Queue Overview for "oldstable-proposed-updates"

Removals

List of missing builds
List of missing packages relative to security archive

Resolution Pending (5 uploads for 5 packages)

Package Version Version Problems Installability Problems Architectures Action
appstream 0.16.1-2+b1 Installability problems Built: amd64arm64armelarmhfi386mips64elmipselppc64els390x Ok

Reason: rebuild with updated libxmlb

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

chromium 149.0.7827.196-1~deb12u1 Version problems stable (147.0.7727.137-1~deb13u1) Installability problems Built: allamd64arm64armhfi386ppc64elsource Ok

Distribution mismatch: bookworm-security

Reason: security update

CVEs referenced: CVE-2026-13021 CVE-2026-13022 CVE-2026-13023 CVE-2026-13024 CVE-2026-13025 CVE-2026-13026 CVE-2026-13027 CVE-2026-13028 CVE-2026-13029 CVE-2026-13030 CVE-2026-13031 CVE-2026-13032 CVE-2026-13033 CVE-2026-13034 CVE-2026-13035 CVE-2026-13036 CVE-2026-13037 CVE-2026-13038

Lintian issues: source

curl 7.88.1-10+deb12u15 Installability problems Built: source ?

CVEs referenced: CVE-2025-10148 CVE-2025-14524 CVE-2025-14819 CVE-2026-3783 CVE-2026-3784 CVE-2026-5773 CVE-2026-7168

gnome-firmware 43.2-1+b1 Installability problems Built: amd64arm64armelarmhfi386mips64elmipselppc64els390x Ok

Reason: rebuild with updated libxmlb

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

gnome-software 43.5-1~deb12u1+b1 Installability problems Built: amd64arm64armelarmhfi386mips64elmipselppc64els390x Ok

Reason: rebuild with updated libxmlb

Pending Processing (0 uploads for 0 packages)

Processed (147 uploads for 122 packages)

Package Version Version Problems Installability Problems Action
apache2 2.4.68-1~deb12u1 Version problems stable (2.4.67-1~deb13u2) Installability problems ACCEPTED

Reason: fix HTTP/2 request DoS and file handle exhaustion [CVE-2026-49975 CVE-2026-48913]; fix proxy, DAV, LDAP, SSL, XML and header memory/crash issues [CVE-2026-29167 CVE-2026-34355 CVE-2026-34356 CVE-2026-42535 CVE-2026-42536 CVE-2026-43951 CVE-2026-44185]; fix proxy FTP directory listing XSS and backend loop [CVE-2026-29170 CVE-2026-44186]; restrict htaccess expression file access [CVE-2026-44119]; fix regex parsing underflow [CVE-2026-44631]; correct SSI, file-cache, WebDAV DELETE and proxy health-check handling; update documentation and tests

Request: 1139737

CVEs referenced: CVE-2026-29167 CVE-2026-29170 CVE-2026-34355 CVE-2026-34356 CVE-2026-42535 CVE-2026-42536 CVE-2026-43951 CVE-2026-44119 CVE-2026-44185 CVE-2026-44186 CVE-2026-44631 CVE-2026-48913 CVE-2026-49975

Binary debdiffs: all

apache2 2.4.67-1~deb12u3 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6323

CVEs referenced: CVE-2026-49975

astropy 5.2.1-2+deb12u1 Installability problems ACCEPTED

Reason: fix FTBFS in failing tests

Missing builds: arm64 mips64el

Request: 1137243

Closes: 1137044

atril 1.26.0-2+deb12u4 Installability problems ACCEPTED

DLA: 4632

Closes: 1139874

CVEs referenced: CVE-2026-46529

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

beets 1.6.0-4+deb12u1 Installability problems ACCEPTED

Reason: fix XSS vulnerability [CVE-2026-42052]; fix FTBFS in tests

Request: 1136745

Closes: 1135779

CVEs referenced: CVE-2026-42052

bind9 1:9.18.49-1~deb12u1 Installability problems ACCEPTED

DSA: 6285

CVEs referenced: CVE-2026-3039 CVE-2026-3592 CVE-2026-5946 CVE-2026-5950

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

calibre 6.13.0+repack-2+deb12u9 Installability problems ACCEPTED

Reason: prevent reading background images from outside the config dir [CVE-2026-33205]

Request: 1138069

CVEs referenced: CVE-2026-33205

calibre 6.13.0+repack-2+deb12u8 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: read resources only from book contents [CVE-2026-33206]; keep extracted files within container dir [CVE-2026-30853]

Request: 1137465

CVEs referenced: CVE-2026-30853 CVE-2026-33206

calibre 6.13.0+repack-2+deb12u7 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: fix various potential security issues

Request: 1136058

Closes: 1136161

ceph 16.2.15+ds-0+deb12u2 Installability problems c-i running: nova/2:26.2.2-1~deb12u4 [amd64] ACCEPTED

DSA: 6321

Closes: 1108410 1120797 1126573

CVEs referenced: CVE-2024-31884 CVE-2024-47866 CVE-2025-52555

Binary debdiffs: arm64

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

chromium 149.0.7827.155-1~deb12u1 Version problems stable (147.0.7727.137-1~deb13u1) Installability problems ACCEPTED

DSA: 6352

CVEs referenced: CVE-2026-12437 CVE-2026-12438 CVE-2026-12439 CVE-2026-12440 CVE-2026-12441 CVE-2026-12442 CVE-2026-12443 CVE-2026-12444 CVE-2026-12445 CVE-2026-12446 CVE-2026-12447 CVE-2026-12448 CVE-2026-12449 CVE-2026-12450 CVE-2026-12451 CVE-2026-12452 CVE-2026-12453 CVE-2026-12454 CVE-2026-12455 CVE-2026-12456 CVE-2026-12457 CVE-2026-12458 CVE-2026-12459 CVE-2026-12460 CVE-2026-12461 CVE-2026-12462 CVE-2026-12463 CVE-2026-12464 CVE-2026-12465 CVE-2026-12466 CVE-2026-12467 CVE-2026-12468 CVE-2026-12469

Lintian issues: source

chromium 149.0.7827.114-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6344

CVEs referenced: CVE-2026-12007 CVE-2026-12008 CVE-2026-12009 CVE-2026-12010 CVE-2026-12011 CVE-2026-12012 CVE-2026-12013 CVE-2026-12014 CVE-2026-12015 CVE-2026-12016 CVE-2026-12017 CVE-2026-12018 CVE-2026-12019 CVE-2026-12020 CVE-2026-12022 CVE-2026-12023 CVE-2026-12024 CVE-2026-12025 CVE-2026-12026 CVE-2026-12027 CVE-2026-12028 CVE-2026-12029 CVE-2026-12030 CVE-2026-12031 CVE-2026-12032 CVE-2026-12033 CVE-2026-12034 CVE-2026-12035

chromium 149.0.7827.102-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6337

CVEs referenced: CVE-2026-11628 CVE-2026-11629 CVE-2026-11630 CVE-2026-11631 CVE-2026-11632 CVE-2026-11633 CVE-2026-11634 CVE-2026-11635 CVE-2026-11636 CVE-2026-11637 CVE-2026-11638 CVE-2026-11639 CVE-2026-11640 CVE-2026-11641 CVE-2026-11642 CVE-2026-11643 CVE-2026-11644 CVE-2026-11645 CVE-2026-11646 CVE-2026-11647 CVE-2026-11648 CVE-2026-11649 CVE-2026-11650 CVE-2026-11651 CVE-2026-11652 CVE-2026-11653 CVE-2026-11654 CVE-2026-11655 CVE-2026-11656 CVE-2026-11657 CVE-2026-11658 CVE-2026-11659 CVE-2026-11660 CVE-2026-11661 CVE-2026-11662 CVE-2026-11663 CVE-2026-11664 CVE-2026-11665 CVE-2026-11666 CVE-2026-11667 CVE-2026-11668 CVE-2026-11669 CVE-2026-11670 CVE-2026-11671 CVE-2026-11672 CVE-2026-11673 CVE-2026-11674 CVE-2026-11675 CVE-2026-11676 CVE-2026-11677 CVE-2026-11678 CVE-2026-11679 CVE-2026-11680 CVE-2026-11681 CVE-2026-11682 CVE-2026-11683 CVE-2026-11684 CVE-2026-11685 CVE-2026-11686 CVE-2026-11687 CVE-2026-11688 CVE-2026-11689 CVE-2026-11690 CVE-2026-11691 CVE-2026-11692 CVE-2026-11693 CVE-2026-11694 CVE-2026-11695 CVE-2026-11696 CVE-2026-11697 CVE-2026-11698 CVE-2026-11699 CVE-2026-11700 CVE-2026-11701

