CVE-2015-1799),
[CVE-2015-5146](https://security-tracker.debian.org/tracker/CVE-2015-5146),
[CVE-2015-5194](https://security-tracker.debian.org/tracker/CVE-2015-5194),
[CVE-2015-5195](https://security-tracker.debian.org/tracker/CVE-2015-5195),
[CVE-2015-5196](https://security-tracker.debian.org/tracker/CVE-2015-5196),
[CVE-2015-5219](https://security-tracker.debian.org/tracker/CVE-2015-5219),
[CVE-2015-5300](https://security-tracker.debian.org/tracker/CVE-2015-5300),
[CVE-2015-7691](https://security-tracker.debian.org/tracker/CVE-2015-7691),
[CVE-2015-7692](https://security-tracker.debian.org/tracker/CVE-2015-7692),
[CVE-2015-7701](https://security-tracker.debian.org/tracker/CVE-2015-7701),
[CVE-2015-7702](https://security-tracker.debian.org/tracker/CVE-2015-7702),
[CVE-2015-7703](https://security-tracker.debian.org/tracker/CVE-2015-7703),
[CVE-2015-7704](https://security-tracker.debian.org/tracker/CVE-2015-7704),
[CVE-2015-7705](https://security-tracker.debian.org/tracker/CVE-2015-7705),
[CVE-2015-7850](https://security-tracker.debian.org/tracker/CVE-2015-7850),
[CVE-2015-7852](https://security-tracker.debian.org/tracker/CVE-2015-7852),
[CVE-2015-7853](https://security-tracker.debian.org/tracker/CVE-2015-7853),
[CVE-2015-7855](https://security-tracker.debian.org/tracker/CVE-2015-7855),
[CVE-2015-7871](https://security-tracker.debian.org/tracker/CVE-2015-7871),
[CVE-2015-7973](https://security-tracker.debian.org/tracker/CVE-2015-7973),
[CVE-2015-7974](https://security-tracker.debian.org/tracker/CVE-2015-7974),
[CVE-2015-7976](https://security-tracker.debian.org/tracker/CVE-2015-7976),
[CVE-2015-7977](https://security-tracker.debian.org/tracker/CVE-2015-7977),
[CVE-2015-7978](https://security-tracker.debian.org/tracker/CVE-2015-7978),
[CVE-2015-7979](https://security-tracker.debian.org/tracker/CVE-2015-7979),
[CVE-2015-8138](https://security-tracker.debian.org/tracker/CVE-2015-8138),
[CVE-2015-8158](https://security-tracker.debian.org/tracker/CVE-2015-8158),
[CVE-2015-9296](https://security-tracker.debian.org/tracker/CVE-2015-9296),
[CVE-2016-0727](https://security-tracker.debian.org/tracker/CVE-2016-0727),
[CVE-2016-1547](https://security-tracker.debian.org/tracker/CVE-2016-1547),
[CVE-2016-1548](https://security-tracker.debian.org/tracker/CVE-2016-1548),
[CVE-2016-1550](https://security-tracker.debian.org/tracker/CVE-2016-1550),
[CVE-2016-2516](https://security-tracker.debian.org/tracker/CVE-2016-2516),
[CVE-2016-2518](https://security-tracker.debian.org/tracker/CVE-2016-2518),
[CVE-2016-4954](https://security-tracker.debian.org/tracker/CVE-2016-4954),
[CVE-2016-4955](https://security-tracker.debian.org/tracker/CVE-2016-4955),
[CVE-2016-4956](https://security-tracker.debian.org/tracker/CVE-2016-4956),
[CVE-2016-7426](https://security-tracker.debian.org/tracker/CVE-2016-7426),
[CVE-2016-7427](https://security-tracker.debian.org/tracker/CVE-2016-7427),
[CVE-2016-7428](https://security-tracker.debian.org/tracker/CVE-2016-7428),
[CVE-2016-7429](https://security-tracker.debian.org/tracker/CVE-2016-7429),
[CVE-2016-9310](https://security-tracker.debian.org/tracker/CVE-2016-9310),
[CVE-2016-9311](https://security-tracker.debian.org/tracker/CVE-2016-9311),
[CVE-2017-6458](https://security-tracker.debian.org/tracker/CVE-2017-6458),
[CVE-2017-6462](https://security-tracker.debian.org/tracker/CVE-2017-6462),
[CVE-2017-6463](https://security-tracker.debian.org/tracker/CVE-2017-6463),
[CVE-2017-6464](https://security-tracker.debian.org/tracker/CVE-2017-6464)
- Package `jbig2dec`:
[CVE-2016-9601](https://security-tracker.debian.org/tracker/CVE-2016-9601),
[CVE-2017-7885](https://security-tracker.debian.org/tracker/CVE-2017-7885),
[CVE-2017-7975](https://security-tracker.debian.org/tracker/CVE-2017-7975),
[CVE-2017-7976](https://security-tracker.debian.org/tracker/CVE-2017-7976)
- Package `postgresql-9.3`:
[CVE-2017-7484](https://security-tracker.debian.org/tracker/CVE-2017-7484),
[CVE-2017-7485](https://security-tracker.debian.org/tracker/CVE-2017-7485),
[CVE-2017-7486](https://security-tracker.debian.org/tracker/CVE-2017-7486)
- Package `shadow`:
[CVE-2016-6252](https://security-tracker.debian.org/tracker/CVE-2016-6252),
[CVE-2017-2616](https://security-tracker.debian.org/tracker/CVE-2017-2616)
- Package `bash`:
[CVE-2016-0634](https://security-tracker.debian.org/tracker/CVE-2016-0634),
[CVE-2016-7543](https://security-tracker.debian.org/tracker/CVE-2016-7543),
[CVE-2016-9401](https://security-tracker.debian.org/tracker/CVE-2016-9401)
- Package `ghostscript`:
[CVE-2017-8291](https://security-tracker.debian.org/tracker/CVE-2017-8291)
- Package `tre`:
[CVE-2016-8859](https://security-tracker.debian.org/tracker/CVE-2016-8859)
- Package `libtasn1-6`:
[CVE-2017-6891](https://security-tracker.debian.org/tracker/CVE-2017-6891)
### Typical update path from Release 52
- Need to get 150 MB of archives.
- Has impact on the availability of the end users service:
- Service `winbind` will be restarted during the update process and its estimated downtime is 70 seconds.
- Service `isc-dhcp-server` will be restarted during the update process and its estimated downtime is 58 seconds.
- Service `smbd` will be restarted during the update process and its estimated downtime is 66 seconds.
- Service `nmbd` will be restarted during the update process and its estimated downtime is 67 seconds.
- Service `samba-ad-dc` will be restarted during the update process and its estimated downtime is 0 seconds.
-
libwsutil4 (1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1)
linux-headers-3.13.0-123 (3.13.0-123.172)
linux-image-3.13.0-123-generic (3.13.0-123.172)
linux-image-extra-3.13.0-113-generic (3.13.0-113.160)
linux-headers-3.13.0-113 (3.13.0-113.160)
linux-headers-3.13.0-123-generic (3.13.0-123.172)
linux-image-extra-3.13.0-123-generic (3.13.0-123.172)
libwiretap4 (1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1)
libwiretap3 (1.10.6-1)
libwsutil3 (1.10.6-1)
linux-image-3.13.0-113-generic (3.13.0-113.160)
libwireshark3 (1.10.6-1)
linux-headers-3.13.0-113-generic (3.13.0-113.160)
libwireshark5 (1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1)
-
libklibc (2.0.3-0ubuntu1.14.04.2 => 2.0.3-0ubuntu1.14.04.3)
linux-image-server (3.13.0.117.127 => 3.13.0.123.133)
opinsys-bootserver (0.23.0-349+trusty+master.a03b73b30fc047ee2cb5a63ecf428b9020c0cd0a => 0.23.1+trusty+master.aaaa3bacc552cbafc14f3c34d547906e61273829)
libnss-winbind (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
libpam-winbind (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
wireshark-common (1.10.6-1 => 1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1)
qemu-kvm (2.0.0+dfsg-2ubuntu1.33 => 2.0.0+dfsg-2ubuntu1.34)
libsndfile1 (1.0.25-7ubuntu2.1 => 1.0.25-7ubuntu2.2)
libnl-route-3-200 (3.2.21-1ubuntu4 => 3.2.21-1ubuntu4.1)
libwbclient0 (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
logrotate (3.8.7-1ubuntu1 => 3.8.7-1ubuntu1.1)
puppet (3.4.3-1ubuntu1.1 => 3.4.3-1ubuntu1.2)
puppet-common (3.4.3-1ubuntu1.1 => 3.4.3-1ubuntu1.2)
libisc95 (9.9.5.dfsg-3ubuntu0.14 => 9.9.5.dfsg-3ubuntu0.15)
linux-libc-dev (3.13.0-117.164 => 3.13.0-123.172)
samba-common (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
libtiff5 (4.0.3-7ubuntu0.6 => 4.0.3-7ubuntu0.7)
sudo (1.8.9p5-1ubuntu1.3 => 1.8.9p5-1ubuntu1.4)
libgcrypt11 (1.5.3-2ubuntu4.4 => 1.5.3-2ubuntu4.5)
libnl-genl-3-200 (3.2.21-1ubuntu4 => 3.2.21-1ubuntu4.1)
libc-bin (2.19-0ubuntu6.11 => 2.19-0ubuntu6.13)
libjbig2dec0 (0.11+20120125-1ubuntu1 => 0.11+20120125-1ubuntu1.1)
libbind9-90 (9.9.5.dfsg-3ubuntu0.14 => 9.9.5.dfsg-3ubuntu0.15)
samba (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
liblwres90 (9.9.5.dfsg-3ubuntu0.14 => 9.9.5.dfsg-3ubuntu0.15)
linux-generic (3.13.0.117.127 => 3.13.0.123.133)
libsmbclient (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
ntpdate (4.2.6.p5+dfsg-3ubuntu2.14.04.10 => 4.2.6.p5+dfsg-3ubuntu2.14.04.11)
libdns100 (9.9.5.dfsg-3ubuntu0.14 => 9.9.5.dfsg-3ubuntu0.15)
isc-dhcp-common (4.2.4-7ubuntu12.8 => 4.2.4-7ubuntu12.10)
libnss3 (3.28.4-0ubuntu0.14.04.1 => 3.28.4-0ubuntu0.14.04.2)
samba-common-bin (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
winbind (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
linux-headers-generic (3.13.0.117.127 => 3.13.0.123.133)
libnss3-nssdb (3.28.4-0ubuntu0.14.04.1 => 3.28.4-0ubuntu0.14.04.2)
linux-image-generic-lts-trusty (3.13.0.117.127 => 3.13.0.123.133)
libpq5 (9.3.16-0ubuntu0.14.04 => 9.3.17-0ubuntu0.14.04)
qemu-system-x86 (2.0.0+dfsg-2ubuntu1.33 => 2.0.0+dfsg-2ubuntu1.34)
bind9 (9.9.5.dfsg-3ubuntu0.14 => 9.9.5.dfsg-3ubuntu0.15)
libgnutls-openssl27 (2.12.23-12ubuntu2.7 => 2.12.23-12ubuntu2.8)
libnl-3-200 (3.2.21-1ubuntu4 => 3.2.21-1ubuntu4.1)
klibc-utils (2.0.3-0ubuntu1.14.04.2 => 2.0.3-0ubuntu1.14.04.3)
ebtables (2.0.10.4-3ubuntu1 => 2.0.10.4-3ubuntu1.14.04.1)
opinsys-rules (0.23.0+trusty+master.67d8a271325109adbbebd8f394e54ce1e5fdf0fd => 0.23.1+trusty+master.aaaa3bacc552cbafc14f3c34d547906e61273829)
librbd1 (0.80.11-0ubuntu1.14.04.1 => 0.80.11-0ubuntu1.14.04.2)
passwd (4.1.5.1-1ubuntu9.4 => 4.1.5.1-1ubuntu9.5)
linux-image-generic (3.13.0.117.127 => 3.13.0.123.133)
smbclient (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
librados2 (0.80.11-0ubuntu1.14.04.1 => 0.80.11-0ubuntu1.14.04.2)
libisccfg90 (9.9.5.dfsg-3ubuntu0.14 => 9.9.5.dfsg-3ubuntu0.15)
libisccc90 (9.9.5.dfsg-3ubuntu0.14 => 9.9.5.dfsg-3ubuntu0.15)
isc-dhcp-server (4.2.4-7ubuntu12.8 => 4.2.4-7ubuntu12.10)
libc6-dev (2.19-0ubuntu6.11 => 2.19-0ubuntu6.13)
qemu-utils (2.0.0+dfsg-2ubuntu1.33 => 2.0.0+dfsg-2ubuntu1.34)
openjdk-7-jre-headless (7u131-2.6.9-0ubuntu0.14.04.1 => 7u131-2.6.9-0ubuntu0.14.04.2)
openvpn (2.3.2-7ubuntu3.1 => 2.3.2-7ubuntu3.2)
libtre5 (0.8.0-3ubuntu1 => 0.8.0-3+deb7u1ubuntu1)
libc6 (2.19-0ubuntu6.11 => 2.19-0ubuntu6.13)
bind9-host (9.9.5.dfsg-3ubuntu0.14 => 9.9.5.dfsg-3ubuntu0.15)
libwireshark-data (1.10.6-1 => 1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1)
samba-libs (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
bash (4.3-7ubuntu1.6 => 4.3-7ubuntu1.7)
libgs9-common (9.10~dfsg-0ubuntu10.7 => 9.10~dfsg-0ubuntu10.9)
dnsutils (9.9.5.dfsg-3ubuntu0.14 => 9.9.5.dfsg-3ubuntu0.15)
multiarch-support (2.19-0ubuntu6.11 => 2.19-0ubuntu6.13)
qemu-system-common (2.0.0+dfsg-2ubuntu1.33 => 2.0.0+dfsg-2ubuntu1.34)
ghostscript (9.10~dfsg-0ubuntu10.7 => 9.10~dfsg-0ubuntu10.9)
libnss3-1d (3.28.4-0ubuntu0.14.04.1 => 3.28.4-0ubuntu0.14.04.2)
bind9utils (9.9.5.dfsg-3ubuntu0.14 => 9.9.5.dfsg-3ubuntu0.15)
ntp (4.2.6.p5+dfsg-3ubuntu2.14.04.10 => 4.2.6.p5+dfsg-3ubuntu2.14.04.11)
tshark (1.10.6-1 => 1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1)
python-samba (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
isc-dhcp-client (4.2.4-7ubuntu12.8 => 4.2.4-7ubuntu12.10)
puavo-rules (1.23.4+trusty+master.ddf1e25b6143018f181fbc93a8cce32f01e36c32 => 1.23.5+trusty+master.321247fbe2fa19ff9fe3fbdf439a784321230489)
vlan (1.9-3ubuntu10.1 => 1.9-3ubuntu10.4)
libgnutls26 (2.12.23-12ubuntu2.7 => 2.12.23-12ubuntu2.8)
libc-dev-bin (2.19-0ubuntu6.11 => 2.19-0ubuntu6.13)
qemu-keymaps (2.0.0+dfsg-2ubuntu1.33 => 2.0.0+dfsg-2ubuntu1.34)
samba-dsdb-modules (4.3.11+dfsg-0ubuntu0.14.04.7 => 4.3.11+dfsg-0ubuntu0.14.04.9)
login (4.1.5.1-1ubuntu9.4 => 4.1.5.1-1ubuntu9.5)
libgs9 (9.10~dfsg-0ubuntu10.7 => 9.10~dfsg-0ubuntu10.9)
libtasn1-6 (3.4-3ubuntu0.4 => 3.4-3ubuntu0.5)
## Release 51 {#51}
### Notable changes
- Make sure nagios-plugins are installed so that check_raid works in Trusty.
### Security updates
- Package `openjdk-7`:
[CVE-2016-2183](https://security-tracker.debian.org/tracker/CVE-2016-2183),
[CVE-2016-5546](https://security-tracker.debian.org/tracker/CVE-2016-5546),
[CVE-2016-5547](https://security-tracker.debian.org/tracker/CVE-2016-5547),
[CVE-2016-5548](https://security-tracker.debian.org/tracker/CVE-2016-5548),
[CVE-2016-5549](https://security-tracker.debian.org/tracker/CVE-2016-5549),
[CVE-2016-5552](https://security-tracker.debian.org/tracker/CVE-2016-5552),
[CVE-2017-3231](https://security-tracker.debian.org/tracker/CVE-2017-3231),
[CVE-2017-3241](https://security-tracker.debian.org/tracker/CVE-2017-3241),
[CVE-2017-3252](https://security-tracker.debian.org/tracker/CVE-2017-3252),
[CVE-2017-3253](https://security-tracker.debian.org/tracker/CVE-2017-3253),
[CVE-2017-3260](https://security-tracker.debian.org/tracker/CVE-2017-3260),
[CVE-2017-3261](https://security-tracker.debian.org/tracker/CVE-2017-3261),
[CVE-2017-3272](https://security-tracker.debian.org/tracker/CVE-2017-3272),
[CVE-2017-3289](https://security-tracker.debian.org/tracker/CVE-2017-3289),
[CVE-2017-3509](https://security-tracker.debian.org/tracker/CVE-2017-3509),
[CVE-2017-3511](https://security-tracker.debian.org/tracker/CVE-2017-3511),
[CVE-2017-3514](https://security-tracker.debian.org/tracker/CVE-2017-3514),
[CVE-2017-3526](https://security-tracker.debian.org/tracker/CVE-2017-3526),
[CVE-2017-3533](https://security-tracker.debian.org/tracker/CVE-2017-3533),
[CVE-2017-3539](https://security-tracker.debian.org/tracker/CVE-2017-3539),
[CVE-2017-3544](https://security-tracker.debian.org/tracker/CVE-2017-3544)
- Package `freetype`:
[CVE-2016-1032](https://security-tracker.debian.org/tracker/CVE-2016-1032),
[CVE-2017-8105](https://security-tracker.debian.org/tracker/CVE-2017-8105),
[CVE-2017-8287](https://security-tracker.debian.org/tracker/CVE-2017-8287)
- Package `git`:
[CVE-2014-9390](https://security-tracker.debian.org/tracker/CVE-2014-9390),
[CVE-2014-9938](https://security-tracker.debian.org/tracker/CVE-2014-9938),
[CVE-2015-7545](https://security-tracker.debian.org/tracker/CVE-2015-7545),
[CVE-2016-2315](https://security-tracker.debian.org/tracker/CVE-2016-2315),
[CVE-2016-2324](https://security-tracker.debian.org/tracker/CVE-2016-2324),
[CVE-2017-8386](https://security-tracker.debian.org/tracker/CVE-2017-8386)
- Package `nspr`:
[CVE-2014-1545](https://security-tracker.debian.org/tracker/CVE-2014-1545),
[CVE-2015-7183](https://security-tracker.debian.org/tracker/CVE-2015-7183),
[CVE-2016-1951](https://security-tracker.debian.org/tracker/CVE-2016-1951)
- Package `nss`:
[CVE-2014-1569](https://security-tracker.debian.org/tracker/CVE-2014-1569),
[CVE-2015-2721](https://security-tracker.debian.org/tracker/CVE-2015-2721),
[CVE-2015-2730](https://security-tracker.debian.org/tracker/CVE-2015-2730),
[CVE-2015-7181](https://security-tracker.debian.org/tracker/CVE-2015-7181),
[CVE-2015-7182](https://security-tracker.debian.org/tracker/CVE-2015-7182),
[CVE-2015-7575](https://security-tracker.debian.org/tracker/CVE-2015-7575),
[CVE-2016-1938](https://security-tracker.debian.org/tracker/CVE-2016-1938),
[CVE-2016-1950](https://security-tracker.debian.org/tracker/CVE-2016-1950),
[CVE-2016-2183](https://security-tracker.debian.org/tracker/CVE-2016-2183),
[CVE-2016-2834](https://security-tracker.debian.org/tracker/CVE-2016-2834),
[CVE-2016-5285](https://security-tracker.debian.org/tracker/CVE-2016-5285),
[CVE-2016-8635](https://security-tracker.debian.org/tracker/CVE-2016-8635),
[CVE-2016-9074](https://security-tracker.debian.org/tracker/CVE-2016-9074),
[CVE-2017-5461](https://security-tracker.debian.org/tracker/CVE-2017-5461)
- Package `xen`:
[CVE-2014-8106](https://security-tracker.debian.org/tracker/CVE-2014-8106),
[CVE-2016-9603](https://security-tracker.debian.org/tracker/CVE-2016-9603),
[CVE-2017-2615](https://security-tracker.debian.org/tracker/CVE-2017-2615),
[CVE-2017-2620](https://security-tracker.debian.org/tracker/CVE-2017-2620),
[CVE-2017-7228](https://security-tracker.debian.org/tracker/CVE-2017-7228)
- Package `rtmpdump`:
[CVE-2015-8270](https://security-tracker.debian.org/tracker/CVE-2015-8270),
[CVE-2015-8271](https://security-tracker.debian.org/tracker/CVE-2015-8271),
[CVE-2015-8272](https://security-tracker.debian.org/tracker/CVE-2015-8272)
- Package `ghostscript`:
[CVE-2016-1021](https://security-tracker.debian.org/tracker/CVE-2016-1021),
[CVE-2016-1022](https://security-tracker.debian.org/tracker/CVE-2016-1022),
[CVE-2017-5951](https://security-tracker.debian.org/tracker/CVE-2017-5951),
[CVE-2017-7207](https://security-tracker.debian.org/tracker/CVE-2017-7207),
[CVE-2017-8291](https://security-tracker.debian.org/tracker/CVE-2017-8291)
- Package `linux`:
[CVE-2017-5986](https://security-tracker.debian.org/tracker/CVE-2017-5986),
[CVE-2017-6353](https://security-tracker.debian.org/tracker/CVE-2017-6353)
- Package `libxslt`:
[CVE-2015-7955](https://security-tracker.debian.org/tracker/CVE-2015-7955),
[CVE-2016-1683](https://security-tracker.debian.org/tracker/CVE-2016-1683),
[CVE-2016-1684](https://security-tracker.debian.org/tracker/CVE-2016-1684),
[CVE-2016-1841](https://security-tracker.debian.org/tracker/CVE-2016-1841),
[CVE-2016-4738](https://security-tracker.debian.org/tracker/CVE-2016-4738),
[CVE-2017-5029](https://security-tracker.debian.org/tracker/CVE-2017-5029)
- Package `mysql-5.5`:
[CVE-2017-3302](https://security-tracker.debian.org/tracker/CVE-2017-3302),
[CVE-2017-3305](https://security-tracker.debian.org/tracker/CVE-2017-3305),
[CVE-2017-3308](https://security-tracker.debian.org/tracker/CVE-2017-3308),
[CVE-2017-3309](https://security-tracker.debian.org/tracker/CVE-2017-3309),
[CVE-2017-3329](https://security-tracker.debian.org/tracker/CVE-2017-3329),
[CVE-2017-3453](https://security-tracker.debian.org/tracker/CVE-2017-3453),
[CVE-2017-3456](https://security-tracker.debian.org/tracker/CVE-2017-3456),
[CVE-2017-3461](https://security-tracker.debian.org/tracker/CVE-2017-3461),
[CVE-2017-3462](https://security-tracker.debian.org/tracker/CVE-2017-3462),
[CVE-2017-3463](https://security-tracker.debian.org/tracker/CVE-2017-3463),
[CVE-2017-3464](https://security-tracker.debian.org/tracker/CVE-2017-3464),
[CVE-2017-3600](https://security-tracker.debian.org/tracker/CVE-2017-3600)
- Package `bind9`:
[CVE-2015-5722](https://security-tracker.debian.org/tracker/CVE-2015-5722),
[CVE-2015-8000](https://security-tracker.debian.org/tracker/CVE-2015-8000),
[CVE-2015-8704](https://security-tracker.debian.org/tracker/CVE-2015-8704),
[CVE-2016-1285](https://security-tracker.debian.org/tracker/CVE-2016-1285),
[CVE-2016-1286](https://security-tracker.debian.org/tracker/CVE-2016-1286),
[CVE-2016-2776](https://security-tracker.debian.org/tracker/CVE-2016-2776),
[CVE-2016-8864](https://security-tracker.debian.org/tracker/CVE-2016-8864),
[CVE-2016-9131](https://security-tracker.debian.org/tracker/CVE-2016-9131),
[CVE-2016-9147](https://security-tracker.debian.org/tracker/CVE-2016-9147),
[CVE-2016-9444](https://security-tracker.debian.org/tracker/CVE-2016-9444),
[CVE-2017-3135](https://security-tracker.debian.org/tracker/CVE-2017-3135),
[CVE-2017-3136](https://security-tracker.debian.org/tracker/CVE-2017-3136),
[CVE-2017-3137](https://security-tracker.debian.org/tracker/CVE-2017-3137),
[CVE-2017-3138](https://security-tracker.debian.org/tracker/CVE-2017-3138)
- Package `qemu`:
[CVE-2016-1015](https://security-tracker.debian.org/tracker/CVE-2016-1015),
[CVE-2016-5403](https://security-tracker.debian.org/tracker/CVE-2016-5403),
[CVE-2016-8667](https://security-tracker.debian.org/tracker/CVE-2016-8667),
[CVE-2016-8669](https://security-tracker.debian.org/tracker/CVE-2016-8669),
[CVE-2016-9381](https://security-tracker.debian.org/tracker/CVE-2016-9381),
[CVE-2016-9602](https://security-tracker.debian.org/tracker/CVE-2016-9602),
[CVE-2016-9603](https://security-tracker.debian.org/tracker/CVE-2016-9603),
[CVE-2016-9776](https://security-tracker.debian.org/tracker/CVE-2016-9776),
[CVE-2016-9907](https://security-tracker.debian.org/tracker/CVE-2016-9907),
[CVE-2016-9911](https://security-tracker.debian.org/tracker/CVE-2016-9911),
[CVE-2016-9913](https://security-tracker.debian.org/tracker/CVE-2016-9913),
[CVE-2016-9914](https://security-tracker.debian.org/tracker/CVE-2016-9914),
[CVE-2016-9915](https://security-tracker.debian.org/tracker/CVE-2016-9915),
[CVE-2016-9916](https://security-tracker.debian.org/tracker/CVE-2016-9916),
[CVE-2016-9921](https://security-tracker.debian.org/tracker/CVE-2016-9921),
[CVE-2016-9922](https://security-tracker.debian.org/tracker/CVE-2016-9922),
[CVE-2017-2615](https://security-tracker.debian.org/tracker/CVE-2017-2615),
[CVE-2017-2620](https://security-tracker.debian.org/tracker/CVE-2017-2620),
[CVE-2017-2633](https://security-tracker.debian.org/tracker/CVE-2017-2633),
[CVE-2017-5525](https://security-tracker.debian.org/tracker/CVE-2017-5525),
[CVE-2017-5526](https://security-tracker.debian.org/tracker/CVE-2017-5526),
[CVE-2017-5579](https://security-tracker.debian.org/tracker/CVE-2017-5579),
[CVE-2017-5667](https://security-tracker.debian.org/tracker/CVE-2017-5667),
[CVE-2017-5856](https://security-tracker.debian.org/tracker/CVE-2017-5856),
[CVE-2017-5898](https://security-tracker.debian.org/tracker/CVE-2017-5898),
[CVE-2017-5973](https://security-tracker.debian.org/tracker/CVE-2017-5973),
[CVE-2017-5987](https://security-tracker.debian.org/tracker/CVE-2017-5987),
[CVE-2017-6505](https://security-tracker.debian.org/tracker/CVE-2017-6505)
- Package `shadow`:
[CVE-2016-6252](https://security-tracker.debian.org/tracker/CVE-2016-6252),
[CVE-2017-2616](https://security-tracker.debian.org/tracker/CVE-2017-2616)
- Package `icu`:
[CVE-2017-7867](https://security-tracker.debian.org/tracker/CVE-2017-7867),
[CVE-2017-7868](https://security-tracker.debian.org/tracker/CVE-2017-7868)
### Typical update path from Release 50
- Need to get 130 MB of archives.
