Queue Overview for "oldstable-proposed-updates"

Reason: fix open redirect issue, cross-site scripting issues [CVE-2020-35572 CVE-2021-29625]; elasticsearch: Do not print response if HTTP code is not 200 [CVE-2021-21311]; provide a compiled version and configuration files

Request: 960396

Closes: 952755

CVEs referenced: CVE-2020-35572 CVE-2021-21311 CVE-2021-29625

Binary debdiffs: all

Reason: fix denial of service issue [CVE-2022-22719], HTTP request smuggling issue [CVE-2022-22720], integer overflow issue [CVE-2022-22721], out-of-bounds write issue [CVE-2022-23943], HTTP request smuggling issue [CVE-2022-26377], out-of-bounds read issues [CVE-2022-28614 CVE-2022-28615], denial of service issue [CVE-2022-29404], out-of-bounds read issue [CVE-2022-30556], possible IP-based authentication bypass issue [CVE-2022-31813]

Request: 1014346

CVEs referenced: CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556 CVE-2022-31813

Lintian issues: allmipsmips64elmipselsource

Reason: update for the 10.13 point release

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

DSA: 5176

CVEs referenced: CVE-2022-0544 CVE-2022-0545 CVE-2022-0546

DSA: 5194

CVEs referenced: CVE-2022-2553

Reason: new upstream version to support building of newer firefox-esr and thunderbird versions

Missing builds: armel mips mips64el mipsel

Request: 1014912

Binary debdiffs: amd64arm64ppc64el

Lintian issues: amd64arm64armhfi386ppc64els390xsource

Missing builds: arm64

DSA: 4917

CVEs referenced: CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509 CVE-2021-30510 CVE-2021-30511 CVE-2021-30512 CVE-2021-30513 CVE-2021-30514 CVE-2021-30515 CVE-2021-30516 CVE-2021-30517 CVE-2021-30518 CVE-2021-30519 CVE-2021-30520

Binary debdiffs: amd64armhfi386

Lintian issues: allamd64armhfi386source

This upload was superseded by a more current one.

DSA: 4911

CVEs referenced: CVE-2021-21227 CVE-2021-21228 CVE-2021-21229 CVE-2021-21230 CVE-2021-21231 CVE-2021-21232 CVE-2021-21233

Binary debdiffs: amd64armhfi386

Lintian issues: allamd64armhfi386

This upload was superseded by a more current one.

DSA: 4906

CVEs referenced: CVE-2021-21201 CVE-2021-21202 CVE-2021-21203 CVE-2021-21204 CVE-2021-21205 CVE-2021-21207 CVE-2021-21208 CVE-2021-21209 CVE-2021-21210 CVE-2021-21211 CVE-2021-21212 CVE-2021-21213 CVE-2021-21214 CVE-2021-21215 CVE-2021-21216 CVE-2021-21217 CVE-2021-21218 CVE-2021-21219 CVE-2021-21221 CVE-2021-21222 CVE-2021-21223 CVE-2021-21224 CVE-2021-21225 CVE-2021-21226

Binary debdiffs: amd64i386

Lintian issues: allamd64i386

DSA: 5157

Closes: 1010818

CVEs referenced: CVE-2022-27239 CVE-2022-29869

Binary debdiffs: amd64armelarmhfi386mipsmipselppc64els390x

Reason: new upstream stable release; security fixes [CVE-2022-20770 CVE-2022-20771 CVE-2022-20785 CVE-2022-20792 CVE-2022-20796]

Request: 1011745

CVEs referenced: CVE-2022-20770 CVE-2022-20771 CVE-2022-20785 CVE-2022-20792 CVE-2022-20796

Binary debdiffs: all

Lintian issues: all

Reason: fix JVM detection

Request: 1015243

Closes: 935336

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix code injection vulnerability [CVE-2022-24828]; update GitHub token pattern; use Authorization header instead of deprecated access_token query parameter

Request: 1012048

Closes: 1009960 955485 989315

CVEs referenced: CVE-2022-24828

DSA: 5144

CVEs referenced: CVE-2019-18823 CVE-2022-26110

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armhfi386mips64elmipselppc64els390xsource

