Queue Overview for "oldstable-proposed-updates"

Removals

List of missing builds
List of missing packages relative to security archive

Resolution Pending (2 uploads for 2 packages)

Package Version Version Problems Installability Problems Architectures Action
base-files 9.9+deb9u13 Installability problems Built: source ?
cron 3.0pl1-128+deb9u2 Installability problems Built: i386source Not ok

Reason: "fix" is wrong

Closes: 767016 783665 801384

Binary debdiffs: i386

Lintian issues: i386

Pending Processing (0 uploads for 0 packages)

Processed (153 uploads for 118 packages)

Package Version Version Problems Installability Problems Action
acmetool 0.0.58-5+b2 Installability problems ACCEPTED

Reason: rebuild against recent golang to pick up security fixes

Binary debdiffs: amd64arm64armelarmhfi386

ant 1.9.9-1+deb9u1 Installability problems ACCEPTED

DSA: 4255

CVEs referenced: CVE-2018-10886

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: all

apache-log4j1.2 1.2.17-7+deb9u1 Installability problems ACCEPTED

DSA: 4686

Closes: 947124

CVEs referenced: CVE-2019-17571

Binary debdiffs: all

apt 1.4.10 Installability problems ACCEPTED

DSA: 4685

CVEs referenced: CVE-2020-3810

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

atril 1.16.1-2+deb9u2 Installability problems ACCEPTED

Reason: dvi: Mitigate command injection attacks by quoting filename [CVE-2017-1000159]; fix overflow checks in tiff backend [CVE-2019-1010006]; tiff: Handle failure from TIFFReadRGBAImageOriented [CVE-2019-11459]

Request: 964777

CVEs referenced: CVE-2017-1000159 CVE-2019-1010006 CVE-2019-11459

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

awl 0.57-1+deb9u1 Installability problems ACCEPTED

DSA: 4660

Closes: 956650

CVEs referenced: CVE-2020-11728 CVE-2020-11729

bacula 7.4.4+dfsg-6+deb9u1 Installability problems ACCEPTED

Reason: add transitional package bacula-director-common, avoiding loss of /etc/bacula/bacula-dir.conf when purged; make PID files owned by root

Request: 881871

Closes: 880529

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

batik 1.8-4+deb9u2 Installability problems ACCEPTED

Reason: fix server-side request forgery via xlink:href attributes [CVE-2019-17566]

Request: 964809

Closes: 964510

CVEs referenced: CVE-2019-17566

bind9 1:9.10.3.dfsg.P4-12.3+deb9u6 Installability problems ACCEPTED

DSA: 4689

µdebs: present

CVEs referenced: CVE-2020-8616 CVE-2020-8617

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

bluez 5.43-2+deb9u2 Installability problems ACCEPTED

DSA: 4647

Closes: 953770

CVEs referenced: CVE-2020-0556

c-icap-modules 1:0.4.4-1+deb9u2 Installability problems ACCEPTED

Reason: support ClamAV 0.102

Request: 964411

Closes: 952009

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

ca-certificates 20200601~deb9u1 Version problems stable (20190110) Installability problems ACCEPTED

Reason: update Mozilla CA bundle to 2.40, blacklist distrusted Symantec roots and expired "AddTrust External Root"; remove e-mail only certificates

Request: 962155

µdebs: present

Closes: 721976 911289 916833 955038 956411 961907

Binary debdiffs: all

Lintian issues: source

chasquid 0.01+git20161124.6479138-2+b3 Installability problems ACCEPTED

Reason: rebuild against recent golang to pick up security fixes

Binary debdiffs: amd64arm64armelarmhfi386

checkstyle 6.15-1+deb9u1 Installability problems ACCEPTED

Reason: fix XML External Entity injection issue [CVE-2019-9658 CVE-2019-10782]

Request: 954863

Closes: 924598

CVEs referenced: CVE-2019-10782 CVE-2019-9658

Binary debdiffs: all

Lintian issues: source

chromium 73.0.3683.75-1~deb9u1 Installability problems ACCEPTED

Missing builds: armhf

DSA: 4421

CVEs referenced: CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803

chromium 72.0.3626.96-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4395

CVEs referenced: CVE-2019-5784

chromium-browser 71.0.3578.80-1~deb9u1 Installability problems ACCEPTED

Missing builds: all amd64 arm64 armhf i386

DSA: 4352

CVEs referenced: CVE-2018-17480 CVE-2018-17481 CVE-2018-18335 CVE-2018-18336 CVE-2018-18337 CVE-2018-18338 CVE-2018-18339 CVE-2018-18340 CVE-2018-18341 CVE-2018-18342 CVE-2018-18343 CVE-2018-18344 CVE-2018-18345 CVE-2018-18346 CVE-2018-18347 CVE-2018-18348 CVE-2018-18349 CVE-2018-18350 CVE-2018-18351 CVE-2018-18352 CVE-2018-18353 CVE-2018-18354 CVE-2018-18355 CVE-2018-18356 CVE-2018-18357 CVE-2018-18358 CVE-2018-18359