- Has impact on the availability of the end users service:
- Service `libvirt-bin` will be restarted during the update process and its estimated downtime is 66 seconds.
-
linux-headers-3.10.89-031089-generic (3.10.89-031089.201509211852)
linux-image-3.10.69-031069-generic (3.10.69-031069.201502110743)
linux-image-extra-3.13.0-101-generic (3.13.0-101.148)
linux-firmware-image (3.10.61.opinsys1+-1)
libopenwsman1 (2.4.3-0ubuntu4.1)
linux-headers-3.13.0-117 (3.13.0-117.164)
linux-headers-3.10.81-031081-generic (3.10.81-031081.201506230313)
linux-headers-3.10.69-031069-generic (3.10.69-031069.201502110743)
linux-headers-3.13.0-105-generic (3.13.0-105.152)
libxen-4.1 (4.1.6.1-0ubuntu0.12.04.12)
linux-image-extra-3.13.0-105-generic (3.13.0-105.152)
linux-image-3.13.0-101-generic (3.13.0-101.148)
libhdb9-heimdal (1.6~git20131207+dfsg-1ubuntu1.1)
linux-headers-3.13.0-113 (3.13.0-113.160)
linux-image-extra-3.13.0-113-generic (3.13.0-113.160)
linux-image-3.13.0-106-generic (3.13.0-106.153)
libmpdec2 (2.4.0-6)
linux-headers-3.13.0-24 (3.13.0-24.47)
linux-image-3.10.89-031089-generic (3.10.89-031089.201509211852)
linux-image-3.13.0-77-generic (3.13.0-77.121)
linux-image-3.13.0-24-generic (3.13.0-24.47)
linux-headers-3.13.0-108-generic (3.13.0-108.155)
libcimcclient0 (2.2.6-0ubuntu2)
libkdc2-heimdal (1.6~git20131207+dfsg-1ubuntu1.1)
linux-headers-3.2.0-113 (3.2.0-113.155)
linux-headers-3.13.0-101 (3.13.0-101.148)
libssh2-1 (1.4.3-2ubuntu0.1)
linux-headers-3.10.89-031089 (3.10.89-031089.201509211852)
linux-headers-3.13.0-108 (3.13.0-108.155)
linux-headers-3.13.0-117-generic (3.13.0-117.164)
linux-headers-3.13.0-101-generic (3.13.0-101.148)
linux-headers-3.13.0-106 (3.13.0-106.153)
linux-headers-3.13.0-105 (3.13.0-105.152)
linux-headers-3.13.0-106-generic (3.13.0-106.153)
linux-headers-3.13.0-24-generic (3.13.0-24.47)
linux-image-extra-3.13.0-24-generic (3.13.0-24.47)
libntdb1 (1.0-2ubuntu1)
libhogweed2 (2.7.1-1ubuntu0.2)
linux-image-3.13.0-117-generic (3.13.0-117.164)
linux-image-3.10.61.opinsys1+ (3.10.61.opinsys1+-1)
linux-headers-3.13.0-113-generic (3.13.0-113.160)
linux-headers-3.10.81-031081 (3.10.81-031081.201506230313)
python-ntdb (1.0-2ubuntu1)
linux-image-extra-3.13.0-117-generic (3.13.0-117.164)
linux-image-extra-3.13.0-108-generic (3.13.0-108.155)
linux-image-extra-3.13.0-106-generic (3.13.0-106.153)
linux-image-3.13.0-105-generic (3.13.0-105.152)
linux-image-3.13.0-113-generic (3.13.0-113.160)
linux-image-3.10.81-031081-generic (3.10.81-031081.201506230313)
libgnutls28 (3.2.11-2ubuntu1.1)
linux-headers-3.10.69-031069 (3.10.69-031069.201502110743)
linux-image-3.13.0-108-generic (3.13.0-108.155)
-
linux-image-server (3.13.0.116.126 => 3.13.0.117.127)
libmysqlclient18 (5.5.54-0ubuntu0.14.04.1 => 5.5.55-0ubuntu0.14.04.1)
libnspr4 (4.12-0ubuntu0.14.04.1 => 4.13.1-0ubuntu0.14.04.1)
qemu-kvm (2.0.0+dfsg-2ubuntu1.32 => 2.0.0+dfsg-2ubuntu1.33)
librtmp0 (2.4+20121230.gitdf6c518-1 => 2.4+20121230.gitdf6c518-1ubuntu0.1)
libfreetype6 (2.5.2-1ubuntu2.6 => 2.5.2-1ubuntu2.8)
puavo-rules (1.23.2+trusty+master.daff823788be0c63be40a66bd958ef0094ae71db => 1.23.4+trusty+master.ddf1e25b6143018f181fbc93a8cce32f01e36c32)
git-man (1.9.1-1ubuntu0.4 => 1.9.1-1ubuntu0.5)
libisc95 (9.9.5.dfsg-3ubuntu0.13 => 9.9.5.dfsg-3ubuntu0.14)
linux-libc-dev (3.13.0-116.163 => 3.13.0-117.164)
libxen-4.4 (4.4.2-0ubuntu0.14.04.10 => 4.4.2-0ubuntu0.14.04.11)
libxenstore3.0 (4.4.2-0ubuntu0.14.04.10 => 4.4.2-0ubuntu0.14.04.11)
libnss3 (3.26.2-0ubuntu0.14.04.3 => 3.28.4-0ubuntu0.14.04.1)
libbind9-90 (9.9.5.dfsg-3ubuntu0.13 => 9.9.5.dfsg-3ubuntu0.14)
git (1.9.1-1ubuntu0.4 => 1.9.1-1ubuntu0.5)
liblwres90 (9.9.5.dfsg-3ubuntu0.13 => 9.9.5.dfsg-3ubuntu0.14)
linux-generic (3.13.0.116.126 => 3.13.0.117.127)
libdns100 (9.9.5.dfsg-3ubuntu0.13 => 9.9.5.dfsg-3ubuntu0.14)
libicu52 (52.1-3ubuntu0.5 => 52.1-3ubuntu0.6)
linux-headers-generic (3.13.0.116.126 => 3.13.0.117.127)
libnss3-nssdb (3.26.2-0ubuntu0.14.04.3 => 3.28.4-0ubuntu0.14.04.1)
linux-image-generic-lts-trusty (3.13.0.116.126 => 3.13.0.117.127)
qemu-system-x86 (2.0.0+dfsg-2ubuntu1.32 => 2.0.0+dfsg-2ubuntu1.33)
bind9 (9.9.5.dfsg-3ubuntu0.13 => 9.9.5.dfsg-3ubuntu0.14)
libvirt0 (1.2.2-0ubuntu13.1.17 => 1.2.2-0ubuntu13.1.20)
distro-info-data (0.18ubuntu0.6 => 0.18ubuntu0.7)
passwd (4.1.5.1-1ubuntu9.2 => 4.1.5.1-1ubuntu9.4)
linux-image-generic (3.13.0.116.126 => 3.13.0.117.127)
libisccfg90 (9.9.5.dfsg-3ubuntu0.13 => 9.9.5.dfsg-3ubuntu0.14)
libisccc90 (9.9.5.dfsg-3ubuntu0.13 => 9.9.5.dfsg-3ubuntu0.14)
qemu-utils (2.0.0+dfsg-2ubuntu1.32 => 2.0.0+dfsg-2ubuntu1.33)
openjdk-7-jre-headless (7u121-2.6.8-1ubuntu0.14.04.3 => 7u131-2.6.9-0ubuntu0.14.04.1)
debootstrap (1.0.59ubuntu0.6 => 1.0.59ubuntu0.7)
bind9-host (9.9.5.dfsg-3ubuntu0.13 => 9.9.5.dfsg-3ubuntu0.14)
qemu-keymaps (2.0.0+dfsg-2ubuntu1.32 => 2.0.0+dfsg-2ubuntu1.33)
bash (4.3-7ubuntu1.5 => 4.3-7ubuntu1.6)
libgs9-common (9.10~dfsg-0ubuntu10.6 => 9.10~dfsg-0ubuntu10.7)
dnsutils (9.9.5.dfsg-3ubuntu0.13 => 9.9.5.dfsg-3ubuntu0.14)
qemu-system-common (2.0.0+dfsg-2ubuntu1.32 => 2.0.0+dfsg-2ubuntu1.33)
ghostscript (9.10~dfsg-0ubuntu10.6 => 9.10~dfsg-0ubuntu10.7)
libnss3-1d (3.26.2-0ubuntu0.14.04.3 => 3.28.4-0ubuntu0.14.04.1)
bind9utils (9.9.5.dfsg-3ubuntu0.13 => 9.9.5.dfsg-3ubuntu0.14)
binutils (2.24-5ubuntu14.1 => 2.24-5ubuntu14.2)
libxslt1.1 (1.1.28-2build1 => 1.1.28-2ubuntu0.1)
mysql-common (5.5.54-0ubuntu0.14.04.1 => 5.5.55-0ubuntu0.14.04.1)
login (4.1.5.1-1ubuntu9.2 => 4.1.5.1-1ubuntu9.4)
libgs9 (9.10~dfsg-0ubuntu10.6 => 9.10~dfsg-0ubuntu10.7)
libvirt-bin (1.2.2-0ubuntu13.1.17 => 1.2.2-0ubuntu13.1.20)
## Release 50 {#50}
### Notable changes
- Fixes for puavo-rest character encodings in Trusty.
- Make host-specific logfiles work in Trusty.
### Security updates
- Package `samba`:
[CVE-2012-1182](https://security-tracker.debian.org/tracker/CVE-2012-1182),
[CVE-2012-2111](https://security-tracker.debian.org/tracker/CVE-2012-2111),
[CVE-2012-6150](https://security-tracker.debian.org/tracker/CVE-2012-6150),
[CVE-2013-0213](https://security-tracker.debian.org/tracker/CVE-2013-0213),
[CVE-2013-0214](https://security-tracker.debian.org/tracker/CVE-2013-0214),
[CVE-2013-0454](https://security-tracker.debian.org/tracker/CVE-2013-0454),
[CVE-2014-0244](https://security-tracker.debian.org/tracker/CVE-2014-0244),
[CVE-2015-0240](https://security-tracker.debian.org/tracker/CVE-2015-0240),
[CVE-2015-5252](https://security-tracker.debian.org/tracker/CVE-2015-5252),
[CVE-2015-5296](https://security-tracker.debian.org/tracker/CVE-2015-5296),
[CVE-2015-5299](https://security-tracker.debian.org/tracker/CVE-2015-5299),
[CVE-2015-5330](https://security-tracker.debian.org/tracker/CVE-2015-5330),
[CVE-2015-5370](https://security-tracker.debian.org/tracker/CVE-2015-5370),
[CVE-2015-7560](https://security-tracker.debian.org/tracker/CVE-2015-7560),
[CVE-2016-2110](https://security-tracker.debian.org/tracker/CVE-2016-2110),
[CVE-2016-2111](https://security-tracker.debian.org/tracker/CVE-2016-2111),
[CVE-2016-2112](https://security-tracker.debian.org/tracker/CVE-2016-2112),
[CVE-2016-2115](https://security-tracker.debian.org/tracker/CVE-2016-2115),
[CVE-2016-2118](https://security-tracker.debian.org/tracker/CVE-2016-2118),
[CVE-2016-2125](https://security-tracker.debian.org/tracker/CVE-2016-2125),
[CVE-2017-2619](https://security-tracker.debian.org/tracker/CVE-2017-2619)
- Package `apparmor`:
[CVE-2017-6507](https://security-tracker.debian.org/tracker/CVE-2017-6507)
- Package `eject`:
[CVE-2017-6964](https://security-tracker.debian.org/tracker/CVE-2017-6964)
- Package `linux`:
[CVE-2017-7184](https://security-tracker.debian.org/tracker/CVE-2017-7184),
[CVE-2017-7308](https://security-tracker.debian.org/tracker/CVE-2017-7308)
### Typical update path from Release 49
- Need to get 189 MB of archives.
- Has impact on the availability of the end users service:
- Service `smbd` will be restarted during the update process and its estimated downtime is 32 seconds.
- Service `puavo-rest` will be restarted during the update process and its estimated downtime is 33 seconds.
- Service `nmbd` will be restarted during the update process and its estimated downtime is 32 seconds.
-
linux-headers-3.2.0-126 (3.2.0-126.169)
linux-headers-3.2.0-126-generic (3.2.0-126.169)
linux-image-3.13.0-116-generic (3.13.0-116.163~precise1)
linux-image-3.2.0-126-generic (3.2.0-126.169)
-
linux-image-server (3.2.0.124.139 => 3.2.0.126.141)
samba-common-bin (3.6.25-0ubuntu0.12.04.9 => 3.6.25-0ubuntu0.12.04.10)
samba (3.6.25-0ubuntu0.12.04.9 => 3.6.25-0ubuntu0.12.04.10)
linux-image-generic-lts-trusty (3.13.0.113.104 => 3.13.0.116.107)
eject (2.1.5+deb1+cvs20081104-9 => 2.1.5+deb1+cvs20081104-9ubuntu0.1)
libpam-winbind (3.6.25-0ubuntu0.12.04.9 => 3.6.25-0ubuntu0.12.04.10)
winbind (3.6.25-0ubuntu0.12.04.9 => 3.6.25-0ubuntu0.12.04.10)
linux-image-generic (3.2.0.124.139 => 3.2.0.126.141)
smbclient (3.6.25-0ubuntu0.12.04.9 => 3.6.25-0ubuntu0.12.04.10)
linux-generic (3.2.0.124.139 => 3.2.0.126.141)
libapparmor1 (2.7.102-0ubuntu3.10 => 2.7.102-0ubuntu3.11)
puavo-rules (1.23.2-408+precise+master.56a561d19211c69fa8fe184772babd090b8c3f23 => 1.23.2+precise+master.daff823788be0c63be40a66bd958ef0094ae71db)
makedev (2.3.1-89ubuntu2 => 2.3.1-89ubuntu3)
puavo-rest (0.11.1-834+precise.master.b0a168675278eb7c219e0de70af49f0b8c8029a1 => 0.11.1-837+precise.master.a2a5896dc82b8a0d3b809f5572892f7b004e3b7e)
libwbclient0 (3.6.25-0ubuntu0.12.04.9 => 3.6.25-0ubuntu0.12.04.10)
linux-headers-generic (3.2.0.124.139 => 3.2.0.126.141)
apparmor (2.7.102-0ubuntu3.10 => 2.7.102-0ubuntu3.11)
linux-libc-dev (3.2.0-124.167 => 3.2.0-126.169)
samba-common (3.6.25-0ubuntu0.12.04.9 => 3.6.25-0ubuntu0.12.04.10)
puavo-rest-bootserver (0.11.1-834+precise.master.b0a168675278eb7c219e0de70af49f0b8c8029a1 => 0.11.1-837+precise.master.a2a5896dc82b8a0d3b809f5572892f7b004e3b7e)
dh-apparmor (2.7.102-0ubuntu3.10 => 2.7.102-0ubuntu3.11)
## Release 49 {#49}
### Notable changes
- Support puavo integration for Debian-based images (which use puavo-conf
for configuration).
### Security updates
- Package `libgd2`:
[CVE-2016-1016](https://security-tracker.debian.org/tracker/CVE-2016-1016),
[CVE-2016-6906](https://security-tracker.debian.org/tracker/CVE-2016-6906),
[CVE-2016-6912](https://security-tracker.debian.org/tracker/CVE-2016-6912),
[CVE-2016-9317](https://security-tracker.debian.org/tracker/CVE-2016-9317),
[CVE-2016-9933](https://security-tracker.debian.org/tracker/CVE-2016-9933)
- Package `openjdk-7`:
[CVE-2016-2183](https://security-tracker.debian.org/tracker/CVE-2016-2183),
[CVE-2016-5546](https://security-tracker.debian.org/tracker/CVE-2016-5546),
[CVE-2016-5547](https://security-tracker.debian.org/tracker/CVE-2016-5547),
[CVE-2016-5548](https://security-tracker.debian.org/tracker/CVE-2016-5548),
[CVE-2016-5552](https://security-tracker.debian.org/tracker/CVE-2016-5552),
[CVE-2017-3231](https://security-tracker.debian.org/tracker/CVE-2017-3231),
[CVE-2017-3241](https://security-tracker.debian.org/tracker/CVE-2017-3241),
[CVE-2017-3252](https://security-tracker.debian.org/tracker/CVE-2017-3252),
[CVE-2017-3253](https://security-tracker.debian.org/tracker/CVE-2017-3253),
[CVE-2017-3260](https://security-tracker.debian.org/tracker/CVE-2017-3260),
[CVE-2017-3261](https://security-tracker.debian.org/tracker/CVE-2017-3261),
[CVE-2017-3272](https://security-tracker.debian.org/tracker/CVE-2017-3272),
[CVE-2017-3289](https://security-tracker.debian.org/tracker/CVE-2017-3289)
- Package `freetype`:
[CVE-2016-1024](https://security-tracker.debian.org/tracker/CVE-2016-1024)
- Package `git`:
[CVE-2014-9390](https://security-tracker.debian.org/tracker/CVE-2014-9390),
[CVE-2014-9938](https://security-tracker.debian.org/tracker/CVE-2014-9938),
[CVE-2015-7545](https://security-tracker.debian.org/tracker/CVE-2015-7545),
[CVE-2016-2315](https://security-tracker.debian.org/tracker/CVE-2016-2315),
[CVE-2016-2324](https://security-tracker.debian.org/tracker/CVE-2016-2324)
- Package `python-crypto`:
[CVE-2013-7459](https://security-tracker.debian.org/tracker/CVE-2013-7459)
- Package `w3m`:
[CVE-2016-9425](https://security-tracker.debian.org/tracker/CVE-2016-9425),
[CVE-2016-9430](https://security-tracker.debian.org/tracker/CVE-2016-9430),
[CVE-2016-9434](https://security-tracker.debian.org/tracker/CVE-2016-9434),
[CVE-2016-9438](https://security-tracker.debian.org/tracker/CVE-2016-9438),
[CVE-2016-9442](https://security-tracker.debian.org/tracker/CVE-2016-9442),
[CVE-2016-9624](https://security-tracker.debian.org/tracker/CVE-2016-9624),
[CVE-2016-9628](https://security-tracker.debian.org/tracker/CVE-2016-9628),
[CVE-2016-9632](https://security-tracker.debian.org/tracker/CVE-2016-9632),
[CVE-2016-9633](https://security-tracker.debian.org/tracker/CVE-2016-9633)
- Package `munin`:
[CVE-2017-6188](https://security-tracker.debian.org/tracker/CVE-2017-6188)
- Package `tiff`:
[CVE-2015-7554](https://security-tracker.debian.org/tracker/CVE-2015-7554),
[CVE-2015-8668](https://security-tracker.debian.org/tracker/CVE-2015-8668),
[CVE-2016-1009](https://security-tracker.debian.org/tracker/CVE-2016-1009),
[CVE-2016-3622](https://security-tracker.debian.org/tracker/CVE-2016-3622),
[CVE-2016-3623](https://security-tracker.debian.org/tracker/CVE-2016-3623),
[CVE-2016-3624](https://security-tracker.debian.org/tracker/CVE-2016-3624),
[CVE-2016-3632](https://security-tracker.debian.org/tracker/CVE-2016-3632),
[CVE-2016-3658](https://security-tracker.debian.org/tracker/CVE-2016-3658),
[CVE-2016-3945](https://security-tracker.debian.org/tracker/CVE-2016-3945),
[CVE-2016-3990](https://security-tracker.debian.org/tracker/CVE-2016-3990),
[CVE-2016-3991](https://security-tracker.debian.org/tracker/CVE-2016-3991),
[CVE-2016-5314](https://security-tracker.debian.org/tracker/CVE-2016-5314),
[CVE-2016-5315](https://security-tracker.debian.org/tracker/CVE-2016-5315),
[CVE-2016-5316](https://security-tracker.debian.org/tracker/CVE-2016-5316),
[CVE-2016-5317](https://security-tracker.debian.org/tracker/CVE-2016-5317),
[CVE-2016-5320](https://security-tracker.debian.org/tracker/CVE-2016-5320),
[CVE-2016-5321](https://security-tracker.debian.org/tracker/CVE-2016-5321),
[CVE-2016-5322](https://security-tracker.debian.org/tracker/CVE-2016-5322),
[CVE-2016-5323](https://security-tracker.debian.org/tracker/CVE-2016-5323),
[CVE-2016-5652](https://security-tracker.debian.org/tracker/CVE-2016-5652),
[CVE-2016-5875](https://security-tracker.debian.org/tracker/CVE-2016-5875),
[CVE-2016-6223](https://security-tracker.debian.org/tracker/CVE-2016-6223),
[CVE-2016-8331](https://security-tracker.debian.org/tracker/CVE-2016-8331),
[CVE-2016-9273](https://security-tracker.debian.org/tracker/CVE-2016-9273),
[CVE-2016-9297](https://security-tracker.debian.org/tracker/CVE-2016-9297),
[CVE-2016-9448](https://security-tracker.debian.org/tracker/CVE-2016-9448),
[CVE-2016-9453](https://security-tracker.debian.org/tracker/CVE-2016-9453),
[CVE-2016-9532](https://security-tracker.debian.org/tracker/CVE-2016-9532),
[CVE-2016-9533](https://security-tracker.debian.org/tracker/CVE-2016-9533),
[CVE-2016-9534](https://security-tracker.debian.org/tracker/CVE-2016-9534),
[CVE-2016-9535](https://security-tracker.debian.org/tracker/CVE-2016-9535),
[CVE-2016-9536](https://security-tracker.debian.org/tracker/CVE-2016-9536),
[CVE-2016-9537](https://security-tracker.debian.org/tracker/CVE-2016-9537),
[CVE-2016-9538](https://security-tracker.debian.org/tracker/CVE-2016-9538),
[CVE-2016-9539](https://security-tracker.debian.org/tracker/CVE-2016-9539),
[CVE-2016-9540](https://security-tracker.debian.org/tracker/CVE-2016-9540),
[CVE-2017-5225](https://security-tracker.debian.org/tracker/CVE-2017-5225)
- Package `linux`:
[CVE-2016-7910](https://security-tracker.debian.org/tracker/CVE-2016-7910),
[CVE-2016-7911](https://security-tracker.debian.org/tracker/CVE-2016-7911),
[CVE-2017-2636](https://security-tracker.debian.org/tracker/CVE-2017-2636),
[CVE-2017-6074](https://security-tracker.debian.org/tracker/CVE-2017-6074)
- Package `libxml2`:
[CVE-2016-4448](https://security-tracker.debian.org/tracker/CVE-2016-4448),
[CVE-2016-4658](https://security-tracker.debian.org/tracker/CVE-2016-4658),
[CVE-2016-5131](https://security-tracker.debian.org/tracker/CVE-2016-5131)
- Package `icu`:
[CVE-2014-9911](https://security-tracker.debian.org/tracker/CVE-2014-9911),
[CVE-2015-4844](https://security-tracker.debian.org/tracker/CVE-2015-4844),
[CVE-2016-0494](https://security-tracker.debian.org/tracker/CVE-2016-0494),
[CVE-2016-6293](https://security-tracker.debian.org/tracker/CVE-2016-6293),
[CVE-2016-7415](https://security-tracker.debian.org/tracker/CVE-2016-7415)
- Package `libarchive`:
[CVE-2016-5418](https://security-tracker.debian.org/tracker/CVE-2016-5418),
[CVE-2016-6250](https://security-tracker.debian.org/tracker/CVE-2016-6250),
[CVE-2016-7166](https://security-tracker.debian.org/tracker/CVE-2016-7166),
[CVE-2016-8687](https://security-tracker.debian.org/tracker/CVE-2016-8687),
[CVE-2016-8688](https://security-tracker.debian.org/tracker/CVE-2016-8688),
[CVE-2016-8689](https://security-tracker.debian.org/tracker/CVE-2016-8689),
[CVE-2017-5601](https://security-tracker.debian.org/tracker/CVE-2017-5601)
- Package `eglibc`:
[CVE-2015-5180](https://security-tracker.debian.org/tracker/CVE-2015-5180),
[CVE-2015-8982](https://security-tracker.debian.org/tracker/CVE-2015-8982),
[CVE-2015-8983](https://security-tracker.debian.org/tracker/CVE-2015-8983),
[CVE-2015-8984](https://security-tracker.debian.org/tracker/CVE-2015-8984),
[CVE-2016-1234](https://security-tracker.debian.org/tracker/CVE-2016-1234),
[CVE-2016-3706](https://security-tracker.debian.org/tracker/CVE-2016-3706),
[CVE-2016-4429](https://security-tracker.debian.org/tracker/CVE-2016-4429),
[CVE-2016-6323](https://security-tracker.debian.org/tracker/CVE-2016-6323)
- Package `samba`:
[CVE-2015-5252](https://security-tracker.debian.org/tracker/CVE-2015-5252),
[CVE-2015-5370](https://security-tracker.debian.org/tracker/CVE-2015-5370),
[CVE-2015-7560](https://security-tracker.debian.org/tracker/CVE-2015-7560),
[CVE-2016-0771](https://security-tracker.debian.org/tracker/CVE-2016-0771),
[CVE-2016-2110](https://security-tracker.debian.org/tracker/CVE-2016-2110),
[CVE-2016-2111](https://security-tracker.debian.org/tracker/CVE-2016-2111),
[CVE-2016-2112](https://security-tracker.debian.org/tracker/CVE-2016-2112),
[CVE-2016-2113](https://security-tracker.debian.org/tracker/CVE-2016-2113),
[CVE-2016-2114](https://security-tracker.debian.org/tracker/CVE-2016-2114),
[CVE-2016-2115](https://security-tracker.debian.org/tracker/CVE-2016-2115),
[CVE-2016-2118](https://security-tracker.debian.org/tracker/CVE-2016-2118),
[CVE-2016-2119](https://security-tracker.debian.org/tracker/CVE-2016-2119),
[CVE-2016-2123](https://security-tracker.debian.org/tracker/CVE-2016-2123),
[CVE-2016-2125](https://security-tracker.debian.org/tracker/CVE-2016-2125),
[CVE-2016-2126](https://security-tracker.debian.org/tracker/CVE-2016-2126),
[CVE-2017-2619](https://security-tracker.debian.org/tracker/CVE-2017-2619)
- Package `gnutls26`:
[CVE-2016-8610](https://security-tracker.debian.org/tracker/CVE-2016-8610)
- Package `libevent`:
[CVE-2016-1019](https://security-tracker.debian.org/tracker/CVE-2016-1019)
- Package `bind9`:
[CVE-2015-5477](https://security-tracker.debian.org/tracker/CVE-2015-5477),
[CVE-2015-5722](https://security-tracker.debian.org/tracker/CVE-2015-5722),
[CVE-2015-8000](https://security-tracker.debian.org/tracker/CVE-2015-8000),
[CVE-2015-8704](https://security-tracker.debian.org/tracker/CVE-2015-8704),
[CVE-2016-1285](https://security-tracker.debian.org/tracker/CVE-2016-1285),
[CVE-2016-1286](https://security-tracker.debian.org/tracker/CVE-2016-1286),
[CVE-2016-2776](https://security-tracker.debian.org/tracker/CVE-2016-2776),
[CVE-2016-8864](https://security-tracker.debian.org/tracker/CVE-2016-8864),
[CVE-2016-9131](https://security-tracker.debian.org/tracker/CVE-2016-9131),
[CVE-2016-9147](https://security-tracker.debian.org/tracker/CVE-2016-9147),
[CVE-2016-9444](https://security-tracker.debian.org/tracker/CVE-2016-9444),
[CVE-2017-3135](https://security-tracker.debian.org/tracker/CVE-2017-3135)
- Package `tcpdump`:
[CVE-2016-7922](https://security-tracker.debian.org/tracker/CVE-2016-7922),
[CVE-2016-7923](https://security-tracker.debian.org/tracker/CVE-2016-7923),
[CVE-2016-7924](https://security-tracker.debian.org/tracker/CVE-2016-7924),
[CVE-2016-7925](https://security-tracker.debian.org/tracker/CVE-2016-7925),
[CVE-2016-7926](https://security-tracker.debian.org/tracker/CVE-2016-7926),
[CVE-2016-7927](https://security-tracker.debian.org/tracker/CVE-2016-7927),
[CVE-2016-7928](https://security-tracker.debian.org/tracker/CVE-2016-7928),
[CVE-2016-7929](https://security-tracker.debian.org/tracker/CVE-2016-7929),
[CVE-2016-7930](https://security-tracker.debian.org/tracker/CVE-2016-7930),
[CVE-2016-7931](https://security-tracker.debian.org/tracker/CVE-2016-7931),
[CVE-2016-7932](https://security-tracker.debian.org/tracker/CVE-2016-7932),
[CVE-2016-7933](https://security-tracker.debian.org/tracker/CVE-2016-7933),
[CVE-2016-7934](https://security-tracker.debian.org/tracker/CVE-2016-7934),
[CVE-2016-7935](https://security-tracker.debian.org/tracker/CVE-2016-7935),
[CVE-2016-7936](https://security-tracker.debian.org/tracker/CVE-2016-7936),
[CVE-2016-7937](https://security-tracker.debian.org/tracker/CVE-2016-7937),
[CVE-2016-7938](https://security-tracker.debian.org/tracker/CVE-2016-7938),
[CVE-2016-7939](https://security-tracker.debian.org/tracker/CVE-2016-7939),
[CVE-2016-7940](https://security-tracker.debian.org/tracker/CVE-2016-7940),
[CVE-2016-7973](https://security-tracker.debian.org/tracker/CVE-2016-7973),
[CVE-2016-7974](https://security-tracker.debian.org/tracker/CVE-2016-7974),
[CVE-2016-7975](https://security-tracker.debian.org/tracker/CVE-2016-7975),
[CVE-2016-7983](https://security-tracker.debian.org/tracker/CVE-2016-7983),
[CVE-2016-7984](https://security-tracker.debian.org/tracker/CVE-2016-7984),
[CVE-2016-7985](https://security-tracker.debian.org/tracker/CVE-2016-7985),
[CVE-2016-7986](https://security-tracker.debian.org/tracker/CVE-2016-7986),
[CVE-2016-7992](https://security-tracker.debian.org/tracker/CVE-2016-7992),
[CVE-2016-7993](https://security-tracker.debian.org/tracker/CVE-2016-7993),
[CVE-2016-8574](https://security-tracker.debian.org/tracker/CVE-2016-8574),
[CVE-2016-8575](https://security-tracker.debian.org/tracker/CVE-2016-8575),
[CVE-2017-5202](https://security-tracker.debian.org/tracker/CVE-2017-5202),
[CVE-2017-5203](https://security-tracker.debian.org/tracker/CVE-2017-5203),
[CVE-2017-5204](https://security-tracker.debian.org/tracker/CVE-2017-5204),
[CVE-2017-5205](https://security-tracker.debian.org/tracker/CVE-2017-5205),
[CVE-2017-5341](https://security-tracker.debian.org/tracker/CVE-2017-5341),
[CVE-2017-5342](https://security-tracker.debian.org/tracker/CVE-2017-5342),
[CVE-2017-5482](https://security-tracker.debian.org/tracker/CVE-2017-5482),
[CVE-2017-5483](https://security-tracker.debian.org/tracker/CVE-2017-5483),
[CVE-2017-5484](https://security-tracker.debian.org/tracker/CVE-2017-5484),
[CVE-2017-5485](https://security-tracker.debian.org/tracker/CVE-2017-5485),
[CVE-2017-5486](https://security-tracker.debian.org/tracker/CVE-2017-5486)
- Package `pillow`:
[CVE-2014-9601](https://security-tracker.debian.org/tracker/CVE-2014-9601),
[CVE-2016-9189](https://security-tracker.debian.org/tracker/CVE-2016-9189),
[CVE-2016-9190](https://security-tracker.debian.org/tracker/CVE-2016-9190)
- Package `libgc`:
[CVE-2012-2673](https://security-tracker.debian.org/tracker/CVE-2012-2673),
[CVE-2016-9427](https://security-tracker.debian.org/tracker/CVE-2016-9427)
- Package `spice`:
[CVE-2016-9577](https://security-tracker.debian.org/tracker/CVE-2016-9577),
[CVE-2016-9578](https://security-tracker.debian.org/tracker/CVE-2016-9578)
### Typical update path from Release 48
- Need to get 181 MB of archives.
