Queue Overview for "oldstable-proposed-updates"

List of missing builds
List of missing packages relative to security archive

Resolution Pending (10 uploads for 10 packages)

Package Version Version Problems Installability Problems Architectures Action
feature-check 0.2.2-3+deb10u1 Installability problems Built: source ?

Closes: 990276

gif2apng 1.9+srconly-2+deb10u1 Installability problems Built: source ?

Closes: 1002667 1002668 1002687

CVEs referenced: CVE-2021-45909 CVE-2021-45910 CVE-2021-45911

libapache2-mod-auth-openidc 2.3.10.2-1+deb10u1 Installability problems Built: source ?

Closes: 942165

CVEs referenced: CVE-2019-14857

node-ejs 2.5.7-1+deb10u1 Installability problems Built: source ?

Closes: 1010359

CVEs referenced: CVE-2022-29078

node-end-of-stream 1.4.1-1+deb10u1 Installability problems Built: source ?

Closes: 987530

node-minimist 1.2.0-1+deb10u2 Installability problems Built: source ?

CVEs referenced: CVE-2021-44906

node-node-forge 0.8.1~dfsg-1+deb10u1 Installability problems Built: source ?

CVEs referenced: CVE-2022-24771 CVE-2022-24772 CVE-2022-24773

octavia 3.0.0-3+deb10u1 Installability problems Built: source More info needed

Reason: some changes need further discussion; too late for 10.2

Request: 941901

Closes: 941897

CVEs referenced: CVE-2019-17134

pacemaker 2.0.1-5+deb10u2 Installability problems Built: source ?

Closes: 985173

Lintian issues: source

qtbase-opensource-src 5.11.3+dfsg1-1+deb10u5 Installability problems Built: source ?

Closes: 1001082 951066

CVEs referenced: CVE-2015-9541

Lintian issues: source

Pending Processing (0 uploads for 0 packages)

Processed (131 uploads for 92 packages)

Package Version Version Problems Installability Problems Action
apache2 2.4.38-3+deb10u8 Installability problems ACCEPTED

Reason: fix denial of service issue [CVE-2022-22719], HTTP request smuggling issue [CVE-2022-22720], integer overflow issue [CVE-2022-22721], out-of-bounds write issue [CVE-2022-23943], HTTP request smuggling issue [CVE-2022-26377], out-of-bounds read issues [CVE-2022-28614 CVE-2022-28615], denial of service issue [CVE-2022-29404], out-of-bounds read issue [CVE-2022-30556], possible IP-based authentication bypass issue [CVE-2022-31813]

Request: 1014346

CVEs referenced: CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556 CVE-2022-31813

Lintian issues: allmipsmips64elmipselsource

blender 2.79.b+dfsg0-7+deb10u1 Installability problems ACCEPTED

DSA: 5176

CVEs referenced: CVE-2022-0544 CVE-2022-0545 CVE-2022-0546

booth 1.0-162-g27f917f-2+deb10u1 Installability problems ACCEPTED

DSA: 5194

CVEs referenced: CVE-2022-2553

cargo-mozilla 0.57.0-7~deb10u1 Installability problems c-i failed: cargo-mozilla/0.57.0-7~deb10u1 [amd64] cargo-mozilla/0.57.0-7~deb10u1 [armhf] cargo-mozilla/0.57.0-7~deb10u1 [i386] cargo-mozilla/0.57.0-7~deb10u1 [s390x] ACCEPTED

Reason: new upstream version to support building of newer firefox-esr and thunderbird versions

Missing builds: armel mips mips64el mipsel

Request: 1014912

Binary debdiffs: amd64arm64ppc64el

Lintian issues: amd64arm64armhfi386ppc64els390xsource

chromium 90.0.4430.212-1~deb10u1 Installability problems ACCEPTED

Missing builds: arm64

DSA: 4917

CVEs referenced: CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509 CVE-2021-30510 CVE-2021-30511 CVE-2021-30512 CVE-2021-30513 CVE-2021-30514 CVE-2021-30515 CVE-2021-30516 CVE-2021-30517 CVE-2021-30518 CVE-2021-30519 CVE-2021-30520

Binary debdiffs: amd64armhfi386

Lintian issues: allamd64armhfi386source

chromium 90.0.4430.93-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4911

CVEs referenced: CVE-2021-21227 CVE-2021-21228 CVE-2021-21229 CVE-2021-21230 CVE-2021-21231 CVE-2021-21232 CVE-2021-21233