Lintian issues: source

clamav 0.102.3+dfsg-0~deb9u1 Version problems stable (0.102.2+dfsg-0+deb10u1) Installability problems ACCEPTED

Reason: new upstream release; security fixes [CVE-2020-3327 CVE-2020-3341]

Request: 961440

CVEs referenced: CVE-2020-3327 CVE-2020-3341

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

clamav 0.102.2+dfsg-0~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream release [CVE-2020-3123]

Request: 951872

Closes: 950944 951057

CVEs referenced: CVE-2020-3123

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

coturn 4.5.0.5-1+deb9u2 Installability problems ACCEPTED

DSA: 4711

Closes: 951876

CVEs referenced: CVE-2020-4067 CVE-2020-6061 CVE-2020-6062

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

cram 0.7-1+deb9u1 Installability problems ACCEPTED

Reason: ignore test failures to fix build issues

Request: 949925

Binary debdiffs: all

Lintian issues: source

csync2 2.0-8-g175a01c-4+deb9u1 Installability problems ACCEPTED

Reason: fail HELLO command when SSL is required

Request: 955861

Closes: 955445

CVEs referenced: CVE-2019-15522

cups 2.2.1-8+deb9u6 Installability problems ACCEPTED

Reason: fix heap buffer overflow [CVE-2020-3898] and "the `ippReadIO` function may under-read an extension field" [CVE-2019-8842]

Request: 958953

CVEs referenced: CVE-2019-8842 CVE-2020-3898

curl 7.52.1-5+deb9u10 Installability problems ACCEPTED

DSA: 4633

Closes: 929351 940009 940010

CVEs referenced: CVE-2019-5436 CVE-2019-5481 CVE-2019-5482

dbus 1.10.32-0+deb9u1 Installability problems ACCEPTED

Reason: new upstream stable release; prevent a denial of service issue [CVE-2020-12049]; prevent use-after-free if two usernames share a uid

Request: 962068

µdebs: present

CVEs referenced: CVE-2020-12049

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: mipsmips64elmipsel

debian-security-support 2020.06.21~deb9u1 Version problems stable (2020.04.16~deb10u2) Installability problems ACCEPTED

Reason: update support status of several packages

Request: 964813

CVEs referenced: CVE-2020-10674

Lintian issues: all

dpdk 16.11.11-1+deb9u2 Installability problems ACCEPTED

DSA: 4688

CVEs referenced: CVE-2020-10722

Lintian issues: amd64arm64i386ppc64el

drupal7 7.52-2+deb9u11 Installability problems ACCEPTED

DSA: 4706

drupal7 7.52-2+deb9u10 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4693

Binary debdiffs: all

erlang 1:19.2.1+dfsg-2+deb9u3 Installability problems ACCEPTED

Reason: fix use of weak TLS ciphers [CVE-2020-12872]

Request: 961579

Closes: 961422

CVEs referenced: CVE-2020-12872

evince 3.22.1-3+deb9u2 Installability problems ACCEPTED

DSA: 4624

Closes: 927820

CVEs referenced: CVE-2017-1000159 CVE-2019-1010006 CVE-2019-11459

exim4 4.89-2+deb9u7 Installability problems ACCEPTED

DSA: 4687

CVEs referenced: CVE-2020-12783

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: source

exiv2 0.25-3.1+deb9u2 Installability problems ACCEPTED

Reason: fix denial of service issue [CVE-2018-16336]; fix over-restrictive fix for CVE-2018-10958 and CVE-2018-10999

Request: 912531

CVEs referenced: CVE-2018-10958 CVE-2018-10999 CVE-2018-16336

Binary debdiffs: allarm64

fex 20160919-2~deb9u1 Installability problems ACCEPTED

Reason: security update

Lintian issues: all

file-roller 3.22.3-1+deb9u2 Installability problems ACCEPTED

Reason: security fix [CVE-2020-11736]