- Has impact on the availability of the end users service:
- Service `nmbd` will be restarted during the update process and its estimated downtime is 78 seconds.
- Service `winbind` will be restarted during the update process and its estimated downtime is 81 seconds.
- Service `udev` will be restarted during the update process and its estimated downtime is 0 seconds.
- Service `smbd` will be restarted during the update process and its estimated downtime is 77 seconds.
- Service `cups` will be restarted during the update process and its estimated downtime is 81 seconds.
- Service `puavo-rest` will be restarted during the update process and its estimated downtime is 59 seconds.
-
libxtst6 (1.2.2-1)
libmysqlclient18 (5.5.54-0ubuntu0.14.04.1)
libgl1-mesa-glx (10.1.3-0ubuntu0.6)
nagios-plugins-common (1.5-3ubuntu1)
linux-headers-3.13.0-113 (3.13.0-113.160)
libglapi-mesa (10.1.3-0ubuntu0.6)
libice6 (1.0.8-2)
mysql-common (5.5.54-0ubuntu0.14.04.1)
linux-headers-3.2.0-119 (3.2.0-119.162)
libgd2-xpm (2.0.36~rc1~dfsg-6ubuntu2.3)
libsm6 (1.2.1-2)
libllvm3.4 (3.4-1ubuntu3)
libhdb9-heimdal (1.6~git20131207+dfsg-1ubuntu1.1)
libxaw7 (1.0.12-1)
libxrandr2 (1.5.0-1~trusty1)
libx11-xcb1 (1.6.2-1ubuntu2)
linux-image-extra-3.13.0-113-generic (3.13.0-113.160)
libtxc-dxtn-s2tc0 (0~git20131104-1.1)
libxdamage1 (1.1.4-1ubuntu1)
libxinerama1 (1.1.3-1)
libutempter0 (1.1.5-4build1)
libxi6 (1.7.1.901-1ubuntu1.1)
libmpc2 (0.9-4)
libkdc2-heimdal (1.6~git20131207+dfsg-1ubuntu1.1)
libxxf86dga1 (1.1.4-1)
libtcl8.6 (8.6.1-4ubuntu1)
libxcb-shape0 (1.10-2ubuntu1)
libxcb-present0 (1.10-2ubuntu1)
libgl1-mesa-dri (10.1.3-0ubuntu0.6)
libxfixes3 (5.0.1-1ubuntu1.1)
libxcomposite1 (0.4.4-1)
libxcb-sync1 (1.10-2ubuntu1)
libart-2.0-2 (2.3.21-2)
libxmu6 (1.1.1-1)
libdrm-nouveau2 (2.4.67-1ubuntu0.14.04.1)
libxcb-dri3-0 (1.10-2ubuntu1)
libntdb1 (1.0-2ubuntu1)
libruby1.8 (1.8.7.352-2ubuntu1.6)
libxcb-glx0 (1.10-2ubuntu1)
libxt6 (1.1.4-1)
libxcb-dri2-0 (1.10-2ubuntu1)
libxxf86vm1 (1.1.3-1)
python-ntdb (1.0-2ubuntu1)
libxv1 (1.0.10-1)
linux-image-3.13.0-113-generic (3.13.0-113.160)
libmpdec2 (2.4.0-6)
libfontenc1 (1.1.2-1)
libtk8.6 (8.6.1-3ubuntu2)
linux-headers-3.13.0-113-generic (3.13.0-113.160)
libavahi-glib1 (0.6.31-4ubuntu1.1)
libxshmfence1 (1.1-2)
-
libevent-2.0-5 (2.0.21-stable-1ubuntu1.14.04.1 => 2.0.21-stable-1ubuntu1.14.04.2)
libgd3 (2.1.0-3ubuntu0.5 => 2.1.0-3ubuntu0.6)
libcupsimage2 (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
cups-client (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
qemu-keymaps (2.0.0+dfsg-2ubuntu1.30 => 2.0.0+dfsg-2ubuntu1.32)
git-man (1.9.1-1ubuntu0.3 => 1.9.1-1ubuntu0.4)
libtiff5 (4.0.3-7ubuntu0.4 => 4.0.3-7ubuntu0.6)
samba-libs (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
samba (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
libdns100 (9.9.5.dfsg-3ubuntu0.11 => 9.9.5.dfsg-3ubuntu0.13)
qemu-system-x86 (2.0.0+dfsg-2ubuntu1.30 => 2.0.0+dfsg-2ubuntu1.32)
munin-common (2.0.19-3 => 2.0.19-3ubuntu0.3)
cups-daemon (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
libgnutls-openssl27 (2.12.23-12ubuntu2.6 => 2.12.23-12ubuntu2.7)
libsystemd-login0 (204-5ubuntu20.22 => 204-5ubuntu20.24)
crash (7.0.3-3ubuntu4.4 => 7.0.3-3ubuntu4.5)
libxml2-utils (2.9.1+dfsg1-3ubuntu4.8 => 2.9.1+dfsg1-3ubuntu4.9)
linux-image-generic (3.13.0.108.116 => 3.13.0.113.123)
libspice-server1 (0.12.4-0nocelt2ubuntu1.3 => 0.12.4-0nocelt2ubuntu1.4)
openjdk-7-jre-headless (7u121-2.6.8-1ubuntu0.14.04.1 => 7u121-2.6.8-1ubuntu0.14.04.3)
samba-dsdb-modules (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
cups-ppdc (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
puavo-rest-bootserver (0.11.2-12+trusty.trustyrestonly.81c3ce2e83f932af6d3d6b2b20448c3ead387d81 => 0.11.2-14+trusty.trustyrestonly.28221df989c9368025ec02392ccfd35c7a4be2f3)
bind9-host (9.9.5.dfsg-3ubuntu0.11 => 9.9.5.dfsg-3ubuntu0.13)
qemu-system-common (2.0.0+dfsg-2ubuntu1.30 => 2.0.0+dfsg-2ubuntu1.32)
python-imaging (2.3.0-1ubuntu3.3 => 2.3.0-1ubuntu3.4)
python-pil (2.3.0-1ubuntu3.3 => 2.3.0-1ubuntu3.4)
libnss-winbind (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
libpam-winbind (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
libudev1 (204-5ubuntu20.22 => 204-5ubuntu20.24)
udev (204-5ubuntu20.22 => 204-5ubuntu20.24)
linux-libc-dev (3.13.0-108.155 => 3.13.0-113.160)
libxen-4.4 (4.4.2-0ubuntu0.14.04.9 => 4.4.2-0ubuntu0.14.04.10)
libxenstore3.0 (4.4.2-0ubuntu0.14.04.9 => 4.4.2-0ubuntu0.14.04.10)
liblwres90 (9.9.5.dfsg-3ubuntu0.11 => 9.9.5.dfsg-3ubuntu0.13)
libsystemd-daemon0 (204-5ubuntu20.22 => 204-5ubuntu20.24)
winbind (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
smbclient (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
libisccc90 (9.9.5.dfsg-3ubuntu0.11 => 9.9.5.dfsg-3ubuntu0.13)
qemu-utils (2.0.0+dfsg-2ubuntu1.30 => 2.0.0+dfsg-2ubuntu1.32)
dnsutils (9.9.5.dfsg-3ubuntu0.11 => 9.9.5.dfsg-3ubuntu0.13)
cups-common (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
linux-image-server (3.13.0.108.116 => 3.13.0.113.123)
libcupscgi1 (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
munin-node (2.0.19-3 => 2.0.19-3ubuntu0.3)
libwbclient0 (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
libgc1c2 (7.2d-5ubuntu2 => 7.2d-5ubuntu2.1)
libcups2 (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
cups (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
libc-bin (2.19-0ubuntu6.9 => 2.19-0ubuntu6.11)
git (1.9.1-1ubuntu0.3 => 1.9.1-1ubuntu0.4)
libarchive13 (3.1.2-7ubuntu2.3 => 3.1.2-7ubuntu2.4)
linux-generic (3.13.0.108.116 => 3.13.0.113.123)
libsmbclient (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
w3m (0.5.3-15 => 0.5.3-15ubuntu0.1)
samba-common-bin (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
linux-image-generic-lts-trusty (3.13.0.108.116 => 3.13.0.113.123)
libcupsppdc1 (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
bind9 (9.9.5.dfsg-3ubuntu0.11 => 9.9.5.dfsg-3ubuntu0.13)
tcpdump (4.5.1-2ubuntu1.2 => 4.9.0-1ubuntu1~ubuntu14.04.1)
munin-doc (2.0.19-3 => 2.0.19-3ubuntu0.3)
cups-core-drivers (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
libisccfg90 (9.9.5.dfsg-3ubuntu0.11 => 9.9.5.dfsg-3ubuntu0.13)
munin (2.0.19-3 => 2.0.19-3ubuntu0.3)
libpam-systemd (204-5ubuntu20.22 => 204-5ubuntu20.24)
libgnutls26 (2.12.23-12ubuntu2.6 => 2.12.23-12ubuntu2.7)
libxml2 (2.9.1+dfsg1-3ubuntu4.8 => 2.9.1+dfsg1-3ubuntu4.9)
qemu-kvm (2.0.0+dfsg-2ubuntu1.30 => 2.0.0+dfsg-2ubuntu1.32)
libfreetype6 (2.5.2-1ubuntu2.5 => 2.5.2-1ubuntu2.6)
munin-plugins-extra (2.0.19-3 => 2.0.19-3ubuntu0.3)
libisc95 (9.9.5.dfsg-3ubuntu0.11 => 9.9.5.dfsg-3ubuntu0.13)
libgudev-1.0-0 (204-5ubuntu20.22 => 204-5ubuntu20.24)
samba-common (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
libbind9-90 (9.9.5.dfsg-3ubuntu0.11 => 9.9.5.dfsg-3ubuntu0.13)
libicu52 (52.1-3ubuntu0.4 => 52.1-3ubuntu0.5)
linux-headers-generic (3.13.0.108.116 => 3.13.0.113.123)
python-samba (4.3.11+dfsg-0ubuntu0.14.04.4 => 4.3.11+dfsg-0ubuntu0.14.04.6)
munin-plugins-core (2.0.19-3 => 2.0.19-3ubuntu0.3)
cups-server-common (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
multiarch-support (2.19-0ubuntu6.9 => 2.19-0ubuntu6.11)
libc6-dev (2.19-0ubuntu6.9 => 2.19-0ubuntu6.11)
systemd-services (204-5ubuntu20.22 => 204-5ubuntu20.24)
libc6 (2.19-0ubuntu6.9 => 2.19-0ubuntu6.11)
puavo-rest (0.11.2-12+trusty.trustyrestonly.81c3ce2e83f932af6d3d6b2b20448c3ead387d81 => 0.11.2-14+trusty.trustyrestonly.28221df989c9368025ec02392ccfd35c7a4be2f3)
bind9utils (9.9.5.dfsg-3ubuntu0.11 => 9.9.5.dfsg-3ubuntu0.13)
libc-dev-bin (2.19-0ubuntu6.9 => 2.19-0ubuntu6.11)
libcupsmime1 (1.7.2-0ubuntu1.7 => 1.7.2-0ubuntu1.8)
python-crypto (2.6.1-4build1 => 2.6.1-4ubuntu0.2)
## Release 48 {#48}
### Security updates
- Package `nss`:
[CVE-2015-7575](https://security-tracker.debian.org/tracker/CVE-2015-7575),
[CVE-2016-1938](https://security-tracker.debian.org/tracker/CVE-2016-1938),
[CVE-2016-1950](https://security-tracker.debian.org/tracker/CVE-2016-1950),
[CVE-2016-2834](https://security-tracker.debian.org/tracker/CVE-2016-2834),
[CVE-2016-5285](https://security-tracker.debian.org/tracker/CVE-2016-5285),
[CVE-2016-8635](https://security-tracker.debian.org/tracker/CVE-2016-8635),
[CVE-2016-9074](https://security-tracker.debian.org/tracker/CVE-2016-9074)
- Package `pcsc-lite`:
[CVE-2016-1010](https://security-tracker.debian.org/tracker/CVE-2016-1010)
- Package `xen`:
[CVE-2016-1001](https://security-tracker.debian.org/tracker/CVE-2016-1001),
[CVE-2016-1002](https://security-tracker.debian.org/tracker/CVE-2016-1002),
[CVE-2016-9380](https://security-tracker.debian.org/tracker/CVE-2016-9380),
[CVE-2016-9381](https://security-tracker.debian.org/tracker/CVE-2016-9381),
[CVE-2016-9382](https://security-tracker.debian.org/tracker/CVE-2016-9382),
[CVE-2016-9383](https://security-tracker.debian.org/tracker/CVE-2016-9383),
[CVE-2016-9386](https://security-tracker.debian.org/tracker/CVE-2016-9386),
[CVE-2016-9637](https://security-tracker.debian.org/tracker/CVE-2016-9637),
[CVE-2016-9932](https://security-tracker.debian.org/tracker/CVE-2016-9932)
- Package `openssl`:
[CVE-2016-2177](https://security-tracker.debian.org/tracker/CVE-2016-2177),
[CVE-2016-7056](https://security-tracker.debian.org/tracker/CVE-2016-7056),
[CVE-2016-8610](https://security-tracker.debian.org/tracker/CVE-2016-8610),
[CVE-2017-3731](https://security-tracker.debian.org/tracker/CVE-2017-3731)
- Package `nettle`:
[CVE-2016-6489](https://security-tracker.debian.org/tracker/CVE-2016-6489)
- Package `tomcat6`:
[CVE-2016-0762](https://security-tracker.debian.org/tracker/CVE-2016-0762),
[CVE-2016-5018](https://security-tracker.debian.org/tracker/CVE-2016-5018),
[CVE-2016-5388](https://security-tracker.debian.org/tracker/CVE-2016-5388),
[CVE-2016-6794](https://security-tracker.debian.org/tracker/CVE-2016-6794),
[CVE-2016-6796](https://security-tracker.debian.org/tracker/CVE-2016-6796),
[CVE-2016-6797](https://security-tracker.debian.org/tracker/CVE-2016-6797),
[CVE-2016-6816](https://security-tracker.debian.org/tracker/CVE-2016-6816),
[CVE-2016-8735](https://security-tracker.debian.org/tracker/CVE-2016-8735),
[CVE-2016-8745](https://security-tracker.debian.org/tracker/CVE-2016-8745),
[CVE-2016-9774](https://security-tracker.debian.org/tracker/CVE-2016-9774),
[CVE-2016-9775](https://security-tracker.debian.org/tracker/CVE-2016-9775)
- Package `gnutls26`:
[CVE-2017-5335](https://security-tracker.debian.org/tracker/CVE-2017-5335),
[CVE-2017-5336](https://security-tracker.debian.org/tracker/CVE-2017-5336),
[CVE-2017-5337](https://security-tracker.debian.org/tracker/CVE-2017-5337)
- Package `libxpm`:
[CVE-2016-1016](https://security-tracker.debian.org/tracker/CVE-2016-1016)
- Package `linux`:
[CVE-2016-9555](https://security-tracker.debian.org/tracker/CVE-2016-9555),
[CVE-2016-9685](https://security-tracker.debian.org/tracker/CVE-2016-9685),
[CVE-2016-9756](https://security-tracker.debian.org/tracker/CVE-2016-9756),
[CVE-2016-9794](https://security-tracker.debian.org/tracker/CVE-2016-9794)
- Package `mysql-5.5`:
[CVE-2017-3238](https://security-tracker.debian.org/tracker/CVE-2017-3238),
[CVE-2017-3243](https://security-tracker.debian.org/tracker/CVE-2017-3243),
[CVE-2017-3244](https://security-tracker.debian.org/tracker/CVE-2017-3244),
[CVE-2017-3258](https://security-tracker.debian.org/tracker/CVE-2017-3258),
[CVE-2017-3265](https://security-tracker.debian.org/tracker/CVE-2017-3265),
[CVE-2017-3291](https://security-tracker.debian.org/tracker/CVE-2017-3291),
[CVE-2017-3312](https://security-tracker.debian.org/tracker/CVE-2017-3312),
[CVE-2017-3313](https://security-tracker.debian.org/tracker/CVE-2017-3313),
[CVE-2017-3317](https://security-tracker.debian.org/tracker/CVE-2017-3317),
[CVE-2017-3318](https://security-tracker.debian.org/tracker/CVE-2017-3318)
- Package `bind9`:
[CVE-2012-5689](https://security-tracker.debian.org/tracker/CVE-2012-5689),
[CVE-2015-4620](https://security-tracker.debian.org/tracker/CVE-2015-4620),
[CVE-2015-5477](https://security-tracker.debian.org/tracker/CVE-2015-5477),
[CVE-2015-5722](https://security-tracker.debian.org/tracker/CVE-2015-5722),
[CVE-2015-8000](https://security-tracker.debian.org/tracker/CVE-2015-8000),
[CVE-2015-8704](https://security-tracker.debian.org/tracker/CVE-2015-8704),
[CVE-2016-1285](https://security-tracker.debian.org/tracker/CVE-2016-1285),
[CVE-2016-1286](https://security-tracker.debian.org/tracker/CVE-2016-1286),
[CVE-2016-2776](https://security-tracker.debian.org/tracker/CVE-2016-2776),
[CVE-2016-2848](https://security-tracker.debian.org/tracker/CVE-2016-2848),
[CVE-2016-8864](https://security-tracker.debian.org/tracker/CVE-2016-8864),
[CVE-2016-9131](https://security-tracker.debian.org/tracker/CVE-2016-9131),
[CVE-2016-9147](https://security-tracker.debian.org/tracker/CVE-2016-9147)
### Typical update path from Release 47
- Need to get 116 MB of archives.
- Has impact on the availability of the end users service:
- Service `isc-dhcp-server` will be restarted during the update process and its estimated downtime is 34 seconds.
-
linux-headers-3.2.0-121-generic (3.2.0-121.164)
linux-image-3.2.0-121-generic (3.2.0-121.164)
linux-image-3.13.0-108-generic (3.13.0-108.155~precise1)
linux-headers-3.2.0-121 (3.2.0-121.164)
-
linux-image-server (3.2.0.119.134 => 3.2.0.121.136)
libssl1.0.0 (1.0.1-4ubuntu5.38 => 1.0.1-4ubuntu5.39)
libmysqlclient18 (5.5.53-0ubuntu0.12.04.1 => 5.5.54-0ubuntu0.12.04.1)
libtomcat6-java (6.0.35-1ubuntu3.8 => 6.0.35-1ubuntu3.10)
libisccc80 (9.8.1.dfsg.P1-4ubuntu0.19 => 9.8.1.dfsg.P1-4ubuntu0.20)
libisccfg82 (9.8.1.dfsg.P1-4ubuntu0.19 => 9.8.1.dfsg.P1-4ubuntu0.20)
openssl (1.0.1-4ubuntu5.38 => 1.0.1-4ubuntu5.39)
tomcat6 (6.0.35-1ubuntu3.8 => 6.0.35-1ubuntu3.10)
mysql-common (5.5.53-0ubuntu0.12.04.1 => 5.5.54-0ubuntu0.12.04.1)
linux-libc-dev (3.2.0-119.162 => 3.2.0-121.164)
libxen-4.1 (4.1.6.1-0ubuntu0.12.04.12 => 4.1.6.1-0ubuntu0.12.04.13)
libnss3 (3.23-0ubuntu0.12.04.1 => 3.26.2-0ubuntu0.12.04.1)
libxpm4 (3.5.9-4 => 3.5.9-4ubuntu0.1)
linux-generic (3.2.0.119.134 => 3.2.0.121.136)
libxenstore3.0 (4.1.6.1-0ubuntu0.12.04.12 => 4.1.6.1-0ubuntu0.12.04.13)
isc-dhcp-common (4.1.ESV-R4-0ubuntu5.11 => 4.1.ESV-R4-0ubuntu5.12)
linux-headers-generic (3.2.0.119.134 => 3.2.0.121.136)
linux-image-generic-lts-trusty (3.13.0.106.97 => 3.13.0.108.99)
bind9 (9.8.1.dfsg.P1-4ubuntu0.19 => 9.8.1.dfsg.P1-4ubuntu0.20)
libservlet2.5-java (6.0.35-1ubuntu3.8 => 6.0.35-1ubuntu3.10)
libnettle4 (2.4-1 => 2.4-1ubuntu0.1)
linux-image-generic (3.2.0.119.134 => 3.2.0.121.136)
isc-dhcp-server (4.1.ESV-R4-0ubuntu5.11 => 4.1.ESV-R4-0ubuntu5.12)
libisc83 (9.8.1.dfsg.P1-4ubuntu0.19 => 9.8.1.dfsg.P1-4ubuntu0.20)
bind9-host (9.8.1.dfsg.P1-4ubuntu0.19 => 9.8.1.dfsg.P1-4ubuntu0.20)
libhogweed2 (2.4-1 => 2.4-1ubuntu0.1)
libdns81 (9.8.1.dfsg.P1-4ubuntu0.19 => 9.8.1.dfsg.P1-4ubuntu0.20)
dnsutils (9.8.1.dfsg.P1-4ubuntu0.19 => 9.8.1.dfsg.P1-4ubuntu0.20)
libpcsclite1 (1.7.4-2ubuntu2 => 1.7.4-2ubuntu2.1)
liblwres80 (9.8.1.dfsg.P1-4ubuntu0.19 => 9.8.1.dfsg.P1-4ubuntu0.20)
libnss3-1d (3.23-0ubuntu0.12.04.1 => 3.26.2-0ubuntu0.12.04.1)
bind9utils (9.8.1.dfsg.P1-4ubuntu0.19 => 9.8.1.dfsg.P1-4ubuntu0.20)
tomcat6-common (6.0.35-1ubuntu3.8 => 6.0.35-1ubuntu3.10)
isc-dhcp-client (4.1.ESV-R4-0ubuntu5.11 => 4.1.ESV-R4-0ubuntu5.12)
libbind9-80 (9.8.1.dfsg.P1-4ubuntu0.19 => 9.8.1.dfsg.P1-4ubuntu0.20)
libgnutls26 (2.12.14-5ubuntu3.12 => 2.12.14-5ubuntu3.13)
## Release 47 {#47}
### Notable changes
- Fix dnsmasq configuration regarding kerberos so that single sign-on works.
- Fix puavo-sharedir-manager for Trusty.