Binary debdiffs: ppc64el

chromium 149.0.7827.53-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6325

CVEs referenced: CVE-2026-10881 CVE-2026-10882 CVE-2026-10883 CVE-2026-10884 CVE-2026-10885 CVE-2026-10886 CVE-2026-10887 CVE-2026-10888 CVE-2026-10889 CVE-2026-10890 CVE-2026-10891 CVE-2026-10892 CVE-2026-10893 CVE-2026-10894 CVE-2026-10895 CVE-2026-10896 CVE-2026-10897 CVE-2026-10898 CVE-2026-10899 CVE-2026-10900 CVE-2026-10901 CVE-2026-10902 CVE-2026-10903 CVE-2026-10904 CVE-2026-10905 CVE-2026-10906 CVE-2026-10907 CVE-2026-10908 CVE-2026-10909 CVE-2026-10910 CVE-2026-10911 CVE-2026-10912 CVE-2026-10913 CVE-2026-10914 CVE-2026-10915 CVE-2026-10916 CVE-2026-10917 CVE-2026-10918 CVE-2026-10919 CVE-2026-10920 CVE-2026-10921 CVE-2026-10922 CVE-2026-10923 CVE-2026-10924 CVE-2026-10925 CVE-2026-10926 CVE-2026-10927 CVE-2026-10928 CVE-2026-10929 CVE-2026-10930 CVE-2026-10931 CVE-2026-10932 CVE-2026-10933 CVE-2026-10934 CVE-2026-10935 CVE-2026-10936 CVE-2026-10937 CVE-2026-10938 CVE-2026-10939 CVE-2026-10940 CVE-2026-10941 CVE-2026-10942 CVE-2026-10943 CVE-2026-10944 CVE-2026-10945 CVE-2026-10946 CVE-2026-10947 CVE-2026-10948 CVE-2026-10949 CVE-2026-10950 CVE-2026-10951 CVE-2026-10952 CVE-2026-10953 CVE-2026-10954 CVE-2026-10955 CVE-2026-10956 CVE-2026-10957 CVE-2026-10958 CVE-2026-10959 CVE-2026-10960 CVE-2026-10961 CVE-2026-10962 CVE-2026-10963 CVE-2026-10964 CVE-2026-10965 CVE-2026-10966 CVE-2026-10967 CVE-2026-10968 CVE-2026-10969 CVE-2026-10970 CVE-2026-10971 CVE-2026-10972 CVE-2026-10973 CVE-2026-10974 CVE-2026-10975 CVE-2026-10976 CVE-2026-10977 CVE-2026-10978 CVE-2026-10979 CVE-2026-10980 CVE-2026-10981 CVE-2026-10982 CVE-2026-10983 CVE-2026-10984 CVE-2026-10985 CVE-2026-10986 CVE-2026-10987 CVE-2026-10988 CVE-2026-10989 CVE-2026-10990 CVE-2026-10991 CVE-2026-10992 CVE-2026-10993 CVE-2026-10994 CVE-2026-10995 CVE-2026-10996 CVE-2026-10997 CVE-2026-10998 CVE-2026-10999 CVE-2026-11000 CVE-2026-11001 CVE-2026-11002 CVE-2026-11003 CVE-2026-11004 CVE-2026-11005 CVE-2026-11006 CVE-2026-11007 CVE-2026-11008 CVE-2026-11009 CVE-2026-11010 CVE-2026-11011 CVE-2026-11012 CVE-2026-11013 CVE-2026-11014 CVE-2026-11015 CVE-2026-11016 CVE-2026-11017 CVE-2026-11018 CVE-2026-11019 CVE-2026-11020 CVE-2026-11021 CVE-2026-11022 CVE-2026-11023 CVE-2026-11024 CVE-2026-11025 CVE-2026-11026 CVE-2026-11027 CVE-2026-11028 CVE-2026-11029 CVE-2026-11030 CVE-2026-11031 CVE-2026-11032 CVE-2026-11033 CVE-2026-11034 CVE-2026-11035 CVE-2026-11036 CVE-2026-11037 CVE-2026-11038 CVE-2026-11039 CVE-2026-11040 CVE-2026-11041 CVE-2026-11042 CVE-2026-11043 CVE-2026-11044 CVE-2026-11045 CVE-2026-11046 CVE-2026-11047 CVE-2026-11048 CVE-2026-11049 CVE-2026-11050 CVE-2026-11051 CVE-2026-11052 CVE-2026-11053 CVE-2026-11054 CVE-2026-11055 CVE-2026-11056 CVE-2026-11057 CVE-2026-11058 CVE-2026-11059 CVE-2026-11060 CVE-2026-11061 CVE-2026-11062 CVE-2026-11063 CVE-2026-11064 CVE-2026-11065 CVE-2026-11066 CVE-2026-11067 CVE-2026-11068 CVE-2026-11069 CVE-2026-11070 CVE-2026-11071 CVE-2026-11072 CVE-2026-11073 CVE-2026-11074 CVE-2026-11075 CVE-2026-11076 CVE-2026-11077 CVE-2026-11078 CVE-2026-11079 CVE-2026-11080 CVE-2026-11081 CVE-2026-11082 CVE-2026-11083 CVE-2026-11084 CVE-2026-11085 CVE-2026-11086 CVE-2026-11087 CVE-2026-11088 CVE-2026-11089 CVE-2026-11090 CVE-2026-11091 CVE-2026-11092 CVE-2026-11093 CVE-2026-11094 CVE-2026-11095 CVE-2026-11096 CVE-2026-11097 CVE-2026-11098 CVE-2026-11099 CVE-2026-11100 CVE-2026-11101 CVE-2026-11102 CVE-2026-11103 CVE-2026-11104 CVE-2026-11105 CVE-2026-11106 CVE-2026-11107 CVE-2026-11108 CVE-2026-11109 CVE-2026-11110 CVE-2026-11111 CVE-2026-11112 CVE-2026-11113 CVE-2026-11114 CVE-2026-11115 CVE-2026-11116 CVE-2026-11117 CVE-2026-11118 CVE-2026-11119 CVE-2026-11120 CVE-2026-11121 CVE-2026-11122 CVE-2026-11123 CVE-2026-11124 CVE-2026-11125 CVE-2026-11126 CVE-2026-11127 CVE-2026-11128 CVE-2026-11129 CVE-2026-11130 CVE-2026-11131 CVE-2026-11132 CVE-2026-11133 CVE-2026-11134 CVE-2026-11135 CVE-2026-11136 CVE-2026-11137 CVE-2026-11138 CVE-2026-11139 CVE-2026-11140 CVE-2026-11141 CVE-2026-11142 CVE-2026-11143 CVE-2026-11144 CVE-2026-11145 CVE-2026-11146 CVE-2026-11147 CVE-2026-11148 CVE-2026-11149 CVE-2026-11150 CVE-2026-11151 CVE-2026-11152 CVE-2026-11153 CVE-2026-11154 CVE-2026-11155 CVE-2026-11156 CVE-2026-11157 CVE-2026-11158 CVE-2026-11159 CVE-2026-11160 CVE-2026-11161 CVE-2026-11162 CVE-2026-11163 CVE-2026-11164 CVE-2026-11165 CVE-2026-11166 CVE-2026-11167 CVE-2026-11168 CVE-2026-11169 CVE-2026-11170 CVE-2026-11171 CVE-2026-11172 CVE-2026-11173 CVE-2026-11174 CVE-2026-11175 CVE-2026-11176 CVE-2026-11177 CVE-2026-11178 CVE-2026-11179 CVE-2026-11180 CVE-2026-11181 CVE-2026-11182 CVE-2026-11183 CVE-2026-11184 CVE-2026-11185 CVE-2026-11186 CVE-2026-11187 CVE-2026-11188 CVE-2026-11189 CVE-2026-11190 CVE-2026-11191 CVE-2026-11192 CVE-2026-11193 CVE-2026-11194 CVE-2026-11195 CVE-2026-11196 CVE-2026-11197 CVE-2026-11198 CVE-2026-11199 CVE-2026-11200 CVE-2026-11201 CVE-2026-11202 CVE-2026-11203 CVE-2026-11204 CVE-2026-11205 CVE-2026-11206 CVE-2026-11207 CVE-2026-11208 CVE-2026-11209 CVE-2026-11210 CVE-2026-11211 CVE-2026-11212 CVE-2026-11213 CVE-2026-11214 CVE-2026-11215 CVE-2026-11216 CVE-2026-11217 CVE-2026-11218 CVE-2026-11219 CVE-2026-11220 CVE-2026-11221 CVE-2026-11222 CVE-2026-11223 CVE-2026-11224 CVE-2026-11225 CVE-2026-11226 CVE-2026-11227 CVE-2026-11228 CVE-2026-11229 CVE-2026-11230 CVE-2026-11231 CVE-2026-11232 CVE-2026-11233 CVE-2026-11234 CVE-2026-11235 CVE-2026-11236 CVE-2026-11237 CVE-2026-11238 CVE-2026-11239 CVE-2026-11240 CVE-2026-11241 CVE-2026-11242 CVE-2026-11243 CVE-2026-11244 CVE-2026-11245 CVE-2026-11246 CVE-2026-11247 CVE-2026-11248 CVE-2026-11249 CVE-2026-11250 CVE-2026-11251 CVE-2026-11252 CVE-2026-11253 CVE-2026-11254 CVE-2026-11255 CVE-2026-11256 CVE-2026-11257 CVE-2026-11258 CVE-2026-11259 CVE-2026-11260 CVE-2026-11261 CVE-2026-11262 CVE-2026-11263 CVE-2026-11264 CVE-2026-11265 CVE-2026-11266 CVE-2026-11267 CVE-2026-11268 CVE-2026-11269 CVE-2026-11270 CVE-2026-11271 CVE-2026-11272 CVE-2026-11273 CVE-2026-11274 CVE-2026-11275 CVE-2026-11276 CVE-2026-11277 CVE-2026-11278 CVE-2026-11279 CVE-2026-11280 CVE-2026-11281 CVE-2026-11282 CVE-2026-11283 CVE-2026-11284 CVE-2026-11285 CVE-2026-11286 CVE-2026-11287 CVE-2026-11288 CVE-2026-11289 CVE-2026-11290 CVE-2026-11291 CVE-2026-11292 CVE-2026-11293 CVE-2026-11294 CVE-2026-11295 CVE-2026-11296 CVE-2026-11297 CVE-2026-11298 CVE-2026-11299 CVE-2026-11300 CVE-2026-11301 CVE-2026-11302 CVE-2026-11303 CVE-2026-11304 CVE-2026-11305 CVE-2026-11306 CVE-2026-11307 CVE-2026-11308 CVE-2026-11309