Request: 964764

Closes: 956638

CVEs referenced: CVE-2020-11736

firefox-esr 68.10.0esr-1~deb9u1 Version problems stable (68.7.0esr-1~deb10u1) iceweasel-l10n-ach/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-af/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-all/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-an/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ar/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ast/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-az/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-be/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-bg/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-bn/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-br/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-bs/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ca/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-cak/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-cs/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-cy/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-da/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-de/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-dsb/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-el/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-en-ca/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-en-gb/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-eo/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-es-ar/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-es-cl/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-es-es/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-es-mx/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-et/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-eu/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-fa/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ff/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-fi/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-fr/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-fy-nl/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ga-ie/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-gd/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-gl/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-gn/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-gu-in/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-he/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-hi-in/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-hr/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-hsb/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-hu/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-hy-am/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ia/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-id/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-is/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-it/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ja/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ka/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-kab/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-kk/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-km/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-kn/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ko/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-lij/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-lt/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-lv/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-mk/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-mr/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ms/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-my/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-nb-no/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ne-np/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-nl/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-nn-no/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-oc/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-pa-in/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-pl/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-pt-br/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-pt-pt/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-rm/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ro/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ru/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-si/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-sk/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-sl/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-son/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-sq/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-sr/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-sv-se/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ta/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-te/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-th/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-tr/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-uk/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-ur/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-uz/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-vi/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-xh/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-zh-cn/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) iceweasel-l10n-zh-tw/stable [all] (1:68.10.0esr-1~deb9u1/1:68.7.0esr-1~deb10u1) Installability problems ACCEPTED

Missing builds: armel mips mips64el mipsel

DSA: 4713

CVEs referenced: CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421

Lintian issues: armhfi386source

firefox-esr 68.9.0esr-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4695

Closes: 961762

CVEs referenced: CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410

Lintian issues: armhfi386

firefox-esr 68.8.0esr-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4678

CVEs referenced: CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-6831

Lintian issues: allamd64arm64armhfi386ppc64els390x

firefox-esr 68.7.0esr-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4655

CVEs referenced: CVE-2020-6821 CVE-2020-6822 CVE-2020-6825

Lintian issues: allamd64arm64armhfi386ppc64els390x

firefox-esr 68.6.1esr-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4653

CVEs referenced: CVE-2020-6819 CVE-2020-6820

Lintian issues: allamd64arm64armhfi386ppc64els390x

firefox-esr 68.6.0esr-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4639

CVEs referenced: CVE-2019-20503 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814

Lintian issues: armhfi386

firefox-esr 68.5.0esr-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4620

CVEs referenced: CVE-2020-6796 CVE-2020-6798 CVE-2020-6800

Lintian issues: armhfi386

fwupd 0.8.3-1 Installability problems ACCEPTED

Reason: new upstream release; use a CNAME to redirect to the correct CDN for metadata; do not abort startup if the XML metadata file is invalid; add the Linux Foundation public GPG keys for firmware and metadata; raise the metadata limit to 10Mb

Request: 964588

Closes: 961490 962517

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

git 1:2.11.0-3+deb9u7 Installability problems ACCEPTED

DSA: 4659

CVEs referenced: CVE-2020-11008

git 1:2.11.0-3+deb9u6 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4657

CVEs referenced: CVE-2020-5260

Binary debdiffs: all

glib-networking 2.50.0-1+deb9u1 Installability problems ACCEPTED

Reason: return bad identity error if identity is unset [CVE-2020-13645]

Missing builds: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Request: 964861

Closes: 961756

CVEs referenced: CVE-2020-13645

gnutls28 3.5.8-5+deb9u5 Installability problems ACCEPTED

Reason: fix memory corruption issue [CVE-2019-3829]; fix memory leak; add support for zero length session tickets, fix connection errors on TLS1.2 sessions to some hosting providers

Request: 963703

CVEs referenced: CVE-2019-3829

golang-1.7 1.7.4-2+deb9u1 Installability problems ACCEPTED

Missing builds: ppc64el

DSA: 4379

CVEs referenced: CVE-2018-7187 CVE-2019-6486

golang-1.8 1.8.1-1+deb9u1 Installability problems ACCEPTED

Missing builds: ppc64el

DSA: 4380

CVEs referenced: CVE-2018-6574 CVE-2018-7187 CVE-2019-6486

Binary debdiffs: amd64arm64armelarmhfi386s390x

gosa 2.7.4+reloaded2-13+deb9u3 Installability problems ACCEPTED

Reason: replace (un)serialize with json_encode/json_decode to mitigate PHP object injection [CVE-2019-14466]

Request: 958850

CVEs referenced: CVE-2019-14466

Binary debdiffs: all

Lintian issues: source

gosa 2.7.4+reloaded2-13+deb9u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: tighten check on LDAP success/failure [CVE-2019-11187]; fix compatibility with newer PHP versions; backport several other patches

Request: 927433

Closes: 879105 907815 918578

CVEs referenced: CVE-2019-11187

graphicsmagick 1.3.30+hg15796-1~deb9u4 Installability problems ACCEPTED

DSA: 4675

CVEs referenced: CVE-2019-12921 CVE-2020-10938

Binary debdiffs: amd64

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

graphicsmagick 1.3.30+hg15796-1~deb9u3 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4640