DSA: 5149

CVEs referenced: CVE-2022-26691

Reason: rebuild against buster-proposed-updates; increase Linux kernel ABI to 4.19.0-21

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: rebuild against buster-proposed-updates

Binary debdiffs: all

Lintian issues: allsource

Reason: update security status of various packages

Request: 1017393

Closes: 988321

Binary debdiffs: all

Reason: ensure non-merged-usr chroots can continue to be created for older releases and buildd chroots

Request: 1016169

µdebs: present

Reason: add Ubuntu 22.04 LTS, Jammy Jellyfish and Ubuntu 22.10, Kinetic Kudu

Request: 1010193

DSA: 5186

CVEs referenced: CVE-2020-25626

Binary debdiffs: all

DSA: 5147

CVEs referenced: CVE-2022-1664

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix possible username enumeration issue [CVE-2019-12953]

Request: 1009065

Closes: 1009062

CVEs referenced: CVE-2019-12953

Reason: fix segfault on engine selection

Request: 1018250

Closes: 962627

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 5132

CVEs referenced: CVE-2022-24884

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix testsuite failures on armhf and ppc64el caused by incorrect libffi usage

Request: 1018241

Closes: 893206 934081

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix build failure with recent kernel versions

Request: 1018199

Closes: 971161

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 5164

Closes: 1013129

CVEs referenced: CVE-2022-32278

DSA: 5109

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: source

This upload was superseded by a more current one.

DSA: 5109

Closes: 914641

CVEs referenced: CVE-2018-20196 CVE-2018-20199 CVE-2018-20360 CVE-2019-6956 CVE-2021-32272 CVE-2021-32273 CVE-2021-32274 CVE-2021-32276 CVE-2021-32277 CVE-2021-32278

Reason: fix some version comparisons

Request: 990372

Closes: 990276

DSA: 5126

Lintian issues: source

Missing builds: arm64 armhf i386 mips mips64el mipsel s390x

DSA: 5193

CVEs referenced: CVE-2022-36318 CVE-2022-36319

Binary debdiffs: allamd64ppc64el

Lintian issues: source

This upload was superseded by a more current one.

DSA: 5172

CVEs referenced: CVE-2022-2200 CVE-2022-31744 CVE-2022-34468 CVE-2022-34470 CVE-2022-34472 CVE-2022-34479 CVE-2022-34481 CVE-2022-34484

Binary debdiffs: allamd64ppc64el

This upload was superseded by a more current one.

DSA: 5156

CVEs referenced: CVE-2022-31736 CVE-2022-31737 CVE-2022-31738 CVE-2022-31740 CVE-2022-31741 CVE-2022-31742 CVE-2022-31747

Binary debdiffs: allamd64ppc64el

This upload was superseded by a more current one.

DSA: 5143

CVEs referenced: CVE-2022-1529 CVE-2022-1802

Binary debdiffs: allamd64ppc64el

This upload was superseded by a more current one.

DSA: 5129

CVEs referenced: CVE-2022-29909 CVE-2022-29911 CVE-2022-29912 CVE-2022-29914 CVE-2022-29916 CVE-2022-29917

Binary debdiffs: allamd64ppc64el

This upload was superseded by a more current one.

DSA: 5113

CVEs referenced: CVE-2022-1097 CVE-2022-1196 CVE-2022-24713 CVE-2022-28281 CVE-2022-28282 CVE-2022-28285 CVE-2022-28286 CVE-2022-28289

Binary debdiffs: allamd64ppc64el

This upload was superseded by a more current one.

DSA: 5097

CVEs referenced: CVE-2022-26381 CVE-2022-26383 CVE-2022-26384 CVE-2022-26386 CVE-2022-26387

Binary debdiffs: allamd64ppc64el

This upload was superseded by a more current one.

DSA: 5090

CVEs referenced: CVE-2022-26485 CVE-2022-26486

Binary debdiffs: allamd64ppc64el

This upload was superseded by a more current one.

DSA: 5069

Closes: 1002868

CVEs referenced: CVE-2022-22754 CVE-2022-22756 CVE-2022-22759 CVE-2022-22760 CVE-2022-22761 CVE-2022-22763 CVE-2022-22764

Binary debdiffs: allamd64ppc64el

This upload was superseded by a more current one.