chromium 148.0.7778.215-1~deb12u1 Installability problems all ACCEPTED

This upload was superseded by a more current one.

DSA: 6316

CVEs referenced: CVE-2026-10000 CVE-2026-10001 CVE-2026-10002 CVE-2026-10003 CVE-2026-10004 CVE-2026-10005 CVE-2026-10006 CVE-2026-10007 CVE-2026-10008 CVE-2026-10009 CVE-2026-10010 CVE-2026-10011 CVE-2026-10012 CVE-2026-10013 CVE-2026-10014 CVE-2026-10015 CVE-2026-10016 CVE-2026-10017 CVE-2026-10018 CVE-2026-10019 CVE-2026-10020 CVE-2026-10021 CVE-2026-10022 CVE-2026-9872 CVE-2026-9873 CVE-2026-9874 CVE-2026-9875 CVE-2026-9876 CVE-2026-9877 CVE-2026-9878 CVE-2026-9879 CVE-2026-9880 CVE-2026-9881 CVE-2026-9882 CVE-2026-9883 CVE-2026-9884 CVE-2026-9885 CVE-2026-9886 CVE-2026-9887 CVE-2026-9888 CVE-2026-9889 CVE-2026-9890 CVE-2026-9891 CVE-2026-9892 CVE-2026-9893 CVE-2026-9894 CVE-2026-9895 CVE-2026-9896 CVE-2026-9897 CVE-2026-9898 CVE-2026-9899 CVE-2026-9900 CVE-2026-9901 CVE-2026-9902 CVE-2026-9903 CVE-2026-9904 CVE-2026-9905 CVE-2026-9906 CVE-2026-9907 CVE-2026-9908 CVE-2026-9909 CVE-2026-9910 CVE-2026-9911 CVE-2026-9912 CVE-2026-9913 CVE-2026-9914 CVE-2026-9915 CVE-2026-9916 CVE-2026-9917 CVE-2026-9918 CVE-2026-9919 CVE-2026-9920 CVE-2026-9921 CVE-2026-9922 CVE-2026-9923 CVE-2026-9924 CVE-2026-9925 CVE-2026-9926 CVE-2026-9927 CVE-2026-9928 CVE-2026-9929 CVE-2026-9930 CVE-2026-9931 CVE-2026-9932 CVE-2026-9933 CVE-2026-9934 CVE-2026-9935 CVE-2026-9936 CVE-2026-9937 CVE-2026-9938 CVE-2026-9939 CVE-2026-9940 CVE-2026-9941 CVE-2026-9942 CVE-2026-9943 CVE-2026-9944 CVE-2026-9945 CVE-2026-9946 CVE-2026-9947 CVE-2026-9948 CVE-2026-9949 CVE-2026-9950 CVE-2026-9951 CVE-2026-9952 CVE-2026-9953 CVE-2026-9954 CVE-2026-9955 CVE-2026-9956 CVE-2026-9957 CVE-2026-9958 CVE-2026-9959 CVE-2026-9960 CVE-2026-9961 CVE-2026-9962 CVE-2026-9963 CVE-2026-9964 CVE-2026-9965 CVE-2026-9966 CVE-2026-9967 CVE-2026-9968 CVE-2026-9969 CVE-2026-9970 CVE-2026-9971 CVE-2026-9972 CVE-2026-9973 CVE-2026-9974 CVE-2026-9975 CVE-2026-9976 CVE-2026-9977 CVE-2026-9978 CVE-2026-9979 CVE-2026-9980 CVE-2026-9981 CVE-2026-9982 CVE-2026-9983 CVE-2026-9984 CVE-2026-9985 CVE-2026-9986 CVE-2026-9987 CVE-2026-9988 CVE-2026-9989 CVE-2026-9990 CVE-2026-9991 CVE-2026-9992 CVE-2026-9993 CVE-2026-9994 CVE-2026-9995 CVE-2026-9996 CVE-2026-9997 CVE-2026-9998 CVE-2026-9999

chromium 148.0.7778.178-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6287

CVEs referenced: CVE-2026-9110 CVE-2026-9111 CVE-2026-9112 CVE-2026-9113 CVE-2026-9114 CVE-2026-9115 CVE-2026-9116 CVE-2026-9117 CVE-2026-9118 CVE-2026-9119 CVE-2026-9120 CVE-2026-9121 CVE-2026-9122 CVE-2026-9123 CVE-2026-9124 CVE-2026-9126

chromium 148.0.7778.167-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6273

CVEs referenced: CVE-2026-8509 CVE-2026-8510 CVE-2026-8511 CVE-2026-8512 CVE-2026-8513 CVE-2026-8514 CVE-2026-8515 CVE-2026-8516 CVE-2026-8517 CVE-2026-8518 CVE-2026-8519 CVE-2026-8520 CVE-2026-8521 CVE-2026-8522 CVE-2026-8523 CVE-2026-8524 CVE-2026-8525 CVE-2026-8526 CVE-2026-8527 CVE-2026-8528 CVE-2026-8529 CVE-2026-8530 CVE-2026-8531 CVE-2026-8532 CVE-2026-8533 CVE-2026-8534 CVE-2026-8535 CVE-2026-8536 CVE-2026-8537 CVE-2026-8538 CVE-2026-8539 CVE-2026-8540 CVE-2026-8541 CVE-2026-8542 CVE-2026-8543 CVE-2026-8544 CVE-2026-8545 CVE-2026-8546 CVE-2026-8547 CVE-2026-8548 CVE-2026-8549 CVE-2026-8550 CVE-2026-8551 CVE-2026-8552 CVE-2026-8553 CVE-2026-8554 CVE-2026-8555 CVE-2026-8556 CVE-2026-8557 CVE-2026-8558 CVE-2026-8559 CVE-2026-8560 CVE-2026-8561 CVE-2026-8562 CVE-2026-8563 CVE-2026-8564 CVE-2026-8565 CVE-2026-8566 CVE-2026-8567 CVE-2026-8568 CVE-2026-8569 CVE-2026-8570 CVE-2026-8571 CVE-2026-8572 CVE-2026-8573 CVE-2026-8574 CVE-2026-8575 CVE-2026-8576 CVE-2026-8577 CVE-2026-8578 CVE-2026-8579 CVE-2026-8580 CVE-2026-8581 CVE-2026-8582 CVE-2026-8583 CVE-2026-8584 CVE-2026-8585 CVE-2026-8586 CVE-2026-8587

