Queue Overview for "proposed-updates"

TODO items

Removals

List of missing builds
List of missing packages relative to security archive

Resolution Pending (4 uploads for 4 packages)

Package Version Version Problems Installability Problems Architectures Action
chromium 136.0.7103.59-2~deb12u2 Version problems testing (135.0.7049.95-1) Installability problems Built: allamd64arm64i386ppc64elsource Missing: armhf More info needed

DSA: 5914

CVEs referenced: CVE-2025-4050 CVE-2025-4051 CVE-2025-4052 CVE-2025-4096

Lintian issues: amd64arm64i386ppc64elsource

FTBFS on armhf
         
freerdp2 2.11.7+dfsg1-6~deb12u1 Installability problems Built: source ?

Closes: 1036095 1041377 1051638 1053317 1061173 1061952 1069728 1072112 1072413 1073156 1074969 1079025

CVEs referenced: CVE-2023-39350 CVE-2023-39351 CVE-2023-39352 CVE-2023-39353 CVE-2023-39354 CVE-2023-39355 CVE-2023-39356 CVE-2023-40181 CVE-2023-40186 CVE-2023-40188 CVE-2023-40567 CVE-2023-40589 CVE-2024-22211 CVE-2024-32039 CVE-2024-32040 CVE-2024-32041 CVE-2024-32458 CVE-2024-32459 CVE-2024-32460 CVE-2024-32661

Lintian issues: source

libbson-xs-perl 0.8.4-2+deb12u1 Installability problems Built: source ?

CVEs referenced: CVE-2017-14227 CVE-2018-16790 CVE-2023-0437 CVE-2024-6381 CVE-2024-6383 CVE-2025-0755

rust-cbindgen-web 0.26.0-3~deb12u1+b1 Installability problems Built: mips64el ?

Pending Processing (0 uploads for 0 packages)

Processed (102 uploads for 89 packages)

Package Version Version Problems Installability Problems Action
adonthell 0.3.8-2.1+deb12u1 Installability problems ACCEPTED

Reason: fix compatibility with SWIG 4.1

Request: 1102786

Closes: 1029043

atop 2.8.1-1+deb12u1 Installability problems ACCEPTED

DSA: 5892

CVEs referenced: CVE-2025-31160

bash 5.2.15-2+b8 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (glibc/2.36-9+deb12u5)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

busybox 1.35.0-4+b4 Installability problems ACCEPTED

Reason: rebuild for outdated Built-Using (glibc/2.36-9)

µdebs: present

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

cdebootstrap 0.7.8+b15 Installability problems ACCEPTED

Distribution mismatch: bookworm, sid

Reason: rebuild for outdated Built-Using (glibc/2.36-9)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

chkrootkit 0.57-2+b5 Installability problems ACCEPTED

Reason: rebuild for outdated Built-Using (glibc/2.36-9+deb12u5)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

chromium 135.0.7049.95-1~deb12u1 Installability problems ACCEPTED

DSA: 5903

Closes: 1103226

CVEs referenced: CVE-2025-3619 CVE-2025-3620

Lintian issues: amd64arm64armhfi386ppc64el

chromium 135.0.7049.84-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5898

Closes: 1101978

CVEs referenced: CVE-2025-3066

chromium 135.0.7049.52-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5890

CVEs referenced: CVE-2025-3066 CVE-2025-3067 CVE-2025-3068 CVE-2025-3069 CVE-2025-3070 CVE-2025-3071 CVE-2025-3072 CVE-2025-3073 CVE-2025-3074

Lintian issues: amd64arm64armhfi386ppc64el

chromium 134.0.6998.117-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5882

CVEs referenced: CVE-2025-2476

chromium 134.0.6998.88-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5877

CVEs referenced: CVE-2025-1920 CVE-2025-2135 CVE-2025-2136 CVE-2025-2137 CVE-2025-24201

crowdsec 1.4.6-6~deb12u1+b1 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (docker.io/20.10.24+dfsg1-1)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

dar 2.7.8-2+b4 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (glibc/2.36-9+deb12u5)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

debian-archive-keyring 2023.3+deb12u2 Installability problems c-i failed: gnupg2/2.2.40-1.1 [amd64] gnupg2/2.2.40-1.1 [arm64] gnupg2/2.2.40-1.1 [armel] gnupg2/2.2.40-1.1 [armhf] gnupg2/2.2.40-1.1 [i386] gnupg2/2.2.40-1.1 [ppc64el] gnupg2/2.2.40-1.1 [s390x] ACCEPTED