DSA: 5044

CVEs referenced: CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739 CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743 CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751

Binary debdiffs: all

This upload was superseded by a more current one.

DSA: 4981

CVEs referenced: CVE-2021-38496 CVE-2021-38500

DSA: 5167

Closes: 1012510

CVEs referenced: CVE-2022-31214

Binary debdiffs: armelarmhfi386mipsmipsel

Reason: fix out-of-bounds write issue [CVE-2021-0561]

Request: 1010380

Closes: 1006339

CVEs referenced: CVE-2021-0561

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix build failure with newer imagemagick versions

Request: 1018097

Closes: 991056

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix side-channel leak where 1 in 2048 handshakes fail [CVE-2019-13456], denial of service issue due to multithreaded BN_CTX access [CVE-2019-17185], crash due to non-thread safe memory allocation

Request: 1018246

Closes: 992036

CVEs referenced: CVE-2019-13456 CVE-2019-17185

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix buffer overflow issue [CVE-2022-27404]; fix crashes [CVE-2022-27405 CVE-2022-27406]

Request: 1010305

µdebs: present

Closes: 1010183

CVEs referenced: CVE-2022-27404 CVE-2022-27405 CVE-2022-27406

Reason: fix buffer overflow issues [CVE-2022-25308 CVE-2022-25309]; fix crash [CVE-2022-25310]

Request: 1009251

µdebs: present

Closes: 1008793

CVEs referenced: CVE-2022-25308 CVE-2022-25309 CVE-2022-25310

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

Reason: don't try to convert PNG to EPS for latex, as our imagemagick has EPS disabled for security reasons

Request: 1018096

Closes: 991053

Reason: fix heap-based buffer overflows [CVE-2021-45909 CVE-2021-45910 CVE-2021-45911]

Request: 1016198

Closes: 1002667 1002668 1002687

CVEs referenced: CVE-2021-45909 CVE-2021-45910 CVE-2021-45911

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix build failure with recent tzdata

Request: 1018178

Closes: 978208

DSA: 5174

µdebs: present

Closes: 1014157

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix test suite when combined with OpenSSL 1.1.1e or newer

Request: 1008062

Lintian issues: source

Reason: skip tests that use expired certificates

Request: 1018107

Closes: 986306

Reason: fix building on newer 4.19 kernels

Request: 1018086

Closes: 1002231

Reason: fix NULL pointer dereference issue [CVE-2020-7711]

Request: 1008578

Closes: 968928

CVEs referenced: CVE-2020-7711

Binary debdiffs: all

Lintian issues: allsource

Distribution mismatch: buster-proposed-updates

Reason: new upstream release

Request: 1016671

Binary debdiffs: amd64

Lintian issues: amd64source

Distribution mismatch: buster-proposed-updates

Reason: new upstream release

Request: 1016671

Binary debdiffs: arm64

Lintian issues: arm64source

Distribution mismatch: buster-proposed-updates

Reason: new upstream release

Request: 1016671

Binary debdiffs: i386

Lintian issues: i386source

Reason: new upstream release

Request: 1016671

µdebs: present

CVEs referenced: CVE-2022-28736

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

DSA: 5189

CVEs referenced: CVE-2022-2469

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 5122

Closes: 1009168

CVEs referenced: CVE-2022-1271

Reason: fix infinite loop [CVE-2022-24191], integer overflow issues [CVE-2022-27114] and heap buffer overflow issue [CVE-2022-28085]

Request: 1011030

CVEs referenced: CVE-2022-24191 CVE-2022-27114 CVE-2022-28085

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

DSA: 5178

Closes: 1010947

CVEs referenced: CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21151 CVE-2022-21166

Binary debdiffs: amd64i386

Reason: fix DKMS build failure regression caused by Linux upstream changes in the 4.19.191 kernel

Request: 990739

Closes: 990123

Reason: fix buffer overflow issues [CVE-2021-3657]

Request: 1014145

CVEs referenced: CVE-2021-3657

Reason: fix build failure by disabling generation of Postscript documentation

Request: 1018101

Closes: 991058

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: use SHA256 as Pkinit CMS Digest

Request: 1017998

Closes: 1017995

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

Reason: improve validation of the post-logout URL parameter on logout [CVE-2019-14857]