chromium 148.0.7778.96-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6250

CVEs referenced: CVE-2026-7896 CVE-2026-7897 CVE-2026-7898 CVE-2026-7899 CVE-2026-7900 CVE-2026-7901 CVE-2026-7902 CVE-2026-7903 CVE-2026-7904 CVE-2026-7905 CVE-2026-7906 CVE-2026-7907 CVE-2026-7908 CVE-2026-7909 CVE-2026-7910 CVE-2026-7911 CVE-2026-7912 CVE-2026-7913 CVE-2026-7914 CVE-2026-7915 CVE-2026-7916 CVE-2026-7917 CVE-2026-7918 CVE-2026-7919 CVE-2026-7920 CVE-2026-7921 CVE-2026-7922 CVE-2026-7923 CVE-2026-7924 CVE-2026-7925 CVE-2026-7926 CVE-2026-7927 CVE-2026-7928 CVE-2026-7929 CVE-2026-7930 CVE-2026-7931 CVE-2026-7932 CVE-2026-7933 CVE-2026-7934 CVE-2026-7935 CVE-2026-7936 CVE-2026-7937 CVE-2026-7938 CVE-2026-7939 CVE-2026-7940 CVE-2026-7941 CVE-2026-7942 CVE-2026-7943 CVE-2026-7944 CVE-2026-7945 CVE-2026-7946 CVE-2026-7947 CVE-2026-7948 CVE-2026-7949 CVE-2026-7950 CVE-2026-7951 CVE-2026-7952 CVE-2026-7953 CVE-2026-7954 CVE-2026-7955 CVE-2026-7956 CVE-2026-7957 CVE-2026-7958 CVE-2026-7959 CVE-2026-7960 CVE-2026-7961 CVE-2026-7962 CVE-2026-7963 CVE-2026-7964 CVE-2026-7965 CVE-2026-7966 CVE-2026-7967 CVE-2026-7968 CVE-2026-7969 CVE-2026-7970 CVE-2026-7971 CVE-2026-7972 CVE-2026-7973 CVE-2026-7974 CVE-2026-7975 CVE-2026-7976 CVE-2026-7977 CVE-2026-7978 CVE-2026-7979 CVE-2026-7980 CVE-2026-7981 CVE-2026-7982 CVE-2026-7983 CVE-2026-7984 CVE-2026-7985 CVE-2026-7986 CVE-2026-7987 CVE-2026-7988 CVE-2026-7989 CVE-2026-7990 CVE-2026-7991 CVE-2026-7992 CVE-2026-7993 CVE-2026-7994 CVE-2026-7995 CVE-2026-7996 CVE-2026-7997 CVE-2026-7998 CVE-2026-7999 CVE-2026-8000 CVE-2026-8001 CVE-2026-8002 CVE-2026-8003 CVE-2026-8004 CVE-2026-8005 CVE-2026-8006 CVE-2026-8007 CVE-2026-8008 CVE-2026-8009 CVE-2026-8010 CVE-2026-8011 CVE-2026-8012 CVE-2026-8013 CVE-2026-8014 CVE-2026-8015 CVE-2026-8016 CVE-2026-8017 CVE-2026-8018 CVE-2026-8019 CVE-2026-8020 CVE-2026-8021 CVE-2026-8022

cloud-init 22.4.2-1+deb12u4 Installability problems ACCEPTED

Reason: fix OpenStack bond initialisation

Request: 1139643

Closes: 1138064

Lintian issues: all

composer 2.5.5-1+deb12u5 Installability problems ACCEPTED

Reason: fix support for new GitHub token format [-2026-45793]

Request: 1136643

CVEs referenced: CVE-2026-45793

dar 2.7.8-2+b9 Installability problems ACCEPTED

Reason: rebuild with updated libgcrypt20

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

dovecot 1:2.3.19.1+dfsg1-2.1+deb12u6 Installability problems ACCEPTED

DSA: 6313

Closes: 1136444

CVEs referenced: CVE-2026-33603 CVE-2026-40016 CVE-2026-40020 CVE-2026-42006

evince 43.1-2+deb12u1 Installability problems ACCEPTED

DSA: 6286

CVEs referenced: CVE-2026-46529

exim4 4.96-15+deb12u10 Installability problems ACCEPTED

DSA: 6309

ffmpeg 7:5.1.9-0+deb12u1 Installability problems ACCEPTED

DSA: 6276

Binary debdiffs: mipsel

Lintian issues: allamd64arm64armeli386mips64elmipsels390xsource

firefox-esr 140.12.0esr-1~deb12u1 Version problems stable (140.10.2esr-1~deb13u1) Installability problems ACCEPTED

Missing builds: mips64el

DLA: 4635

CVEs referenced: CVE-2026-12289 CVE-2026-12290 CVE-2026-12291 CVE-2026-12292 CVE-2026-12294 CVE-2026-12295 CVE-2026-12296 CVE-2026-12297 CVE-2026-12298 CVE-2026-12299 CVE-2026-12302 CVE-2026-12304 CVE-2026-12305 CVE-2026-12306 CVE-2026-12307 CVE-2026-12308 CVE-2026-12309 CVE-2026-12310 CVE-2026-12311 CVE-2026-12312 CVE-2026-12313 CVE-2026-12314 CVE-2026-12315 CVE-2026-12324 CVE-2026-12325 CVE-2026-12327 CVE-2026-12328 CVE-2026-12329 CVE-2026-12330

Lintian issues: armhfi386source

firefox-esr 140.11.0esr-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6283

CVEs referenced: CVE-2026-8388 CVE-2026-8391 CVE-2026-8401 CVE-2026-8946 CVE-2026-8947 CVE-2026-8950 CVE-2026-8953 CVE-2026-8954 CVE-2026-8955 CVE-2026-8956 CVE-2026-8957 CVE-2026-8958 CVE-2026-8961 CVE-2026-8962 CVE-2026-8968 CVE-2026-8970 CVE-2026-8974 CVE-2026-8975

Lintian issues: amd64arm64armhfi386

firewalld 1.3.3-1~deb12u2 Installability problems ACCEPTED

Reason: fix dbus policy checking [CVE-2026-4948]

Request: 1137166

CVEs referenced: CVE-2026-4948

Lintian issues: allsource

frr 8.4.4-1.1~deb12u2 Installability problems ACCEPTED

DSA: 6322

CVEs referenced: CVE-2023-3748 CVE-2024-27913 CVE-2024-31950 CVE-2024-31951 CVE-2024-34088 CVE-2025-61099 CVE-2025-61100 CVE-2025-61101 CVE-2025-61102 CVE-2025-61103 CVE-2025-61104 CVE-2025-61105 CVE-2025-61106 CVE-2025-61107 CVE-2026-28532 CVE-2026-37457 CVE-2026-37458 CVE-2026-5107

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

ghdl 2.0.0+dfsg-6.2+b2 Installability problems ACCEPTED

Reason: rebuild with updated gcc-12

giflib 5.2.1-2.5+deb12u1 Installability problems ACCEPTED

Reason: fix memory corruption issues [CVE-2026-23868 CVE-2026-26740]

Request: 1140777

Closes: 1130495 1131368

CVEs referenced: CVE-2026-23868 CVE-2026-26740

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

gnutls28 3.7.9-2+deb12u7 Installability problems ACCEPTED

DSA: 6281

Closes: 1135319

CVEs referenced: CVE-2026-33845 CVE-2026-33846 CVE-2026-3832 CVE-2026-3833 CVE-2026-42009 CVE-2026-42010 CVE-2026-42011 CVE-2026-42012 CVE-2026-42013 CVE-2026-42014 CVE-2026-42015 CVE-2026-5260 CVE-2026-5419

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

graphite2 1.3.14-1+deb12u1 Installability problems ACCEPTED

Reason: fix out-of-bounds write [CVE-2026-50593]