### Security updates
- Package `samba`:
[CVE-2015-3223](https://security-tracker.debian.org/tracker/CVE-2015-3223),
[CVE-2015-5252](https://security-tracker.debian.org/tracker/CVE-2015-5252),
[CVE-2015-5296](https://security-tracker.debian.org/tracker/CVE-2015-5296),
[CVE-2015-5299](https://security-tracker.debian.org/tracker/CVE-2015-5299),
[CVE-2015-5330](https://security-tracker.debian.org/tracker/CVE-2015-5330),
[CVE-2015-5370](https://security-tracker.debian.org/tracker/CVE-2015-5370),
[CVE-2015-7540](https://security-tracker.debian.org/tracker/CVE-2015-7540),
[CVE-2015-7560](https://security-tracker.debian.org/tracker/CVE-2015-7560),
[CVE-2015-8467](https://security-tracker.debian.org/tracker/CVE-2015-8467),
[CVE-2016-0771](https://security-tracker.debian.org/tracker/CVE-2016-0771),
[CVE-2016-2110](https://security-tracker.debian.org/tracker/CVE-2016-2110),
[CVE-2016-2111](https://security-tracker.debian.org/tracker/CVE-2016-2111),
[CVE-2016-2112](https://security-tracker.debian.org/tracker/CVE-2016-2112),
[CVE-2016-2113](https://security-tracker.debian.org/tracker/CVE-2016-2113),
[CVE-2016-2114](https://security-tracker.debian.org/tracker/CVE-2016-2114),
[CVE-2016-2115](https://security-tracker.debian.org/tracker/CVE-2016-2115),
[CVE-2016-2118](https://security-tracker.debian.org/tracker/CVE-2016-2118),
[CVE-2016-2119](https://security-tracker.debian.org/tracker/CVE-2016-2119),
[CVE-2016-2123](https://security-tracker.debian.org/tracker/CVE-2016-2123),
[CVE-2016-2125](https://security-tracker.debian.org/tracker/CVE-2016-2125),
[CVE-2016-2126](https://security-tracker.debian.org/tracker/CVE-2016-2126)
- Package `apt`:
[CVE-2016-1252](https://security-tracker.debian.org/tracker/CVE-2016-1252)
- Package `linux`:
[CVE-2016-6213](https://security-tracker.debian.org/tracker/CVE-2016-6213),
[CVE-2016-7916](https://security-tracker.debian.org/tracker/CVE-2016-7916)
### Typical update path from Release 46 (on Trusty)
- Need to get 108 MB of archives.
- Has impact on the availability of the end users service:
- Service `winbind` will be restarted during the update process and its estimated downtime is 48 seconds.
- Service `samba-ad-dc` will be restarted during the update process and its estimated downtime is 0 seconds.
- Service `smbd` will be restarted during the update process and its estimated downtime is 41 seconds.
- Service `nmbd` will be restarted during the update process and its estimated downtime is 41 seconds.
-
linux-headers-3.10.89-031089-generic (3.10.89-031089.201509211852)
linux-image-3.10.69-031069-generic (3.10.69-031069.201502110743)
linux-firmware-image (3.10.61.opinsys1+-1)
libopenwsman1 (2.4.3-0ubuntu4.1)
linux-headers-3.10.81-031081-generic (3.10.81-031081.201506230313)
libxen-4.1 (4.1.6.1-0ubuntu0.12.04.12)
linux-headers-3.10.69-031069-generic (3.10.69-031069.201502110743)
linux-image-extra-3.13.0-101-generic (3.13.0-101.148)
linux-image-3.10.81-031081-generic (3.10.81-031081.201506230313)
linux-image-3.13.0-101-generic (3.13.0-101.148)
libhdb9-heimdal (1.6~git20131207+dfsg-1ubuntu1.1)
linux-image-3.13.0-106-generic (3.13.0-106.153)
libmpdec2 (2.4.0-6)
linux-headers-3.13.0-24 (3.13.0-24.47)
linux-image-3.10.89-031089-generic (3.10.89-031089.201509211852)
linux-image-3.13.0-77-generic (3.13.0-77.121)
linux-image-3.13.0-24-generic (3.13.0-24.47)
libcimcclient0 (2.2.6-0ubuntu2)
libkdc2-heimdal (1.6~git20131207+dfsg-1ubuntu1.1)
linux-headers-3.13.0-101 (3.13.0-101.148)
linux-headers-3.2.0-113 (3.2.0-113.155)
linux-headers-3.10.89-031089 (3.10.89-031089.201509211852)
linux-headers-3.13.0-101-generic (3.13.0-101.148)
linux-headers-3.13.0-106 (3.13.0-106.153)
linux-headers-3.13.0-106-generic (3.13.0-106.153)
linux-image-extra-3.13.0-24-generic (3.13.0-24.47)
libntdb1 (1.0-2ubuntu1)
linux-image-3.10.61.opinsys1+ (3.10.61.opinsys1+-1)
linux-headers-3.13.0-24-generic (3.13.0-24.47)
linux-headers-3.10.81-031081 (3.10.81-031081.201506230313)
python-ntdb (1.0-2ubuntu1)
linux-image-extra-3.13.0-106-generic (3.13.0-106.153)
linux-headers-3.10.69-031069 (3.10.69-031069.201502110743)
-
linux-image-server (3.13.0.105.113 => 3.13.0.106.114)
libnss-winbind (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
libpam-winbind (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
apt (1.0.1ubuntu2.15 => 1.0.1ubuntu2.17)
apt-utils (1.0.1ubuntu2.15 => 1.0.1ubuntu2.17)
libwbclient0 (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
puavo-rules (1.23.1-402+trusty+master.43c56ad66253bf35ea05d6468fe1376896324b57 => 1.23.2-408+trusty+master.56a561d19211c69fa8fe184772babd090b8c3f23)
linux-libc-dev (3.13.0-105.152 => 3.13.0-106.153)
samba-common (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
samba-libs (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
initramfs-tools (0.103ubuntu4.4 => 0.103ubuntu4.5)
samba (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
linux-generic (3.13.0.105.113 => 3.13.0.106.114)
libsmbclient (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
samba-common-bin (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
linux-headers-generic (3.13.0.105.113 => 3.13.0.106.114)
linux-image-generic-lts-trusty (3.13.0.105.113 => 3.13.0.106.114)
python-samba (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
initramfs-tools-bin (0.103ubuntu4.4 => 0.103ubuntu4.5)
linux-firmware (1.127.22 => 1.127.23)
winbind (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
linux-image-generic (3.13.0.105.113 => 3.13.0.106.114)
smbclient (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
samba-vfs-modules (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
libmount1 (2.20.1-5.1ubuntu20.7 => 2.20.1-5.1ubuntu20.9)
samba-dsdb-modules (4.3.11+dfsg-0ubuntu0.14.04.3 => 4.3.11+dfsg-0ubuntu0.14.04.4)
bsdutils (2.20.1-5.1ubuntu20.7 => 2.20.1-5.1ubuntu20.9)
uuid-runtime (2.20.1-5.1ubuntu20.7 => 2.20.1-5.1ubuntu20.9)
util-linux (2.20.1-5.1ubuntu20.7 => 2.20.1-5.1ubuntu20.9)
mount (2.20.1-5.1ubuntu20.7 => 2.20.1-5.1ubuntu20.9)
libapt-pkg4.12 (1.0.1ubuntu2.15 => 1.0.1ubuntu2.17)
ruby-rb-inotify (0.9.2-1 => 0.9.7-1)
libapt-inst1.5 (1.0.1ubuntu2.15 => 1.0.1ubuntu2.17)
apt-transport-https (1.0.1ubuntu2.15 => 1.0.1ubuntu2.17)
libblkid1 (2.20.1-5.1ubuntu20.7 => 2.20.1-5.1ubuntu20.9)
libuuid1 (2.20.1-5.1ubuntu20.7 => 2.20.1-5.1ubuntu20.9)
## Release 46 {#46}
### Notable changes
- Periodically check user home directory permissions and fix them, in case users have mishandled them.
### Security updates
- Package `openjdk-6`:
[CVE-2016-3458](https://security-tracker.debian.org/tracker/CVE-2016-3458),
[CVE-2016-3485](https://security-tracker.debian.org/tracker/CVE-2016-3485),
[CVE-2016-3500](https://security-tracker.debian.org/tracker/CVE-2016-3500),
[CVE-2016-3508](https://security-tracker.debian.org/tracker/CVE-2016-3508),
[CVE-2016-3550](https://security-tracker.debian.org/tracker/CVE-2016-3550),
[CVE-2016-3606](https://security-tracker.debian.org/tracker/CVE-2016-3606),
[CVE-2016-5542](https://security-tracker.debian.org/tracker/CVE-2016-5542),
[CVE-2016-5554](https://security-tracker.debian.org/tracker/CVE-2016-5554),
[CVE-2016-5573](https://security-tracker.debian.org/tracker/CVE-2016-5573),
[CVE-2016-5582](https://security-tracker.debian.org/tracker/CVE-2016-5582),
[CVE-2016-5597](https://security-tracker.debian.org/tracker/CVE-2016-5597)
- Package `ghostscript`:
[CVE-2013-5653](https://security-tracker.debian.org/tracker/CVE-2013-5653),
[CVE-2016-7976](https://security-tracker.debian.org/tracker/CVE-2016-7976),
[CVE-2016-7977](https://security-tracker.debian.org/tracker/CVE-2016-7977),
[CVE-2016-7978](https://security-tracker.debian.org/tracker/CVE-2016-7978),
[CVE-2016-7979](https://security-tracker.debian.org/tracker/CVE-2016-7979),
[CVE-2016-8602](https://security-tracker.debian.org/tracker/CVE-2016-8602)
- Package `tar`:
[CVE-2016-6321](https://security-tracker.debian.org/tracker/CVE-2016-6321)
- Package `python2.7`:
[CVE-2016-0772](https://security-tracker.debian.org/tracker/CVE-2016-0772),
[CVE-2016-1000](https://security-tracker.debian.org/tracker/CVE-2016-1000),
[CVE-2016-5636](https://security-tracker.debian.org/tracker/CVE-2016-5636),
[CVE-2016-5699](https://security-tracker.debian.org/tracker/CVE-2016-5699)
- Package `vim`:
[CVE-2016-1248](https://security-tracker.debian.org/tracker/CVE-2016-1248)
- Package `python3.2`:
[CVE-2016-0772](https://security-tracker.debian.org/tracker/CVE-2016-0772),
[CVE-2016-1000](https://security-tracker.debian.org/tracker/CVE-2016-1000),
[CVE-2016-5636](https://security-tracker.debian.org/tracker/CVE-2016-5636),
[CVE-2016-5699](https://security-tracker.debian.org/tracker/CVE-2016-5699)
- Package `c-ares`:
[CVE-2016-5180](https://security-tracker.debian.org/tracker/CVE-2016-5180)
### Typical update path from Release 45
- Need to get 171 MB of archives.
-
linux-image-3.13.0-105-generic (3.13.0-105.152~precise1)
linux-image-3.2.0-118-generic (3.2.0-118.161)
linux-headers-3.13.0-105-generic (3.13.0-105.152~precise1)
linux-headers-3.13.0-105 (3.13.0-105.152~precise1)
-
linux-generic-lts-trusty (3.13.0.101.92 => 3.13.0.105.96)
linux-image-server (3.2.0.115.131 => 3.2.0.118.133)
icedtea-6-jre-cacao (6b40-1.13.12-0ubuntu0.12.04.1 => 6b40-1.13.12-0ubuntu0.12.04.2)
vim-common (7.3.429-2ubuntu2.1 => 7.3.429-2ubuntu2.2)
tar (1.26-4ubuntu1 => 1.26-4ubuntu1.1)
vim (7.3.429-2ubuntu2.1 => 7.3.429-2ubuntu2.2)
puavo-rules (1.23.0-401+precise+master.3134a85a51cb32d74e2e29b1e8d7e9453b664870 => 1.23.1-402+precise+master.43c56ad66253bf35ea05d6468fe1376896324b57)
update-manager-core (0.156.14.20 => 0.156.14.21)
python3.2-minimal (3.2.3-0ubuntu3.7 => 3.2.3-0ubuntu3.8)
libpython2.7 (2.7.3-0ubuntu3.8 => 2.7.3-0ubuntu3.9)
tzdata (2016h-0ubuntu0.12.04 => 2016j-0ubuntu0.12.04)
linux-image-generic-lts-trusty (3.13.0.101.92 => 3.13.0.105.96)
icedtea-6-jre-jamvm (6b40-1.13.12-0ubuntu0.12.04.1 => 6b40-1.13.12-0ubuntu0.12.04.2)
python2.7 (2.7.3-0ubuntu3.8 => 2.7.3-0ubuntu3.9)
tzdata-java (2016h-0ubuntu0.12.04 => 2016j-0ubuntu0.12.04)
linux-headers-generic-lts-trusty (3.13.0.101.92 => 3.13.0.105.96)
libc-ares2 (1.7.5-1 => 1.7.5-1ubuntu0.1)
openjdk-6-jre-lib (6b40-1.13.12-0ubuntu0.12.04.1 => 6b40-1.13.12-0ubuntu0.12.04.2)
ghostscript-cups (9.05~dfsg-0ubuntu4.3 => 9.05~dfsg-0ubuntu4.4)
libgs9-common (9.05~dfsg-0ubuntu4.3 => 9.05~dfsg-0ubuntu4.4)
ghostscript (9.05~dfsg-0ubuntu4.3 => 9.05~dfsg-0ubuntu4.4)
vim-runtime (7.3.429-2ubuntu2.1 => 7.3.429-2ubuntu2.2)
openjdk-6-jre-headless (6b40-1.13.12-0ubuntu0.12.04.1 => 6b40-1.13.12-0ubuntu0.12.04.2)
python2.7-minimal (2.7.3-0ubuntu3.8 => 2.7.3-0ubuntu3.9)
vim-tiny (7.3.429-2ubuntu2.1 => 7.3.429-2ubuntu2.2)
python3.2 (3.2.3-0ubuntu3.7 => 3.2.3-0ubuntu3.8)
libgs9 (9.05~dfsg-0ubuntu4.3 => 9.05~dfsg-0ubuntu4.4)
## Release 45 {#45}
### Notable changes
- New command for upgrading Ubuntu release from Precise to Trusty: ``opinsys-do-release-upgrade``.
- New munin plugin for gathering CUPS page log statistics.
- The return of ``opinsys-img-stat``.
### Typical update path from Release 44
- Need to get 109 MB of archives.
-
linux-image-3.2.0-115-generic (3.2.0-115.157)
linux-headers-3.13.0-101 (3.13.0-101.148~precise1)
linux-headers-3.13.0-101-generic (3.13.0-101.148~precise1)
linux-image-3.13.0-101-generic (3.13.0-101.148~precise1)
-
linux-generic-lts-trusty (3.13.0.100.91 => 3.13.0.101.92)
linux-image-server (3.2.0.113.129 => 3.2.0.115.131)
grub-common (1.99-21ubuntu3.19 => 1.99-21ubuntu3.20)
grub-pc-bin (1.99-21ubuntu3.19 => 1.99-21ubuntu3.20)
grub2-common (1.99-21ubuntu3.19 => 1.99-21ubuntu3.20)
grub-pc (1.99-21ubuntu3.19 => 1.99-21ubuntu3.20)
puavo-rules (1.22.0-393+precise+master.b8e22aa51afc193bdfbabf7d4a5acdc6c25dd5f2 => 1.23.0-401+precise+master.3134a85a51cb32d74e2e29b1e8d7e9453b664870)
opinsys-bootserver (0.20.2-344+precise+master.4431820848a0e9d8a5667d3f775797992a7b10c2 => 0.23.0-349+precise+master.a03b73b30fc047ee2cb5a63ecf428b9020c0cd0a)
opinsys-rules (0.20.2-344+precise+master.4431820848a0e9d8a5667d3f775797992a7b10c2 => 0.23.0-349+precise+master.a03b73b30fc047ee2cb5a63ecf428b9020c0cd0a)
linux-image-generic-lts-trusty (3.13.0.100.91 => 3.13.0.101.92)
linux-headers-generic-lts-trusty (3.13.0.100.91 => 3.13.0.101.92)
## Release 44 {#44}
2016-11-08
### Notable changes
- Preparations for Trusty release upgrade.
- Command `opinsys-update-bootserver` gains an ability to log to `/var/log/opinsys-update-bootserver.log`.
- Added support for manually (locally) maintained Samba configuration: If `/etc/samba/puavo_smb.conf` exists, it will be used instead of `/etc/samba/smb.conf`.
### Security updates
- Package `libgd2`:
[CVE-2016-6911](https://security-tracker.debian.org/tracker/CVE-2016-6911),
[CVE-2016-8670](https://security-tracker.debian.org/tracker/CVE-2016-8670)
- Package `mysql-5.5`:
[CVE-2016-5584](https://security-tracker.debian.org/tracker/CVE-2016-5584),
[CVE-2016-7440](https://security-tracker.debian.org/tracker/CVE-2016-7440)
- Package `bind9`:
[CVE-2012-5689](https://security-tracker.debian.org/tracker/CVE-2012-5689),
[CVE-2015-1349](https://security-tracker.debian.org/tracker/CVE-2015-1349),
[CVE-2015-4620](https://security-tracker.debian.org/tracker/CVE-2015-4620),
[CVE-2015-5477](https://security-tracker.debian.org/tracker/CVE-2015-5477),
[CVE-2015-5722](https://security-tracker.debian.org/tracker/CVE-2015-5722),
[CVE-2015-8000](https://security-tracker.debian.org/tracker/CVE-2015-8000),
[CVE-2015-8704](https://security-tracker.debian.org/tracker/CVE-2015-8704),
[CVE-2016-1285](https://security-tracker.debian.org/tracker/CVE-2016-1285),
[CVE-2016-1286](https://security-tracker.debian.org/tracker/CVE-2016-1286),
[CVE-2016-2776](https://security-tracker.debian.org/tracker/CVE-2016-2776),
[CVE-2016-2848](https://security-tracker.debian.org/tracker/CVE-2016-2848),
[CVE-2016-8864](https://security-tracker.debian.org/tracker/CVE-2016-8864)
- Package `dbus`:
[CVE-2015-0245](https://security-tracker.debian.org/tracker/CVE-2015-0245)
- Package `curl`:
[CVE-2016-7141](https://security-tracker.debian.org/tracker/CVE-2016-7141),
[CVE-2016-7167](https://security-tracker.debian.org/tracker/CVE-2016-7167),
[CVE-2016-8615](https://security-tracker.debian.org/tracker/CVE-2016-8615),
[CVE-2016-8616](https://security-tracker.debian.org/tracker/CVE-2016-8616),
[CVE-2016-8617](https://security-tracker.debian.org/tracker/CVE-2016-8617),
[CVE-2016-8618](https://security-tracker.debian.org/tracker/CVE-2016-8618),
[CVE-2016-8619](https://security-tracker.debian.org/tracker/CVE-2016-8619),
[CVE-2016-8621](https://security-tracker.debian.org/tracker/CVE-2016-8621),
[CVE-2016-8622](https://security-tracker.debian.org/tracker/CVE-2016-8622),
[CVE-2016-8623](https://security-tracker.debian.org/tracker/CVE-2016-8623),
[CVE-2016-8624](https://security-tracker.debian.org/tracker/CVE-2016-8624)
### Typical update path from Release 43
- Need to get 7,402 kB of archives.
- Has impact on the availability of the end users service:
- Service `puavo-wlancontroller` will be restarted during the update process and its estimated downtime is 8 seconds.
-
libmysqlclient18 (5.5.52-0ubuntu0.12.04.1 => 5.5.53-0ubuntu0.12.04.1)
libisccc80 (9.8.1.dfsg.P1-4ubuntu0.17 => 9.8.1.dfsg.P1-4ubuntu0.19)
libdbus-1-3 (1.4.18-1ubuntu1.7 => 1.4.18-1ubuntu1.8)
libisccfg82 (9.8.1.dfsg.P1-4ubuntu0.17 => 9.8.1.dfsg.P1-4ubuntu0.19)
puavo-rules (1.20.6+precise+master.8340658c5946c09e9a135eaa2d6a781e619a3122 => 1.22.0-393+trusty+master.b8e22aa51afc193bdfbabf7d4a5acdc6c25dd5f2)
opinsys-bootserver (0.17.1-333+precise+master.8ecf55c4baa069c1bde895a7fc56673cbdbdcd4f => 0.20.2-344+trusty+master.4431820848a0e9d8a5667d3f775797992a7b10c2)
mysql-common (5.5.52-0ubuntu0.12.04.1 => 5.5.53-0ubuntu0.12.04.1)
ruby-puavowlan (0.20.5 => 0.20.5)
libgd2-xpm (2.0.36~rc1~dfsg-6ubuntu2.2 => 2.0.36~rc1~dfsg-6ubuntu2.3)
curl (7.22.0-3ubuntu4.16 => 7.22.0-3ubuntu4.17)
tzdata (2016g-0ubuntu0.12.04 => 2016h-0ubuntu0.12.04)
libpq5 (9.1.23-0ubuntu0.12.04 => 9.1.24-0ubuntu0.12.04)
bind9 (9.8.1.dfsg.P1-4ubuntu0.17 => 9.8.1.dfsg.P1-4ubuntu0.19)
puavo-wlancontroller (0.20.1 => 0.20.5)
opinsys-rules (0.17.1-333+precise+master.8ecf55c4baa069c1bde895a7fc56673cbdbdcd4f => 0.20.2-344+trusty+master.4431820848a0e9d8a5667d3f775797992a7b10c2)
libisc83 (9.8.1.dfsg.P1-4ubuntu0.17 => 9.8.1.dfsg.P1-4ubuntu0.19)
tzdata-java (2016g-0ubuntu0.12.04 => 2016h-0ubuntu0.12.04)
debootstrap (1.0.40~ubuntu0.10 => 1.0.40~ubuntu0.11)
bind9-host (9.8.1.dfsg.P1-4ubuntu0.17 => 9.8.1.dfsg.P1-4ubuntu0.19)
libdns81 (9.8.1.dfsg.P1-4ubuntu0.17 => 9.8.1.dfsg.P1-4ubuntu0.19)
dnsutils (9.8.1.dfsg.P1-4ubuntu0.17 => 9.8.1.dfsg.P1-4ubuntu0.19)
libcurl3-gnutls (7.22.0-3ubuntu4.16 => 7.22.0-3ubuntu4.17)
liblwres80 (9.8.1.dfsg.P1-4ubuntu0.17 => 9.8.1.dfsg.P1-4ubuntu0.19)
bind9utils (9.8.1.dfsg.P1-4ubuntu0.17 => 9.8.1.dfsg.P1-4ubuntu0.19)
dbus (1.4.18-1ubuntu1.7 => 1.4.18-1ubuntu1.8)
libbind9-80 (9.8.1.dfsg.P1-4ubuntu0.17 => 9.8.1.dfsg.P1-4ubuntu0.19)
libcurl3 (7.22.0-3ubuntu4.16 => 7.22.0-3ubuntu4.17)
## Release 43 {#43}
2016-10-21
### Notable changes
- Updated `puavo-rest` to fix `autopoweron` functionality.
- Addresses for ntp, images and private-archive servers are resolved via VPN
gateway's DNS server.
- `/etc/hosts`:
- Ensure localhost resolves 127.0.0.1
- Addresses for ntp, images and private-archive servers are removed.
- NTP server running in VPN is added to `/etc/ntp.conf` to ensure all servers
have access to a time server.
### Security updates
- Package `linux`:
[CVE-2016-5195](https://security-tracker.debian.org/tracker/CVE-2016-5195)
- Package `xen`:
[CVE-2016-5403](https://security-tracker.debian.org/tracker/CVE-2016-5403),
[CVE-2016-6258](https://security-tracker.debian.org/tracker/CVE-2016-6258),
[CVE-2016-7092](https://security-tracker.debian.org/tracker/CVE-2016-7092),
[CVE-2016-7094](https://security-tracker.debian.org/tracker/CVE-2016-7094),
[CVE-2016-7777](https://security-tracker.debian.org/tracker/CVE-2016-7777)
### Typical update path from Release 42
- Need to get 154 MB of archives.
- Has impact on the availability of the end users service:
- Service `puavo-rest` will be restarted during the update process and its estimated downtime is 69 seconds.
-
linux-headers-3.2.0-113-generic (3.2.0-113.155)
linux-headers-3.2.0-113 (3.2.0-113.155)
linux-image-3.13.0-100-generic (3.13.0-100.147~precise1)
linux-image-3.2.0-113-generic (3.2.0-113.155)
-
linux-image-server (3.2.0.110.126 => 3.2.0.113.129)
opinsys-rules (0.15.0+precise+master.8de0ec700eb652e4b667089382e682e6ec9b401c => 0.17.1-333+precise+master.8ecf55c4baa069c1bde895a7fc56673cbdbdcd4f)
opinsys-bootserver (0.15.0+precise+master.8de0ec700eb652e4b667089382e682e6ec9b401c => 0.17.1-333+precise+master.8ecf55c4baa069c1bde895a7fc56673cbdbdcd4f)
linux-generic (3.2.0.110.126 => 3.2.0.113.129)
libxen-4.1 (4.1.6.1-0ubuntu0.12.04.11 => 4.1.6.1-0ubuntu0.12.04.12)
vlan (1.9-3ubuntu6 => 1.9-3ubuntu6.1)
puavo-rest (0.11.1-790+precise.master.83477d17e666a2e6acf79072ec0e879cd2954bc9 => 0.11.1-814+precise.master.371b98d1d841f526e0e3ce3a46af3942013b05f9)
puavo-rules (1.17.2-372+precise+master.bb05d84a0c5ef667cfa54d507ea7263a7bb5a626 => 1.20.2-378+precise+master.e9ec2f9485edd2b609221c7022866949376804bb)
tzdata (2016f-0ubuntu0.12.04 => 2016g-0ubuntu0.12.04)
linux-headers-generic (3.2.0.110.126 => 3.2.0.113.129)
tzdata-java (2016f-0ubuntu0.12.04 => 2016g-0ubuntu0.12.04)
linux-image-generic-lts-trusty (3.13.0.96.87 => 3.13.0.100.91)
linux-image-generic (3.2.0.110.126 => 3.2.0.113.129)
update-manager-core (0.156.14.19 => 0.156.14.20)
puavo-rest-bootserver (0.11.1-790+precise.master.83477d17e666a2e6acf79072ec0e879cd2954bc9 => 0.11.1-814+precise.master.371b98d1d841f526e0e3ce3a46af3942013b05f9)
libxenstore3.0 (4.1.6.1-0ubuntu0.12.04.11 => 4.1.6.1-0ubuntu0.12.04.12)
## Release 42 {#42}
2016-10-10
### Notable changes
- Autopoweron: try to Wake-On-Lan fatclients and wirelessaccesspoints every day
at 07:30 if they have ``autopoweron`` tag.
- DDNS: configured and maintained by Puppet.
- Installation: simplified and tested extensively.
### Security updates
- Package `bind9`:
[CVE-2016-2776](https://security-tracker.debian.org/tracker/CVE-2016-2776)
- Package `ntp`:
[CVE-2015-7973](https://security-tracker.debian.org/tracker/CVE-2015-7973),
[CVE-2015-7974](https://security-tracker.debian.org/tracker/CVE-2015-7974),
[CVE-2015-7976](https://security-tracker.debian.org/tracker/CVE-2015-7976),
[CVE-2015-7977](https://security-tracker.debian.org/tracker/CVE-2015-7977),
[CVE-2015-7978](https://security-tracker.debian.org/tracker/CVE-2015-7978),
[CVE-2015-7979](https://security-tracker.debian.org/tracker/CVE-2015-7979),
[CVE-2016-1547](https://security-tracker.debian.org/tracker/CVE-2016-1547),
[CVE-2015-8158](https://security-tracker.debian.org/tracker/CVE-2015-8158),
[CVE-2016-0727](https://security-tracker.debian.org/tracker/CVE-2016-0727),
[CVE-2016-1548](https://security-tracker.debian.org/tracker/CVE-2016-1548),
[CVE-2016-1550](https://security-tracker.debian.org/tracker/CVE-2016-1550),
[CVE-2016-2516](https://security-tracker.debian.org/tracker/CVE-2016-2516),
[CVE-2016-2518](https://security-tracker.debian.org/tracker/CVE-2016-2518),
[CVE-2016-4954](https://security-tracker.debian.org/tracker/CVE-2016-4954),
[CVE-2016-4955](https://security-tracker.debian.org/tracker/CVE-2016-4955),
[CVE-2016-4956](https://security-tracker.debian.org/tracker/CVE-2016-4956)
### Typical update path from Release 41
- Need to get 2,961KiB of archives.
