> On the occasion of the release of Debian 6.0 Squeeze, the Debian website team is pleased to publish a new design for Debian's web presence. After roughly 13 years with nearly the same design, the layout and design of many of the websites run by Debian changed together with today's release of Debian Squeeze. Debian's main website and its wiki, lists archive, blog aggregator planet and package information system now have a consistent new layout. The new layout is meant to give Debian's web presence a cleaner and more modern look as well as making the web pages easier to use and navigate.
Sorry to call someone's baby ugly. Is it just me?
Use torrents for download the isos, please.
You can find the seeds under every architecture in the directories beginning with bt-
And keep seeding ’til you’re bleeding ^_^
Edit to add this new Debian-installer page (within a brand new design site):
The nick is just a little game because I like to extract Debian's juice in my machines.
More info on it: http://wiki.debian.org/DebianExperimental
OpenSSL in squeeze is v. 0.9.8o-4? http://packages.debian.org/squeeze/openssl
C'mon, guys, the latest current OpenSSL is already at v. 1.2.2
This is why I'm switching to ubuntu.
Many people don't get Debian. This is a released aimed for servers and stable workstations. If you want or need bleeding edge stuff you can use Debian testing/unstable or Ubuntu as you suggested.
Post-release, OpenSSL 1.0.0 will now be migrated to unstable, and then any problems that causes or exposes can be found and fixed on a more generous schedule.
edit: the latest OpenSSL release is 1.0.0, not 1.2.2. And development on the 0.9.8-series seems to be still active, as latest version on it was released on the same day that 1.0.0c
I reckon I prefer stability and predictability over modernity in my encryption and signing libraries.
Seems like a flaw in the PCI requirements to me, do they really demand the "latest" version instead of the stable, time-tested one?
It certainly can't be in the spirit of these audits to encourage people to move from Debian stable to a distro that's based on Debian unstable...
That was easy, but then rebuilding other components which were linked to the original v. 0.9.x was a major PITA.
This is the problem, according to the auditor:
Vulnerability in OpenSSL 0.9.8g Severity: Critical Problem CVE: CVE2008-0891 CVE-2008-1672 CVE-2008-5077 CVE-2009-0590 CVE-2009-0789 CVE-20091377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-3245 CVE-2009-3555 CVE-2010-0433 CVE-2010-0740 Impact: A remote attacker could execute arbitrary commands , cause a buffer overflow, bypass security or create a denial of service. Resolution OpenSSL shouldbe [http://www.openssl.org/source/] upgraded to 1.0.0a or higher.
Those CVE ("Common Vulnerabilities and Exposures") items are explained in more detail at NIST:
Version numbers are not supposed to change after the fact in a stable-release, hence security fixes get backported (every distro has a security-team for this).
If PCI requires a less tested newer version over a battle-scarred (patched up) older one then PCI is working against its own stated goal.
It doesn't take much wisdom to realize that it's less likely for new bugs to crop up in the 0.9.8 openssl that Debian ships than in the 1.0.0c that RHEL6 bundles (just one month after release!).
New software has bugs. Old software has less bugs.
Another thing is they release the same distrib version on 9 different architectures, not only i386/amd64.
Considering this, and the fact they're volunteers, I don't think they're that far behind.
The debian unstable->testing->stable cycle is vicious, and on a production system it's actually very sensible - by the time a package is allowed to reach stable, it will have been rigourously tested and actually be properly stable.
Edit: corrected by removing "and x86-64"
Um, I think they do have a x64 version...
$ cat /etc/debian_version
$ file /bin/bash
/bin/bash: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically link
ed (uses shared libs), for GNU/Linux 2.6.18, stripped
$ file /lib/libc-2.11.2.so
/lib/libc-2.11.2.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dyn
amically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
* cat /etc/debian_version
* file /bin/bash
/bin/bash: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
* file /lib/libc-2.11.2.so
/lib/libc-2.11.2.so: ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, stripped
* grep name /proc/cpuinfo
model name : Intel(R) Pentium(R) 4 CPU 2.40GHz
Only since last month, Arch includes glibc 2.12.2. Unfortunately, my VPS host only gives a CentOS 5.4 recovery image using kernel 2.6.18, meaning that since the newer glibc requires kernel 2.6.27, I'm unable to chroot into my install if I ever needed to.
I use Arch on my workstations. They don't need as stable a platform as my server. And any downtime would be minimal and easy to schedule around.
Now that would be fun.
782 upgraded, 162 newly installed, 22 to remove.
Darn, all this terrible upgrading work in Debian. Sometimes I wish I had a real OS. Why can't we all just run WinXP - those guys _never_ have to upgrade and they still run the best OS on the planet!
You can just raw copy (with dd) (most) Squeeze images to an usb-stick, and start installation from there.
Also, Debian has combined 32-bit and 64-bit x86 images, so you don't have to decide in advance which one you need. Just download the multi-arch image and it will autodetect: http://cdimage.debian.org/debian-cd/6.0.0/multi-arch/iso-cd/...
And this release also coincides with a Debian website redesign, which makes the site both much more usable and much shinier. Notice that http://debian.org/ has a prominent link to the x86 multi-arch image in the upper right corner of the page.
dd if=/path/to/thedebian.iso of=/path/to/usbstick/device
(replacing the if and of with your paths of course -- note: all data on the usb stick will be erased, and make sure you've picked the right device!)