CVEs referenced: CVE-2018-20184 CVE-2018-20185 CVE-2018-20189 CVE-2019-11005 CVE-2019-11006 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-11010 CVE-2019-11473 CVE-2019-11474 CVE-2019-11505 CVE-2019-11506 CVE-2019-19950 CVE-2019-19951 CVE-2019-19953

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

heartbleeder 0.1.1-5+b3 Installability problems ACCEPTED

Reason: rebuild against recent golang to pick up security fixes

icu 57.1-6+deb9u4 Installability problems ACCEPTED

DSA: 4646

Closes: 953747

CVEs referenced: CVE-2020-10531

imagemagick 8:6.9.7.4+dfsg-11+deb9u8 Installability problems ACCEPTED

DSA: 4715

Closes: 931448 931449 931452 931453 931454 941671 947308

CVEs referenced: CVE-2019-13300 CVE-2019-13304 CVE-2019-13306 CVE-2019-13307 CVE-2019-15140 CVE-2019-19948

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

intel-microcode 3.20200616.1~deb9u1 Version problems stable (3.20191115.2~deb10u1) Installability problems ACCEPTED

Reason: downgrade some microcodes to previously released revisions, working around hangs on boot on Skylake-U/Y and Skylake Xeon E3

Request: 964351

intel-microcode 3.20200609.2~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4701

CVEs referenced: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549

Binary debdiffs: amd64i386

intel-microcode 3.20200609.1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4701

CVEs referenced: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549

iptables-persistent 1.0.4+nmu2+deb9u1 Installability problems ACCEPTED

Reason: don't fail if modprobe does

Request: 921319

Closes: 921186

jackson-databind 2.8.6-1+deb9u7 Installability problems ACCEPTED

Reason: fix multiple security issues affecting BeanDeserializerFactory [CVE-2020-9548 CVE-2020-9547 CVE-2020-9546 CVE-2020-8840 CVE-2020-14195 CVE-2020-14062 CVE-2020-14061 CVE-2020-14060 CVE-2020-11620 CVE-2020-11619 CVE-2020-11113 CVE-2020-11112 CVE-2020-11111 CVE-2020-10969 CVE-2020-10968 CVE-2020-10673 CVE-2020-10672 CVE-2019-20330 CVE-2019-17531 and CVE-2019-17267]

Request: 964727

CVEs referenced: CVE-2019-17267 CVE-2019-17531 CVE-2019-20330 CVE-2020-10672 CVE-2020-10673 CVE-2020-10968 CVE-2020-10969 CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11619 CVE-2020-11620 CVE-2020-14060 CVE-2020-14061 CVE-2020-14062 CVE-2020-14195 CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548

libbusiness-hours-perl 0.13-0+deb9u1 Installability problems ACCEPTED

Reason: use explicit 4 digit years, fixing build and usage issues

Request: 948678

Closes: 934842

Lintian issues: allsource

libclamunrar 0.102.3-0+deb9u1 Version problems stable (0.101.2-1) Installability problems ACCEPTED

Reason: new upstream stable release; add an unversioned meta-package

Request: 961442

Closes: 939824

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: mipsmips64elmipselsource

libdbi 0.9.0-4+deb9u2 Installability problems ACCEPTED

Reason: comment out _error_handler() call again, fixing issues with consumers

Request: 893439

libembperl-perl 2.5.0-10+deb9u1 Installability problems ACCEPTED

Reason: handle error pages from Apache >= 2.4.40

Request: 964398

Closes: 941926

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

libexif 0.6.21-2+deb9u4 Installability problems ACCEPTED

Reason: fix a buffer read overflow [CVE-2020-0182] and an unsigned integer overflow [CVE-2020-0198]

Request: 963693

Closes: 962345

CVEs referenced: CVE-2020-0182 CVE-2020-0198

libexif 0.6.21-2+deb9u3 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: security fixes [CVE-2020-13112 CVE-2020-13113 CVE-2020-13114]

Request: 961804

Closes: 961407 961409 961410

CVEs referenced: CVE-2020-13112 CVE-2020-13113 CVE-2020-13114

libexif 0.6.21-2+deb9u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: security fixes [CVE-2016-6328 CVE-2017-7544 CVE-2018-20030 CVE-2020-12767 CVE-2020-0093]

Request: 961020

Closes: 873022 876466 918730 960199

CVEs referenced: CVE-2016-6328 CVE-2017-7544 CVE-2018-20030 CVE-2020-0093 CVE-2020-12767

libexif 0.6.21-2+deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4618

Closes: 945948

CVEs referenced: CVE-2019-9278

libpam-krb5 4.7-4+deb9u1 Installability problems ACCEPTED

DSA: 4648

CVEs referenced: CVE-2020-10595

Binary debdiffs: mips64el

libvncserver 0.9.11+dfsg-1.3~deb9u4 Installability problems ACCEPTED

Reason: fix heap overflow [CVE-2019-15690]