Reason: add archive signing and SRM keys for trixie (Debian 13); move buster (Debian 10) keys to removed keyring

Request: 1102630

µdebs: present

Closes: 1099223 1100828 1100829

Binary debdiffs: all

distro-info-data 0.58+deb12u4 Installability problems ACCEPTED

Reason: add Debian 15 and Ubuntu 25.10

Request: 1104095

docker.io 20.10.24+dfsg1-1+deb12u1+b1 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (containerd/1.6.20~ds1-1, glibc/2.36-9+deb12u8)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

dpdk 22.11.8-1~deb12u1 Installability problems c-i failed: dpdk/22.11.8-1~deb12u1 [ppc64el] ACCEPTED

Reason: new upstream stable release

Request: 1102468

Binary debdiffs: arm64

erlang 1:25.2.3+dfsg-1+deb12u1 Installability problems ACCEPTED

DSA: 5906

Closes: 1059002 1101713 1103442

CVEs referenced: CVE-2023-48795 CVE-2025-26618 CVE-2025-30211 CVE-2025-32433

Binary debdiffs: all

Lintian issues: all

exim4 4.96-15+deb12u7 Installability problems ACCEPTED

DSA: 5887

CVEs referenced: CVE-2025-30232

fig2dev 1:3.2.8b-3+deb12u1 Installability problems ACCEPTED

Reason: reject huge pattern lengths [CVE-2025-31162]; reject arcs with co-incident points [CVE-2025-31163]; allow an arc-box with zero radius [CVE-2025-31164]

Request: 1101561

CVEs referenced: CVE-2025-31162 CVE-2025-31163 CVE-2025-31164

firefox-esr 128.10.0esr-1~deb12u1 Version problems testing (128.9.0esr-2) Installability problems ACCEPTED

Missing builds: mips64el

DSA: 5910

CVEs referenced: CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093

Lintian issues: armhfi386source

firefox-esr 128.9.0esr-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5889

CVEs referenced: CVE-2025-3028 CVE-2025-3029 CVE-2025-3030

Lintian issues: armhfi386

freetype 2.12.1+dfsg-5+deb12u4 Installability problems ACCEPTED

DSA: 5880

µdebs: present

CVEs referenced: CVE-2025-27363

gcc-12 12.2.0-14+deb12u1 Installability problems all ACCEPTED

Reason: fix -fstack-protector handling of overflows on AArch64 [CVE-2023-4039]

Request: 1055211

CVEs referenced: CVE-2023-4039

Binary debdiffs: all

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

gcc-mingw-w64 25.2+b1 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (gcc-12/12.2.0-13)

ghostscript 10.0.0~dfsg-11+deb12u7 Installability problems ACCEPTED

DSA: 5888

CVEs referenced: CVE-2025-27830 CVE-2025-27831 CVE-2025-27832 CVE-2025-27833 CVE-2025-27834 CVE-2025-27835 CVE-2025-27836

glib2.0 2.74.6-2+deb12u6 Installability problems ACCEPTED

Reason: fix integer overflow in g_date_time_new_from_iso8601() [CVE-2025-3360]

Request: 1103051

µdebs: present

CVEs referenced: CVE-2025-3360

golang-github-containerd-stargz-snapshotter 0.12.0-2+b6 Installability problems ACCEPTED

Distribution mismatch: bookworm, sid

Reason: rebuild for outdated Built-Using (containerd/1.6.20~ds1-1, runc/1.1.5+ds1-1)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

golang-github-containers-buildah 1.28.2+ds1-3+deb12u1+b1 Installability problems ACCEPTED

Reason: rebuild for outdated Built-Using (containerd/1.6.20~ds1-1)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64el

golang-github-openshift-imagebuilder 1.2.3+ds1-2+b9 Installability problems ACCEPTED