Binary debdiffs: amd64armhfi386

Lintian issues: allamd64armhfi386

chromium 90.0.4430.85-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4906

CVEs referenced: CVE-2021-21201 CVE-2021-21202 CVE-2021-21203 CVE-2021-21204 CVE-2021-21205 CVE-2021-21207 CVE-2021-21208 CVE-2021-21209 CVE-2021-21210 CVE-2021-21211 CVE-2021-21212 CVE-2021-21213 CVE-2021-21214 CVE-2021-21215 CVE-2021-21216 CVE-2021-21217 CVE-2021-21218 CVE-2021-21219 CVE-2021-21221 CVE-2021-21222 CVE-2021-21223 CVE-2021-21224 CVE-2021-21225 CVE-2021-21226

Binary debdiffs: amd64i386

Lintian issues: allamd64i386

cifs-utils 2:6.8-2+deb10u1 Installability problems ACCEPTED

DSA: 5157

Closes: 1010818

CVEs referenced: CVE-2022-27239 CVE-2022-29869

Binary debdiffs: amd64armelarmhfi386mipsmipselppc64els390x

clamav 0.103.6+dfsg-0+deb10u1 Installability problems ACCEPTED

Reason: new upstream stable release; security fixes [CVE-2022-20770 CVE-2022-20771 CVE-2022-20785 CVE-2022-20792 CVE-2022-20796]

Request: 1011745

CVEs referenced: CVE-2022-20770 CVE-2022-20771 CVE-2022-20785 CVE-2022-20792 CVE-2022-20796

Binary debdiffs: all

Lintian issues: all

commons-daemon 1.0.15-8+deb10u1 Version problems stable (1.0.15-8) Installability problems ACCEPTED

Reason: fix JVM detection

Request: 1015243

Closes: 935336

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

composer 1.8.4-1+deb10u2 Installability problems ACCEPTED

Reason: fix code injection vulnerability [CVE-2022-24828]; update GitHub token pattern; use Authorization header instead of deprecated access_token query parameter

Request: 1012048

Closes: 1009960 955485 989315

CVEs referenced: CVE-2022-24828

Lintian issues: all

condor 8.6.8~dfsg.1-2+deb10u1 Installability problems ACCEPTED

DSA: 5144

CVEs referenced: CVE-2019-18823 CVE-2022-26110

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armhfi386mips64elmipselppc64els390xsource

cups 2.2.10-6+deb10u6 Installability problems ACCEPTED

DSA: 5149

CVEs referenced: CVE-2022-26691

debootstrap 1.0.114+deb10u1 Installability problems ACCEPTED

Reason: ensure non-merged-usr chroots can continue to be created for older releases and buildd chroots

Request: 1016169

µdebs: present

distro-info-data 0.41+deb10u5 Installability problems ACCEPTED

Reason: add Ubuntu 22.04 LTS, Jammy Jellyfish and Ubuntu 22.10, Kinetic Kudu

Request: 1010193

djangorestframework 3.9.0-1+deb10u1 Installability problems ACCEPTED

DSA: 5186

CVEs referenced: CVE-2020-25626

Binary debdiffs: all

dpkg 1.19.8 Installability problems ACCEPTED

DSA: 5147

CVEs referenced: CVE-2022-1664

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

dropbear 2018.76-5+deb10u1 Installability problems ACCEPTED

Reason: fix possible username enumeration issue [CVE-2019-12953]

Request: 1009065

Closes: 1009062

CVEs referenced: CVE-2019-12953

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

ecdsautils 0.3.2+git20151018-2+deb10u1 Installability problems ACCEPTED

DSA: 5132

CVEs referenced: CVE-2022-24884

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

exo 0.12.4-1+deb10u1 Installability problems ACCEPTED

DSA: 5164

Closes: 1013129

CVEs referenced: CVE-2022-32278

faad2 2.10.0-1~deb10u1 Installability problems ACCEPTED

DSA: 5109

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: source

faad2 2.8.8-3+deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5109

Closes: 914641

CVEs referenced: CVE-2018-20196 CVE-2018-20199 CVE-2018-20360 CVE-2019-6956 CVE-2021-32272 CVE-2021-32273 CVE-2021-32274 CVE-2021-32276 CVE-2021-32277 CVE-2021-32278

ffmpeg 7:4.1.9-0+deb10u1 Installability problems ACCEPTED

DSA: 5126

Lintian issues: source

firefox-esr 91.12.0esr-1~deb10u1 Version problems stable (91.11.0esr-1~deb11u1) Installability problems ACCEPTED