Request: #955394

Closes: 954163

CVEs referenced: CVE-2019-15690

libxmlrpc3-java 3.1.3-8+deb9u1 Installability problems ACCEPTED

DSA: 4619

Closes: 949089

CVEs referenced: CVE-2019-17570

linux 4.9.228-1 Installability problems ACCEPTED

Reason: new upstream stable release; update ABI to 4.9.0-13

µdebs: present

CVEs referenced: CVE-2018-9517 CVE-2020-0009 CVE-2020-10690 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-12769 CVE-2020-12826 CVE-2020-13974 CVE-2020-1749

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

linux 4.9.210-1+deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4698

µdebs: present

Closes: 952660

CVEs referenced: CVE-2019-19319 CVE-2019-19462 CVE-2019-19768 CVE-2019-20806 CVE-2019-20811 CVE-2019-2182 CVE-2019-5108 CVE-2020-0543 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-10942 CVE-2020-11494 CVE-2020-11565 CVE-2020-11608 CVE-2020-11609 CVE-2020-11668 CVE-2020-12114 CVE-2020-12464 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12770 CVE-2020-13143 CVE-2020-2732 CVE-2020-8428 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-8992 CVE-2020-9383

linux-latest 80+deb9u11 Installability problems ACCEPTED

Reason: update for 4.9.0-13 kernel ABI

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

mailman 1:2.1.23-1+deb9u5 Installability problems ACCEPTED

DSA: 4664

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

mariadb-10.1 10.1.45-0+deb9u1 Installability problems ACCEPTED

Reason: new upstream stable release; security fixes [CVE-2020-2752 CVE-2020-2812 CVE-2020-2814]

Request: 964291

CVEs referenced: CVE-2020-2752 CVE-2020-2812 CVE-2020-2814

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

megatools 1.9.98-1+deb9u1 Installability problems ACCEPTED

Reason: add support for the new format of mega.nz links

Request: 956805

mod-gnutls 0.8.2-3+deb9u2 Installability problems ACCEPTED

Reason: fix test failures when combined with Apache's fix for CVE-2019-10092

Request: 948653

Closes: 950300

CVEs referenced: CVE-2019-10092

Lintian issues: source

mod-gnutls 0.8.2-3+deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: avoid deprecated ciphersuites in test suite

Request: 948653

Closes: 907008

mongo-tools 3.2.11-1+b3 Installability problems ACCEPTED

Reason: rebuild against recent golang to pick up security fixes

Binary debdiffs: amd64armelarmhfi386

mutt 1.7.2-1+deb9u3 Installability problems ACCEPTED

DSA: 4707

mutt 1.7.2-1+deb9u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4707

CVEs referenced: CVE-2020-14093

mysql-connector-java 5.1.49-0+deb9u1 Installability problems ACCEPTED

DSA: 4703

CVEs referenced: CVE-2020-2875 CVE-2020-2933 CVE-2020-2934

Binary debdiffs: all

Lintian issues: source

neon27 0.30.2-2+deb9u1 Installability problems ACCEPTED

Reason: treat OpenSSL-related test failures as non-fatal

Request: 948651

netqmail 1.06-6.2~deb9u1 Version problems stable (1.06-6) qmail/stable [amd64] (1.06-6+b1) qmail/stable [arm64] (1.06-6+b1) qmail/stable [armel] (1.06-6+b1) qmail/stable [armhf] (1.06-6+b1) qmail/stable [i386] (1.06-6+b1) qmail/stable [mips] (1.06-6+b1) qmail/stable [mips64el] (1.06-6+b1) qmail/stable [mipsel] (1.06-6+b1) qmail/stable [ppc64el] (1.06-6+b1) qmail/stable [s390x] (1.06-6+b1) Installability problems ACCEPTED

DSA: 4692

Closes: 672155 866038 961060

CVEs referenced: CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811 CVE-2020-3812

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

network-manager-ssh 1.2.1-1+deb9u1 Installability problems ACCEPTED

DSA: 4637

CVEs referenced: CVE-2020-9355

nfs-utils 1:1.3.4-2.1+deb9u1 Installability problems ACCEPTED

Reason: fix potential file overwrite vulnerability [CVE-2019-3689]; don't make all of /var/lib/nfs owned by the statd user

Request: 963614

Closes: 940848

CVEs referenced: CVE-2019-3689

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: source

nginx 1.10.3-1+deb9u4 Installability problems ACCEPTED

Reason: fix error page request smuggling vulnerability [CVE-2019-20372]

Request: 948650

Closes: 948579

CVEs referenced: CVE-2019-20372

node-url-parse 1.0.5-2+deb9u1 Installability problems ACCEPTED

Reason: sanitize paths and hosts before parsing [CVE-2018-3774]