Request: 1139172

CVEs referenced: CVE-2026-50593

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

gsasl 2.2.0-1+deb12u1 Installability problems ACCEPTED

DSA: 6271

gss 1.0.4-1+deb12u1 Installability problems ACCEPTED

Reason: fix FTBFS caused by an expired Kerberos ticket

Missing builds: armel armhf i386 mipsel

Request: 1091842

Closes: 1076885

Binary debdiffs: allamd64arm64mips64elppc64els390x

haveged 1.9.14-1+deb12u1 Installability problems ACCEPTED

DSA: 6292

µdebs: present

Closes: 1137096

CVEs referenced: CVE-2026-41054

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

horizon 3:23.0.0-5+deb12u2 Installability problems ACCEPTED

Reason: fix escaping of special characters in project

Request: 1139603

Closes: 1138845

Lintian issues: allsource

imagemagick 8:6.9.11.60+dfsg-1.6+deb12u11 Installability problems ACCEPTED

DLA: 4643

Closes: 1140176

CVEs referenced: CVE-2026-48733 CVE-2026-48734 CVE-2026-48994 CVE-2026-49218 CVE-2026-53460 CVE-2026-53463

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

imagemagick 8:6.9.11.60+dfsg-1.6+deb12u10 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6310

CVEs referenced: CVE-2026-33901 CVE-2026-42050 CVE-2026-42326 CVE-2026-45031 CVE-2026-45359 CVE-2026-45624 CVE-2026-45664 CVE-2026-46520 CVE-2026-46521 CVE-2026-46522 CVE-2026-46523 CVE-2026-46559 CVE-2026-46692 CVE-2026-46693 CVE-2026-47165 CVE-2026-47166

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

ironic 1:21.4.4-0+deb12u1 Installability problems all ACCEPTED

DSA: 6341

Closes: 1135898 1136005 1136655 1138842

CVEs referenced: CVE-2024-44082 CVE-2026-42997 CVE-2026-44916 CVE-2026-44917 CVE-2026-44919 CVE-2026-46447 CVE-2026-48681

Binary debdiffs: all

Lintian issues: allsource

ironic 1:21.1.0-3+deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: fix file disclosure via image sources [CVE-2025-44021]; fix console command injection [CVE-2026-42510]; fix Swift token disclosure [CVE-2026-42997]; fix unsafe template execution [CVE-2026-44916]

Request: 1135910

Closes: 1104964 1135255 1135898 1136005

CVEs referenced: CVE-2025-44021 CVE-2026-42510 CVE-2026-42997 CVE-2026-44916

Binary debdiffs: all

jackson-core 2.14.1-2~deb12u1 Version problems stable (2.14.1-1) Installability problems ACCEPTED

DSA: 6336

CVEs referenced: CVE-2025-49128 CVE-2025-52999

Lintian issues: source

jackson-databind 2.14.0-1+deb12u1 Installability problems ACCEPTED

DSA: 6336

Binary debdiffs: all

jackson-dataformat-smile 2.7.8-5+deb12u1 Version problems stable (2.7.8-5) Installability problems ACCEPTED

DSA: 6336

Binary debdiffs: all

kdenlive 22.12.3-2+deb12u2 Installability problems ACCEPTED

DSA: 6299

Closes: 1136172

CVEs referenced: CVE-2026-45184

kernel-wedge 2.106~deb12u1 Installability problems ACCEPTED

DLA: 4627

Binary debdiffs: all

Lintian issues: all

keystone 2:22.0.2-0+deb12u3 Installability problems ACCEPTED

DSA: 6331

Closes: 1135645

CVEs referenced: CVE-2026-42998 CVE-2026-42999 CVE-2026-43000 CVE-2026-43001 CVE-2026-44394

Lintian issues: all

keystone 2:22.0.2-0+deb12u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: fix behaviour of user_enabled_invert [CVE-2026-40683]; prevent unauthorized EC2 credential creation and deletion [CVE-2026-33551]

Request: 1135935

Closes: 1133118 1133884

CVEs referenced: CVE-2026-33551 CVE-2026-40683

Lintian issues: all

krb5 1.20.1-2+deb12u5 Installability problems ACCEPTED

DSA: 6293

Closes: 1135317

CVEs referenced: CVE-2026-40355 CVE-2026-40356

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

libapache-session-browseable-perl 1.3.11-3+deb12u1 Installability problems ACCEPTED

Reason: improve entropy of generated session IDs

Request: 1136626

CVEs referenced: CVE-2026-8503

Binary debdiffs: all

Lintian issues: all

libbytes-random-secure-perl 0.29-4~deb13u1~deb12u1 Version problems stable (0.29-3) Installability problems ACCEPTED

Reason: fix incorrect usage of seed in PRNG [CVE-2026-11625]

Request: 1140810

CVEs referenced: CVE-2026-11625

Lintian issues: all

libcaca 0.99.beta20-3+deb12u1 Installability problems ACCEPTED

Reason: prevent undefined behaviour in overflow check [(CVE-2026-42046]

Request: 1138538

Closes: 1136952

CVEs referenced: CVE-2026-42046

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

libconfig-inifiles-perl 3.000003-2+deb12u1 Installability problems ACCEPTED

DLA: 4637

CVEs referenced: CVE-2026-11527

libcrypt-pbkdf2-perl 0.261630-1~deb13u1~deb12u1 Version problems stable (0.161520-2) Installability problems ACCEPTED

Reason: change default hash algorithm to HMAC-SHA256 and default iterations to 600,000 [CVE-2026-9641]; generate salts using Crypt::URandom [CVE-2026-9638]; use a constant-time comparison in `validate` to avoid timing attacks [CVE-2017-20240]

Request: 1139905

Closes: 1139867

CVEs referenced: CVE-2017-20240 CVE-2026-9638 CVE-2026-9641

Binary debdiffs: all

Lintian issues: source

libdbi-perl 1.643-4+deb12u1 Installability problems c-i running: fasta3/36.3.8i.14-Nov-2020-1 [i386] ACCEPTED

DSA: 6338

CVEs referenced: CVE-2026-10879 CVE-2026-9698

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

libgcrypt20 1.10.1-3+deb12u1 Installability problems ACCEPTED

DSA: 6294

µdebs: present

CVEs referenced: CVE-2026-41989

libgd-perl 2.76-4+deb12u1 Installability problems ACCEPTED

DLA: 4638

CVEs referenced: CVE-2026-11526

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

libhtml-parser-perl 3.81-1+deb12u1 Installability problems ACCEPTED

Reason: fix heap-use-after-free in _decode_entities [CVE-2026-8829]

Request: 1139928

CVEs referenced: CVE-2026-8829

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

libhttp-daemon-perl 6.16-1+deb13u1~deb12u1 Version problems stable (6.16-1) Installability problems c-i failed: librpc-xml-perl/0.82-1 [s390x] ACCEPTED

DLA: 4639

Closes: 1138050

CVEs referenced: CVE-2026-8450

libinput 1.22.1-1+deb12u1 Installability problems ACCEPTED

DSA: 6339

µdebs: present

CVEs referenced: CVE-2026-50292

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

libjcat 0.2.3-1~deb12u1 Installability problems ACCEPTED

Reason: add support for ed25519 types and SHA512 hashes

Request: 1139586

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

libmatio 1.5.23-2+deb12u1 Installability problems ACCEPTED

DLA: 4644

Closes: 1100992 1104247 1124797

CVEs referenced: CVE-2025-2337 CVE-2025-2338 CVE-2025-50343

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: all

libnet-cidr-lite-perl 0.22-3~deb12u2 Installability problems ACCEPTED

Reason: fix IP/CIDR parser validation: reject non-ASCII digits and trailing newlines [CVE-2026-55190]; reject zero-padded CIDR masks [CVE-2026-45191]

Request: 1140834

CVEs referenced: CVE-2026-45190 CVE-2026-45191 CVE-2026-55190

libreoffice 4:7.4.7-1+deb12u13 Installability problems c-i failed: apparmor/3.0.8-3 [s390x] ACCEPTED

DLA: 4633

CVEs referenced: CVE-2026-6039 CVE-2026-6045 CVE-2026-8356 CVE-2026-8357 CVE-2026-8358

Binary debdiffs: all

libtext-csv-xs-perl 1.49-1+deb12u1 Installability problems ACCEPTED

DLA: 4648

Closes: 1135232

CVEs referenced: CVE-2026-7111

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

libxml-libxml-perl 2.0207+dfsg+really+2.0134-1+deb12u1 Installability problems ACCEPTED

Reason: fix out-of-bounds read [CVE-2026-8177]