Missing builds: arm64 armhf i386 mips mips64el mipsel s390x

DSA: 5193

CVEs referenced: CVE-2022-36318 CVE-2022-36319

Binary debdiffs: allamd64ppc64el

Lintian issues: source

firefox-esr 91.11.0esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5172

CVEs referenced: CVE-2022-2200 CVE-2022-31744 CVE-2022-34468 CVE-2022-34470 CVE-2022-34472 CVE-2022-34479 CVE-2022-34481 CVE-2022-34484

Binary debdiffs: allamd64ppc64el

firefox-esr 91.10.0esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5156

CVEs referenced: CVE-2022-31736 CVE-2022-31737 CVE-2022-31738 CVE-2022-31740 CVE-2022-31741 CVE-2022-31742 CVE-2022-31747

Binary debdiffs: allamd64ppc64el

firefox-esr 91.9.1esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5143

CVEs referenced: CVE-2022-1529 CVE-2022-1802

Binary debdiffs: allamd64ppc64el

firefox-esr 91.9.0esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5129

CVEs referenced: CVE-2022-29909 CVE-2022-29911 CVE-2022-29912 CVE-2022-29914 CVE-2022-29916 CVE-2022-29917

Binary debdiffs: allamd64ppc64el

firefox-esr 91.8.0esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5113

CVEs referenced: CVE-2022-1097 CVE-2022-1196 CVE-2022-24713 CVE-2022-28281 CVE-2022-28282 CVE-2022-28285 CVE-2022-28286 CVE-2022-28289

Binary debdiffs: allamd64ppc64el

firefox-esr 91.7.0esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5097

CVEs referenced: CVE-2022-26381 CVE-2022-26383 CVE-2022-26384 CVE-2022-26386 CVE-2022-26387

Binary debdiffs: allamd64ppc64el

firefox-esr 91.6.1esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5090

CVEs referenced: CVE-2022-26485 CVE-2022-26486

Binary debdiffs: allamd64ppc64el

firefox-esr 91.6.0esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5069

Closes: 1002868

CVEs referenced: CVE-2022-22754 CVE-2022-22756 CVE-2022-22759 CVE-2022-22760 CVE-2022-22761 CVE-2022-22763 CVE-2022-22764

Binary debdiffs: allamd64ppc64el

firefox-esr 91.5.0esr-1~deb10u1 Installability problems all ACCEPTED

This upload was superseded by a more current one.

DSA: 5044

CVEs referenced: CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751

Binary debdiffs: all

firefox-esr 78.15.0esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4981

CVEs referenced: CVE-2021-38496 CVE-2021-38500

firejail 0.9.58.2-2+deb10u3 Installability problems ACCEPTED

DSA: 5167

Closes: 1012510

CVEs referenced: CVE-2022-31214

Binary debdiffs: armelarmhfi386mipsmipsel

flac 1.3.2-3+deb10u2 Installability problems ACCEPTED

Reason: fix out-of-bounds write issue [CVE-2021-0561]

Request: 1010380

Closes: 1006339

CVEs referenced: CVE-2021-0561

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

freetype 2.9.1-3+deb10u3 Installability problems ACCEPTED

Reason: fix buffer overflow issue [CVE-2022-27404]; fix crashes [CVE-2022-27405 CVE-2022-27406]

Request: 1010305

µdebs: present

Closes: 1010183

CVEs referenced: CVE-2022-27404 CVE-2022-27405 CVE-2022-27406

fribidi 1.0.5-3.1+deb10u2 Installability problems ACCEPTED

Reason: fix buffer overflow issues [CVE-2022-25308 CVE-2022-25309]; fix crash [CVE-2022-25310]

Request: 1009251

µdebs: present

Closes: 1008793

CVEs referenced: CVE-2022-25308 CVE-2022-25309 CVE-2022-25310

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

gnupg2 2.2.12-1+deb10u2 Installability problems ACCEPTED

DSA: 5174

µdebs: present

Closes: 1014157

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

gnutls28 3.6.7-4+deb10u8 Installability problems ACCEPTED

Reason: fix test suite when combined with OpenSSL 1.1.1e or newer

Request: 1008062

Lintian issues: source

golang-github-russellhaering-goxmldsig 0.0~git20170911.b7efc62-1+deb10u1 Installability problems ACCEPTED

Reason: fix NULL pointer dereference issue [CVE-2020-7711]