Request: 930374

Closes: 906058

CVEs referenced: CVE-2018-3774

Lintian issues: source

nvidia-graphics-drivers 390.138-1 Installability problems ACCEPTED

Reason: new upstream stable release; security fixes [CVE-2020-5963 CVE-2020-5967]

Request: 963942

Closes: 956458 960735 963766

CVEs referenced: CVE-2020-5963 CVE-2020-5967

Binary debdiffs: amd64armhfi386

Lintian issues: amd64armhfi386

nvidia-graphics-drivers 390.132-1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream stable release

Request: 956929

Closes: 951091

Binary debdiffs: amd64armhfi386

Lintian issues: amd64armhfi386

openjdk-8 8u252-b09-1~deb9u1 Installability problems ACCEPTED

DSA: 4668

Binary debdiffs: amd64arm64armelmips64elppc64el

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

openjdk-8 8u242-b08-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4621

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

openjfx 8u141-b14-3~deb9u1 Installability problems ACCEPTED

Missing builds: s390x

DSA: 4005

Binary debdiffs: allamd64arm64armelarmhfi386mipsmipselppc64el

Lintian issues: mipsmipselsource

openldap 2.4.44+dfsg-5+deb9u4 Installability problems ACCEPTED

DSA: 4666

opensmtpd 6.0.2p1-2+deb9u3 Installability problems ACCEPTED

DSA: 4634

Closes: 952453

CVEs referenced: CVE-2020-8794

pcl 1.8.0+dfsg1-4+deb9u1 Installability problems ACCEPTED

Reason: add missing dependency on libvtk6-qt-dev

Request: 898006

Closes: 894656

Binary debdiffs: all

perl 5.24.1-3+deb9u7 Installability problems ACCEPTED

Reason: fix multiple regular expression related security issues [CVE-2020-10543 CVE-2020-10878 CVE-2020-12723]

Request: 962234

Closes: 962005 962019

CVEs referenced: CVE-2020-10543 CVE-2020-10878 CVE-2020-12723

php-horde 5.2.13+debian0-1+deb9u2 Installability problems ACCEPTED

Reason: fix cross-site scripting vulnerability [CVE-2020-8035]

Request: 961945

CVEs referenced: CVE-2020-8035

Lintian issues: allsource

php-horde-data 2.1.4-3+deb9u1 Installability problems ACCEPTED

Reason: fix authenticated remote code execution vulnerability [CVE-2020-8518]

Request: 956532

Closes: 951537

CVEs referenced: CVE-2020-8518

php-horde-form 2.0.15-1+deb9u2 Installability problems ACCEPTED

Reason: fix authenticated remote code execution vulnerability [CVE-2020-8866]

Request: 956534

Closes: 955020

CVEs referenced: CVE-2020-8866

php-horde-gollem 3.0.10-1+deb9u1 Installability problems ACCEPTED

Reason: fix cross-site scripting vulnerability in breadcrumb output [CVE-2020-8034]

Request: 961922

Closes: 961649

CVEs referenced: CVE-2020-8034

php-horde-trean 1.1.7-1+deb9u1 Installability problems ACCEPTED

Reason: fix authenticated remote code execution vulnerability [CVE-2020-8865]

Request: 956537

Closes: 955019

CVEs referenced: CVE-2020-8865

php7.0 7.0.33-0+deb9u8 Installability problems ACCEPTED

DSA: 4717

CVEs referenced: CVE-2019-11048 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064 CVE-2020-7066 CVE-2020-7067

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

php7.0 7.0.33-0+deb9u7 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4628

CVEs referenced: CVE-2019-11044 CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050 CVE-2020-7059 CVE-2020-7060

phpmyadmin 4:4.6.6-4+deb9u1 Installability problems ACCEPTED

Reason: several security fixes [CVE-2018-19968 CVE-2018-19970 CVE-2018-7260 CVE-2019-11768 CVE-2019-12616 CVE-2019-6798 CVE-2019-6799 CVE-2020-10802 CVE-2020-10803 CVE-2020-10804 CVE-2020-5504]

Request: 944228

Closes: 893539 920822 920823 930017 930048 948718 954665 954666 954667

CVEs referenced: CVE-2018-19968 CVE-2018-19970 CVE-2018-7260 CVE-2019-11768 CVE-2019-12616 CVE-2019-6798 CVE-2019-6799 CVE-2020-10802 CVE-2020-10803 CVE-2020-10804 CVE-2020-5504