Request: 945578

Closes: 942165

CVEs referenced: CVE-2019-14857

Reason: update included data

Request: 1017112

Binary debdiffs: all

Reason: fix build failure by increasing the expiry date of a test cookie

Request: 1018182

Closes: 991649

Reason: change the default host from the defunct freedb.freedb.org to gnudb.gnudb.org

Request: 1018244

Closes: 991089

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix test failures with OpenSSL 1.1.1n

Request: 1008056

Closes: 1008055

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 5196

Closes: 962828

CVEs referenced: CVE-2020-13692 CVE-2022-21724 CVE-2022-26520

Binary debdiffs: all

Lintian issues: all

DSA: 5077

CVEs referenced: CVE-2021-21898 CVE-2021-21899 CVE-2021-21900 CVE-2021-45341 CVE-2021-45342 CVE-2021-45343

Reason: fix test failure after 6/6/2020

Request: 1018179

Closes: 962482

Reason: fix another build failure with rustc 1.41

Missing builds: ppc64el

Binary debdiffs: amd64arm64armhfi386mipsmips64elmipsels390x

This upload was superseded by a more current one.

Reason: fix build failures with newer rustc, and ppc64el and s390x with the fix for CVE-2019-20446

Request: 966028

CVEs referenced: CVE-2019-20446

This upload was superseded by a more current one.

Reason: fix denial of service via "billion laughs" attack [CVE-2019-20446]

Request: 966028

CVEs referenced: CVE-2019-20446

Reason: fix segmentation fault in libvirt_node_get_cpu_stats

Request: 983841

Closes: 982804

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: mipsmips64elmipsel

DSA: 5142

Closes: 1010526

CVEs referenced: CVE-2022-29824

DSA: 5173

µdebs: present

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

This upload was superseded by a more current one.

DSA: 5173

µdebs: present

Closes: 1006346 1013299 922204

CVEs referenced: CVE-2021-4197 CVE-2022-0494 CVE-2022-0854 CVE-2022-1011 CVE-2022-1012 CVE-2022-1016 CVE-2022-1048 CVE-2022-1184 CVE-2022-1195 CVE-2022-1198 CVE-2022-1199 CVE-2022-1204 CVE-2022-1205 CVE-2022-1353 CVE-2022-1419 CVE-2022-1652 CVE-2022-1729 CVE-2022-1974 CVE-2022-1975 CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 CVE-2022-2153 CVE-2022-23960 CVE-2022-26490 CVE-2022-27666 CVE-2022-28356 CVE-2022-28388 CVE-2022-28389 CVE-2022-28390 CVE-2022-29581 CVE-2022-30594 CVE-2022-32250 CVE-2022-32296 CVE-2022-32981 CVE-2022-33981

DSA: 5173

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 5173

µdebs: present

Binary debdiffs: amd64

DSA: 5173

µdebs: present

Binary debdiffs: arm64

DSA: 5173

µdebs: present

Binary debdiffs: i386

Reason: disable libunwind on mips

Request: 1014860

Binary debdiffs: all-neededamd64-neededarm64-neededarmel-neededarmhf-neededi386-neededmips-neededmips64el-neededmipsel-neededppc64el-neededs390x-needed

Lintian issues: all-neededamd64-neededarm64-neededarmel-neededarmhf-neededi386-neededmips-neededmips64el-neededmipsel-neededppc64el-neededs390x-needed

This upload was superseded by a more current one.

Reason: disable lldb on mips

Request: 1014860

This upload was superseded by a more current one.

Reason: remove build-dep on llvm-spirv, which isn't in buster; fix mips support

Request: 1014860

This upload was superseded by a more current one.