Request: 1008578

Closes: 968928

CVEs referenced: CVE-2020-7711

Binary debdiffs: all

Lintian issues: allsource

grub2 2.06-3~deb10u1 Version problems stable (2.04-20) Installability problems ACCEPTED

Reason: new upstream release

Missing lock-step packages: grub-efi-amd64-signed grub-efi-arm64-signed grub-efi-ia32-signed

Request: 1016671

µdebs: present

CVEs referenced: CVE-2022-28736

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

gsasl 1.8.0-8+deb10u1 Installability problems ACCEPTED

DSA: 5189

CVEs referenced: CVE-2022-2469

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

gzip 1.9-3+deb10u1 Installability problems ACCEPTED

DSA: 5122

Closes: 1009168

CVEs referenced: CVE-2022-1271

htmldoc 1.9.3-1+deb10u4 Installability problems ACCEPTED

Reason: fix infinite loop [CVE-2022-24191], integer overflow issues [CVE-2022-27114] and heap buffer overflow issue [CVE-2022-28085]

Request: 1011030

CVEs referenced: CVE-2022-24191 CVE-2022-27114 CVE-2022-28085

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

intel-microcode 3.20220510.1~deb10u1 Version problems stable (3.20220207.1~deb11u1) Installability problems ACCEPTED

DSA: 5178

Closes: 1010947

CVEs referenced: CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21151 CVE-2022-21166

Binary debdiffs: amd64i386

isync 1.3.0-2.2~deb10u2 Installability problems ACCEPTED

Reason: fix buffer overflow issues [CVE-2021-3657]

Request: 1014145

CVEs referenced: CVE-2021-3657

libnet-ssleay-perl 1.85-2+deb10u1 Installability problems ACCEPTED

Reason: fix test failures with OpenSSL 1.1.1n

Request: 1008056

Closes: 1008055

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

libpgjava 42.2.5-2+deb10u1 Installability problems ACCEPTED

DSA: 5196

Closes: 962828

CVEs referenced: CVE-2020-13692 CVE-2022-21724 CVE-2022-26520

Binary debdiffs: all

Lintian issues: all

librecad 2.1.3-1.2+deb10u1 Installability problems ACCEPTED

DSA: 5077

CVEs referenced: CVE-2021-21898 CVE-2021-21899 CVE-2021-21900 CVE-2021-45341 CVE-2021-45342 CVE-2021-45343

librsvg 2.44.10-2.1+deb10u3 Installability problems ACCEPTED

Reason: fix another build failure with rustc 1.41

Missing builds: ppc64el

Binary debdiffs: amd64arm64armhfi386mipsmips64elmipsels390x

librsvg 2.44.10-2.1+deb10u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: fix build failures with newer rustc, and ppc64el and s390x with the fix for CVE-2019-20446

Request: 966028

CVEs referenced: CVE-2019-20446

librsvg 2.44.10-2.1+deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: fix denial of service via "billion laughs" attack [CVE-2019-20446]

Request: 966028

CVEs referenced: CVE-2019-20446

libxml2 2.9.4+dfsg1-7+deb10u4 Installability problems ACCEPTED

DSA: 5142

Closes: 1010526

CVEs referenced: CVE-2022-29824

linux 4.19.249-2 Installability problems ACCEPTED

DSA: 5173

µdebs: present

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

linux 4.19.249-1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5173

µdebs: present

Closes: 1006346 1013299 922204

CVEs referenced: CVE-2021-4197 CVE-2022-0494 CVE-2022-0854 CVE-2022-1011 CVE-2022-1012 CVE-2022-1016 CVE-2022-1048 CVE-2022-1184 CVE-2022-1195 CVE-2022-1198 CVE-2022-1199 CVE-2022-1204 CVE-2022-1205 CVE-2022-1353 CVE-2022-1419 CVE-2022-1652 CVE-2022-1729 CVE-2022-1974 CVE-2022-1975 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 CVE-2022-2153 CVE-2022-23960 CVE-2022-26490 CVE-2022-27666 CVE-2022-28356 CVE-2022-28388 CVE-2022-28389 CVE-2022-28390 CVE-2022-29581 CVE-2022-30594 CVE-2022-32250 CVE-2022-32296 CVE-2022-32981 CVE-2022-33981

linux-latest 105+deb10u16 Installability problems amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x ACCEPTED