Lintian issues: source

pillow 4.0.0-4+deb9u1 Installability problems ACCEPTED

DSA: 4631

CVEs referenced: CVE-2019-19911 CVE-2020-5312 CVE-2020-5313

postfix 3.1.15-0+deb9u1 Installability problems ACCEPTED

Reason: new upstream stable release

Request: 951564

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

postgresql-9.6 9.6.17-0+deb9u1 Installability problems ACCEPTED

DSA: 4622

CVEs referenced: CVE-2020-1720

Binary debdiffs: all

ppp 2.4.7-1+4+deb9u1 Installability problems ACCEPTED

DSA: 4632

µdebs: present

Closes: 950618

CVEs referenced: CVE-2020-8597

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

proftpd-dfsg 1.3.5b-4+deb9u5 Installability problems ACCEPTED

Reason: fix handling SSH_MSG_IGNORE packets

Request: 953745

Closes: 870624 949622

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

proftpd-dfsg 1.3.5b-4+deb9u4 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4635

Closes: 951800

CVEs referenced: CVE-2020-9273

python-django 1:1.10.7-2+deb9u9 Installability problems ACCEPTED

DSA: 4705

CVEs referenced: CVE-2020-13254 CVE-2020-13596

Lintian issues: allsource

python-django 1:1.10.7-2+deb9u8 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4629

Closes: 950581

CVEs referenced: CVE-2020-7471

python-icalendar 3.8-1+deb9u1 Installability problems ACCEPTED

Reason: fix Python3 dependencies

Request: 893548

Closes: 867436

Binary debdiffs: all

Lintian issues: allsource

python-pysaml2 3.0.0-5+deb9u1 Installability problems ACCEPTED

DSA: 4630

CVEs referenced: CVE-2020-5390

python-reportlab 3.3.0-2+deb9u1 Installability problems ACCEPTED

DSA: 4663

Closes: 942763

CVEs referenced: CVE-2019-17626

qbittorrent 3.3.7-3+deb9u1 Installability problems ACCEPTED

DSA: 4650

Closes: 932539

CVEs referenced: CVE-2019-13640

qemu 1:2.8+dfsg-6+deb9u9 Installability problems ACCEPTED

DSA: 4616

Closes: 939869

CVEs referenced: CVE-2019-15890 CVE-2020-7039

Binary debdiffs: amd64arm64armelarmhfi386mipsmipselppc64els390x

qtbase-opensource-src 5.7.1+dfsg-3+deb9u2 Installability problems ACCEPTED

DSA: 4617

CVEs referenced: CVE-2020-0569

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

rails 2:4.2.7.1-1+deb9u2 Installability problems ACCEPTED

Reason: fix possible cross-site scripting via Javascript escape helper [CVE-2020-5267]

Request: 954664

Closes: 954304

CVEs referenced: CVE-2020-5267

rake 10.5.0-2+deb9u1 Installability problems ACCEPTED

Reason: fix command injection vulnerability [CVE-2020-8130]

Request: 953123

CVEs referenced: CVE-2020-8130

Lintian issues: source

roundcube 1.2.3+dfsg.1-4+deb9u6 Installability problems ACCEPTED

Reason: fix cross-site scripting issue via HTML messages with malicious svg/namespace [CVE-2020-15562]

Request: 964456

Closes: 964355

CVEs referenced: CVE-2020-15562

roundcube 1.2.3+dfsg.1-4+deb9u5 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4700

Closes: 962123 962124

CVEs referenced: CVE-2020-13964 CVE-2020-13965

roundcube 1.2.3+dfsg.1-4+deb9u4 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4674

Closes: 959140 959142

CVEs referenced: CVE-2020-12625 CVE-2020-12626

ruby-json 2.0.1+dfsg-3+deb9u1 Installability problems ACCEPTED

Reason: fix unsafe object creation vulnerability [CVE-2020-10663]

Request: 962256

CVEs referenced: CVE-2020-10663

ruby2.3 2.3.3-1+deb9u8 Installability problems ACCEPTED

Reason: fix unsafe object creation vulnerability [CVE-2020-10663]

Request: 962264

CVEs referenced: CVE-2020-10663

salt 2016.11.2+ds-1+deb9u4 Installability problems ACCEPTED

DSA: 4676

CVEs referenced: CVE-2020-11651 CVE-2020-11652

Lintian issues: all

salt 2016.11.2+ds-1+deb9u3 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4676

Closes: 949222 959684

CVEs referenced: CVE-2019-17361 CVE-2020-11651 CVE-2020-11652

Lintian issues: all

sendmail 8.15.2-8+deb9u1 Installability problems ACCEPTED

Reason: fix finding the queue runner control process in "split daemon" mode, "NOQUEUE: connect from (null)", removal failure when using BTRFS

Request: 935739

Closes: 863567 873978 887064 893424 894535

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: source

ssvnc 1.0.29-3+deb9u1 Installability problems ACCEPTED

Reason: fix out-of-bounds write [CVE-2018-20020], infinite loop [CVE-2018-20021], improper initialisation [CVE-2018-20022], potential denial-of-service [CVE-2018-20024]