Reason: new source package to support building of newer firefox-esr and thunderbird versions

Request: 1014860

DSA: 5145

CVEs referenced: CVE-2018-5786 CVE-2020-25467 CVE-2021-27345 CVE-2021-27347 CVE-2022-26291 CVE-2022-28044

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 5185

CVEs referenced: CVE-2022-35410

Reason: validate HTTP requests to protect against DNS rebinding attacks [CVE-2022-26505]

Request: 1009076

Closes: 1006798

CVEs referenced: CVE-2022-26505

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

Reason: new upstream version, to allow for SBAT management

Request: 1016176

Closes: 987613 991933

Binary debdiffs: amd64arm64armelarmhfi386

Lintian issues: amd64arm64armelarmhfi386source

Reason: fix uudecode buffer overflow [CVE-2022-1328]

Request: 1010060

Closes: 1009734

CVEs referenced: CVE-2022-1328

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 5137

CVEs referenced: CVE-2022-30688

Lintian issues: all

Reason: sanitize options and new objects [CVE-2022-29078]

Request: 1010388

Closes: 1010359

CVEs referenced: CVE-2022-29078

Reason: work around test bug

Request: 987538

Closes: 987530

Reason: fix prototype pollution issue [CVE-2021-44906]

Request: 1008163

CVEs referenced: CVE-2021-44906

Reason: fix signature verification issues [CVE-2022-24771 CVE-2022-24772 CVE-2022-24773]

Request: 1008154

CVEs referenced: CVE-2022-24771 CVE-2022-24772 CVE-2022-24773

Reason: fix test for nodejs >= 10.16

Request: 1018095

Closes: 988103

DSA: 5160

µdebs: present

Closes: 1011770

CVEs referenced: CVE-2021-46790 CVE-2022-30783 CVE-2022-30784 CVE-2022-30785 CVE-2022-30786 CVE-2022-30787 CVE-2022-30788 CVE-2022-30789

Reason: new upstream release

Request: 1009652

Closes: 996595 999670

Binary debdiffs: amd64armhfi386

Lintian issues: amd64armhfi386source

Reason: new upstream release; security fixes [CVE-2022-31607 CVE-2022-31608 CVE-2022-31615]

Request: 1016733

Closes: 1012618 1012700 1016616

CVEs referenced: CVE-2022-31607 CVE-2022-31608 CVE-2022-31615

Binary debdiffs: amd64armhfi386

Lintian issues: amd64armhfi386source

This upload was superseded by a more current one.

Reason: new upstream release; fix out-of-bound write issues [CVE-2022-28181 CVE-2022-28185]

Request: 1011272

Closes: 1004849 1005804 1005909 1010230 1011142 992057 994814 996595 999670

CVEs referenced: CVE-2022-28181 CVE-2022-28185

Binary debdiffs: amd64armhfi386

Lintian issues: amd64armhfi386

Reason: fix client certificate checks [CVE-2019-17134]; correctly detect that the agent is running on Debian; fix template that generates vrrp check script; add additional runtime dependencies; ship additional configuration directly in the agent package

Request: 941901

Closes: 941897

CVEs referenced: CVE-2019-17134

Binary debdiffs: all

Lintian issues: all

DSA: 5188

This upload was superseded by a more current one.

DSA: 5131

DSA: 5140

CVEs referenced: CVE-2022-29155

DSA: 5169

µdebs: present

CVEs referenced: CVE-2022-2068

This upload was superseded by a more current one.

DSA: 5139

µdebs: present

CVEs referenced: CVE-2022-1292

Missing builds: mips s390x

DSA: 4852

Closes: 982493

CVEs referenced: CVE-2020-35498

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64el

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64elsource

This upload was superseded by a more current one.

DSA: 4836

Closes: 980132

CVEs referenced: CVE-2015-8011 CVE-2020-27827

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64el

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64el

Reason: fix use with WebKitGTK 2.36

Request: 1011286

Reason: update relationship versions to fix upgrades from stretch LTS

Request: 987941

Closes: 985173

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

Reason: fix build failure

Request: 1018152

Closes: 962423

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix improper header parsing [CVE-2022-24775]

Request: 1011943

Closes: 1008236

CVEs referenced: CVE-2022-24775

Reason: new upstream stable release; do not override user set default_transport; if-up.d: do not error out if postfix can't send mail yet; fix duplicate bounce_notice_recipient entries in postconf output

Request: 1003293

Closes: 926331 959864 964762 968057 988538 991950 999694

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 5135

CVEs referenced: CVE-2022-1552

Binary debdiffs: alls390x

Reason: pg_virtualenv: Write temporary password file before chowning the file

Request: 1013347

Closes: 933569

Binary debdiffs: all

Reason: fix potential denial of service issue when Postfix sends certain long data fields such as multiple concatenated email addresses [CVE-2021-35525]