Reason: rebuild for outdated Built-Using (containerd/1.6.20~ds1-1, docker.io/20.10.24+dfsg1-1)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

graphicsmagick 1.4+really1.3.40-4+deb12u1 Installability problems ACCEPTED

DSA: 5905

Closes: 1099955

CVEs referenced: CVE-2025-27795 CVE-2025-32460

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

gss 1.0.4-1+deb12u1 Installability problems ACCEPTED

Reason: fix FTBFS caused by an expired Kerberos ticket

Missing builds: armel armhf i386 mipsel

Request: 1091842

Closes: 1076885

Binary debdiffs: allamd64arm64mips64elppc64els390x

haproxy 2.6.12-1+deb12u2 Installability problems ACCEPTED

Reason: fix heap buffer overflow issue [CVE-2025-32464]

Request: 1104402

Closes: 1102673

CVEs referenced: CVE-2025-32464

igtf-policy-bundle 1.133-1~deb12u1 Installability problems ACCEPTED

Reason: backport current policy bundle

Request: 1099596

Binary debdiffs: all

Lintian issues: all

imagemagick 8:6.9.11.60+dfsg-1.6+deb12u3 Installability problems amd64 armel i386 mipsel ACCEPTED

Reason: fix "MIFF image depth mishandled after SetQuantumFormat" [CVE-2025-43965]

Request: 1104243

CVEs referenced: CVE-2025-43965

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

initramfs-tools 0.142+deb12u3 Installability problems c-i failed: initramfs-tools/0.142+deb12u3 [i386] ACCEPTED

Reason: restore copy_file's handling of target ending in slash; exclude usr-merge symlinks in copy_file; add reset drivers when MODULES=dep

Request: 1104052

initramfs-tools 0.142+deb12u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: restore copy_file's handling of target ending in slash; exclude usr-merge symlinks in copy_file; add reset drivers when MODULES=dep

Request: 1104052

Closes: 1027458 1082647 1088959

jetty9 9.4.57-0+deb12u1 Installability problems ACCEPTED

DSA: 5894

CVEs referenced: CVE-2024-6762 CVE-2024-8184 CVE-2024-9823

Binary debdiffs: all

Lintian issues: allsource

kexec-tools 1:2.0.25-3+deb12u2 Installability problems ACCEPTED

Reason: fix path for systemd units with merged /usr; drop depedencies no longer required

Request: 1086622

µdebs: present

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

systemd change not required; do not release
         
krb5 1.20.1-2+deb12u3 Installability problems ACCEPTED

Reason: fix memory leak in ndr.c [CVE-2024-26462]; prevent buffer overflow when calculating ulog buffer size [CVE-2025-24528]

Request: 1100421

Closes: 1064965 1094730

CVEs referenced: CVE-2024-26462 CVE-2025-24528

lemonldap-ng 2.16.1+ds-deb12u6 Installability problems ACCEPTED

DSA: 5897

CVEs referenced: CVE-2025-31510

libapache2-mod-auth-openidc 2.4.12.3-2+deb12u3 Installability problems ACCEPTED

DSA: 5904

Closes: 1102413

CVEs referenced: CVE-2025-31492

libcap2 1:2.66-4+deb12u1 Installability problems ACCEPTED

Reason: fix incorrect recognition of group names [CVE-2025-1390]

Request: 1100611

µdebs: present

Closes: 1098318

CVEs referenced: CVE-2025-1390

libdata-entropy-perl 0.007-4+deb12u1 Installability problems ACCEPTED

Reason: seed entropy pool with urandom by default [CVE-2025-1860]

Request: 1101746

CVEs referenced: CVE-2025-1860

Binary debdiffs: all

libpod 4.3.1+ds1-8+deb12u1+b1 Installability problems ACCEPTED

Reason: rebuild for outdated Built-Using (containerd/1.6.20~ds1-1, docker.io/20.10.24+dfsg1-1, golang-github-containers-buildah/1.28.2+ds1-3)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

libreoffice 4:7.4.7-1+deb12u8 Installability problems ACCEPTED

DSA: 5908

CVEs referenced: CVE-2025-2866

Binary debdiffs: all

libsub-handlesvia-perl 0.050000-1+deb12u1 Installability problems ACCEPTED

Reason: fix arbitrary code execution issue [CVE-2025-30673]