DSA: 5173

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

linux-signed-amd64 4.19.249+2 Installability problems ACCEPTED

DSA: 5173

µdebs: present

Binary debdiffs: amd64

linux-signed-arm64 4.19.249+2 Installability problems ACCEPTED

DSA: 5173

µdebs: present

Binary debdiffs: arm64

linux-signed-i386 4.19.249+2 Installability problems ACCEPTED

DSA: 5173

µdebs: present

Binary debdiffs: i386

llvm-toolchain-13 1:13.0.1-6~deb10u4 Installability problems c-i failed: llvm-toolchain-13/1:13.0.1-6~deb10u4 [amd64] llvm-toolchain-13/1:13.0.1-6~deb10u4 [arm64] llvm-toolchain-13/1:13.0.1-6~deb10u4 [armel] llvm-toolchain-13/1:13.0.1-6~deb10u4 [i386] llvm-toolchain-13/1:13.0.1-6~deb10u4 [s390x] ACCEPTED

Reason: disable libunwind on mips

Request: 1014860

Binary debdiffs: all-neededamd64-neededarm64-neededarmel-neededarmhf-neededi386-neededmips-neededmips64el-neededmipsel-neededppc64el-neededs390x-needed

Lintian issues: all-neededamd64-neededarm64-neededarmel-neededarmhf-neededi386-neededmips-neededmips64el-neededmipsel-neededppc64el-neededs390x-needed

llvm-toolchain-13 1:13.0.1-6~deb10u3 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: disable lldb on mips

Request: 1014860

llvm-toolchain-13 1:13.0.1-6~deb10u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: remove build-dep on llvm-spirv, which isn't in buster; fix mips support

Request: 1014860

llvm-toolchain-13 1:13.0.1-6~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new source package to support building of newer firefox-esr and thunderbird versions

Request: 1014860

lrzip 0.631+git180528-1+deb10u1 Installability problems ACCEPTED

DSA: 5145

CVEs referenced: CVE-2018-5786 CVE-2020-25467 CVE-2021-27345 CVE-2021-27347 CVE-2022-26291 CVE-2022-28044

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

mat2 0.8.0-3+deb10u1 Installability problems ACCEPTED

DSA: 5185

CVEs referenced: CVE-2022-35410

minidlna 1.2.1+dfsg-2+deb10u3 Installability problems ACCEPTED

Reason: validate HTTP requests to protect against DNS rebinding attacks [CVE-2022-26505]

Request: 1009076

Closes: 1006798

CVEs referenced: CVE-2022-26505

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

mokutil 0.6.0-2~deb10u1 Version problems stable (0.3.0+1538710437.fb6250f-1) mokutil/stable [amd64] (0.3.0+1538710437.fb6250f-1+b1) mokutil/stable [arm64] (0.3.0+1538710437.fb6250f-1+b1) mokutil/stable [armel] (0.3.0+1538710437.fb6250f-1+b1) mokutil/stable [armhf] (0.3.0+1538710437.fb6250f-1+b1) mokutil/stable [i386] (0.3.0+1538710437.fb6250f-1+b1) Installability problems ACCEPTED

Reason: new upstream version, to allow for SBAT management

Request: 1016176

Closes: 987613 991933

Binary debdiffs: amd64arm64armelarmhfi386

Lintian issues: amd64arm64armelarmhfi386source

mutt 1.10.1-2.1+deb10u6 Installability problems ACCEPTED

Reason: fix uudecode buffer overflow [CVE-2022-1328]

Request: 1010060

Closes: 1009734

CVEs referenced: CVE-2022-1328

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

needrestart 3.4-5+deb10u1 Installability problems ACCEPTED

DSA: 5137

CVEs referenced: CVE-2022-30688

Lintian issues: all

ntfs-3g 1:2017.3.23AR.3-3+deb10u2 Installability problems ACCEPTED

DSA: 5160

µdebs: present

Closes: 1011770

CVEs referenced: CVE-2021-46790 CVE-2022-30783 CVE-2022-30784 CVE-2022-30785 CVE-2022-30786 CVE-2022-30787 CVE-2022-30788 CVE-2022-30789

nvidia-graphics-drivers 418.226.00-3 Installability problems c-i failed: nvidia-graphics-drivers/418.226.00-3 [amd64] ACCEPTED

Reason: new upstream release

Request: 1009652

Closes: 996595 999670

Binary debdiffs: amd64armhfi386

Lintian issues: amd64armhfi386source

nvidia-graphics-drivers-legacy-390xx 390.151-1~deb10u1 Installability problems ACCEPTED