Request: 991120

Closes: 990439

CVEs referenced: CVE-2021-35525

Reason: fix NULL pointer dereference

Request: 1016439

Closes: 769938

Binary debdiffs: armelarmhfi386mipsmipsel

Reason: updae included data

Request: 1018048

DSA: 5159

CVEs referenced: CVE-2022-31799

Reason: update tests to fix build failure

Request: 1018080

Closes: 950041

Binary debdiffs: all

Lintian issues: all

Reason: don't send authentication data with all requests [CVE-2021-41125]; don't expose cookies cross-domain when redirecting [CVE-2022-0577]

Request: 1011360

Closes: 1008234

CVEs referenced: CVE-2021-41125 CVE-2022-0577

Binary debdiffs: all

Reason: properly link against libm library

Request: 1018184

Closes: 953539 954305

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix setTabOrder for compound widgets; add an expansion limit for XML entities [CVE-2015-9541]

Request: 1006182

Closes: 1001082 951066

CVEs referenced: CVE-2015-9541

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

DSA: 5181

CVEs referenced: CVE-2022-25802

DSA: 5150

Closes: 1010619

CVEs referenced: CVE-2022-24903

Reason: add missing dependency on ruby-builder

Request: 998390

Closes: 982522

Binary debdiffs: all

Reason: skip some unreliable tests in order to fix build failure

Request: 1018108

Closes: 988023

Reason: fix build failure when using http-parser containing the fix for CVE-2019-15605

Request: 1018151

Closes: 977750

CVEs referenced: CVE-2019-15605

Binary debdiffs: i386

Reason: allow use of "LOAD DATA LOCAL INFILE"

Request: 1018185

Closes: 988028

Reason: fix build failure due to too old timestamps

Missing builds: armel mips

Request: 1014909

Closes: 1015146

Binary debdiffs: amd64arm64mips64elppc64els390x

Lintian issues: mipsel

This upload was superseded by a more current one.

Reason: new upstream version to support building of newer firefox-esr and thunderbird versions

Request: 1014909

Reason: include mips(el) stage0 binaries

Missing builds: armel mips

Request: 1014907

Binary debdiffs: allamd64arm64armhfi386mips64elmipselppc64el

Lintian issues: allamd64arm64armhfi386mips64elmipselppc64els390xsource

This upload was superseded by a more current one.

Reason: inline atomics on arm64; increase allowed test failures on i386

Request: 1014907

Binary debdiffs: allamd64arm64armhfi386mips64elppc64el

Lintian issues: allamd64arm64armhfi386mips64elppc64el

This upload was superseded by a more current one.

Reason: new upstream version to support building of newer firefox-esr and thunderbird versions

Request: 1014907

Binary debdiffs: allamd64armhfmips64elppc64el

Lintian issues: allamd64armhfmips64elppc64el

Reason: use "pdftoppm" instead of "convert" to convert PDF to JPEG as the latter fails with the changed security policy of ImageMagick

Request: 1018092

Closes: 962439

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: new upstream release

Missing lock-step packages: shim-signed

Request: 1016178

Distribution mismatch: buster-proposed-updates

Reason: new upstream release

Request: 1016179

Binary debdiffs: amd64

Lintian issues: amd64source

Distribution mismatch: buster-proposed-updates

Reason: new upstream release

Request: 1016179

Binary debdiffs: arm64

Lintian issues: source

Distribution mismatch: buster-proposed-updates

Reason: new upstream release

Request: 1016179

Binary debdiffs: i386

Lintian issues: i386source

DSA: 5151

CVEs referenced: CVE-2021-21408 CVE-2021-26119 CVE-2021-26120 CVE-2021-29454 CVE-2022-29221

Missing builds: s390x

DSA: 5080

CVEs referenced: CVE-2021-44730 CVE-2021-44731

Binary debdiffs: amd64arm64armelarmhfi386ppc64el

DSA: 5190

Lintian issues: all

This upload was superseded by a more current one.

DSA: 5152

DSA: 5171

CVEs referenced: CVE-2021-28116 CVE-2021-46784

DSA: 5119

CVEs referenced: CVE-2021-28544 CVE-2022-24070

Missing builds: armel armhf ppc64el

DSA: 5195

Lintian issues: amd64arm64i386mips64els390xsource

This upload was superseded by a more current one.

DSA: 5175

Binary debdiffs: allamd64arm64i386mips64el

This upload was superseded by a more current one.

DSA: 5158

Binary debdiffs: allamd64arm64i386mips64el

This upload was superseded by a more current one.

DSA: 5141

Closes: 1009321

Binary debdiffs: allamd64arm64i386mips64el

This upload was superseded by a more current one.

DSA: 5118

Binary debdiffs: allamd64arm64i386

This upload was superseded by a more current one.

DSA: 5106

Binary debdiffs: allamd64arm64i386mips64el

This upload was superseded by a more current one.

DSA: 5094

Binary debdiffs: allamd64arm64i386mips64el

This upload was superseded by a more current one.

DSA: 5086

Binary debdiffs: allamd64arm64i386mips64el

This upload was superseded by a more current one.

DSA: 5074

Binary debdiffs: allamd64arm64i386mips64el

This upload was superseded by a more current one.

DSA: 5045

Binary debdiffs: allamd64arm64i386mips64el

Lintian issues: allamd64arm64i386mips64el

This upload was superseded by a more current one.

DSA: 5034

Binary debdiffs: allamd64

Lintian issues: amd64

DSA: 5108

CVEs referenced: CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891 CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-22844

DSA: 5153

CVEs referenced: CVE-2021-37147 CVE-2021-37148 CVE-2021-37149 CVE-2021-38161 CVE-2021-44040 CVE-2021-44759

Lintian issues: amd64arm64armhfi386mipsmips64elmipselppc64elsource

Reason: fix incorrect URI and HTTP method validation issue [CVE-2019-12387], incorrect certificate validation in XMPP support [CVE-2019-12855], HTTP/2 denial of service issues [CVE-2019-9514 CVE-2019-9515], HTTP request smuggling issues [CVE-2020-10108 CVE-2020-10109 CVE-2022-24801], information disclosure issue when following cross-domain redirects [CVE-2022-21712], denial of service issue during SSH handshake [CVE-2022-21716]

Request: 1010615

CVEs referenced: CVE-2019-12387 CVE-2019-12855 CVE-2019-951 CVE-2019-9511 CVE-2019-9514 CVE-2019-9515 CVE-2020-1010 CVE-2020-10108 CVE-2020-10109 CVE-2022-21712 CVE-2022-21716 CVE-2022-24801

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: all

Reason: update timezone data for Iran and Chile

Lintian issues: allsource

This upload was superseded by a more current one.

Reason: update leap second list

Closes: 1012191

This upload was superseded by a more current one.

Reason: update timezone data for Palestine

Reason: new upstream stable release

Request: 1014200

Closes: 996249

Binary debdiffs: all

Lintian issues: allsource

Reason: fix directory traversal issue [CVE-2022-30333]

Request: 1010858

Closes: 1010837

CVEs referenced: CVE-2022-30333

DSA: 5165

DSA: 5138

Closes: 1008013

CVEs referenced: CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2022-24761

Binary debdiffs: all

Lintian issues: source

Missing builds: mips

DSA: 5182

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armhfi386mips64elmipselppc64els390xsource

This upload was superseded by a more current one.

DSA: 5154

CVEs referenced: CVE-2022-26700 CVE-2022-26709 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-30293 CVE-2022-30294

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armhfi386mips64elmipselppc64els390x

This upload was superseded by a more current one.

DSA: 5115

CVEs referenced: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armhfi386mips64elmipselppc64els390x

Reason: fix remote code execution issue [CVE-2021-22191], denial of service issues [CVE-2021-4181 CVE-2021-4184 CVE-2021-4185 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586]

Request: 1012066

CVEs referenced: CVE-2021-22191 CVE-2021-4181 CVE-2021-4184 CVE-2021-4185 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586

DSA: 5123

Closes: 1009167

CVEs referenced: CVE-2022-1271

Lintian issues: source

DSA: 5111

µdebs: present

Closes: 1008265

CVEs referenced: CVE-2018-25032

Binary debdiffs: amd64i386mipsmips64elmipsels390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x