Request: 1140836

Closes: 1136300

CVEs referenced: CVE-2026-8177

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

libxml2 2.9.14+dfsg-1.3~deb12u6 Installability problems c-i running: ansible/7.7.0+dfsg-3+deb12u1 [armhf] rubygems/3.3.15-2+deb12u1 [amd64] rubygems/3.3.15-2+deb12u1 [arm64] rubygems/3.3.15-2+deb12u1 [armhf] rubygems/3.3.15-2+deb12u1 [i386] ACCEPTED

Reason: fix catalogue recursion and duplicate-catalog handling [CVE-2025-8732 CVE-2026-0990 CVE-2026-0992]; limit RelaxNG include recursion [CVE-2026-0989]; fix xmllint shell memory leak [CVE-2026-1757]; correct schematron regression-test outputs [CVE-2025-49794 CVE-2025-49796]; fix XML writer and schematron memory leaks; mitigate RelaxNG validation use-after-free; update catalogue and RelaxNG regression tests

Request: 1139256

Closes: 1125691 1125695 1125696

CVEs referenced: CVE-2025-49794 CVE-2025-49796 CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

libxmlb 0.3.22-1~deb12u1 Installability problems ACCEPTED

Reason: add support for zstd decompression; fix XMLb store/truncation validation; correct query binding/index handling; fix XML export and empty text() handling

Request: 1139587

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

linux 6.1.174-1 Installability problems c-i running: delve/1.20.2-1 [i386] genext2fs/1.5.0-3 [armhf] ACCEPTED

DSA: 6306

µdebs: present

CVEs referenced: CVE-2026-43503 CVE-2026-46300

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

linux 6.1.172-1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6275

µdebs: present

linux-base 4.12.1~deb12u1 Installability problems ACCEPTED

DLA: 4628

Binary debdiffs: all

Lintian issues: all

linux-signed-amd64 6.1.174+1 Installability problems amd64 ACCEPTED

DSA: 6306

µdebs: present

CVEs referenced: CVE-2026-43503 CVE-2026-46300

Binary debdiffs: amd64

Lintian issues: amd64source

linux-signed-amd64 6.1.172+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6275

µdebs: present

linux-signed-arm64 6.1.174+1 Installability problems arm64 ACCEPTED

DSA: 6306

µdebs: present

CVEs referenced: CVE-2026-43503 CVE-2026-46300

Binary debdiffs: arm64

Lintian issues: arm64source

linux-signed-arm64 6.1.172+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6275

µdebs: present

linux-signed-i386 6.1.174+1 Installability problems i386 ACCEPTED

DSA: 6306

µdebs: present

CVEs referenced: CVE-2026-43503 CVE-2026-46300

Binary debdiffs: i386

Lintian issues: i386source 

Binary package inadvertently rebuilt in opu
linux-signed-i386 6.1.172+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6275

µdebs: present

mesa 22.3.6-1+deb12u2 Installability problems ACCEPTED

Reason: fix WebGPU/SPIR-V allocation handling [CVE-2026-40393]

Request: 1140495

CVEs referenced: CVE-2026-40393

Binary debdiffs: armel

Lintian issues: amd64i386

mistral 15.0.0-1+deb12u1 Installability problems ACCEPTED

DSA: 6333

Closes: 1138843

CVEs referenced: CVE-2026-41283

Binary debdiffs: all

Lintian issues: all

modsecurity 3.0.9-1+deb12u2 Installability problems ACCEPTED

Reason: prevent denial of service in hexDecode handling [CVE-2026-30923]; prevent denial of service in SSN/CPF/SVNR verification [CVE-2026-42268]

Request: 1137280

CVEs referenced: CVE-2026-30923 CVE-2026-42268

Lintian issues: mips64elmipselsource

mxml 3.3.1-1+deb13u1~deb12u1 Version problems stable (3.3.1-1) libmxml-dev/stable [amd64] (3.3.1-1+b2) libmxml-dev/stable [arm64] (3.3.1-1+b2) libmxml-dev/stable [armel] (3.3.1-1+b2) libmxml-dev/stable [armhf] (3.3.1-1+b2) libmxml-dev/stable [i386] (3.3.1-1+b2) libmxml-dev/stable [ppc64el] (3.3.1-1+b2) libmxml-dev/stable [s390x] (3.3.1-1+b2) libmxml1/stable [amd64] (3.3.1-1+b2) libmxml1/stable [arm64] (3.3.1-1+b2) libmxml1/stable [armel] (3.3.1-1+b2) libmxml1/stable [armhf] (3.3.1-1+b2) libmxml1/stable [i386] (3.3.1-1+b2) libmxml1/stable [ppc64el] (3.3.1-1+b2) libmxml1/stable [s390x] (3.3.1-1+b2) Installability problems ACCEPTED

Reason: fix out-of-bounds read [CVE-2026-5037]

Request: 1140383

Closes: 1132328

CVEs referenced: CVE-2026-5037

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

nagios4 4.4.6-4+deb12u1 Installability problems ACCEPTED

DSA: 6308

Closes: 1136340

Binary debdiffs: all

nghttp2 1.52.0-1+deb12u3 Installability problems ACCEPTED

DSA: 6266

Closes: 1131369

CVEs referenced: CVE-2026-27135

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

nginx 1.22.1-9+deb12u8 Installability problems ACCEPTED

DSA: 6326

CVEs referenced: CVE-2026-42946 CVE-2026-9256

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

nginx 1.22.1-9+deb12u7 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6278

CVEs referenced: CVE-2026-40701 CVE-2026-42934 CVE-2026-42945 CVE-2026-42946

node-flatted 3.2.7~ds-1+deb12u1 Installability problems ACCEPTED

Reason: fix prototype pollution issue [CVE-2026-33228]

Request: 1131506

Closes: 1131462

CVEs referenced: CVE-2026-33228

node-jschardet 3.0.0+dfsg+~1.4.0-2+deb12u1 Installability problems ACCEPTED

Reason: fix build link references

Request: 1137134

Closes: 1058285 1078888

node-regexpp 3.2.0-4+deb12u1 Installability problems ACCEPTED

Reason: add missing link to undici-types

Request: 1137135

Closes: 1058507 1078893

node-shell-quote 1.7.4+~1.7.1-1+deb12u1 Version problems stable (1.7.4+~1.7.1-1) Installability problems ACCEPTED

DSA: 6300

Closes: 1137372

CVEs referenced: CVE-2026-9277

nodejs 18.20.4+dfsg-1~deb12u2 Installability problems c-i running: angular.js/1.8.3-1+deb12u1 [armhf] cwl-utils/0.22-1 [armhf] node-expat/2.4.0+ds-2 [armhf] node-mqtt/4.3.7-2 [armhf] node-prosemirror-view/1.23.13-2 [armhf] node-sellside-emitter/1.2.1-3 [armhf] node-wikibase-cli/15.15.4-4 [armhf] ACCEPTED

DSA: 6272

Closes: 1094134 1105832

CVEs referenced: CVE-2025-23085 CVE-2025-23166 CVE-2025-55131 CVE-2025-59465 CVE-2025-59466 CVE-2026-21710 CVE-2026-21713 CVE-2026-21714

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

ojalgo 52.0.1+ds-1+deb12u1 Installability problems ACCEPTED

Reason: reduce frequency of built-time test failures

Request: 1140818

Closes: 1037435

okular 4:22.12.3-1+deb12u1 Installability problems ACCEPTED

DSA: 6332

openjpeg2 2.5.0-2+deb12u3 Installability problems ACCEPTED

DSA: 6277

Closes: 1133832

CVEs referenced: CVE-2026-6192

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

openssl 3.0.20-1~deb12u2 Installability problems c-i failed: cargo/0.66.0+ds1-1 [i386] cl-plus-ssl/20220328.git8b91648-4 [amd64] cl-plus-ssl/20220328.git8b91648-4 [arm64] cl-plus-ssl/20220328.git8b91648-4 [i386] dnssec-trigger/0.17+repack-5.1 [amd64] dnssec-trigger/0.17+repack-5.1 [arm64] dnssec-trigger/0.17+repack-5.1 [i386] dpdk/22.11.11-0+deb12u1 [arm64] grpc/1.51.1-3 [amd64] grpc/1.51.1-3 [arm64] grpc/1.51.1-3 [i386] gsocket/1.4.39-1 [armhf] lambda-align/1.0.3-6 [i386] nix/2.8.0-1.1 [amd64] nix/2.8.0-1.1 [arm64] nix/2.8.0-1.1 [i386] notary/0.7.0+ds1-2 [amd64] notary/0.7.0+ds1-2 [arm64] notary/0.7.0+ds1-2 [i386] notary/0.7.0+ds1-2 [s390x] passenger/6.0.17+ds-1 [s390x] proftpd-dfsg/1.3.8+dfsg-4+deb12u5 [armhf] rspamd/3.4-1 [i386] sagemath/9.5-6 [i386] swi-prolog/9.0.4+dfsg-2 [amd64] swi-prolog/9.0.4+dfsg-2 [arm64] swi-prolog/9.0.4+dfsg-2 [i386] xmltooling/3.2.3-1+deb12u1 [amd64] xmltooling/3.2.3-1+deb12u1 [arm64] xmltooling/3.2.3-1+deb12u1 [i386] ACCEPTED

