The Debian team announced two days ago, the release of Debian 4.0r1, which is the same Debian 4.0 released some time ago, but with some bugs fixed.

The fixed packages are:

In order to update to this new release you just need to run

apt-get update && apt-get dist-upgrade

And that is all. Even though new CDs will be available at Debian Download sites your do not need to get them, as yours continue to work, just upgrade as soon as you installed Debian.

Also keep in mind that this release does not add any function or functionality to Debian, it is only to fix Bugs and improve Security. Some of the fixed packages are:

Miscellaneous Bugfixes

This stable update adds a few important corrections to the following packages.

Package Reason

apache2 Fix #423653 and #419552; better documentation apache2-mpm-itk Rebuild against apache2 2.2.3-4+etch1. apt-setup Default suite to code name. cdrom-detect Scan also for things that look like USB floppies. choose-mirror Update mirrors list. debian-archive-keyring Adding debian volatile keyring debian-installer-utils Support scanning for USB sticks and discs that are misdetected as floppies. debian-installer Updates for the 2.6.18-5-kernels and misc fixes debootstrap Add support for lenny. desktop-base Fix kde default wallpaper appearance between kdm to ksplash switch. epiphany-browser Add language to gconf defaults fai-kernels Include arcmsr scsi-driver which is included in the etch kernels file Fix possible denial of service glibc Fix CPU hog on 64 bits machines, dependencies of nscd, wrong assertion and unaligned memory access gnome-mount Rebuild against libeel2-2.14 initramfs-tools Added missing esp module to scsi modules list so it gets installed in the initrd kernel-wedge Reupload to match packages in r1 libofa Rebuild in a clean environment. librsvg Fix dependency (#403977) lifelines Fix file conflict by versioning a dependency. lilo-installer Support multiple disks when devfs device names are used linux-latest-2.6 Assist upgrade to new linux-2.6 ABI lsb Don’t remove PID files of daemons that aren’t actually killed madwifi Fix two remote and one local DoS mail-notification Fix uninstallability on sparc mixmaster Fix buffer overflow in mixmaster (#418662) mozilla-traybiff less restrict depends on icedove-dev mpop fix CVE-2007-1558 mutt Add imap_close_connection to fully reset IMAP state nano Fix segfaults. neon26 Fix kerberos authentication. nfs-utils Fix memory leaks. Fix crashes when saving files. orage Memory leak orbit2 Allow non-local IPv4. partman-auto d-i translation update partman-partitioning d-i translation update php5 Fix regression in single quote escaping. pppconfig Fix upgrade issue from sarge, #418350 rdesktop Segfault regression caused by libx11-6 security fix prior Etch release tetex-base Ease transition to texlive, #420390 trac Fix CSS and remote exploitable issues. user-setup Fix chroot calls to properly setup gksu alternatives. vice Regression caused by libx11-6 security fix prior Etch release xorg Updated conflicts for easier upgrades and corrected dependencies for x11-common.

Removed Package

This package has been removed due to non-fixable issues:

vdrift: license issues, #420965

Missing Builds

One or more missing or out-of-date architectures have been added to these packages in this point release:

asterisk-chan-capi banshee codespeak-lib democracyplayer dfsbuild dwm dwm-tools hpodder ivtv mercurial metar ocp pekwm rlwrap setpwc slcfitsio stalin twinkle xfce4-session xserver-xorg-input-acecad xserver-xorg-input-evdev xserver-xorg-input-joystick xserver-xorg-input-keyboard xserver-xorg-input-mouse xserver-xorg-input-summa xserver-xorg-video-apm xserver-xorg-video-ark xserver-xorg-video-i128 xserver-xorg-video-nsc xserver-xorg-video-nv xserver-xorg-video-rendition xserver-xorg-video-s3 xserver-xorg-video-savage xserver-xorg-video-sis xserver-xorg-video-tseng xserver-xorg-video-via xserver-xorg-video-voodoo

Security Updates

This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates.

Advisory ID Package(s) Correction(s) DSA 1280 aircrack-ng Fix remote exploitable buffer overflow DSA 1281 clamav Fix several remote vulnerabilities DSA 1282 php4 Fix several remote vulnerabilities DSA 1283 php5 Fix several vulnerabilities DSA 1284 qemu Fix several vulnerabilities DSA 1285 wordpress Fix multiple vulnerabilities DSA 1286 linux-2.6 Fix several vulnerabilities (superseded by DSA 1289) DSA 1288 pptpd Fix denial of service vulnerability DSA 1289 linux-2.6 Fix several vulnerabilities DSA 1290 squirrelmail Fix cross-site scripting DSA 1291 samba Fix multiple vulnerabilities DSA 1292 qt4-x11 Fix missing input validation DSA 1293 quagga Fix denial of service vulnerability DSA 1295 php5 Fix several vulnerabilities DSA 1296 php4 Fix privilige escalation DSA 1297 gforge-plugin-scmcvs Fix arbitrary shell command execution DSA 1298 otrs2 Fix cross-site scripting DSA 1299 ipsec-tools Fix denial of service vulnerability DSA 1300 iceape Fix several vulnerabilities DSA 1301 gimp Fix arbitrary code execution DSA 1302 freetype Fix integer overflow DSA 1303 lighttpd Fix denial of service vulnerability DSA 1305 icedove Fix several vulnerabilities DSA 1306 xulrunner Fix several vulnerabilities DSA 1307 Fix arbitrary code execution DSA 1309 postgresql-8.1 Fix privilage escalation. DSA 1310 libexif Fix integer overflow DSA 1311 postgresql-7.4 Fix privilige escalation. DSA 1312 libapache-mod-jk Fix information disclosure DSA 1313 mplayer Fix arbitrary code execution DSA 1314 open-iscsi Fix several vulnerabilities DSA 1315 libphp-phpmailer Fix arbitrary shell command execution DSA 1316 emacs21 Fix denial of service vulnerability DSA 1318 ekg Fix denial of service vulnerability

Get more info:here and here