Request: 961937

Closes: 945827

CVEs referenced: CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20024

storebackup 3.2.1-2~deb9u1 Version problems stable (3.2.1-1) Installability problems ACCEPTED

Reason: fix possible privilege escalation vulnerability [CVE-2020-7040]

Request: 964713

Closes: 949393

CVEs referenced: CVE-2020-7040

Binary debdiffs: all

swt-gtk 3.8.2-3+deb9u1 Installability problems ACCEPTED

Reason: add missing dependency on libwebkitgtk-1.0-0

Request: 891657

Closes: 879170

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386ppc64els390x

thunderbird 1:68.10.0-1~deb9u1 Version problems stable (1:68.7.0-1~deb10u1) Installability problems ACCEPTED

Missing builds: arm64 armel armhf mips mips64el mipsel

DSA: 4718

thunderbird 1:68.9.0-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4702

Closes: 960465

thunderbird 1:68.8.0-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4683

Lintian issues: allamd64i386ppc64els390x

thunderbird 1:68.7.0-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4656

Lintian issues: allamd64i386ppc64els390x

thunderbird 1:68.6.0-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4642

thunderbird 1:68.5.0-1~deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4625

Closes: 891848

Lintian issues: allamd64i386ppc64els390x

tiff 4.0.8-2+deb9u5 Installability problems ACCEPTED

DSA: 4670

CVEs referenced: CVE-2018-12900 CVE-2018-17000 CVE-2018-17100 CVE-2018-19210 CVE-2019-14973 CVE-2019-17546 CVE-2019-7663

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

tinyproxy 1.8.4-3~deb9u2 Installability problems ACCEPTED

Reason: create PID file before dropping privileges to non-root account [CVE-2017-11747]

Request: 955409

Closes: 870307 948283

CVEs referenced: CVE-2017-11747

tomcat8 8.5.54-0+deb9u1 Installability problems ACCEPTED

DSA: 4673

CVEs referenced: CVE-2019-17569 CVE-2020-1935 CVE-2020-1938

Binary debdiffs: all

Lintian issues: all

tzdata 2020a-0+deb9u1 Installability problems ACCEPTED

Reason: new upstream stable release

Request: 958995

Binary debdiffs: all

vlc 3.0.11-0+deb9u1 Version problems stable (3.0.10-0+deb10u1) Installability problems ACCEPTED

DSA: 4704

CVEs referenced: CVE-2020-13428

vlc 3.0.10-0+deb9u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4671

CVEs referenced: CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077 CVE-2020-6078 CVE-2020-6079 CVE-2020-6080

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: mipsmips64elmipsel

websockify 0.8.0+dfsg1-7+deb9u1 Installability problems ACCEPTED

Reason: add messing dependency on python{3,}-pkg-resources

Request: 892932

Closes: 879224

wordpress 4.7.5+dfsg-2+deb9u6 Installability problems ACCEPTED

DSA: 4677

Closes: 924546 939543 942459 946905 959391

CVEs referenced: CVE-2019-16217 CVE-2019-16218 CVE-2019-16219 CVE-2019-16220 CVE-2019-16221 CVE-2019-16222 CVE-2019-16223 CVE-2019-16780 CVE-2019-16781 CVE-2019-17669 CVE-2019-17671 CVE-2019-17672 CVE-2019-17673 CVE-2019-17674 CVE-2019-17675 CVE-2019-20041 CVE-2019-20042 CVE-2019-20043 CVE-2019-9787 CVE-2020-11025 CVE-2020-11026 CVE-2020-11027 CVE-2020-11028 CVE-2020-11029 CVE-2020-11030

wpa 2:2.4-1+deb9u6 Installability problems ACCEPTED

Reason: fix AP mode PMF disconnection protection bypass [CVE-2019-16275]; fix MAC randomisation issues with some cards

Request: 949367

µdebs: present

Closes: 940080 954457

CVEs referenced: CVE-2019-16275

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: source

xdg-utils 1.1.1-1+deb9u2 Installability problems ACCEPTED

Reason: sanitise window name before sending it over D-Bus; correctly handle directories with names containing spaces; create the "applications" directory if needed

Request: 958192

Closes: 652038 910070

xml-security-c 1.7.3-4+deb9u3 Installability problems ACCEPTED

Reason: fix length calculation in the concat method

Request: 964244

Closes: 922984

xtrlock 2.8+deb9u1+b1 Installability problems ACCEPTED

Reason: fix blocking of (some) multitouch devices while locked [CVE-2016-10894]

CVEs referenced: CVE-2016-10894

xtrlock 2.8+deb9u1 Installability problems ACCEPTED

Reason: fix blocking of (some) multitouch devices while locked [CVE-2016-10894]

Request: 949112

Closes: 830726

CVEs referenced: CVE-2016-10894

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64