DSA: 6335

µdebs: present

CVEs referenced: CVE-2026-34180 CVE-2026-34182 CVE-2026-42766 CVE-2026-42770 CVE-2026-45445 CVE-2026-45446 CVE-2026-45447 CVE-2026-7383 CVE-2026-9076

openvpn 2.6.14-0+deb12u1 Installability problems ACCEPTED

DSA: 6289

Closes: 1074504

CVEs referenced: CVE-2026-35058 CVE-2026-40215

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

php-guzzlehttp-psr7 2.4.5-1+deb12u1 Installability problems ACCEPTED

Reason: fix Host authority validation [CVE-2026-48998]; reject control characters in URI hosts [CVE-2026-49214]; harden ServerRequest globals handling; normalise global header values; encode literal plus signs in query helpers

Request: 1139280

Closes: 1138265

CVEs referenced: CVE-2026-48998 CVE-2026-49214

Binary debdiffs: all

php-symfony-contracts 2.5.5-0+deb12u1 Installability problems c-i running: php-twig/3.5.1-1+deb12u1 [armhf] ACCEPTED

DSA: 6317

Binary debdiffs: all

Lintian issues: source

php-twig 3.5.1-1+deb12u3 Installability problems ACCEPTED

DSA: 6320

Lintian issues: allsource

php-twig 3.5.1-1+deb12u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

Distribution mismatch: bookworm-security

Reason: security update

Closes: 1086884

CVEs referenced: CVE-2024-51754 CVE-2026-46628 CVE-2026-46629 CVE-2026-46633 CVE-2026-46637 CVE-2026-47730

phpunit 9.6.7-1+deb12u1 Installability problems c-i running: php-nesbot-carbon/2.65.0-1+deb12u1 [armhf] php-netscape-bookmark-parser/3.2.0-1 [armhf] ACCEPTED

Reason: fix unsafe deserialization in PHPT code coverage handling [CVE-2026-24765]

Request: 1126798

CVEs referenced: CVE-2026-24765

poppler 22.12.0-2+deb12u2 Installability problems ACCEPTED

DSA: 6334

Closes: 1117046 1117853 1138708

CVEs referenced: CVE-2025-43718 CVE-2025-52885 CVE-2026-10118

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

postgresql-15 15.18-0+deb12u1 Installability problems c-i running: pgl-ddl-deploy/2.1.0-3 [armhf] ACCEPTED

DSA: 6269

CVEs referenced: CVE-2026-6472 CVE-2026-6473 CVE-2026-6474 CVE-2026-6475 CVE-2026-6477 CVE-2026-6478 CVE-2026-6479 CVE-2026-6637

Binary debdiffs: all

prometheus 2.42.0+ds-5+deb12u1 Installability problems ACCEPTED

Reason: fix date-sensitive build-time test

Request: 1138803

Closes: 1114942

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

pydantic 1.10.4-1+deb12u1 Installability problems ACCEPTED

Reason: fix denial of service in email verification [CVE-2024-3772]

Request: 1137610

CVEs referenced: CVE-2024-3772

Lintian issues: source

pymatgen 2022.11.7+dfsg1-11+deb12u2 Installability problems ACCEPTED

Reason: fix denial of service in GaussianInput.from_string [CVE-2022-42964]

Request: 1138216

Closes: 1024017

CVEs referenced: CVE-2022-42964

Lintian issues: source

python-ase 3.22.1-3+deb12u1 Installability problems ACCEPTED

Reason: disable unreliable built-time test

Request: 1139995

Closes: 1042048

Binary debdiffs: all

python-django 3:3.2.25-0+deb12u3 Installability problems c-i running: django-fsm-admin/1.2.5-1 [armhf] django-markupfield/2.0.1-1 [armhf] django-webpack-loader/0.6.0-4 [armhf] python-xapian-haystack/2.1.1-1+deb12u1 [armhf] ACCEPTED

Reason: update test suite following changes in python3.13

Request: 1137723

Closes: 1137039

CVEs referenced: CVE-2025-6069

python-filelock 3.9.0-1+deb12u1 Installability problems c-i running: cwl-utils/0.22-1 [armhf] poetry/1.3.2+dfsg-3 [armhf] ACCEPTED

Reason: fix symlink vulnerabilies [CVE-2025-68146 CVE-2026-22701]

Request: 1138693

Closes: 1123510 1125190

CVEs referenced: CVE-2025-68146 CVE-2026-22701

python-markdown 3.4.1-2+deb12u1 Installability problems c-i running: django-markupfield/2.0.1-1 [armhf] lintian-brush/0.147 [armhf] ACCEPTED

Reason: fix parsing of bogus HTML markup [CVE-2025-69534]

Request: 1137180

Closes: 1137043

CVEs referenced: CVE-2025-69534

Binary debdiffs: all

python-oslo.messaging 14.0.3-0+deb12u1 Installability problems ACCEPTED

DSA: 6341

Closes: 1138848

CVEs referenced: CVE-2026-44393

Binary debdiffs: all

python-urllib3 1.26.12-1+deb12u4 Installability problems c-i running: patroni/3.0.2-1 [amd64] poetry/1.3.2+dfsg-3 [armhf] ACCEPTED

DLA: 4651

Closes: 1136653

CVEs referenced: CVE-2026-44431

python3.11 3.11.2-6+deb12u8 Installability problems c-i running: apbs/3.4.1-5 [armhf] numpy/1:1.24.2-1+deb12u1 [armhf] poetry/1.3.2+dfsg-3 [armhf] ACCEPTED

Reason: prevent incorrect tar archive handling [CVE-2025-13462]; ensure bytecode-only imports use normal security checks [CVE-2026-2297]; reject unsafe cookie values [CVE-2026-3644]; prevent XML parser crashes [CVE-2026-4224]; prevent browser command injection [CVE-2026-4519]; prevent bz2/lzma decompressor memory corruption [CVE-2026-6100]; restore XML autopkgtests

Request: 1136382

CVEs referenced: CVE-2023-52425 CVE-2025-13462 CVE-2026-0672 CVE-2026-2297 CVE-2026-3644 CVE-2026-4224 CVE-2026-4519 CVE-2026-6100

qemu 7.2+dfsg-7+deb12u18+b3 Installability problems ACCEPTED

Reason: rebuild with updated gnutls28

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

redis 5:7.0.15-1~deb12u7 Installability problems c-i running: proftpd-dfsg/1.3.8+dfsg-4+deb12u5 [armhf] ACCEPTED

DSA: 6279

CVEs referenced: CVE-2025-67733 CVE-2026-21863

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

request-tracker4 4.4.6+dfsg-1.1+deb12u4 Installability problems c-i running: rt-extension-repeatticket/1.11-1 [amd64] rt-extension-repeatticket/1.11-1 [armhf] ACCEPTED

DSA: 6327

CVEs referenced: CVE-2026-41073 CVE-2026-41075 CVE-2026-41076 CVE-2026-44229 CVE-2026-44231 CVE-2026-6841

Lintian issues: allsource

request-tracker5 5.0.3+dfsg-3~deb12u6 Installability problems ACCEPTED

DSA: 6324

CVEs referenced: CVE-2026-41073 CVE-2026-41075 CVE-2026-41076 CVE-2026-44229 CVE-2026-44231 CVE-2026-6841

roundcube 1.6.5+dfsg-1+deb12u9 Installability problems ACCEPTED

DSA: 6301

Closes: 1137507

CVEs referenced: CVE-2026-48842 CVE-2026-48843 CVE-2026-48844 CVE-2026-48845 CVE-2026-48846 CVE-2026-48847 CVE-2026-48848 CVE-2026-48849

rsync 3.2.7-1+deb12u6 Installability problems ACCEPTED

Reason: reject excessively long HTTP proxy response lines [CVE-2026-45232]

Request: 1138587

CVEs referenced: CVE-2026-45232

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

rsync 3.2.7-1+deb12u5 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6282

CVEs referenced: CVE-2026-29518 CVE-2026-43617 CVE-2026-43618 CVE-2026-43619 CVE-2026-43620