- Has **low** impact on the availability of the end user service:
- Service 'bind9' will be restarted during the update process and its
estimated downtime is 2 seconds.
- Service `puavo-tftpd` will be restarted during the update process and
its estimated downtime is 5 seconds. During that time, network boot
devices will be unable to boot.
-
bind9 (9.8.1.dfsg.P1-4ubuntu0.16 => 9.8.1.dfsg.P1-4ubuntu0.17)
bind9-host (9.8.1.dfsg.P1-4ubuntu0.16 => 9.8.1.dfsg.P1-4ubuntu0.17)
bind9utils (9.8.1.dfsg.P1-4ubuntu0.16 => 9.8.1.dfsg.P1-4ubuntu0.17)
dnsutils (9.8.1.dfsg.P1-4ubuntu0.16 => 9.8.1.dfsg.P1-4ubuntu0.17)
libbind9-80 (9.8.1.dfsg.P1-4ubuntu0.16 => 9.8.1.dfsg.P1-4ubuntu0.17)
libdns81 (9.8.1.dfsg.P1-4ubuntu0.16 => 9.8.1.dfsg.P1-4ubuntu0.17)
libisc83 (9.8.1.dfsg.P1-4ubuntu0.16 => 9.8.1.dfsg.P1-4ubuntu0.17)
libisccc80 (9.8.1.dfsg.P1-4ubuntu0.16 => 9.8.1.dfsg.P1-4ubuntu0.17)
libisccfg82 (9.8.1.dfsg.P1-4ubuntu0.16 => 9.8.1.dfsg.P1-4ubuntu0.17)
liblwres80 (9.8.1.dfsg.P1-4ubuntu0.16 => 9.8.1.dfsg.P1-4ubuntu0.17)
ntp (4.2.6.p3+dfsg-1ubuntu3.9 => 4.2.6.p3+dfsg-1ubuntu3.11)
ntpdate (4.2.6.p3+dfsg-1ubuntu3.9 => 4.2.6.p3+dfsg-1ubuntu3.11)
opinsys-bootserver (0.10.2+precise+dhcpfix.f2165e3e89760bf1faebd2d98a7b98b84bebf2cf => 0.15.0+precise+master.8de0ec700eb652e4b667089382e682e6ec9b401c)
opinsys-rules (0.10.2+precise+dhcpfix.f2165e3e89760bf1faebd2d98a7b98b84bebf2cf => 0.15.0+precise+master.8de0ec700eb652e4b667089382e682e6ec9b401c)
puavo-rules (1.14.3+precise+dhcpfix.d73afd492e5d616d0a36764c222bcd9fed4d4ec1 => 1.17.2-372+precise+master.bb05d84a0c5ef667cfa54d507ea7263a7bb5a626)
puavo-tftpd (0.5.11-12+precise+master.9de399df6d7bca2ac0fbbd61a68b72e395457fa5 => 0.5.11-15+precise+master.21c6298e832f1c523dbefb8b222b4f2230f5b37d)
puavo-tftpd-hooks (0.5.11-12+precise+master.9de399df6d7bca2ac0fbbd61a68b72e395457fa5 => 0.5.11-15+precise+master.21c6298e832f1c523dbefb8b222b4f2230f5b37d)
## Release 41 {#41}
2016-10-07
### Notable changes
- Fix occasional DHCP messaging issues in WLAN networks.
### Typical update path from Release 40
- Does not affect the availability of the end user service.
-
opinsys-bootserver (0.10.1-314+precise+master.effc09cf2517b9fdf1513b31d8af27ca17c98e67 => 0.10.2+precise+dhcpfix.f2165e3e89760bf1faebd2d98a7b98b84bebf2cf)
opinsys-rules (0.10.1-314+precise+master.effc09cf2517b9fdf1513b31d8af27ca17c98e67 => 0.10.2+precise+dhcpfix.f2165e3e89760bf1faebd2d98a7b98b84bebf2cf)
puavo-rules (1.14.1-354+precise+master.ca08e343629d5fee3324d7a5fa654915ff901408 => 1.14.3+precise+dhcpfix.d73afd492e5d616d0a36764c222bcd9fed4d4ec1)
## Release 40 {#40}
2016-09-27
### Notable changes
- Add Unifi DHCP configuration options.
### Typical update path from Release 39
- Need to get 487KiB of archives.
- Does not affect the availability of the end user service.
-
puavo-rules (1.14.0-353+precise+master.3c6cc287c6a620037eaed5db0afd16b819c705b9 => 1.14.1-354+precise+master.ca08e343629d5fee3324d7a5fa654915ff901408)
## Release 39 {#39}
2016-09-27
### Notable changes
- Puavo WLAN Controller:
- Display RSSIs of connected stations.
- Display vendor names of radios and stations.
- Added new graphs to Puavo WLAN Munin plugin:
- RSSI of stations.
- Connection ages of stations.
### Security updates
- Package `mysql-5.5`:
[CVE-2016-6662](https://security-tracker.debian.org/tracker/CVE-2016-6662)
- Package `openssl`:
[CVE-2016-2182](https://security-tracker.debian.org/tracker/CVE-2016-2182)
- Package `python-imaging`:
[CVE-2016-0775](https://security-tracker.debian.org/tracker/CVE-2016-0775),
[CVE-2016-2533](https://security-tracker.debian.org/tracker/CVE-2016-2533),
[CVE-2014-3596](https://security-tracker.debian.org/tracker/CVE-2014-3596)
- Package `tomcat6`:
[CVE-2016-1240](https://security-tracker.debian.org/tracker/CVE-2016-1240),
[CVE-2015-5345](https://security-tracker.debian.org/tracker/CVE-2015-5345)
### Typical update path from Release 38
- Need to get 156MiB of archives.
- Has **medium** impact on the availability of the end user service:
- Service `isc-dhcp-server` will be restarted during the update process and
its estimated downtime is 1-2 minutes. During that time, network boot
devices will be unable to boot and new WLAN connections cannot be
established.
-
linux-headers-3.13.0-96 (3.13.0-96.143~precise1)
linux-headers-3.13.0-96-generic (3.13.0-96.143~precise1)
linux-image-3.13.0-96-generic (3.13.0-96.143~precise1)
linux-image-3.2.0-110-generic (3.2.0-110.151)
-
icedtea-6-jre-cacao (6b39-1.13.11-0ubuntu0.12.04.1 => 6b40-1.13.12-0ubuntu0.12.04.1)
icedtea-6-jre-jamvm (6b39-1.13.11-0ubuntu0.12.04.1 => 6b40-1.13.12-0ubuntu0.12.04.1)
isc-dhcp-client (4.1.ESV-R4-0ubuntu5.10 => 4.1.ESV-R4-0ubuntu5.11)
isc-dhcp-common (4.1.ESV-R4-0ubuntu5.10 => 4.1.ESV-R4-0ubuntu5.11)
isc-dhcp-server (4.1.ESV-R4-0ubuntu5.10 => 4.1.ESV-R4-0ubuntu5.11)
libmysqlclient18 (5.5.50-0ubuntu0.12.04.1 => 5.5.52-0ubuntu0.12.04.1)
libservlet2.5-java (6.0.35-1ubuntu3.7 => 6.0.35-1ubuntu3.8)
libssl1.0.0 (1.0.1-4ubuntu5.36 => 1.0.1-4ubuntu5.38)
libtomcat6-java (6.0.35-1ubuntu3.7 => 6.0.35-1ubuntu3.8)
linux-generic-lts-trusty (3.13.0.95.86 => 3.13.0.96.87)
linux-headers-generic-lts-trusty (3.13.0.95.86 => 3.13.0.96.87)
linux-image-generic-lts-trusty (3.13.0.95.86 => 3.13.0.96.87)
linux-image-server (3.2.0.109.125 => 3.2.0.110.126)
mysql-common (5.5.50-0ubuntu0.12.04.1 => 5.5.52-0ubuntu0.12.04.1)
openjdk-6-jre-headless (6b39-1.13.11-0ubuntu0.12.04.1 => 6b40-1.13.12-0ubuntu0.12.04.1)
openjdk-6-jre-lib (6b39-1.13.11-0ubuntu0.12.04.1 => 6b40-1.13.12-0ubuntu0.12.04.1)
openssl (1.0.1-4ubuntu5.36 => 1.0.1-4ubuntu5.38)
puavo-rules (1.12.1-346+precise+master.eaae41283b7662897f2df372298e2c8b89ec114b => 1.14.0-353+precise+master.3c6cc287c6a620037eaed5db0afd16b819c705b9)
puavo-wlancontroller (0.16.0 => 0.20.1)
python-imaging (1.1.7-4ubuntu0.12.04.1 => 1.1.7-4ubuntu0.12.04.2)
tomcat6 (6.0.35-1ubuntu3.7 => 6.0.35-1ubuntu3.8)
tomcat6-common (6.0.35-1ubuntu3.7 => 6.0.35-1ubuntu3.8)
## Release 38 {#38}
2016-09-14
### Notable changes
- Fixed flaky host list in Puavo WLAN Controller status view.
- Non-AP hosts are not shown in Puavo WLAN Controller status view anymore.
- Fixed `puavo-bootserver-update-tftpboot --prune` to not fail if TFTP
boot directory does not exist.
- CUPS watchdog is now ensured to be left running after a successful
update.
- Ensured LDAP client gets configured before applying the bulk of
Puppet modules, because some modules might require functional LDAP
queries.
- http://PUAVO_HOSTNAME.PUAVO_DOMAIN displays links to Munin and Puavo
WLAN Controller.
### Typical update path from Release 37
- Need to get 3.1MiB of archives.
- Does not affect the availability of the end user service.
-
opinsys-bootserver (0.8.0-305+precise+master.5933945809f1938a40eecf56d359edb52d9278d7 => 0.10.1-314+precise+master.effc09cf2517b9fdf1513b31d8af27ca17c98e67)
opinsys-rules (0.8.0-305+precise+master.5933945809f1938a40eecf56d359edb52d9278d7 => 0.10.1-314+precise+master.effc09cf2517b9fdf1513b31d8af27ca17c98e67)
puavo-ltsp-bootserver (0.19.0-1006+precise+master.4a3a4ef70f0f4e9f7df97f34083a5a3b7e3ef65b => 0.19.1-1007+precise+master.23bc4a8a741bff8870c3bef86d3ecfddd00a55c4)
puavo-rules (1.10.2-340+precise+master.e59df8386b95c368c681e3c9a7704c37c969cf93 => 1.12.1-346+precise+master.eaae41283b7662897f2df372298e2c8b89ec114b)
puavo-wlancontroller (0.15.0 => 0.16.0)
ruby-puavobs (0.19.0-1006+precise+master.4a3a4ef70f0f4e9f7df97f34083a5a3b7e3ef65b => 0.19.1-1007+precise+master.23bc4a8a741bff8870c3bef86d3ecfddd00a55c4)
## Release 37 {#37}
2016-09-11
### Notable changes
- Changed Puavo WLAN Controller's traffic units from binary prefixed bytes to
metric prefixed bits (e.g. `630.0KiB` to `5.2Mbit`).
- Added new Munin plugins:
- Puavo WLAN traffic: show total traffic and traffic per accesspoint host.
- Puavo WLAN elements: show total number of network elements and elements per
accesspoint host.
- Puavo Bootserver Clients: show total number of client connections (`NBD`,
`NFS`, `SMB`).
- Normalized Munin plugin configuration:
- Removed `if_tap*` and `if_err_tap*` plugins.
- Removed `nfsd` and `nfs_client` plugins (NFSv3 only).
- Added `users` plugin.
- Added `if_` plugin for all static interfaces.
- Removed unused `racoon` service.
### Typical update path from Release 36
- Need to get 3.0MiB of archives.
- Does not affect the availability of the end user service.
-
puavo-ltsp-bootserver (0.19.0-1004+precise+master.f2adaa368a9dd605b59e6a0dfb26fff1c6a558a5 => 0.19.0-1006+precise+master.4a3a4ef70f0f4e9f7df97f34083a5a3b7e3ef65b)
puavo-rules (1.8.1-331+precise+master.6c7722b242462d225bdbb0a82665c04aace0fd87 => 1.10.2-340+precise+master.e59df8386b95c368c681e3c9a7704c37c969cf93)
puavo-wlancontroller (0.12.12 => 0.15.0)
ruby-puavobs (0.19.0-1004+precise+master.f2adaa368a9dd605b59e6a0dfb26fff1c6a558a5 => 0.19.0-1006+precise+master.4a3a4ef70f0f4e9f7df97f34083a5a3b7e3ef65b)
## Release 36 {#36}
2016-09-02
### Notable changes
- Fixes slow SSH shell establishment in some cases.
- Fixes occasional Samba share access problems.
### Security updates
- Package `curl`:
[CVE-2016-5419](https://security-tracker.debian.org/tracker/CVE-2016-5419),
[CVE-2016-5420](https://security-tracker.debian.org/tracker/CVE-2016-5420)
- Package `fontconfig`:
[CVE-2016-5384](https://security-tracker.debian.org/tracker/CVE-2016-5384)
- Package `gnupg`:
[CVE-2016-6313](https://security-tracker.debian.org/tracker/CVE-2016-6313)
- Package `libgcrypt11`:
[CVE-2016-6313](https://security-tracker.debian.org/tracker/CVE-2016-6313)
- Package `libidn`:
[CVE-2015-8948](https://security-tracker.debian.org/tracker/CVE-2015-8948),
[CVE-2016-6262](https://security-tracker.debian.org/tracker/CVE-2016-6262),
[CVE-2015-8948](https://security-tracker.debian.org/tracker/CVE-2015-8948),
[CVE-2016-6261](https://security-tracker.debian.org/tracker/CVE-2016-6261),
[CVE-2016-6263](https://security-tracker.debian.org/tracker/CVE-2016-6263)
- Package `postgresql-9.1`:
[CVE-2016-5423](https://security-tracker.debian.org/tracker/CVE-2016-5423),
[CVE-2016-5424](https://security-tracker.debian.org/tracker/CVE-2016-5424)
### Typical update path from Release 35
- Need to get 108.0MiB of archives.
- Does not affect the availability of the end user service.
-
linux-headers-3.2.0-109 (3.2.0-109.150)
linux-headers-3.2.0-109-generic (3.2.0-109.150)
linux-image-3.13.0-95-generic (3.13.0-95.142~precise1)
linux-image-3.2.0-109-generic (3.2.0-109.150)
-
curl (7.22.0-3ubuntu4.15 => 7.22.0-3ubuntu4.16)
fontconfig (2.8.0-3ubuntu9.1 => 2.8.0-3ubuntu9.2)
fontconfig-config (2.8.0-3ubuntu9.1 => 2.8.0-3ubuntu9.2)
gnupg (1.4.11-3ubuntu2.9 => 1.4.11-3ubuntu2.10)
gpgv (1.4.11-3ubuntu2.9 => 1.4.11-3ubuntu2.10)
libcurl3 (7.22.0-3ubuntu4.15 => 7.22.0-3ubuntu4.16)
libcurl3-gnutls (7.22.0-3ubuntu4.15 => 7.22.0-3ubuntu4.16)
libfontconfig1 (2.8.0-3ubuntu9.1 => 2.8.0-3ubuntu9.2)
libgcrypt11 (1.5.0-3ubuntu0.5 => 1.5.0-3ubuntu0.6)
libidn11 (1.23-2 => 1.23-2ubuntu0.1)
libpq5 (9.1.22-0ubuntu0.12.04 => 9.1.23-0ubuntu0.12.04)
linux-generic (3.2.0.106.122 => 3.2.0.109.125)
linux-headers-generic (3.2.0.106.122 => 3.2.0.109.125)
linux-image-generic (3.2.0.106.122 => 3.2.0.109.125)
linux-image-generic-lts-trusty (3.13.0.92.83 => 3.13.0.95.86)
linux-image-server (3.2.0.106.122 => 3.2.0.109.125)
opinsys-bootserver (0.7.0-292+precise+master.2af6830f335c6f709a12705004498ccd4aeb073e => 0.8.0-305+precise+master.5933945809f1938a40eecf56d359edb52d9278d7)
opinsys-rules (0.7.0-292+precise+master.2af6830f335c6f709a12705004498ccd4aeb073e => 0.8.0-305+precise+master.5933945809f1938a40eecf56d359edb52d9278d7)
puavo-ltsp-bootserver (0.18.1-1001+precise+master.2ad83e3101ed7075a5b99487495e7ed56535e63e => 0.19.0-1004+precise+master.f2adaa368a9dd605b59e6a0dfb26fff1c6a558a5)
puavo-rules (1.7.0-326+precise+master.c213219d1de3b3df607f6aad5111805b506313bd => 1.8.1-331+precise+master.6c7722b242462d225bdbb0a82665c04aace0fd87)
ruby-puavobs (0.18.1-1001+precise+master.2ad83e3101ed7075a5b99487495e7ed56535e63e => 0.19.0-1004+precise+master.f2adaa368a9dd605b59e6a0dfb26fff1c6a558a5)
## Release 35 {#35}
2016-08-08
### Security updates
- Package `libgd2`:
[CVE-2016-5766](https://security-tracker.debian.org/tracker/CVE-2016-5766),
[CVE-2016-6161](https://security-tracker.debian.org/tracker/CVE-2016-6161)
- Package `mysql-5.5`:
[CVE-2016-3477](https://security-tracker.debian.org/tracker/CVE-2016-3477),
[CVE-2016-3521](https://security-tracker.debian.org/tracker/CVE-2016-3521),
[CVE-2016-3615](https://security-tracker.debian.org/tracker/CVE-2016-3615),
[CVE-2016-5440](https://security-tracker.debian.org/tracker/CVE-2016-5440)
- Package `nspr`:
[CVE-2016-1951](https://security-tracker.debian.org/tracker/CVE-2016-1951)
- Package `nss`:
[CVE-2016-2834](https://security-tracker.debian.org/tracker/CVE-2016-2834),
[CVE-2016-1950](https://security-tracker.debian.org/tracker/CVE-2016-1950)
### Typical update path from Release 34
- Need to get 107.0MiB of archives.
- Does not affect the availability of the end user service.
-
linux-headers-3.2.0-106 (3.2.0-106.147)
linux-headers-3.2.0-106-generic (3.2.0-106.147)
linux-image-3.13.0-92-generic (3.13.0-92.139~precise1)
linux-image-3.2.0-106-generic (3.2.0-106.147)
-
libavahi-client3 (0.6.30-5ubuntu2.1 => 0.6.30-5ubuntu2.2)
libavahi-common-data (0.6.30-5ubuntu2.1 => 0.6.30-5ubuntu2.2)
libavahi-common3 (0.6.30-5ubuntu2.1 => 0.6.30-5ubuntu2.2)
libgd2-xpm (2.0.36~rc1~dfsg-6ubuntu2.1 => 2.0.36~rc1~dfsg-6ubuntu2.2)
libmysqlclient18 (5.5.49-0ubuntu0.12.04.1 => 5.5.50-0ubuntu0.12.04.1)
libnspr4 (4.10.10-0ubuntu0.12.04.1 => 4.12-0ubuntu0.12.04.1)
libnss3 (3.21-0ubuntu0.12.04.3 => 3.23-0ubuntu0.12.04.1)
libnss3-1d (3.21-0ubuntu0.12.04.3 => 3.23-0ubuntu0.12.04.1)
linux-generic (3.2.0.105.121 => 3.2.0.106.122)
linux-headers-generic (3.2.0.105.121 => 3.2.0.106.122)
linux-image-generic (3.2.0.105.121 => 3.2.0.106.122)
linux-image-generic-lts-trusty (3.13.0.91.82 => 3.13.0.92.83)
linux-image-server (3.2.0.105.121 => 3.2.0.106.122)
mysql-common (5.5.49-0ubuntu0.12.04.1 => 5.5.50-0ubuntu0.12.04.1)
tzdata (2016d-0ubuntu0.12.04 => 2016f-0ubuntu0.12.04)
tzdata-java (2016d-0ubuntu0.12.04 => 2016f-0ubuntu0.12.04)
## Release 34 {#34}
2016-07-07
### Notable changes
- Add DNS SRV records for Samba services.
- Required for R1627 and newer images to allow Kerberos authenticated Samba
mounts.
- Add support for Windows Samba clients.
### Typical update path from Release 33
- Need to get 6.2MiB of archives.
- Has **very low** impact on the availability of the end user service:
- Daemon process `dnsmasq` will be restarted during the update
process. DNS service downtime is approx. 2sec.
-
libpam-winbind (3.6.25-0ubuntu0.12.04.4)
winbind (3.6.25-0ubuntu0.12.04.4)
-
puavo-image-tools (0.17.0-972+precise+master.f8489e8ffa629e96413cc4ce497659cc2ac02d95 => 0.18.1-1001+precise+master.2ad83e3101ed7075a5b99487495e7ed56535e63e)
puavo-ltsp-bootserver (0.17.0-993+precise+master.8cbb429cc95b86f462768503e7221f52cf23489d => 0.18.1-1001+precise+master.2ad83e3101ed7075a5b99487495e7ed56535e63e)
puavo-rules (1.6.0-308+precise+master.f7c1f16b6413b731c01cff3a8432135163878b32 => 1.7.0-326+precise+master.c213219d1de3b3df607f6aad5111805b506313bd)
ruby-puavobs (0.17.0-972+precise+master.f8489e8ffa629e96413cc4ce497659cc2ac02d95 => 0.18.1-1001+precise+master.2ad83e3101ed7075a5b99487495e7ed56535e63e)
## Release 33 {#33}
2016-07-06
### Security updates
- Package `dosfstools`:
[CVE-2015-8872](https://security-tracker.debian.org/tracker/CVE-2015-8872),
[CVE-2016-4804](https://security-tracker.debian.org/tracker/CVE-2016-4804)
- Package `openjdk-6`:
[CVE-2016-0686](https://security-tracker.debian.org/tracker/CVE-2016-0686),
[CVE-2016-0687](https://security-tracker.debian.org/tracker/CVE-2016-0687),
[CVE-2016-0695](https://security-tracker.debian.org/tracker/CVE-2016-0695),
[CVE-2016-3425](https://security-tracker.debian.org/tracker/CVE-2016-3425),
[CVE-2016-3427](https://security-tracker.debian.org/tracker/CVE-2016-3427)
- Package `eglibc`:
[CVE-2014-9761](https://security-tracker.debian.org/tracker/CVE-2014-9761)
- Package `expat`:
[CVE-2012-6702](https://security-tracker.debian.org/tracker/CVE-2012-6702),
[CVE-2016-5300](https://security-tracker.debian.org/tracker/CVE-2016-5300)
- Package `libgd2`:
[CVE-2014-2497](https://security-tracker.debian.org/tracker/CVE-2014-2497),
[CVE-2014-9709](https://security-tracker.debian.org/tracker/CVE-2014-9709),
[CVE-2015-8874](https://security-tracker.debian.org/tracker/CVE-2015-8874),
[CVE-2016-3074](https://security-tracker.debian.org/tracker/CVE-2016-3074)
- Package `mysql-5.5`:
[CVE-2016-0640](https://security-tracker.debian.org/tracker/CVE-2016-0640),
[CVE-2016-0641](https://security-tracker.debian.org/tracker/CVE-2016-0641),
[CVE-2016-0642](https://security-tracker.debian.org/tracker/CVE-2016-0642),
[CVE-2016-0643](https://security-tracker.debian.org/tracker/CVE-2016-0643),
[CVE-2016-0644](https://security-tracker.debian.org/tracker/CVE-2016-0644),
[CVE-2016-0646](https://security-tracker.debian.org/tracker/CVE-2016-0646),
[CVE-2016-0647](https://security-tracker.debian.org/tracker/CVE-2016-0647),
[CVE-2016-0648](https://security-tracker.debian.org/tracker/CVE-2016-0648),
[CVE-2016-0649](https://security-tracker.debian.org/tracker/CVE-2016-0649),
[CVE-2016-0650](https://security-tracker.debian.org/tracker/CVE-2016-0650),
[CVE-2016-0666](https://security-tracker.debian.org/tracker/CVE-2016-0666),
[CVE-2016-2047](https://security-tracker.debian.org/tracker/CVE-2016-2047)
- Package `poppler`:
[CVE-2013-4473](https://security-tracker.debian.org/tracker/CVE-2013-4473),
[CVE-2013-4474](https://security-tracker.debian.org/tracker/CVE-2013-4474),
[CVE-2015-8868](https://security-tracker.debian.org/tracker/CVE-2015-8868)
- Package `tomcat6`:
[CVE-2015-5174](https://security-tracker.debian.org/tracker/CVE-2015-5174),
[CVE-2015-5345](https://security-tracker.debian.org/tracker/CVE-2015-5345),
[CVE-2016-0706](https://security-tracker.debian.org/tracker/CVE-2016-0706),
[CVE-2016-0714](https://security-tracker.debian.org/tracker/CVE-2016-0714),
[CVE-2016-0763](https://security-tracker.debian.org/tracker/CVE-2016-0763),
[CVE-2016-3092](https://security-tracker.debian.org/tracker/CVE-2016-3092)
- Package `openssl`:
[CVE-2016-2105](https://security-tracker.debian.org/tracker/CVE-2016-2105),
[CVE-2016-2106](https://security-tracker.debian.org/tracker/CVE-2016-2106),
[CVE-2016-2107](https://security-tracker.debian.org/tracker/CVE-2016-2107),
[CVE-2016-2108](https://security-tracker.debian.org/tracker/CVE-2016-2108),
[CVE-2016-2109](https://security-tracker.debian.org/tracker/CVE-2016-2109)
- Package `libtasn1-3`:
[CVE-2016-4008](https://security-tracker.debian.org/tracker/CVE-2016-4008)
- Package `xen`:
[CVE-2013-2212](https://security-tracker.debian.org/tracker/CVE-2013-2212),
[CVE-2016-3159](https://security-tracker.debian.org/tracker/CVE-2016-3159),
[CVE-2016-3960](https://security-tracker.debian.org/tracker/CVE-2016-3960),
[CVE-2016-4480](https://security-tracker.debian.org/tracker/CVE-2016-4480),
[CVE-2016-3710](https://security-tracker.debian.org/tracker/CVE-2016-3710),
[CVE-2014-3672](https://security-tracker.debian.org/tracker/CVE-2014-3672)
- Package `libxml2`:
[CVE-2016-1762](https://security-tracker.debian.org/tracker/CVE-2016-1762),
[CVE-2016-1833](https://security-tracker.debian.org/tracker/CVE-2016-1833),
[CVE-2016-1834](https://security-tracker.debian.org/tracker/CVE-2016-1834),
[CVE-2016-1835](https://security-tracker.debian.org/tracker/CVE-2016-1835),
[CVE-2016-1837](https://security-tracker.debian.org/tracker/CVE-2016-1837),
[CVE-2016-1838](https://security-tracker.debian.org/tracker/CVE-2016-1838),
[CVE-2015-8806](https://security-tracker.debian.org/tracker/CVE-2015-8806),
[CVE-2016-1839](https://security-tracker.debian.org/tracker/CVE-2016-1839),
[CVE-2016-2073](https://security-tracker.debian.org/tracker/CVE-2016-2073),
[CVE-2016-1840](https://security-tracker.debian.org/tracker/CVE-2016-1840),
[CVE-2016-3627](https://security-tracker.debian.org/tracker/CVE-2016-3627),
[CVE-2016-3705](https://security-tracker.debian.org/tracker/CVE-2016-3705),
[CVE-2016-4447](https://security-tracker.debian.org/tracker/CVE-2016-4447),
[CVE-2016-4449](https://security-tracker.debian.org/tracker/CVE-2016-4449),
[CVE-2016-4483](https://security-tracker.debian.org/tracker/CVE-2016-4483)
- Package `wget`:
[CVE-2016-4971](https://security-tracker.debian.org/tracker/CVE-2016-4971)
### Typical update path from Release 32
- Need to get 199MiB of archives.
- Has **low** impact on the availability of the end user service:
- Daemon processes `smbd` and `nmbd` will be restarted during the update
process. Network directories shared by Samba will be unavailable during
their downtime (approx. 30-60sec).
-
linux-headers-3.2.0-105 (3.2.0-105.146)
linux-headers-3.2.0-105-generic (3.2.0-105.146)
linux-image-3.13.0-91-generic (3.13.0-91.138~precise1)
linux-image-3.2.0-105-generic (3.2.0-105.146)
-
apt (0.8.16~exp12ubuntu10.26 => 0.8.16~exp12ubuntu10.27)
apt-transport-https (0.8.16~exp12ubuntu10.26 => 0.8.16~exp12ubuntu10.27)
apt-utils (0.8.16~exp12ubuntu10.26 => 0.8.16~exp12ubuntu10.27)
binutils (2.22-6ubuntu1.3 => 2.22-6ubuntu1.4)
debootstrap (1.0.40~ubuntu0.9 => 1.0.40~ubuntu0.10)
dosfstools (3.0.12-1ubuntu1.2 => 3.0.12-1ubuntu1.3)
dpkg (1.16.1.2ubuntu7.7 => 1.16.1.2ubuntu7.8)
dpkg-dev (1.16.1.2ubuntu7.7 => 1.16.1.2ubuntu7.8)
icedtea-6-jre-cacao (6b38-1.13.10-0ubuntu0.12.04.1 => 6b39-1.13.11-0ubuntu0.12.04.1)
icedtea-6-jre-jamvm (6b38-1.13.10-0ubuntu0.12.04.1 => 6b39-1.13.11-0ubuntu0.12.04.1)
libapt-inst1.4 (0.8.16~exp12ubuntu10.26 => 0.8.16~exp12ubuntu10.27)
libapt-pkg4.12 (0.8.16~exp12ubuntu10.26 => 0.8.16~exp12ubuntu10.27)
libc-bin (2.15-0ubuntu10.13 => 2.15-0ubuntu10.15)
libc-dev-bin (2.15-0ubuntu10.13 => 2.15-0ubuntu10.15)
libc6 (2.15-0ubuntu10.13 => 2.15-0ubuntu10.15)
libc6-dev (2.15-0ubuntu10.13 => 2.15-0ubuntu10.15)
libdpkg-perl (1.16.1.2ubuntu7.7 => 1.16.1.2ubuntu7.8)
libexpat1 (2.0.1-7.2ubuntu1.2 => 2.0.1-7.2ubuntu1.4)
libgd2-xpm (2.0.36~rc1~dfsg-6ubuntu2 => 2.0.36~rc1~dfsg-6ubuntu2.1)
libmysqlclient18 (5.5.47-0ubuntu0.12.04.1 => 5.5.49-0ubuntu0.12.04.1)
libpoppler19 (0.18.4-1ubuntu3.1 => 0.18.4-1ubuntu3.2)
libpq5 (9.1.21-0ubuntu0.12.04 => 9.1.22-0ubuntu0.12.04)
libservlet2.5-java (6.0.35-1ubuntu3.6 => 6.0.35-1ubuntu3.7)
libssl1.0.0 (1.0.1-4ubuntu5.35 => 1.0.1-4ubuntu5.36)
libtasn1-3 (2.10-1ubuntu1.4 => 2.10-1ubuntu1.5)
libtomcat6-java (6.0.35-1ubuntu3.6 => 6.0.35-1ubuntu3.7)
libwbclient0 (3.6.25-0ubuntu0.12.04.2 => 3.6.25-0ubuntu0.12.04.4)
libxen-4.1 (4.1.6.1-0ubuntu0.12.04.10 => 4.1.6.1-0ubuntu0.12.04.11)
libxenstore3.0 (4.1.6.1-0ubuntu0.12.04.10 => 4.1.6.1-0ubuntu0.12.04.11)
libxml2 (2.7.8.dfsg-5.1ubuntu4.14 => 2.7.8.dfsg-5.1ubuntu4.15)
libxml2-utils (2.7.8.dfsg-5.1ubuntu4.14 => 2.7.8.dfsg-5.1ubuntu4.15)
linux-generic (3.2.0.101.117 => 3.2.0.105.121)
linux-headers-generic (3.2.0.101.117 => 3.2.0.105.121)
linux-image-generic (3.2.0.101.117 => 3.2.0.105.121)
linux-image-generic-lts-trusty (3.13.0.85.77 => 3.13.0.91.82)
linux-image-server (3.2.0.101.117 => 3.2.0.105.121)
multiarch-support (2.15-0ubuntu10.13 => 2.15-0ubuntu10.15)
mysql-common (5.5.47-0ubuntu0.12.04.1 => 5.5.49-0ubuntu0.12.04.1)
nscd (2.15-0ubuntu10.13 => 2.15-0ubuntu10.15)
openjdk-6-jre-headless (6b38-1.13.10-0ubuntu0.12.04.1 => 6b39-1.13.11-0ubuntu0.12.04.1)
openjdk-6-jre-lib (6b38-1.13.10-0ubuntu0.12.04.1 => 6b39-1.13.11-0ubuntu0.12.04.1)
openssl (1.0.1-4ubuntu5.35 => 1.0.1-4ubuntu5.36)
poppler-utils (0.18.4-1ubuntu3.1 => 0.18.4-1ubuntu3.2)
psmisc (22.15-2ubuntu1.1 => 22.15-2ubuntu1.2)
samba (3.6.25-0ubuntu0.12.04.2 => 3.6.25-0ubuntu0.12.04.4)
samba-common (3.6.25-0ubuntu0.12.04.2 => 3.6.25-0ubuntu0.12.04.4)
samba-common-bin (3.6.25-0ubuntu0.12.04.2 => 3.6.25-0ubuntu0.12.04.4)
smbclient (3.6.25-0ubuntu0.12.04.2 => 3.6.25-0ubuntu0.12.04.4)
tomcat6 (6.0.35-1ubuntu3.6 => 6.0.35-1ubuntu3.7)
tomcat6-common (6.0.35-1ubuntu3.6 => 6.0.35-1ubuntu3.7)
tzdata (2016c-0ubuntu0.12.04 => 2016d-0ubuntu0.12.04)
tzdata-java (2016c-0ubuntu0.12.04 => 2016d-0ubuntu0.12.04)
wget (1.13.4-2ubuntu1.2 => 1.13.4-2ubuntu1.4)
## Release 32 {#32}
2016-04-21
### Notable changes
- Puavo WLAN accesspoint tunnels will collapse (30sec timeout) if their remote
end is closed unexpectedly.
- Bandwidths of Puavo WLAN accesspoint tunnels have been limited:
- Bandwidth of each tunnel is limited to 50Mbps.
- Bandwidth of image update connections is limited to 15Mbps.
- Puavo host certificates expiring during the next 6 months will be updated
during the update process. After a successfull update, a suggestion to reboot
is displayed.
### Security updates
- Package `bind9`:
[CVE-2016-1285](https://security-tracker.debian.org/tracker/CVE-2016-1285),
[CVE-2016-1286](https://security-tracker.debian.org/tracker/CVE-2016-1286)
- Package `git`:
[CVE-2016-2315](https://security-tracker.debian.org/tracker/CVE-2016-2315),
[CVE-2016-2324](https://security-tracker.debian.org/tracker/CVE-2016-2324)
- Package `jasper`:
[CVE-2016-1577](https://security-tracker.debian.org/tracker/CVE-2016-1577),
[CVE-2016-2116](https://security-tracker.debian.org/tracker/CVE-2016-2116)
- Package `nss`:
[CVE-2016-1950](https://security-tracker.debian.org/tracker/CVE-2016-1950)
- Package `pcre3`:
[CVE-2015-8387](https://security-tracker.debian.org/tracker/CVE-2015-8387),
[CVE-2015-8394](https://security-tracker.debian.org/tracker/CVE-2015-8394)
- Package `perl`:
[CVE-2013-7422](https://security-tracker.debian.org/tracker/CVE-2013-7422),
[CVE-2014-4330](https://security-tracker.debian.org/tracker/CVE-2014-4330),
[CVE-2016-2381](https://security-tracker.debian.org/tracker/CVE-2016-2381)
- Package `pixman`:
[CVE-2014-9766](https://security-tracker.debian.org/tracker/CVE-2014-9766)
- Package `samba`:
[CVE-2016-2110](https://security-tracker.debian.org/tracker/CVE-2016-2110),
[CVE-2016-2111](https://security-tracker.debian.org/tracker/CVE-2016-2111),
[CVE-2016-2112](https://security-tracker.debian.org/tracker/CVE-2016-2112),
[CVE-2016-2115](https://security-tracker.debian.org/tracker/CVE-2016-2115),
[CVE-2016-2118](https://security-tracker.debian.org/tracker/CVE-2016-2118),
[CVE-2015-5370](https://security-tracker.debian.org/tracker/CVE-2015-5370),
[CVE-2012-1182](https://security-tracker.debian.org/tracker/CVE-2012-1182),
[CVE-2012-2111](https://security-tracker.debian.org/tracker/CVE-2012-2111),
[CVE-2013-0454](https://security-tracker.debian.org/tracker/CVE-2013-0454),
[CVE-2012-6150](https://security-tracker.debian.org/tracker/CVE-2012-6150),
[CVE-2014-0244](https://security-tracker.debian.org/tracker/CVE-2014-0244),
[CVE-2015-0240](https://security-tracker.debian.org/tracker/CVE-2015-0240),
[CVE-2013-0214](https://security-tracker.debian.org/tracker/CVE-2013-0214)
- Package `tiff`:
[CVE-2015-8665](https://security-tracker.debian.org/tracker/CVE-2015-8665),
[CVE-2015-8683](https://security-tracker.debian.org/tracker/CVE-2015-8683),
[CVE-2015-8781](https://security-tracker.debian.org/tracker/CVE-2015-8781),
[CVE-2015-8782](https://security-tracker.debian.org/tracker/CVE-2015-8782),
[CVE-2015-8783](https://security-tracker.debian.org/tracker/CVE-2015-8783),
[CVE-2015-8784](https://security-tracker.debian.org/tracker/CVE-2015-8784)
### Typical update path from Release 31
- Need to get 166.0MiB of archives.
- Has **low** impact on the availability of the end user service:
- Daemon processes `smbd` and `nmbd` will be restarted during the update
process. Network directories shared by Samba will be unavailable during
their downtime (approx. 30-60sec).
-
linux-headers-3.2.0-101 (3.2.0-101.141)
linux-headers-3.2.0-101-generic (3.2.0-101.141)
linux-image-3.13.0-85-generic (3.13.0-85.129~precise1)
linux-image-3.2.0-101-generic (3.2.0-101.141)
rdiff (0.9.7-8build1)
-
bind9 (9.8.1.dfsg.P1-4ubuntu0.15 => 9.8.1.dfsg.P1-4ubuntu0.16)
bind9-host (9.8.1.dfsg.P1-4ubuntu0.15 => 9.8.1.dfsg.P1-4ubuntu0.16)
bind9utils (9.8.1.dfsg.P1-4ubuntu0.15 => 9.8.1.dfsg.P1-4ubuntu0.16)
dnsutils (9.8.1.dfsg.P1-4ubuntu0.15 => 9.8.1.dfsg.P1-4ubuntu0.16)
git (1.7.9.5-1ubuntu0.2 => 1.7.9.5-1ubuntu0.3)
git-man (1.7.9.5-1ubuntu0.2 => 1.7.9.5-1ubuntu0.3)
libbind9-80 (9.8.1.dfsg.P1-4ubuntu0.15 => 9.8.1.dfsg.P1-4ubuntu0.16)
libdns81 (9.8.1.dfsg.P1-4ubuntu0.15 => 9.8.1.dfsg.P1-4ubuntu0.16)
libisc83 (9.8.1.dfsg.P1-4ubuntu0.15 => 9.8.1.dfsg.P1-4ubuntu0.16)
libisccc80 (9.8.1.dfsg.P1-4ubuntu0.15 => 9.8.1.dfsg.P1-4ubuntu0.16)
libisccfg82 (9.8.1.dfsg.P1-4ubuntu0.15 => 9.8.1.dfsg.P1-4ubuntu0.16)
libjasper1 (1.900.1-13ubuntu0.2 => 1.900.1-13ubuntu0.3)
liblwres80 (9.8.1.dfsg.P1-4ubuntu0.15 => 9.8.1.dfsg.P1-4ubuntu0.16)
libnss3-1d (3.21-0ubuntu0.12.04.2 => 3.21-0ubuntu0.12.04.3)
libpam-modules (1.1.3-7ubuntu2 => 1.1.3-7ubuntu2.3)
libpam-modules-bin (1.1.3-7ubuntu2 => 1.1.3-7ubuntu2.3)
libpam-runtime (1.1.3-7ubuntu2 => 1.1.3-7ubuntu2.3)
libpam0g (1.1.3-7ubuntu2 => 1.1.3-7ubuntu2.3)
libpcre3 (8.12-4ubuntu0.1 => 8.12-4ubuntu0.2)
libperl5.14 (5.14.2-6ubuntu2.4 => 5.14.2-6ubuntu2.5)
libpixman-1-0 (0.30.2-1ubuntu0.0.0.0.2 => 0.30.2-1ubuntu0.0.0.0.3)
libpq5 (9.1.20-0ubuntu0.12.04 => 9.1.21-0ubuntu0.12.04)
libtiff4 (3.9.5-2ubuntu1.8 => 3.9.5-2ubuntu1.9)
libwbclient0 (3.6.3-2ubuntu2.14 => 3.6.25-0ubuntu0.12.04.2)
linux-generic (3.2.0.99.115 => 3.2.0.101.117)
linux-headers-generic (3.2.0.99.115 => 3.2.0.101.117)
linux-image-generic (3.2.0.99.115 => 3.2.0.101.117)
linux-image-generic-lts-trusty (3.13.0.79.71 => 3.13.0.85.77)
linux-image-server (3.2.0.99.115 => 3.2.0.101.117)
opinsys-bootserver (0.7.0-277+precise+master.5789471abb45a96900f6e59b168814aa8373b8c4 => 0.7.0-292+precise+master.2af6830f335c6f709a12705004498ccd4aeb073e)
opinsys-rules (0.7.0-277+precise+master.5789471abb45a96900f6e59b168814aa8373b8c4 => 0.7.0-292+precise+master.2af6830f335c6f709a12705004498ccd4aeb073e)
perl (5.14.2-6ubuntu2.4 => 5.14.2-6ubuntu2.5)
perl-base (5.14.2-6ubuntu2.4 => 5.14.2-6ubuntu2.5)
perl-modules (5.14.2-6ubuntu2.4 => 5.14.2-6ubuntu2.5)
puavo-client (2.1.0-93+precise.master.7e104bbc3f8e4be9bcf35550272af0e359bb5bcf => 2.1.0-110+precise.master.3843643aed82f02910b00d1124e5ad5460ae37ab)
puavo-ltsp-bootserver (0.17.0-972+precise+master.f8489e8ffa629e96413cc4ce497659cc2ac02d95 => 0.17.0-993+precise+master.8cbb429cc95b86f462768503e7221f52cf23489d)
samba (3.6.3-2ubuntu2.14 => 3.6.25-0ubuntu0.12.04.2)
samba-common (3.6.3-2ubuntu2.14 => 3.6.25-0ubuntu0.12.04.2)
samba-common-bin (3.6.3-2ubuntu2.14 => 3.6.25-0ubuntu0.12.04.2)
smbclient (3.6.3-2ubuntu2.14 => 3.6.25-0ubuntu0.12.04.2)
tzdata (2015g-0ubuntu0.12.04 => 2016c-0ubuntu0.12.04)
tzdata-java (2015g-0ubuntu0.12.04 => 2016c-0ubuntu0.12.04)
## Release 31 {#31}
2016-03-04
### Notable changes
- Fix image sync to fetch CKSUMS from the image server, which is required for
laptop updates.
### Typical update path from Release 30
- Need to get 627KiB of archives.
- Does not affect the availability of the end user service.
-
puavo-image-tools (0.17.0-970+precise+master.d7c0ea4156fbb722bddfae15e702e50c85ebbd3d => 0.17.0-972+precise+master.f8489e8ffa629e96413cc4ce497659cc2ac02d95)
puavo-ltsp-bootserver (0.17.0-970+precise+master.d7c0ea4156fbb722bddfae15e702e50c85ebbd3d => 0.17.0-972+precise+master.f8489e8ffa629e96413cc4ce497659cc2ac02d95)
ruby-puavobs (0.17.0-960+precise+master.e6ded60e1ba9dfd640a9369aad7396a58a4c9ab6 => 0.17.0-972+precise+master.f8489e8ffa629e96413cc4ce497659cc2ac02d95)
## Release 30 {#30}
2016-03-02
### Notable changes
- Support for booting dual architecture images to 64bit kernels.
### Security updates
- Package `cpio`:
[CVE-2015-1197](https://security-tracker.debian.org/tracker/CVE-2015-1197),
[CVE-2016-2037](https://security-tracker.debian.org/tracker/CVE-2016-2037)
- Package `openssl`:
[CVE-2016-0702](https://security-tracker.debian.org/tracker/CVE-2016-0702),
[CVE-2016-0705](https://security-tracker.debian.org/tracker/CVE-2016-0705),
[CVE-2016-0797](https://security-tracker.debian.org/tracker/CVE-2016-0797),
[CVE-2016-0798](https://security-tracker.debian.org/tracker/CVE-2016-0798),
[CVE-2016-0799](https://security-tracker.debian.org/tracker/CVE-2016-0799)
- Package `nss`:
[CVE-2016-1938](https://security-tracker.debian.org/tracker/CVE-2016-1938)
- Package `xen`:
[CVE-2016-2270](https://security-tracker.debian.org/tracker/CVE-2016-2270),
[CVE-2016-1570](https://security-tracker.debian.org/tracker/CVE-2016-1570),
[CVE-2016-1571](https://security-tracker.debian.org/tracker/CVE-2016-1571),
[CVE-2015-8615](https://security-tracker.debian.org/tracker/CVE-2015-8615),
[CVE-2016-2271](https://security-tracker.debian.org/tracker/CVE-2016-2271)
### Typical update path from Release 29
- Need to get 156.0MiB of archives.
- Has **medium** impact on the availability of the end user service:
- Several daemon processes, such as `ntpd`, `puavo-rest` and `puavo-tftpd`
will be restarted during the update process
- Daemon process `puavo-rest` will be started and stopped during the
update process. Estimated service downtime for this process ranges
from 30sec to 2min. During the downtime, devices are unable to boot
or login.
-
linux-headers-3.13.0-79 (3.13.0-79.123~precise1)
linux-headers-3.13.0-79-generic (3.13.0-79.123~precise1)
linux-image-3.13.0-79-generic (3.13.0-79.123~precise1)
linux-image-3.2.0-99-generic (3.2.0-99.139)
-
ca-certificates (20141019ubuntu0.12.04.1 => 20160104ubuntu0.12.04.1)
cpio (2.11-7ubuntu3.1 => 2.11-7ubuntu3.2)
libgnutls26 (2.12.14-5ubuntu3.11 => 2.12.14-5ubuntu3.12)
libnss3 (3.19.2.1-0ubuntu0.12.04.2 => 3.21-0ubuntu0.12.04.2)
libnss3-1d (3.19.2.1-0ubuntu0.12.04.2 => 3.21-0ubuntu0.12.04.2)
libssl1.0.0 (1.0.1-4ubuntu5.33 => 1.0.1-4ubuntu5.35)
libxen-4.1 (4.1.6.1-0ubuntu0.12.04.8 => 4.1.6.1-0ubuntu0.12.04.10)
libxenstore3.0 (4.1.6.1-0ubuntu0.12.04.8 => 4.1.6.1-0ubuntu0.12.04.10)
linux-generic-lts-trusty (3.13.0.77.69 => 3.13.0.79.71)
linux-headers-generic-lts-trusty (3.13.0.77.69 => 3.13.0.79.71)
linux-image-generic-lts-trusty (3.13.0.77.69 => 3.13.0.79.71)
linux-image-server (3.2.0.98.114 => 3.2.0.99.115)
ntp (4.2.6.p3+dfsg-1ubuntu3.8 => 4.2.6.p3+dfsg-1ubuntu3.9)
ntpdate (4.2.6.p3+dfsg-1ubuntu3.8 => 4.2.6.p3+dfsg-1ubuntu3.9)
openssl (1.0.1-4ubuntu5.33 => 1.0.1-4ubuntu5.35)
opinsys-bootserver (0.7.0-269+precise+master.89ce51893173f8cd3b16dfaebd445340c525f4eb => 0.7.0-277+precise+master.5789471abb45a96900f6e59b168814aa8373b8c4)
opinsys-rules (0.7.0-269+precise+master.89ce51893173f8cd3b16dfaebd445340c525f4eb => 0.7.0-277+precise+master.5789471abb45a96900f6e59b168814aa8373b8c4)
puavo-image-tools (0.17.0-960+precise+master.e6ded60e1ba9dfd640a9369aad7396a58a4c9ab6 => 0.17.0-970+precise+master.d7c0ea4156fbb722bddfae15e702e50c85ebbd3d)
puavo-ltsp-bootserver (0.17.0-960+precise+master.e6ded60e1ba9dfd640a9369aad7396a58a4c9ab6 => 0.17.0-970+precise+master.d7c0ea4156fbb722bddfae15e702e50c85ebbd3d)
puavo-rest (0.11.0-777+precise.master.36ed29b009477abe4c3a19d486621767c5156e88 => 0.11.1-790+precise.master.83477d17e666a2e6acf79072ec0e879cd2954bc9)
puavo-rest-bootserver (0.11.0-777+precise.master.36ed29b009477abe4c3a19d486621767c5156e88 => 0.11.1-790+precise.master.83477d17e666a2e6acf79072ec0e879cd2954bc9)
puavo-rules (1.6.0-119+precise+master.3458e69ded612ebed33b79de0cc28bbb7aed7f44 => 1.6.0-308+precise+master.f7c1f16b6413b731c01cff3a8432135163878b32)
puavo-tftpd (0.5.11-4+precise.amd64+master.1971359371b2667514bbe6eea9895bbe90947622 => 0.5.11-12+precise+master.9de399df6d7bca2ac0fbbd61a68b72e395457fa5)
puavo-tftpd-hooks (0.5.11-4+precise.amd64+master.1971359371b2667514bbe6eea9895bbe90947622 => 0.5.11-12+precise+master.9de399df6d7bca2ac0fbbd61a68b72e395457fa5)
## Release 29 {#29}
2016-02-17
### Security updates
- Package `eglibc`:
[CVE-2015-7547](https://security-tracker.debian.org/tracker/CVE-2015-7547)
- Package `postgresql-9.1`:
[CVE-2016-0773](https://security-tracker.debian.org/tracker/CVE-2016-0773),
[CVE-2016-0766](https://security-tracker.debian.org/tracker/CVE-2016-0766)
- Package `libgcrypt11`:
[CVE-2015-7511](https://security-tracker.debian.org/tracker/CVE-2015-7511)
- Package `samba`:
[CVE-2015-5252](https://security-tracker.debian.org/tracker/CVE-2015-5252)
### Update path from Release 28
- Typically, need to get 38.0MiB of archives.
- Has **very high** impact on the availability of the end user service:
- It is recommended to reboot the system to ensure all processes use
the latest libc.
-
libc-bin (2.15-0ubuntu10.12 => 2.15-0ubuntu10.13)
libc-dev-bin (2.15-0ubuntu10.12 => 2.15-0ubuntu10.13)
libc6 (2.15-0ubuntu10.12 => 2.15-0ubuntu10.13)
libc6-dev (2.15-0ubuntu10.12 => 2.15-0ubuntu10.13)
libgcrypt11 (1.5.0-3ubuntu0.4 => 1.5.0-3ubuntu0.5)
libpq5 (9.1.19-0ubuntu0.12.04 => 9.1.20-0ubuntu0.12.04)
libwbclient0 (3.6.3-2ubuntu2.13 => 3.6.3-2ubuntu2.14)
multiarch-support (2.15-0ubuntu10.12 => 2.15-0ubuntu10.13)
nscd (2.15-0ubuntu10.12 => 2.15-0ubuntu10.13)
samba (3.6.3-2ubuntu2.13 => 3.6.3-2ubuntu2.14)
samba-common (3.6.3-2ubuntu2.13 => 3.6.3-2ubuntu2.14)
samba-common-bin (3.6.3-2ubuntu2.13 => 3.6.3-2ubuntu2.14)
smbclient (3.6.3-2ubuntu2.13 => 3.6.3-2ubuntu2.14)
## Release 28 {#28}
2016-02-10
### Notable changes
- The recommended kernel is updated to generic-lts-trusty which is also
currently the default kernel in vanilla Ubuntu Precise installations.
- Image synchronization mechanism is updated to obey Puavo's image
series configuration. To enable synchronization, image series must be
configured by setting image series source URLs in school and/or
organization pages. If image source URLs are not set, image
synchronization mechanism is disabled (images won't get removed or
downloaded).
### Security updates
- Package `bind9`:
[CVE-2015-8704](https://security-tracker.debian.org/tracker/CVE-2015-8704)
- Package `curl`:
[CVE-2014-0015](https://security-tracker.debian.org/tracker/CVE-2014-0015),
[CVE-2014-0138](https://security-tracker.debian.org/tracker/CVE-2014-0138),
[CVE-2014-3143](https://security-tracker.debian.org/tracker/CVE-2014-3143),
[CVE-2016-0755](https://security-tracker.debian.org/tracker/CVE-2016-0755)
- Package `libxml2`:
[CVE-2015-7499](https://security-tracker.debian.org/tracker/CVE-2015-7499),
[CVE-2015-8710](https://security-tracker.debian.org/tracker/CVE-2015-8710)
- Package `mysql-5.5`:
[CVE-2016-0505](https://security-tracker.debian.org/tracker/CVE-2016-0505),
[CVE-2016-0546](https://security-tracker.debian.org/tracker/CVE-2016-0546),
[CVE-2016-0596](https://security-tracker.debian.org/tracker/CVE-2016-0596),
[CVE-2016-0597](https://security-tracker.debian.org/tracker/CVE-2016-0597),
[CVE-2016-0598](https://security-tracker.debian.org/tracker/CVE-2016-0598),
[CVE-2016-0600](https://security-tracker.debian.org/tracker/CVE-2016-0600),
[CVE-2016-0606](https://security-tracker.debian.org/tracker/CVE-2016-0606),
[CVE-2016-0608](https://security-tracker.debian.org/tracker/CVE-2016-0608),
[CVE-2016-0609](https://security-tracker.debian.org/tracker/CVE-2016-0609),
[CVE-2016-0616](https://security-tracker.debian.org/tracker/CVE-2016-0616)
- Package `openjdk-6`:
[CVE-2016-0402](https://security-tracker.debian.org/tracker/CVE-2016-0402),
[CVE-2016-0448](https://security-tracker.debian.org/tracker/CVE-2016-0448),
[CVE-2016-0466](https://security-tracker.debian.org/tracker/CVE-2016-0466),
[CVE-2016-0483](https://security-tracker.debian.org/tracker/CVE-2016-0483),
[CVE-2016-0494](https://security-tracker.debian.org/tracker/CVE-2016-0494),
[CVE-2015-8472](https://security-tracker.debian.org/tracker/CVE-2015-8472)
- Package `rsync`:
[CVE-2014-9512](https://security-tracker.debian.org/tracker/CVE-2014-9512)
### Update path from Release 27
- Typically, need to get 196.0MiB of archives.
- Has **medium** impact on the availability of the end user service:
- Several daemon processes, such as `bind9`, `ntpd` and `puavo-rest`,
will be restarted during the update process
- Daemon process `puavo-rest` will be started and stopped during the
update process. Estimated service downtime for this process ranges
from 30sec to 2min. During the downtime, devices are unable to boot
or login.
-
linux-headers-3.2.0-98 (3.2.0-98.138)
linux-headers-3.2.0-98-generic (3.2.0-98.138)
linux-image-3.13.0-77-generic (3.13.0-77.121~precise1)
linux-image-3.2.0-98-generic (3.2.0-98.138)
linux-image-generic-lts-trusty (3.13.0.77.69)
-
bind9 (9.8.1.dfsg.P1-4ubuntu0.14 => 9.8.1.dfsg.P1-4ubuntu0.15)
bind9-host (9.8.1.dfsg.P1-4ubuntu0.14 => 9.8.1.dfsg.P1-4ubuntu0.15)
bind9utils (9.8.1.dfsg.P1-4ubuntu0.14 => 9.8.1.dfsg.P1-4ubuntu0.15)
curl (7.22.0-3ubuntu4.14 => 7.22.0-3ubuntu4.15)
dnsutils (9.8.1.dfsg.P1-4ubuntu0.14 => 9.8.1.dfsg.P1-4ubuntu0.15)
icedtea-6-jre-cacao (6b37-1.13.9-1ubuntu0.12.04.1 => 6b38-1.13.10-0ubuntu0.12.04.1)
icedtea-6-jre-jamvm (6b37-1.13.9-1ubuntu0.12.04.1 => 6b38-1.13.10-0ubuntu0.12.04.1)
libbind9-80 (9.8.1.dfsg.P1-4ubuntu0.14 => 9.8.1.dfsg.P1-4ubuntu0.15)
libcurl3 (7.22.0-3ubuntu4.14 => 7.22.0-3ubuntu4.15)
libcurl3-gnutls (7.22.0-3ubuntu4.14 => 7.22.0-3ubuntu4.15)
libdns81 (9.8.1.dfsg.P1-4ubuntu0.14 => 9.8.1.dfsg.P1-4ubuntu0.15)
libisc83 (9.8.1.dfsg.P1-4ubuntu0.14 => 9.8.1.dfsg.P1-4ubuntu0.15)
libisccc80 (9.8.1.dfsg.P1-4ubuntu0.14 => 9.8.1.dfsg.P1-4ubuntu0.15)
libisccfg82 (9.8.1.dfsg.P1-4ubuntu0.14 => 9.8.1.dfsg.P1-4ubuntu0.15)
liblwres80 (9.8.1.dfsg.P1-4ubuntu0.14 => 9.8.1.dfsg.P1-4ubuntu0.15)
libmysqlclient18 (5.5.46-0ubuntu0.12.04.2 => 5.5.47-0ubuntu0.12.04.1)
libxml2 (2.7.8.dfsg-5.1ubuntu4.13 => 2.7.8.dfsg-5.1ubuntu4.14)
libxml2-utils (2.7.8.dfsg-5.1ubuntu4.13 => 2.7.8.dfsg-5.1ubuntu4.14)
linux-generic (3.2.0.97.113 => 3.2.0.98.114)
linux-headers-generic (3.2.0.97.113 => 3.2.0.98.114)
linux-image-generic (3.2.0.97.113 => 3.2.0.98.114)
linux-image-server (3.2.0.97.113 => 3.2.0.98.114)
mysql-common (5.5.46-0ubuntu0.12.04.2 => 5.5.47-0ubuntu0.12.04.1)
ntp (4.2.6.p3+dfsg-1ubuntu3.7 => 4.2.6.p3+dfsg-1ubuntu3.8)
ntpdate (4.2.6.p3+dfsg-1ubuntu3.7 => 4.2.6.p3+dfsg-1ubuntu3.8)
openjdk-6-jre-headless (6b37-1.13.9-1ubuntu0.12.04.1 => 6b38-1.13.10-0ubuntu0.12.04.1)
openjdk-6-jre-lib (6b37-1.13.9-1ubuntu0.12.04.1 => 6b38-1.13.10-0ubuntu0.12.04.1)
opinsys-bootserver (0.6.3-237+precise+master.475d4a2c60ca8e3821bc11ae34394162f4980664 => 0.7.0-269+precise+master.89ce51893173f8cd3b16dfaebd445340c525f4eb)
opinsys-rules (0.6.3-237+precise+master.475d4a2c60ca8e3821bc11ae34394162f4980664 => 0.7.0-269+precise+master.89ce51893173f8cd3b16dfaebd445340c525f4eb)
puavo-ltsp-bootserver (0.17.0-959+precise+master.bb116591fb2a6683633fbb61649d83750c673890 => 0.17.0-960+precise+master.e6ded60e1ba9dfd640a9369aad7396a58a4c9ab6)
puavo-rest (0.11.0-758+precise.master.b08439ffe648a37efa156cef9595125f4c54fea5 => 0.11.0-777+precise.master.36ed29b009477abe4c3a19d486621767c5156e88)
puavo-rest-bootserver (0.11.0-758+precise.master.b08439ffe648a37efa156cef9595125f4c54fea5 => 0.11.0-777+precise.master.36ed29b009477abe4c3a19d486621767c5156e88)
rsync (3.0.9-1ubuntu1 => 3.0.9-1ubuntu1.1)
ruby-puavobs (0.17.0-959+precise+master.bb116591fb2a6683633fbb61649d83750c673890 => 0.17.0-960+precise+master.e6ded60e1ba9dfd640a9369aad7396a58a4c9ab6)
## Release 27 {#27}
2016-01-18
### Notable changes
* New package `puavo-wlancontroller` is configured to run a HTTP
server at port 45046, providing status information about the WLAN
network, collected from `puavo-wlanap` instances (from version
0.12.9 onwards).
### Security updates
- Package `bind9`:
[CVE-2015-8000](https://security-tracker.debian.org/tracker/CVE-2015-8000)
- Package `dpkg`:
[CVE-2015-0860](https://security-tracker.debian.org/tracker/CVE-2015-0860)
- Package `foomatic-filters`:
[CVE-2015-8560](https://security-tracker.debian.org/tracker/CVE-2015-8560)
- Package `git`:
[CVE-2015-7545](https://security-tracker.debian.org/tracker/CVE-2015-7545)
- Package `grub2`:
[CVE-2015-8370](https://security-tracker.debian.org/tracker/CVE-2015-8370)
- Package `gnutls26`:
[CVE-2015-7575](https://security-tracker.debian.org/tracker/CVE-2015-7575)
- Package `isc-dhcp`:
[CVE-2015-8605](https://security-tracker.debian.org/tracker/CVE-2015-8605)
- Package `libpng`:
[CVE-2015-8472](https://security-tracker.debian.org/tracker/CVE-2015-8472),
[CVE-2015-8540](https://security-tracker.debian.org/tracker/CVE-2015-8540)
- Package `libsndfile`:
[CVE-2014-9496](https://security-tracker.debian.org/tracker/CVE-2014-9496),
[CVE-2014-9756](https://security-tracker.debian.org/tracker/CVE-2014-9756),
[CVE-2015-7805](https://security-tracker.debian.org/tracker/CVE-2015-7805)
- Package `libxml2`:
[CVE-2015-5312](https://security-tracker.debian.org/tracker/CVE-2015-5312),
[CVE-2015-7497](https://security-tracker.debian.org/tracker/CVE-2015-7497),
[CVE-2015-7498](https://security-tracker.debian.org/tracker/CVE-2015-7498),
[CVE-2015-7499](https://security-tracker.debian.org/tracker/CVE-2015-7499),
[CVE-2015-7500](https://security-tracker.debian.org/tracker/CVE-2015-7500),
[CVE-2015-8241](https://security-tracker.debian.org/tracker/CVE-2015-8241),
[CVE-2015-8242](https://security-tracker.debian.org/tracker/CVE-2015-8242),
[CVE-2015-8317](https://security-tracker.debian.org/tracker/CVE-2015-8317)
- Package `nss`:
[CVE-2015-7575](https://security-tracker.debian.org/tracker/CVE-2015-7575)
- Package `openssl`:
[CVE-2015-7575](https://security-tracker.debian.org/tracker/CVE-2015-7575)
- Package `samba`:
[CVE-2015-5252](https://security-tracker.debian.org/tracker/CVE-2015-5252),
[CVE-2015-5296](https://security-tracker.debian.org/tracker/CVE-2015-5296),
[CVE-2015-5299](https://security-tracker.debian.org/tracker/CVE-2015-5299),
[CVE-2015-5330](https://security-tracker.debian.org/tracker/CVE-2015-5330)
- Package `xen`:
[CVE-2015-8550](https://security-tracker.debian.org/tracker/CVE-2015-8550),
[CVE-2015-8340](https://security-tracker.debian.org/tracker/CVE-2015-8340),
[CVE-2015-7504](https://security-tracker.debian.org/tracker/CVE-2015-7504),
[CVE-2015-8554](https://security-tracker.debian.org/tracker/CVE-2015-8554),
[CVE-2015-8555](https://security-tracker.debian.org/tracker/CVE-2015-8555)
### Update path from Release 26
- Typically, need to get 189.0MiB of archives.
- Has **medium** impact on the availability of the end user service:
- Several daemon processes, such as `isc-dhcp-server`, `bind9`,
`ntpd`, `nmbd`, `smbd` and `puavo-rest`, with restart durations,
will be restarted during the update process
- Daemon process `puavo-rest` will be started and stopped during the
update process. Estimated service downtime for this process ranges
from 30sec to 2min. During the downtime, netboot devices are
unable to boot or login.
-
linux-headers-3.2.0-97 (3.2.0-97.137)
linux-headers-3.2.0-97-generic (3.2.0-97.137)
linux-image-3.2.0-97-generic (3.2.0-97.137)
puavo-wlancontroller (0.12.12)
-
bind9 (9.8.1.dfsg.P1-4ubuntu0.13 => 9.8.1.dfsg.P1-4ubuntu0.14)
bind9-host (9.8.1.dfsg.P1-4ubuntu0.13 => 9.8.1.dfsg.P1-4ubuntu0.14)
bind9utils (9.8.1.dfsg.P1-4ubuntu0.13 => 9.8.1.dfsg.P1-4ubuntu0.14)
debootstrap (1.0.40~ubuntu0.8 => 1.0.40~ubuntu0.9)
dnsutils (9.8.1.dfsg.P1-4ubuntu0.13 => 9.8.1.dfsg.P1-4ubuntu0.14)
dpkg (1.16.1.2ubuntu7.6 => 1.16.1.2ubuntu7.7)
dpkg-dev (1.16.1.2ubuntu7.6 => 1.16.1.2ubuntu7.7)
foomatic-filters (4.0.16-0ubuntu0.2 => 4.0.16-0ubuntu0.4)
git (1.7.9.5-1ubuntu0.1 => 1.7.9.5-1ubuntu0.2)
git-man (1.7.9.5-1ubuntu0.1 => 1.7.9.5-1ubuntu0.2)
grub-common (1.99-21ubuntu3.18 => 1.99-21ubuntu3.19)
grub-pc (1.99-21ubuntu3.18 => 1.99-21ubuntu3.19)
grub-pc-bin (1.99-21ubuntu3.18 => 1.99-21ubuntu3.19)
grub2-common (1.99-21ubuntu3.18 => 1.99-21ubuntu3.19)
icedtea-6-jre-cacao (6b36-1.13.8-0ubuntu1~12.04 => 6b37-1.13.9-1ubuntu0.12.04.1)
icedtea-6-jre-jamvm (6b36-1.13.8-0ubuntu1~12.04 => 6b37-1.13.9-1ubuntu0.12.04.1)
isc-dhcp-client (4.1.ESV-R4-0ubuntu5.9 => 4.1.ESV-R4-0ubuntu5.10)
isc-dhcp-common (4.1.ESV-R4-0ubuntu5.9 => 4.1.ESV-R4-0ubuntu5.10)
isc-dhcp-server (4.1.ESV-R4-0ubuntu5.9 => 4.1.ESV-R4-0ubuntu5.10)
libbind9-80 (9.8.1.dfsg.P1-4ubuntu0.13 => 9.8.1.dfsg.P1-4ubuntu0.14)
libdns81 (9.8.1.dfsg.P1-4ubuntu0.13 => 9.8.1.dfsg.P1-4ubuntu0.14)
libdpkg-perl (1.16.1.2ubuntu7.6 => 1.16.1.2ubuntu7.7)
libgnutls26 (2.12.14-5ubuntu3.9 => 2.12.14-5ubuntu3.11)
libisc83 (9.8.1.dfsg.P1-4ubuntu0.13 => 9.8.1.dfsg.P1-4ubuntu0.14)
libisccc80 (9.8.1.dfsg.P1-4ubuntu0.13 => 9.8.1.dfsg.P1-4ubuntu0.14)
libisccfg82 (9.8.1.dfsg.P1-4ubuntu0.13 => 9.8.1.dfsg.P1-4ubuntu0.14)
liblwres80 (9.8.1.dfsg.P1-4ubuntu0.13 => 9.8.1.dfsg.P1-4ubuntu0.14)
libnss3 (3.19.2.1-0ubuntu0.12.04.1 => 3.19.2.1-0ubuntu0.12.04.2)
libnss3-1d (3.19.2.1-0ubuntu0.12.04.1 => 3.19.2.1-0ubuntu0.12.04.2)
libpng12-0 (1.2.46-3ubuntu4 => 1.2.46-3ubuntu4.2)
libsndfile1 (1.0.25-4 => 1.0.25-4ubuntu0.1)
libssl1.0.0 (1.0.1-4ubuntu5.31 => 1.0.1-4ubuntu5.33)
libwbclient0 (3.6.3-2ubuntu2.12 => 3.6.3-2ubuntu2.13)
libxen-4.1 (4.1.6.1-0ubuntu0.12.04.6 => 4.1.6.1-0ubuntu0.12.04.8)
libxenstore3.0 (4.1.6.1-0ubuntu0.12.04.6 => 4.1.6.1-0ubuntu0.12.04.8)
libxml2 (2.7.8.dfsg-5.1ubuntu4.11 => 2.7.8.dfsg-5.1ubuntu4.13)
libxml2-utils (2.7.8.dfsg-5.1ubuntu4.11 => 2.7.8.dfsg-5.1ubuntu4.13)
linux-generic-lts-trusty (3.13.0.68.60 => 3.13.0.74.66)
linux-headers-generic-lts-trusty (3.13.0.68.60 => 3.13.0.74.66)
linux-image-generic-lts-trusty (3.13.0.68.60 => 3.13.0.74.66)
linux-image-server (3.2.0.94.108 => 3.2.0.97.113)
ntp (4.2.6.p3+dfsg-1ubuntu3.6 => 4.2.6.p3+dfsg-1ubuntu3.7)
ntpdate (4.2.6.p3+dfsg-1ubuntu3.6 => 4.2.6.p3+dfsg-1ubuntu3.7)
openjdk-6-jre-headless (6b36-1.13.8-0ubuntu1~12.04 => 6b37-1.13.9-1ubuntu0.12.04.1)
openjdk-6-jre-lib (6b36-1.13.8-0ubuntu1~12.04 => 6b37-1.13.9-1ubuntu0.12.04.1)
openssl (1.0.1-4ubuntu5.31 => 1.0.1-4ubuntu5.33)
puavo-image-tools (0.17.0-943+precise+master.7df6057a87f0e86a7c2997cfbe81325093c54de7 => 0.17.0-959+precise+master.bb116591fb2a6683633fbb61649d83750c673890)
puavo-ltsp-bootserver (0.17.0-944+precise+sync.images.v3.79f92c1e4c2ca05c684ee2c23dd98fc46150b7fc => 0.17.0-959+precise+master.bb116591fb2a6683633fbb61649d83750c673890)
puavo-rest (0.11.0-728+precise.master.d35b30b58bc86233baec8563ebd8bacf752f37da => 0.11.0-758+precise.master.b08439ffe648a37efa156cef9595125f4c54fea5)
puavo-rest-bootserver (0.11.0-728+precise.master.d35b30b58bc86233baec8563ebd8bacf752f37da => 0.11.0-758+precise.master.b08439ffe648a37efa156cef9595125f4c54fea5)
python-pygments (1.4+dfsg-2 => 1.4+dfsg-2ubuntu0.1)
ruby-puavobs (0.16.1-928+precise+master.2211bb558f7f140674659071cb0e1cb09e82ab5f => 0.17.0-959+precise+master.bb116591fb2a6683633fbb61649d83750c673890)
samba (3.6.3-2ubuntu2.12 => 3.6.3-2ubuntu2.13)
samba-common (3.6.3-2ubuntu2.12 => 3.6.3-2ubuntu2.13)
samba-common-bin (3.6.3-2ubuntu2.12 => 3.6.3-2ubuntu2.13)
smbclient (3.6.3-2ubuntu2.12 => 3.6.3-2ubuntu2.13)
## Release 26 {#26}
2015-11-11
### Notable changes
* Package `puavo-rest`: [optimized organization data queries by limiting
the search scope](https://github.com/opinsys/puavo-users/commit/3c041501bbdca5087c4106bab73db7d5e174e134).
### Security updates
- Package `libnspr4`:
[CVE-2015-7183](https://security-tracker.debian.org/tracker/CVE-2015-7183)
- Package `libnss3`:
[CVE-2015-7181](https://security-tracker.debian.org/tracker/CVE-2015-7181),
[CVE-2015-7182](https://security-tracker.debian.org/tracker/CVE-2015-7182)
### Update path from Release 25
- Typically, need to get 106.0MiB of archives.
- Has **low/medium** impact on the availability of the end user service:
- Daemon process `puavo-rest` will be started and stopped during
the update process. Estimated service downtime for this process
is ~30sec. During the downtime, netboot devices are unable to
boot or login.
-
gdisk (0.8.1-1ubuntu0.1)
libicu48 (4.8.1.1-3ubuntu0.6)
linux-headers-3.2.0-94 (3.2.0-94.134)
linux-headers-3.2.0-94-generic (3.2.0-94.134)
linux-image-3.2.0-94-generic (3.2.0-94.134)
-
libnspr4 (4.10.7-0ubuntu0.12.04.1 => 4.10.10-0ubuntu0.12.04.1)
libnss3 (3.19.2-0ubuntu0.12.04.1 => 3.19.2.1-0ubuntu0.12.04.1)
libnss3-1d (3.19.2-0ubuntu0.12.04.1 => 3.19.2.1-0ubuntu0.12.04.1)
linux-generic (3.2.0.92.106 => 3.2.0.94.108)
linux-headers-generic (3.2.0.92.106 => 3.2.0.94.108)
linux-image-generic (3.2.0.92.106 => 3.2.0.94.108)
linux-image-server (3.2.0.92.106 => 3.2.0.94.108)
puavo-image-tools (0.16.1-928+precise+master.2211bb558f7f140674659071cb0e1cb09e82ab5f => 0.17.0-943+precise+master.7df6057a87f0e86a7c2997cfbe81325093c54de7)
puavo-ltsp-bootserver (0.16.1-928+precise+master.2211bb558f7f140674659071cb0e1cb09e82ab5f => 0.17.0-943+precise+master.7df6057a87f0e86a7c2997cfbe81325093c54de7)
puavo-rest (0.11.0-717+precise.master.94141c4f9ada98837c5e56b3e69ff18ea849d7a8 => 0.11.0-728+precise.master.d35b30b58bc86233baec8563ebd8bacf752f37da)
puavo-rest-bootserver (0.11.0-717+precise.master.94141c4f9ada98837c5e56b3e69ff18ea849d7a8 => 0.11.0-728+precise.master.d35b30b58bc86233baec8563ebd8bacf752f37da)
unzip (6.0-4ubuntu2.4 => 6.0-4ubuntu2.5)
## Release 25 {#25}
2015-11-04
### Notable changes
- Package `puavo-rest` is updated to fix a bootserver update issue in a
situation where an organization owner list contained a dangling
reference to a previously deleted user. Deleted user appeared as an
invalid entry in the organization owner list which caused the update
to abort in the post-update phase.
### Security updates
- Package `ntp`:
[CVE-2015-5146](https://security-tracker.debian.org/tracker/CVE-2015-5146),
[CVE-2015-5194](https://security-tracker.debian.org/tracker/CVE-2015-5194),
[CVE-2015-5195](https://security-tracker.debian.org/tracker/CVE-2015-5195),
[CVE-2015-5196](https://security-tracker.debian.org/tracker/CVE-2015-5196),
[CVE-2015-7703](https://security-tracker.debian.org/tracker/CVE-2015-7703),
[CVE-2015-5219](https://security-tracker.debian.org/tracker/CVE-2015-5219),
[CVE-2015-5300](https://security-tracker.debian.org/tracker/CVE-2015-5300),
[CVE-2015-7691](https://security-tracker.debian.org/tracker/CVE-2015-7691),
[CVE-2015-7692](https://security-tracker.debian.org/tracker/CVE-2015-7692),
[CVE-2015-7702](https://security-tracker.debian.org/tracker/CVE-2015-7702),
[CVE-2015-7701](https://security-tracker.debian.org/tracker/CVE-2015-7701),
[CVE-2015-7704](https://security-tracker.debian.org/tracker/CVE-2015-7704),
[CVE-2015-7705](https://security-tracker.debian.org/tracker/CVE-2015-7705),
[CVE-2015-7850](https://security-tracker.debian.org/tracker/CVE-2015-7850),
[CVE-2015-7852](https://security-tracker.debian.org/tracker/CVE-2015-7852),
[CVE-2015-7853](https://security-tracker.debian.org/tracker/CVE-2015-7853),
[CVE-2015-7855](https://security-tracker.debian.org/tracker/CVE-2015-7855),
[CVE-2015-7871](https://security-tracker.debian.org/tracker/CVE-2015-7871)
- Package `unzip`:
[CVE-2015-7696](https://security-tracker.debian.org/tracker/CVE-2015-7696),
[CVE-2015-7697](https://security-tracker.debian.org/tracker/CVE-2015-7697)
### Update path from Release 24
- Typically, need to get 45.7MiB of archives.
- Has **low** impact on the availability of the end user service:
- Daemon process `puavo-rest` will be started and stopped during
the update process. Estimated service downtime for this process
is ~20sec. During the downtime, netboot devices are unable to
boot or login.
-
ntp (4.2.6.p3+dfsg-1ubuntu3.4 => 4.2.6.p3+dfsg-1ubuntu3.6)
ntpdate (4.2.6.p3+dfsg-1ubuntu3.4 => 4.2.6.p3+dfsg-1ubuntu3.6)
puavo-rest (0.11.0-676+precise.master.c1a2b763a07c9a4d91f39dafe448088cff0f2143 => 0.11.0-717+precise.master.94141c4f9ada98837c5e56b3e69ff18ea849d7a8)
puavo-rest-bootserver (0.11.0-676+precise.master.c1a2b763a07c9a4d91f39dafe448088cff0f2143 => 0.11.0-717+precise.master.94141c4f9ada98837c5e56b3e69ff18ea849d7a8)
unzip (6.0-4ubuntu2.3 => 6.0-4ubuntu2.4)
## Release 24 {#24}
2015-10-27
### Notable changes
- The default administrative VPN interface has been renamed to `vpn1`
and it's type is changed from `tun` to `tap`. The change is put into
effect the next time `openvpn` is restarted.
- The recommended kernel is updated to 3.10.92-031092.
### Update path from Release 23
- Typically, need to get 115.0MiB of archives.
- Has **very low** impact on the availability of the end user service:
- No services will be restarted. The service is affected only
cpu/net/disk usage of the update process.
-
linux-headers-3.10.92-031092 (3.10.92-031092.201510262203)
linux-headers-3.10.92-031092-generic (3.10.92-031092.201510262203)
linux-headers-3.2.0-92 (3.2.0-92.131)
linux-headers-3.2.0-92-generic (3.2.0-92.131)
linux-image-3.10.92-031092-generic (3.10.92-031092.201510262203)
linux-image-3.2.0-92-generic (3.2.0-92.131)
-
apt (0.8.16~exp12ubuntu10.25 => 0.8.16~exp12ubuntu10.26)
apt-transport-https (0.8.16~exp12ubuntu10.25 => 0.8.16~exp12ubuntu10.26)
apt-utils (0.8.16~exp12ubuntu10.25 => 0.8.16~exp12ubuntu10.26)
libapt-inst1.4 (0.8.16~exp12ubuntu10.25 => 0.8.16~exp12ubuntu10.26)
libapt-pkg4.12 (0.8.16~exp12ubuntu10.25 => 0.8.16~exp12ubuntu10.26)
libmysqlclient18 (5.5.44-0ubuntu0.12.04.1 => 5.5.46-0ubuntu0.12.04.2)
libpq5 (9.1.18-0ubuntu0.12.04 => 9.1.19-0ubuntu0.12.04)
linux-generic (3.2.0.91.105 => 3.2.0.92.106)
linux-headers-generic (3.2.0.91.105 => 3.2.0.92.106)
linux-image-generic (3.2.0.91.105 => 3.2.0.92.106)
linux-image-server (3.2.0.91.105 => 3.2.0.92.106)
mysql-common (5.5.44-0ubuntu0.12.04.1 => 5.5.46-0ubuntu0.12.04.2)
opinsys-bootserver (0.6.2-233+precise+master.8783cea597009d5922d0fa750915b95ab2126346 => 0.6.3-237+precise+master.475d4a2c60ca8e3821bc11ae34394162f4980664)
opinsys-rules (0.6.2-233+precise+master.8783cea597009d5922d0fa750915b95ab2126346 => 0.6.3-237+precise+master.475d4a2c60ca8e3821bc11ae34394162f4980664)
tzdata (2015f-0ubuntu0.12.04 => 2015g-0ubuntu0.12.04)
tzdata-java (2015f-0ubuntu0.12.04 => 2015g-0ubuntu0.12.04)
## Release 23 {#23}
2015-10-01
### Notable changes
* Lots of security fixes in various packages.
* CUPS web interface is accessible from VPN tunnels.
* The recommended kernel is updated to 3.10.89-031089.
### Update path from Release 22
- Need to get 229.0MiB of archives.
- Has **medium** impact on the availability of the end user service:
- Daemon process `puavo-rest` will be started and stopped during
the update process. Estimated service downtime for this process
is ~2min. During the downtime, netboot devices are unable to
boot or login.