Reason: new upstream release; fix out-of-bound write issues [CVE-2022-28181 CVE-2022-28185]

Request: 1011272

Closes: 1004849 1005804 1005909 1010230 1011142 992057 994814 996595 999670

CVEs referenced: CVE-2022-28181 CVE-2022-28185

Binary debdiffs: amd64armhfi386

Lintian issues: amd64armhfi386source

openjdk-11 11.0.16+8-1~deb10u1 Version problems stable (11.0.15+10-1~deb11u1) Installability problems ACCEPTED

DSA: 5188

openjdk-11 11.0.15+10-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5131

openldap 2.4.47+dfsg-3+deb10u7 Installability problems ACCEPTED

DSA: 5140

CVEs referenced: CVE-2022-29155

openssl 1.1.1n-0+deb10u3 Installability problems ACCEPTED

DSA: 5169

µdebs: present

CVEs referenced: CVE-2022-2068

openssl 1.1.1n-0+deb10u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5139

µdebs: present

CVEs referenced: CVE-2022-1292

openvswitch 2.10.7+ds1-0+deb10u1 Installability problems ACCEPTED

Missing builds: mips s390x

DSA: 4852

Closes: 982493

CVEs referenced: CVE-2020-35498

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64el

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64elsource

openvswitch 2.10.6+ds1-0+deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4836

Closes: 980132

CVEs referenced: CVE-2015-8011 CVE-2020-27827

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64el

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64el

orca 3.30.1-2 Installability problems ACCEPTED

Reason: fix use with WebKitGTK 2.36

Request: 1011286

php-guzzlehttp-psr7 1.4.2-0.1+deb10u1 Installability problems ACCEPTED

Reason: fix improper header parsing [CVE-2022-24775]

Request: 1011943

Closes: 1008236

CVEs referenced: CVE-2022-24775

Lintian issues: all

postfix 3.4.23-0+deb10u1 Installability problems ACCEPTED

Reason: new upstream stable release; do not override user set default_transport; if-up.d: do not error out if postfix can't send mail yet; fix duplicate bounce_notice_recipient entries in postconf output

Request: 1003293

Closes: 926331 959864 964762 968057 988538 991950 999694

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

postgresql-11 11.16-0+deb10u1 Installability problems ACCEPTED

DSA: 5135

CVEs referenced: CVE-2022-1552

Binary debdiffs: alls390x

postgresql-common 200+deb10u5 Installability problems ACCEPTED

Reason: pg_virtualenv: Write temporary password file before chowning the file

Request: 1013347

Closes: 933569

Binary debdiffs: all

procmail 3.22-26+deb10u1 Installability problems ACCEPTED

Reason: fix NULL pointer dereference

Request: 1016439

Closes: 769938

Binary debdiffs: armelarmhfi386mipsmipsel

python-bottle 0.12.15-2+deb10u2 Installability problems ACCEPTED

DSA: 5159

CVEs referenced: CVE-2022-31799

python-scrapy 1.5.1-1+deb10u1 Installability problems ACCEPTED

Reason: don't send authentication data with all requests [CVE-2021-41125]; don't expose cookies cross-domain when redirecting [CVE-2022-0577]

Request: 1011360

Closes: 1008234

CVEs referenced: CVE-2021-41125 CVE-2022-0577

Binary debdiffs: all

request-tracker4 4.4.3-2+deb10u2 Installability problems ACCEPTED

DSA: 5181

CVEs referenced: CVE-2022-25802

rsyslog 8.1901.0-1+deb10u2 Installability problems ACCEPTED

DSA: 5150

Closes: 1010619

CVEs referenced: CVE-2022-24903

rust-cbindgen 0.23.0-1~deb10u2 Version problems stable (0.20.0-1~deb11u1) Installability problems ACCEPTED

Reason: fix build failure due to too old timestamps

Missing builds: armel mips mipsel

Request: 1014909

Closes: 1015146

Binary debdiffs: amd64arm64mips64elppc64els390x

rust-cbindgen 0.23.0-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream version to support building of newer firefox-esr and thunderbird versions

Request: 1014909

rustc-mozilla 1.59.0+dfsg1-1~deb10u3 Version problems stable (1.51.0+dfsg1-1~deb11u1) libstd-rust-mozilla-dev/stable [arm64] (1.59.0+dfsg1-1~deb10u2/1.51.0+dfsg1-1~deb11u1) libstd-rust-mozilla-dev/stable [armhf] (1.59.0+dfsg1-1~deb10u2/1.51.0+dfsg1-1~deb11u1) rustc-mozilla/stable [arm64] (1.59.0+dfsg1-1~deb10u2/1.51.0+dfsg1-1~deb11u1) rustc-mozilla/stable [armhf] (1.59.0+dfsg1-1~deb10u2/1.51.0+dfsg1-1~deb11u1) Installability problems mips64el mipsel ACCEPTED

Reason: include mips(el) stage0 binaries

Missing builds: arm64 armel armhf mips s390x

Request: 1014907

Binary debdiffs: allamd64i386mips64elmipselppc64el

Lintian issues: allamd64i386mips64elmipselppc64elsource

rustc-mozilla 1.59.0+dfsg1-1~deb10u2 Version problems stable (1.51.0+dfsg1-1~deb11u1) Installability problems mips64el ACCEPTED

This upload was superseded by a more current one.

Reason: inline atomics on arm64; increase allowed test failures on i386

Request: 1014907

Binary debdiffs: allamd64i386mips64elppc64el

Lintian issues: allamd64i386mips64elppc64el

rustc-mozilla 1.59.0+dfsg1-1~deb10u1 Installability problems amd64 mips64el ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream version to support building of newer firefox-esr and thunderbird versions

Request: 1014907

Binary debdiffs: allamd64armhfmips64elppc64el

Lintian issues: allamd64armhfmips64elppc64el

shim 15.6-1~deb10u1 Version problems stable (15.4-7) Installability problems ACCEPTED

Reason: new upstream release

Missing lock-step packages: shim-signed

Request: 1016178

shim-helpers-amd64-signed 1+15.6+1~deb10u1 Version problems stable (1+15.4+7) Installability problems ACCEPTED

Distribution mismatch: buster-proposed-updates

Reason: new upstream release

Request: 1016179

Binary debdiffs: amd64

Lintian issues: amd64source

shim-helpers-arm64-signed 1+15.6+1~deb10u1 Version problems stable (1+15.4+7) Installability problems ACCEPTED

Distribution mismatch: buster-proposed-updates

Reason: new upstream release

Request: 1016179

Binary debdiffs: arm64

Lintian issues: source

shim-helpers-i386-signed 1+15.6+1~deb10u1 Version problems stable (1+15.4+7) Installability problems ACCEPTED

Distribution mismatch: buster-proposed-updates

Reason: new upstream release

Request: 1016179

Binary debdiffs: i386

Lintian issues: i386source

smarty3 3.1.33+20180830.1.3a78a21f+selfpack1-1+deb10u1 Installability problems ACCEPTED

DSA: 5151

CVEs referenced: CVE-2021-21408 CVE-2021-26119 CVE-2021-26120 CVE-2021-29454 CVE-2022-29221

snapd 2.37.4-1+deb10u1 Installability problems ACCEPTED

Missing builds: s390x

DSA: 5080

CVEs referenced: CVE-2021-44730 CVE-2021-44731

Binary debdiffs: amd64arm64armelarmhfi386ppc64el

spip 3.2.4-1+deb10u9 Installability problems ACCEPTED

DSA: 5190

Lintian issues: all

spip 3.2.4-1+deb10u8 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5152

squid 4.6-1+deb10u7 Installability problems ACCEPTED

DSA: 5171

CVEs referenced: CVE-2021-28116 CVE-2021-46784

subversion 1.10.4-1+deb10u3 Installability problems ACCEPTED

DSA: 5119

CVEs referenced: CVE-2021-28544 CVE-2022-24070

thunderbird 1:91.12.0-1~deb10u1 Version problems stable (1:91.10.0-1~deb11u1) thunderbird/stable [s390x] (1:78.14.0-1~deb11u1) Installability problems ACCEPTED

Missing builds: armel armhf ppc64el

DSA: 5195

Lintian issues: amd64arm64i386mips64els390xsource

thunderbird 1:91.11.0-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5175

Binary debdiffs: allamd64arm64i386mips64el

thunderbird 1:91.10.0-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5158

Binary debdiffs: allamd64arm64i386mips64el

thunderbird 1:91.9.0-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5141

Closes: 1009321

Binary debdiffs: allamd64arm64i386mips64el

thunderbird 1:91.8.0-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5118

Binary debdiffs: allamd64arm64i386

thunderbird 1:91.7.0-2~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5106

Binary debdiffs: allamd64arm64i386mips64el

thunderbird 1:91.6.2-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5094

Binary debdiffs: allamd64arm64i386mips64el

thunderbird 1:91.6.1-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5086

Binary debdiffs: allamd64arm64i386mips64el

thunderbird 1:91.6.0-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5074

Binary debdiffs: allamd64arm64i386mips64el

thunderbird 1:91.5.0-2~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5045

Binary debdiffs: allamd64arm64i386mips64el

Lintian issues: allamd64arm64i386mips64el

thunderbird 1:91.4.1-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5034

Binary debdiffs: allamd64

Lintian issues: amd64

tiff 4.1.0+git191117-2~deb10u4 Installability problems ACCEPTED

DSA: 5108

CVEs referenced: CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891 CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-22844

trafficserver 8.0.2+ds-1+deb10u6 Installability problems ACCEPTED

DSA: 5153

CVEs referenced: CVE-2021-37147 CVE-2021-37148 CVE-2021-37149 CVE-2021-38161 CVE-2021-44040 CVE-2021-44759

Lintian issues: amd64arm64armhfi386mipsmips64elmipselppc64elsource

twisted 18.9.0-3+deb10u1 Installability problems ACCEPTED

Reason: fix incorrect URI and HTTP method validation issue [CVE-2019-12387], incorrect certificate validation in XMPP support [CVE-2019-12855], HTTP/2 denial of service issues [CVE-2019-9511 CVE-2019-9514 CVE-2019-9515], HTTP request smuggling issues [CVE-2020-10108 CVE-2020-10109 CVE-2022-24801], information disclosure issue when following cross-domain redirects [CVE-2022-21712], denial of service issue during SSH handshake [CVE-2022-21716]

Request: 1010615

CVEs referenced: CVE-2019-12387 CVE-2019-12855 CVE-2019-951 CVE-2019-9511 CVE-2019-9514 CVE-2019-9515 CVE-2020-1010 CVE-2020-10108 CVE-2020-10109 CVE-2022-21712 CVE-2022-21716 CVE-2022-24801

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: all

tzdata 2021a-0+deb10u5 Installability problems ACCEPTED

Reason: update leap second list

Closes: 1012191

tzdata 2021a-0+deb10u4 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: update timezone data for Palestine

ublock-origin 1.42.0+dfsg-1~deb10u1 Installability problems ACCEPTED

Reason: new upstream stable release

Request: 1014200

Closes: 996249

Binary debdiffs: all

Lintian issues: allsource

unrar-nonfree 1:5.6.6-1+deb10u1 Installability problems ACCEPTED

Reason: fix directory traversal issue [CVE-2022-30333]

Request: 1010858

Closes: 1010837

CVEs referenced: CVE-2022-30333

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

vlc 3.0.17.4-0+deb10u1 Installability problems ACCEPTED

DSA: 5165

waitress 1.2.0~b2-2+deb10u1 Installability problems ACCEPTED

DSA: 5138

Closes: 1008013

CVEs referenced: CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2022-24761

Binary debdiffs: all

Lintian issues: source

webkit2gtk 2.36.4-1~deb10u1 Version problems stable (2.36.3-1~deb11u1) Installability problems ACCEPTED

Missing builds: mips

DSA: 5182

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armhfi386mips64elmipselppc64els390xsource

webkit2gtk 2.36.3-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5154

CVEs referenced: CVE-2022-26700 CVE-2022-26709 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-30293 CVE-2022-30294

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armhfi386mips64elmipselppc64els390x

webkit2gtk 2.36.0-3~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5115

CVEs referenced: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armhfi386mips64elmipselppc64els390x

wireshark 2.6.20-0+deb10u4 Installability problems ACCEPTED

Reason: fix remote code execution issue [CVE-2021-22191], denial of service issues [CVE-2021-4181 CVE-2021-4184 CVE-2021-4185 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586]

Request: 1012066

CVEs referenced: CVE-2021-22191 CVE-2021-4181 CVE-2021-4184 CVE-2021-4185 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586

xz-utils 5.2.4-1+deb10u1 Installability problems ACCEPTED

DSA: 5123

Closes: 1009167

CVEs referenced: CVE-2022-1271

Lintian issues: source

zlib 1:1.2.11.dfsg-1+deb10u1 Installability problems ACCEPTED

DSA: 5111

µdebs: present

Closes: 1008265

CVEs referenced: CVE-2018-25032

Binary debdiffs: amd64i386mipsmips64elmipsels390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x