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

ruby-css-parser 1.6.0-2+deb12u1 Installability problems ACCEPTED

Reason: fix validation of HTTPS certificates for remote CSS [CVE-2026-44312]

Request: 1138989

CVEs referenced: CVE-2026-44312

Binary debdiffs: all

rust-cbindgen-web 0.26.0-3~deb12u1+b1 Installability problems REJECTED

Reason: false positive

rust-time 0.3.9-1+deb12u1 Installability problems ACCEPTED

Reason: fix denial of service [CVE-2026-25727]

Request: 1128927

Closes: 1128404

CVEs referenced: CVE-2026-25727

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

samba 2:4.17.12+dfsg-0+deb12u4 Installability problems c-i running: php-horde-vfs/2.4.2-1 [armhf] ACCEPTED

DSA: 6297

CVEs referenced: CVE-2026-2340 CVE-2026-3012 CVE-2026-3238 CVE-2026-4408 CVE-2026-4480

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

science.js 1.9.3+dfsg-3+deb12u1 Installability problems ACCEPTED

Reason: fix build time race condition

Request: 1137136

Closes: 1058552 1078902

sentry-python 1.9.10-2+deb12u1 Installability problems ACCEPTED

Reason: fix subprocess environment sanitisation [CVE-2024-40647]

Request: 1137555

Closes: 1083189

CVEs referenced: CVE-2024-40647

shim 16.1-2~deb12u1 Version problems stable (15.8-1) Installability problems ACCEPTED

Reason: new upstream release; build with default gcc; set SBAT revocation level to 2025021800

Request: 1131862

Lintian issues: amd64arm64i386source

shim-helpers-amd64-signed 1+16.1+2~deb12u1 Version problems stable (1+15.8+1) Installability problems amd64 ACCEPTED

Distribution mismatch: bookworm-proposed-updates

Reason: update to shim 16.1-2~deb12u1

Binary debdiffs: amd64

Lintian issues: amd64source

shim-helpers-arm64-signed 1+16.1+2~deb12u1 Version problems stable (1+15.8+1) Installability problems arm64 ACCEPTED

Distribution mismatch: bookworm-proposed-updates

Reason: update to shim 16.1-2~deb12u1

Binary debdiffs: arm64

Lintian issues: arm64source

shim-helpers-i386-signed 1+16.1+2~deb12u1 Installability problems i386 ACCEPTED

Distribution mismatch: bookworm-proposed-updates

Reason: update to shim 16.1-2~deb12u1

Binary debdiffs: i386

Lintian issues: i386source

shim-signed 1.51~1+deb12u1 Version problems stable (1.47) shim-signed/stable [amd64] (1.51~1+deb12u1+16.1-2~deb12u1/1.47+15.8-1) shim-signed/stable [arm64] (1.51~1+deb12u1+16.1-2~deb12u1/1.47+15.8-1) shim-signed-common/stable [all] (1.51~1+deb12u1+16.1-2~deb12u1/1.47+15.8-1) Installability problems ACCEPTED

Reason: ensure Secure Boot compatibility with 2023 Microsoft UEFI CA; check for likely boot issues before installation; combine and verify multiple shim signatures; update signed shim binaries

Request: 1140761

Binary debdiffs: amd64arm64i386

Lintian issues: allsource

sqlite-utils 3.30-1+deb12u1 Installability problems ACCEPTED

Reason: add dependency on python3-click-default-group

Request: 1135615

Closes: 1064886

Binary debdiffs: all

sshfs-fuse 3.7.3-1.2~deb12u1 Version problems stable (3.7.3-1.1) sshfs/stable [amd64] (3.7.3-1.1+b2) sshfs/stable [arm64] (3.7.3-1.1+b3) sshfs/stable [armel] (3.7.3-1.1+b2) sshfs/stable [armhf] (3.7.3-1.1+b2) sshfs/stable [i386] (3.7.3-1.1+b2) sshfs/stable [ppc64el] (3.7.3-1.1+b2) sshfs/stable [s390x] (3.7.3-1.1+b2) Installability problems ACCEPTED

Reason: add contain_symlinks option to prevent symlink escape attacks [CVE-2026-47187]; reject hostname option injection via bracketed mount source [CVE-2026-48711]

Request: 1138706

Closes: 1138293

CVEs referenced: CVE-2026-47187 CVE-2026-48711

starlette 0.26.1-1+deb12u1 Installability problems ACCEPTED

DSA: 6302

Closes: 1085295 1109805 1137375

CVEs referenced: CVE-2023-29159 CVE-2024-47874 CVE-2025-54121 CVE-2026-48710

strongswan 5.9.8-5+deb12u5 Installability problems ACCEPTED

DSA: 6330

CVEs referenced: CVE-2026-47895

sylpheed 3.8.0~beta1-1+deb12u1 Installability problems ACCEPTED

Reason: fix link checking [CVE-2021-37746]

Request: 1130207

CVEs referenced: CVE-2021-37746

symfony 5.4.53+dfsg-0+deb12u1 Installability problems all c-i running: php-nesbot-carbon/2.65.0-1+deb12u1 [armhf] php-symfony-polyfill/1.27.0-2 [armhf] php-twig/3.5.1-1+deb12u1 [armhf] ACCEPTED

DSA: 6317

CVEs referenced: CVE-2024-50340 CVE-2026-45063 CVE-2026-45065 CVE-2026-45067 CVE-2026-45068 CVE-2026-45071 CVE-2026-45073 CVE-2026-45077 CVE-2026-45133 CVE-2026-45304 CVE-2026-45305 CVE-2026-46626 CVE-2026-48489 CVE-2026-48736 CVE-2026-48784

Binary debdiffs: all

Lintian issues: allsource

symfony 5.4.52+dfsg-0+deb12u1 Installability problems all ACCEPTED

This upload was superseded by a more current one.

DSA: 6317

CVEs referenced: CVE-2024-50340 CVE-2026-45063 CVE-2026-45065 CVE-2026-45067 CVE-2026-45068 CVE-2026-45071 CVE-2026-45073 CVE-2026-45077 CVE-2026-45133 CVE-2026-45304 CVE-2026-45305 CVE-2026-46626

Binary debdiffs: all

Lintian issues: all

thunderbird 1:140.12.0esr-1~deb12u1 Version problems stable (1:140.10.1esr-1~deb13u1) Installability problems ACCEPTED

Missing builds: mips64el s390x

DLA: 4636

Lintian issues: i386source

thunderbird 1:140.11.0esr-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6288

Lintian issues: i386

thunderbird 1:140.10.2esr-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 6267

Lintian issues: i386

tomcat10 10.1.55-1~deb12u1 Version problems stable (10.1.52-1~deb13u1) Installability problems ACCEPTED

DSA: 6328

CVEs referenced: CVE-2026-24880 CVE-2026-25854 CVE-2026-29129 CVE-2026-29145 CVE-2026-29146 CVE-2026-32990 CVE-2026-34483 CVE-2026-34487 CVE-2026-34500 CVE-2026-41284 CVE-2026-41293 CVE-2026-42498 CVE-2026-43512 CVE-2026-43513 CVE-2026-43514 CVE-2026-43515

Binary debdiffs: all

Lintian issues: all

u-boot 2023.01+dfsg-2+deb12u3 Installability problems ACCEPTED

DLA: 4642

Closes: 1056750 1081557 1136954

CVEs referenced: CVE-2024-42040 CVE-2026-46728

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

user-mode-linux 6.1um4+b12 Installability problems ACCEPTED

Reason: rebuild with updated linux

Binary debdiffs: amd64i386

user-mode-linux 6.1um4+b11 Installability problems ACCEPTED

Reason: rebuild with updated linux

Missing builds: amd64 i386

vitrage 9.0.0-3.1+deb12u1 Installability problems ACCEPTED

Reason: fix remote code execution vulnerability [CVE-2026-28370]

Request: 1139647

Closes: 1139452

CVEs referenced: CVE-2026-28370

Binary debdiffs: all

Lintian issues: all

wireless-regdb 2026.05.30-1~deb12u1 Version problems stable (2026.02.04-1~deb13u1) Installability problems ACCEPTED

Reason: new upstream stable release; update regulatory information for several countries

Request: 1139582

µdebs: present

Lintian issues: source

yelp 42.2-1+deb12u2 Installability problems ACCEPTED

DSA: 6319

Closes: 1136299

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource