No operating system, no not even Linux, is ever completely secure. So it is that the Debian Project released on Dec. 27 its second update to Debian 4.0, Etch, with an eye to improved security.
While not a new release as such, Debians core features and functionality remain unchanged, this new security rollup includes multiple fixes that have been released over the last few months. For example, this release includes numerous repairs to the Linux kernel.
Almost all these kernel fixes were minor ones. While the problems that could result in denial-of-service or allowing possibly malicious programs to run-are serious, almost all of them would require root level access before they could be used in an attack. Still, the sooner such problems are fixed, the less chance anyone will find a clever way to exploit them.
This release also included numerous application fixes. For example, it includes patches for more serious—in the sense of being easier to exploit—problems in Iceweasel, the Debian adaptation of Firefox, and OpenOffice. Many other applications have also received significant security updates.
This updates includes more than just security repairs. It also includes some new features. For instance, one Linux kernel update makes using OpenVZ virtualization much easier. This updated distribution also includes improvements to the Apache Web server.