-
heirloom-mailx (12.5-1build1)
ifenslave-2.6 (1.1.0-19ubuntu5)
libjemalloc1 (2.2.5-1)
linux-headers-3.10.89-031089 (3.10.89-031089.201509211852)
linux-headers-3.10.89-031089-generic (3.10.89-031089.201509211852)
linux-headers-3.2.0-91 (3.2.0-91.129)
linux-headers-3.2.0-91-generic (3.2.0-91.129)
linux-image-3.10.89-031089-generic (3.10.89-031089.201509211852)
linux-image-3.2.0-91-generic (3.2.0-91.129)
redis-tools (3.0.3-2chl1~precise1)
smartmontools (5.41+svn3365-1)
-
apt (0.8.16~exp12ubuntu10.24 => 0.8.16~exp12ubuntu10.25)
apt-transport-https (0.8.16~exp12ubuntu10.24 => 0.8.16~exp12ubuntu10.25)
apt-utils (0.8.16~exp12ubuntu10.24 => 0.8.16~exp12ubuntu10.25)
bind9 (9.8.1.dfsg.P1-4ubuntu0.10 => 9.8.1.dfsg.P1-4ubuntu0.13)
bind9-host (9.8.1.dfsg.P1-4ubuntu0.10 => 9.8.1.dfsg.P1-4ubuntu0.13)
bind9utils (9.8.1.dfsg.P1-4ubuntu0.10 => 9.8.1.dfsg.P1-4ubuntu0.13)
cups-filters (1.0.18-0ubuntu0.2 => 1.0.18-0ubuntu0.4)
dnsutils (9.8.1.dfsg.P1-4ubuntu0.10 => 9.8.1.dfsg.P1-4ubuntu0.13)
e2fslibs (1.42-1ubuntu2.2 => 1.42-1ubuntu2.3)
e2fsprogs (1.42-1ubuntu2.2 => 1.42-1ubuntu2.3)
ghostscript (9.05~dfsg-0ubuntu4.2 => 9.05~dfsg-0ubuntu4.3)
ghostscript-cups (9.05~dfsg-0ubuntu4.2 => 9.05~dfsg-0ubuntu4.3)
grub-common (1.99-21ubuntu3.17 => 1.99-21ubuntu3.18)
grub-pc (1.99-21ubuntu3.17 => 1.99-21ubuntu3.18)
grub-pc-bin (1.99-21ubuntu3.17 => 1.99-21ubuntu3.18)
grub2-common (1.99-21ubuntu3.17 => 1.99-21ubuntu3.18)
hplip (3.12.2-1ubuntu3.4 => 3.12.2-1ubuntu3.5)
hplip-data (3.12.2-1ubuntu3.4 => 3.12.2-1ubuntu3.5)
icedtea-6-jre-cacao (6b35-1.13.7-1ubuntu0.12.04.2 => 6b36-1.13.8-0ubuntu1~12.04)
icedtea-6-jre-jamvm (6b35-1.13.7-1ubuntu0.12.04.2 => 6b36-1.13.8-0ubuntu1~12.04)
libapt-inst1.4 (0.8.16~exp12ubuntu10.24 => 0.8.16~exp12ubuntu10.25)
libapt-pkg4.12 (0.8.16~exp12ubuntu10.24 => 0.8.16~exp12ubuntu10.25)
libbind9-80 (9.8.1.dfsg.P1-4ubuntu0.10 => 9.8.1.dfsg.P1-4ubuntu0.13)
libcomerr2 (1.42-1ubuntu2.2 => 1.42-1ubuntu2.3)
libcupsfilters1 (1.0.18-0ubuntu0.2 => 1.0.18-0ubuntu0.4)
libdns81 (9.8.1.dfsg.P1-4ubuntu0.10 => 9.8.1.dfsg.P1-4ubuntu0.13)
libexpat1 (2.0.1-7.2ubuntu1.1 => 2.0.1-7.2ubuntu1.2)
libfreetype6 (2.4.8-1ubuntu2.2 => 2.4.8-1ubuntu2.3)
libgs9 (9.05~dfsg-0ubuntu4.2 => 9.05~dfsg-0ubuntu4.3)
libgs9-common (9.05~dfsg-0ubuntu4.2 => 9.05~dfsg-0ubuntu4.3)
libgudev-1.0-0 (175-0ubuntu9.9 => 175-0ubuntu9.10)
libhpmud0 (3.12.2-1ubuntu3.4 => 3.12.2-1ubuntu3.5)
libisc83 (9.8.1.dfsg.P1-4ubuntu0.10 => 9.8.1.dfsg.P1-4ubuntu0.13)
libisccc80 (9.8.1.dfsg.P1-4ubuntu0.10 => 9.8.1.dfsg.P1-4ubuntu0.13)
libisccfg82 (9.8.1.dfsg.P1-4ubuntu0.10 => 9.8.1.dfsg.P1-4ubuntu0.13)
liblwres80 (9.8.1.dfsg.P1-4ubuntu0.10 => 9.8.1.dfsg.P1-4ubuntu0.13)
libmysqlclient18 (5.5.43-0ubuntu0.12.04.1 => 5.5.44-0ubuntu0.12.04.1)
libnss3 (3.17.4-0ubuntu0.12.04.1 => 3.19.2-0ubuntu0.12.04.1)
libnss3-1d (3.17.4-0ubuntu0.12.04.1 => 3.19.2-0ubuntu0.12.04.1)
libpcre3 (8.12-4 => 8.12-4ubuntu0.1)
libsane-hpaio (3.12.2-1ubuntu3.4 => 3.12.2-1ubuntu3.5)
libslp1 (1.2.1-7.8ubuntu1 => 1.2.1-7.8ubuntu1.1)
libsnmp-base (5.4.3~dfsg-2.4ubuntu1.2 => 5.4.3~dfsg-2.4ubuntu1.3)
libsnmp15 (5.4.3~dfsg-2.4ubuntu1.2 => 5.4.3~dfsg-2.4ubuntu1.3)
libsqlite3-0 (3.7.9-2ubuntu1.1 => 3.7.9-2ubuntu1.2)
libss2 (1.42-1ubuntu2.2 => 1.42-1ubuntu2.3)
libudev0 (175-0ubuntu9.9 => 175-0ubuntu9.10)
libxen-4.1 (4.1.6.1-0ubuntu0.12.04.5 => 4.1.6.1-0ubuntu0.12.04.6)
libxenstore3.0 (4.1.6.1-0ubuntu0.12.04.5 => 4.1.6.1-0ubuntu0.12.04.6)
linux-generic (3.2.0.86.100 => 3.2.0.91.105)
linux-headers-generic (3.2.0.86.100 => 3.2.0.91.105)
linux-image-generic (3.2.0.86.100 => 3.2.0.91.105)
linux-image-server (3.2.0.86.100 => 3.2.0.91.105)
mysql-common (5.5.43-0ubuntu0.12.04.1 => 5.5.44-0ubuntu0.12.04.1)
nginx (1.1.19-1ubuntu0.7 => 1.1.19-1ubuntu0.8)
nginx-common (1.1.19-1ubuntu0.7 => 1.1.19-1ubuntu0.8)
nginx-full (1.1.19-1ubuntu0.7 => 1.1.19-1ubuntu0.8)
openjdk-6-jre-headless (6b35-1.13.7-1ubuntu0.12.04.2 => 6b36-1.13.8-0ubuntu1~12.04)
openjdk-6-jre-lib (6b35-1.13.7-1ubuntu0.12.04.2 => 6b36-1.13.8-0ubuntu1~12.04)
opinsys-bootserver (0.6.1-200+precise+master.5e8179065de0d1db91ef2ed94cd9d3db09c2ccf3 => 0.6.2-233+precise+master.8783cea597009d5922d0fa750915b95ab2126346)
opinsys-rules (0.6.1-200+precise+master.5e8179065de0d1db91ef2ed94cd9d3db09c2ccf3 => 0.6.2-233+precise+master.8783cea597009d5922d0fa750915b95ab2126346)
printer-driver-hpcups (3.12.2-1ubuntu3.4 => 3.12.2-1ubuntu3.5)
printer-driver-hpijs (3.12.2-1ubuntu3.4 => 3.12.2-1ubuntu3.5)
printer-driver-postscript-hp (3.12.2-1ubuntu3.4 => 3.12.2-1ubuntu3.5)
puavo-ltsp-bootserver (0.16.1-825+precise+master.6512d9483dbaaac5afad18c18b9f59e24626c2ea => 0.16.1-928+precise+master.2211bb558f7f140674659071cb0e1cb09e82ab5f)
puavo-rest (0.11.0-478+precise.master.1b821bb9e7d48c27dfdf69b54eae2d38850dd287 => 0.11.0-676+precise.master.c1a2b763a07c9a4d91f39dafe448088cff0f2143)
puavo-rest-bootserver (0.11.0-478+precise.master.1b821bb9e7d48c27dfdf69b54eae2d38850dd287 => 0.11.0-676+precise.master.c1a2b763a07c9a4d91f39dafe448088cff0f2143)
puavoadmins (0.2.11 => 0.2.12)
redis-server (2.2.12-1build1 => 3.0.3-2chl1~precise1)
rpcbind (0.2.0-7ubuntu1.2 => 0.2.0-7ubuntu1.3)
ruby-puavobs (0.16.1-825+precise+master.6512d9483dbaaac5afad18c18b9f59e24626c2ea => 0.16.1-928+precise+master.2211bb558f7f140674659071cb0e1cb09e82ab5f)
snmp (5.4.3~dfsg-2.4ubuntu1.2 => 5.4.3~dfsg-2.4ubuntu1.3)
tzdata (2015d-0ubuntu0.12.04 => 2015f-0ubuntu0.12.04)
tzdata-java (2015d-0ubuntu0.12.04 => 2015f-0ubuntu0.12.04)
udev (175-0ubuntu9.9 => 175-0ubuntu9.10)
x11-utils (7.6+4ubuntu0.1 => 7.6+4ubuntu0.2)
## Release 22 {#22}
2015-06-26
### Notable changes
* Lots of security fixes in various packages.
* Bootserver reports its version to Puavo after a succesful update.
* Remove and avoid syncing lukiolaiskannettava images and rdiffs if
schools/devices do not have any references to them.
* Support for locally administered Shorewall interfaces.
* The recommended kernel is updated to 3.10.81-031081-generic.
### Update path from Release 21
- Need to get 200.0MiB of archives.
- Has **medium** impact on the availability of the end user service:
- Daemon process `cups`, `nscd`, and `tomcat6` will be started and
stopped during the update process. Estimated maximum service
downtime for these processes is ~2min.
- Daemon processes `dnsmasq` and `racoon` will be restarted
quickly (~1sec service downtime) during the update process.
-
linux-headers-3.10.81-031081 3.10.81-031081.201506230313
linux-headers-3.10.81-031081-generic 3.10.81-031081.201506230313
linux-headers-3.2.0-86 3.2.0-86.124
linux-headers-3.2.0-86-generic 3.2.0-86.124
linux-image-3.10.81-031081-generic 3.10.81-031081.201506230313
linux-image-3.2.0-86-generic 3.2.0-86.124
-
apt 0.8.16~exp12ubuntu10.24
apt-transport-https 0.8.16~exp12ubuntu10.24
apt-utils 0.8.16~exp12ubuntu10.24
binutils 2.22-6ubuntu1.3
cups 1.5.3-0ubuntu8.7
cups-client 1.5.3-0ubuntu8.7
cups-common 1.5.3-0ubuntu8.7
cups-ppdc 1.5.3-0ubuntu8.7
curl 7.22.0-3ubuntu4.14
debootstrap 1.0.40~ubuntu0.8
devscripts 2.11.6ubuntu1.7
dnsmasq 2.59-4ubuntu0.2
dnsmasq-base 2.59-4ubuntu0.2
dosfstools 3.0.12-1ubuntu1.2
dpkg 1.16.1.2ubuntu7.6
dpkg-dev 1.16.1.2ubuntu7.6
fuse 2.8.6-2ubuntu2.1
icedtea-6-jre-cacao 6b35-1.13.7-1ubuntu0.12.04.2
icedtea-6-jre-jamvm 6b35-1.13.7-1ubuntu0.12.04.2
ipsec-tools 1:0.8.0-9ubuntu1.1
libapt-inst1.4 0.8.16~exp12ubuntu10.24
libapt-pkg4.12 0.8.16~exp12ubuntu10.24
libc-bin 2.15-0ubuntu10.12
libc-dev-bin 2.15-0ubuntu10.12
libc6 2.15-0ubuntu10.12
libc6-dev 2.15-0ubuntu10.12
libcups2 1.5.3-0ubuntu8.7
libcupscgi1 1.5.3-0ubuntu8.7
libcupsimage2 1.5.3-0ubuntu8.7
libcupsmime1 1.5.3-0ubuntu8.7
libcupsppdc1 1.5.3-0ubuntu8.7
libcurl3 7.22.0-3ubuntu4.14
libcurl3-gnutls 7.22.0-3ubuntu4.14
libdpkg-perl 1.16.1.2ubuntu7.6
libfuse2 2.8.6-2ubuntu2.1
libgnutls28 3.0.11-1ubuntu2.1
libmysqlclient18 5.5.43-0ubuntu0.12.04.1
libpq5 9.1.18-0ubuntu0.12.04
libpython2.7 2.7.3-0ubuntu3.8
libsdl1.2debian 1.2.14-6.4ubuntu3.1
libservlet2.5-java 6.0.35-1ubuntu3.6
libssl1.0.0 1.0.1-4ubuntu5.31
libtasn1-3 2.10-1ubuntu1.4
libtomcat6-java 6.0.35-1ubuntu3.6
libx11-6 2:1.4.99.1-0ubuntu2.3
libx11-data 2:1.4.99.1-0ubuntu2.3
libx11-xcb1 2:1.4.99.1-0ubuntu2.3
libxext6 2:1.3.0-3ubuntu0.2
libxfixes3 1:5.0-4ubuntu4.4
libxi6 2:1.7.1.901-1ubuntu1~precise3
libxrender1 1:0.9.6-2ubuntu0.2
libxv1 2:1.0.6-2ubuntu0.2
linux-generic 3.2.0.86.100
linux-headers-generic 3.2.0.86.100
linux-image-3.10.81-031081-generic 3.10.81-031081.201506230313
linux-image-generic 3.2.0.86.100
linux-image-server 3.2.0.86.100
multiarch-support 2.15-0ubuntu10.12
mysql-common 5.5.43-0ubuntu0.12.04.1
nscd 2.15-0ubuntu10.12
ntp 1:4.2.6.p3+dfsg-1ubuntu3.4
ntpdate 1:4.2.6.p3+dfsg-1ubuntu3.4
openjdk-6-jre-headless 6b35-1.13.7-1ubuntu0.12.04.2
openjdk-6-jre-lib 6b35-1.13.7-1ubuntu0.12.04.2
openssl 1.0.1-4ubuntu5.31
opinsys-bootserver 0.6.1-200+precise+master.5e8179065de0d1db91ef2ed94cd9d3db09c2ccf3
opinsys-rules 0.6.1-200+precise+master.5e8179065de0d1db91ef2ed94cd9d3db09c2ccf3
patch 2.6.1-3ubuntu0.1
ppp 2.4.5-5ubuntu1.2
puavo-client 2.1.0-93+precise.master.7e104bbc3f8e4be9bcf35550272af0e359bb5bcf
python2.7 2.7.3-0ubuntu3.8
python2.7-minimal 2.7.3-0ubuntu3.8
racoon 1:0.8.0-9ubuntu1.1
tcpdump 4.2.1-1ubuntu2.2
tomcat6 6.0.35-1ubuntu3.6
tomcat6-common 6.0.35-1ubuntu3.6
tzdata 2015d-0ubuntu0.12.04
tzdata-java 2015d-0ubuntu0.12.04
update-manager-core 1:0.156.14.19
upstart 1.5-0ubuntu7.3
## Release 21 {#21}
2015-04-14
### Notable changes
* Fixed a deadlock bug in `nbd-server`. The bug caused `nbd-server` to
occasionally lockup, effectively making it incapable of accepting
any new connections.
* Fix `puavo-rest` to refresh cached organization data when it is
accessed via REST API.
### Update path from Release 20
- Need to get 15.0MiB of archives.
- Has very high impact on the availability of the end user service:
- Daemon process `nbd-server` will be restarted during the update
and all nbd connections will be terminated, which effectively
breaks all netboot device sessions.
-
gnupg 1.4.11-3ubuntu2.9
gpgv 1.4.11-3ubuntu2.9
libgcrypt11 1.5.0-3ubuntu0.4
libtiff4 3.9.5-2ubuntu1.8
nbd-server 3.3-0+opinsys4
opinsys-bootserver 0.5.3-152+precise+master.9e09e002bb5ba127c14ab50629d2cb0dc814e3a3
opinsys-rules 0.5.3-152+precise+master.9e09e002bb5ba127c14ab50629d2cb0dc814e3a3
puavo-rest 0.11.0-478+precise.master.1b821bb9e7d48c27dfdf69b54eae2d38850dd287
puavo-rest-bootserver 0.11.0-478+precise.master.1b821bb9e7d48c27dfdf69b54eae2d38850dd287
## Release 20 {#20}
2015-03-25
### Known issues
- It has been reported that occasionally after updating to version
20, `nslcd` has been running more than two processes, effectively
breaking name lookups from LDAP. After a succesful update, please
run:
pgrep -x -c nslcd # Print the number of nslcd processes.
If the number it prints is not 2, kill all `nslcd` processes and
then make a fresh start:
sudo killall nslcd
sudo service nslcd start
### Notable changes
* Image synchronization is optimized to ignore opinsysextra-images by
bootservers which do not have any use for them. This change in
behavior is introduced to save both network bandwidth and disk
space.
- If there are no references to any opinsysextra-images in Puavo and
there are no locked opinsysextra-images in `/opt/ltsp/images`, all
existing opinsysextra-images and their corresponding rdiffs are
deleted. Moreover, opinsysextra-images will not be synced by
`opinsys-img-sync` command.
- Inversely, opinsysextra-images are synced normally if there is at
least one `.lock` file for any opinsysextra-image or there is at
least one reference to any opinsysextra-image in Puavo.
- Admins wishing to maintain the old behavior should create a lock
file for any opinsysextra-image (the image file does not even need
to exist), for example:
sudo touch /opt/ltsp/images/ltsp-opinsysextra-trusty-1970-01-01-000000-i386.img.lock
* Local administrators (Puavoadmins) are maintained in Puavo as
organization owners instead of Puppet.
- The local copy of the organization owner database (Orgjson) is saved to
`/etc/puavo/org.json` with `puavoadmins-update` command which is
executed during configuration phase with a dedicated ECS.
- Orgjson contains names, public ssh keys and uids of Puavoadmins.
- OpenSSH server authenticates users against the Orgjson.
- Name services for Puavoadmins is provided by puavoadmins NSS
module.
- The primary group of Puavoadmins is `puavoadmins` (gid=555).
- Puavoadmins are granted the right to run anything as root via
`sudo`. Puavoadmins must authenticate themselves with their Puavo
password.
- Old administrators are removed automatically from `/etc/passwd` and
`/etc/group`. Make sure no old administrators are logged in during
the update!
* Support for locally maintained firewall rules.
* Qemu is updated to improve network throughput of virtual domains.
* Numerous security fixes in base packages.
### Update path from Release 19
- Need to get 85.8MiB of archives.
- Has low impact on the availability of the end user service:
- Processes `cups`, `nscd` and `fluentd` are restarted during the
update.
-
cups 1.5.3-0ubuntu8.6
cups-client 1.5.3-0ubuntu8.6
cups-common 1.5.3-0ubuntu8.6
cups-ppdc 1.5.3-0ubuntu8.6
fluent-plugin-puavo 0.3.0-27+precise+master.80cbfc1cc91405ec52b91d91e2ac56e48ec8b44d
fluentd 0.10.57-3+opinsys1
ipxe-qemu 1.0.0+git-20141004.86285d1-5+precise.amd64+kvm2.b46e748e7c545a159841dbbdca8298f730e5d049
libaudit0 1.7.18-1ubuntu1
libc-bin 2.15-0ubuntu10.11
libc-dev-bin 2.15-0ubuntu10.11
libc6 2.15-0ubuntu10.11
libc6-dev 2.15-0ubuntu10.11
libcups2 1.5.3-0ubuntu8.6
libcupscgi1 1.5.3-0ubuntu8.6
libcupsimage2 1.5.3-0ubuntu8.6
libcupsmime1 1.5.3-0ubuntu8.6
libcupsppdc1 1.5.3-0ubuntu8.6
libfdt1 1.3.0-2ubuntu1
libfreetype6 2.4.8-1ubuntu2.2
libgnutls26 2.12.14-5ubuntu3.9
libgnutls28 3.0.11-1ubuntu2
libhogweed2 2.4-1
libjansson4 2.2.1-1
libnetcf1 0.1.9-2ubuntu3.2
libnettle4 2.4-1
libnl-route-3-200 3.2.3-2ubuntu2
librrd4 1.4.7-1ubuntu1
librrds-perl 1.4.7-1ubuntu1
libssh2-1 1.2.8-2
libssl1.0.0 1.0.1-4ubuntu5.25
libvirt-bin 1.2.9-9+opinsys2
libvirt-clients 1.2.9-9+opinsys2
libvirt-daemon 1.2.9-9+opinsys2
libvirt-daemon-system 1.2.9-9+opinsys2
libvirt0 1.2.9-9+opinsys2
libx86-1 1.1+ds1-7ubuntu1
libxen-4.1 4.1.6.1-0ubuntu0.12.04.5
libxenstore3.0 4.1.6.1-0ubuntu0.12.04.5
linux-generic 3.2.0.79.93
linux-headers-3.2.0-79 3.2.0-79.115
linux-headers-3.2.0-79-generic 3.2.0-79.115
linux-headers-generic 3.2.0.79.93
linux-image-3.2.0-79-generic 3.2.0-79.115
linux-image-generic 3.2.0.79.93
linux-image-server 3.2.0.79.93
multiarch-support 2.15-0ubuntu10.11
nscd 2.15-0ubuntu10.11
openssl 1.0.1-4ubuntu5.25
opinsys-bootserver 0.5.3-151+precise+master.4ca7a6113e5f3582862d2fa5ac9fe5608c4986f7
opinsys-rules 0.5.3-151+precise+master.4ca7a6113e5f3582862d2fa5ac9fe5608c4986f7
pm-utils 1.4.1-9fix.ubuntu12.04
puavo-devscripts 0.6.2
puavo-ltsp-bootserver 0.16.1-825+precise+master.6512d9483dbaaac5afad18c18b9f59e24626c2ea
puavo-rules 1.6.0-119+precise+master.3458e69ded612ebed33b79de0cc28bbb7aed7f44
puavoadmins 0.2.11
qemu-keymaps 1.0.50-2012.03-0ubuntu2.1
qemu-kvm 2.0.0+dfsg-2ubuntu1.10+opinsys1
qemu-system-common 2.0.0+dfsg-2ubuntu1.10+opinsys1
qemu-system-x86 2.0.0+dfsg-2ubuntu1.10+opinsys1
qemu-utils 2.0.0+dfsg-2ubuntu1.10+opinsys1
rrdtool 1.4.7-1ubuntu1
ruby-puavobs 0.16.1-825+precise+master.6512d9483dbaaac5afad18c18b9f59e24626c2ea
seabios 1.7.4-4
sharutils 1:4.11-1
sudo 1.8.3p1-1ubuntu3.7
tzdata 2015b-0ubuntu0.12.04
tzdata-java 2015b-0ubuntu0.12.04
vbetool 1.1-2ubuntu1
## Release 19 {#19}
2015-02-24
### Security updates
- `bind9`: [CVE-2015-1349](http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1349.html)
- `e2fsprogs`: [CVE-2015-0247](http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-0247.html) and [CVE-2015-1572](http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1572.html)
- `samba`: [CVE-2015-0240](http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-0240.html)
- `unzip`: [CVE-2015-1315](http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1315.html)
### Update path from Release 18
- Has very low impact on the availability of the service:
daemon processes named and smbd will be restarted quickly
during the update process.
-
e2fslibs 1.42-1ubuntu2.2
e2fsprogs 1.42-1ubuntu2.2
libcomerr2 1.42-1ubuntu2.2
libss2 1.42-1ubuntu2.2
libnss3 3.17.4-0ubuntu0.12.04.1
libnss3 3.17.4-0ubuntu0.12.04.1
samba 2:3.6.3-2ubuntu2.12
libwbclient0 2:3.6.3-2ubuntu2.12
smbclient 2:3.6.3-2ubuntu2.12
samba-common 2:3.6.3-2ubuntu2.12
samba-common-bin 2:3.6.3-2ubuntu2.12
bind9 1:9.8.1.dfsg.P1-4ubuntu0.10
bind9-host 1:9.8.1.dfsg.P1-4ubuntu0.10
dnsutils 1:9.8.1.dfsg.P1-4ubuntu0.10
libisc83 1:9.8.1.dfsg.P1-4ubuntu0.10
libisccc80 1:9.8.1.dfsg.P1-4ubuntu0.10
libisccfg82 1:9.8.1.dfsg.P1-4ubuntu0.10
liblwres80 1:9.8.1.dfsg.P1-4ubuntu0.10
libdns81 1:9.8.1.dfsg.P1-4ubuntu0.10
bind9utils 1:9.8.1.dfsg.P1-4ubuntu0.10
libbind9-80 1:9.8.1.dfsg.P1-4ubuntu0.10
ca-certificates 20141019ubuntu0.12.04.1
update-manager-core 1:0.156.14.18
unzip 6.0-4ubuntu2.3
## Release 18 {#18}
2015-02-16
### Notable changes
* Change ECS/Reboot to delay rebooting by 1 minute. Previously
the reboot was immediate.
* Allows admins to cancel the reboot within the 1 minute
remorse period.
* Gives enough time for pre15 updates to finish gracefully.
## Release 17 {#17}
### Notable changes
* Updated the recommended kernel to `3.10.69-031069-generic`.
* Updated LDAP and Kerberos configurations (`/etc/nslcd.conf`,
`/etc/krb5.conf` and `/etc/ldap/ldap.conf`) to ensure `krb5` and `ldap`
requests fallback to the master server in case local `krb5kdc`
and/or `slapd` are unavailable.
* Added `vpn1` to firewall's ovpn zone. The default OpenVPN
interface will be renamed to `vpn1` in the future. This change
prepares the system for the upcoming rename to ensure smooth
transition.
* Fixed a race condition in smoke tests which caused occasional
test prepartion failures.
* Updated MOTD shows a note if the last update was unsuccessful.
* Added Munin to collect and plot system data. Plotted graphs are
available in port 8089 at `localhost`.
* Fixed logrotate to copytruncate netboot device -specific
syslogs to avoid remote rsyslogs from appending to deleted log
files.
## Release 16 {#16}
2015-02-12
### Notable changes
* Security fixes for `openjdk-6` and `eglibc`.
* ECS(reboot): run if any process uses an old version of libc.
## Release 15 {#15}
2015-01-28
### Notable changes
* Version numbering scheme has been simplified: from now on, it
is simply an integer increasing by one on each release.
* Package mirrors have been versioned. Versioned mirrors ensure
consistent upgrades across all servers.
* Packages `krb5`, `openldap` and `libverto` include now i386
versions. This fixes multiarch package dependecy problems
experienced on some systems which have manually installed extraneous
packages.
* OpenSSH has been updated to 6.6p1. The new `openssh-server`
introduces `AuthorizedKeysCommand` option, which will be used in
upcoming releases to grant SSH-access to Puavo administrators.
* MOTD has been updated to display an update note when a new version
is available.
* Various extra configuration scripts (ECS) will be run in the last
phase of the update. ECSs are unsafe by nature, meaning that running
them has immediate and significant effects on the
availability/quality of the service. ECSs are *never* run
automatically, they always require attention and explicit execution
approval from the system admin.
* New OpenVPN configuration for alternative/secondary adminstrative
tunnel. New OpenVPN instance with the alternative configuration will
be started automatically. This requires changes to the current
firewall configuration.
* All smoke test combinations can be run sequentially without any
interruptions:
sudo puavo-bootserver-smoke-test --all
A test result summary is printed to standard output after all
test runs have finished.
* The update tool has been changed to run apt non-interacively by
default. This change should make updating even easier by not
prompting any configuration file changes or debconf selections. To
run the update in the old interactive mode, run:
sudo opinsys-update-bootserver --apt-mode interactive
Use `--help` to get help.
* To update, run:
sudo opinsys-update-bootserver
* During the update, debconf can ask some questions. Accept the
default answer to each question:
Q: Check server's SSL certificate?
A: demand
Q: Restart services during package upgrades without asking?
A: no
Q: Services to restart for nslcd upgrade?
A: racoon cups cron atd
Q: Disable SSH password authentication for root?
A: No