Request: 1101887

CVEs referenced: CVE-2025-30673

libxslt 1.1.35-1+deb12u1 Installability problems ACCEPTED

DSA: 5884

Closes: 1100565 1100566

CVEs referenced: CVE-2024-55549 CVE-2025-24855

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

linux 6.1.135-1 Installability problems ACCEPTED

DSA: 5907

µdebs: present

Closes: 1086175 1102914

CVEs referenced: CVE-2024-36908 CVE-2024-46733 CVE-2024-46742 CVE-2024-46753 CVE-2024-46774 CVE-2024-46816 CVE-2024-46823 CVE-2024-50063 CVE-2025-21853 CVE-2025-22126 CVE-2025-37838

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

linux 6.1.133-1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5900

µdebs: present

Closes: 1050352 1085949 1088682 1100746 1100928

CVEs referenced: CVE-2023-52857 CVE-2024-24855 CVE-2024-26656 CVE-2024-26767 CVE-2024-26982 CVE-2024-27056 CVE-2024-35866 CVE-2024-38611 CVE-2024-40973 CVE-2024-43831 CVE-2024-46772 CVE-2024-47753 CVE-2024-47754 CVE-2024-50056 CVE-2024-50246 CVE-2024-53166 CVE-2024-57977 CVE-2024-58002 CVE-2024-58079 CVE-2025-21702 CVE-2025-21756 CVE-2025-21838 CVE-2025-21918

linux-signed-amd64 6.1.135+1 Installability problems amd64 ACCEPTED

DSA: 5907

µdebs: present

Closes: 1086175 1102914

CVEs referenced: CVE-2024-36908 CVE-2024-46733 CVE-2024-46742 CVE-2024-46753 CVE-2024-46774 CVE-2024-46816 CVE-2024-46823 CVE-2024-50063 CVE-2025-21853 CVE-2025-22126 CVE-2025-37838

Binary debdiffs: amd64

Lintian issues: amd64source

linux-signed-amd64 6.1.133+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5900

µdebs: present

Closes: 1050352 1085949 1088682 1100746 1100928

CVEs referenced: CVE-2023-52857 CVE-2024-24855 CVE-2024-26656 CVE-2024-26767 CVE-2024-26982 CVE-2024-27056 CVE-2024-35866 CVE-2024-38611 CVE-2024-40973 CVE-2024-43831 CVE-2024-46772 CVE-2024-47753 CVE-2024-47754 CVE-2024-50056 CVE-2024-50246 CVE-2024-53166 CVE-2024-57977 CVE-2024-58002 CVE-2024-58079 CVE-2025-21702 CVE-2025-21756 CVE-2025-21838 CVE-2025-21918

linux-signed-arm64 6.1.135+1 Installability problems arm64 ACCEPTED

DSA: 5907

µdebs: present

Closes: 1086175 1102914

CVEs referenced: CVE-2024-36908 CVE-2024-46733 CVE-2024-46742 CVE-2024-46753 CVE-2024-46774 CVE-2024-46816 CVE-2024-46823 CVE-2024-50063 CVE-2025-21853 CVE-2025-22126 CVE-2025-37838

Binary debdiffs: arm64

Lintian issues: arm64source

linux-signed-arm64 6.1.133+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5900

µdebs: present

Closes: 1050352 1085949 1088682 1100746 1100928

CVEs referenced: CVE-2023-52857 CVE-2024-24855 CVE-2024-26656 CVE-2024-26767 CVE-2024-26982 CVE-2024-27056 CVE-2024-35866 CVE-2024-38611 CVE-2024-40973 CVE-2024-43831 CVE-2024-46772 CVE-2024-47753 CVE-2024-47754 CVE-2024-50056 CVE-2024-50246 CVE-2024-53166 CVE-2024-57977 CVE-2024-58002 CVE-2024-58079 CVE-2025-21702 CVE-2025-21756 CVE-2025-21838 CVE-2025-21918

linux-signed-i386 6.1.135+1 Installability problems i386 ACCEPTED

DSA: 5907

µdebs: present

Closes: 1086175 1102914

CVEs referenced: CVE-2024-36908 CVE-2024-46733 CVE-2024-46742 CVE-2024-46753 CVE-2024-46774 CVE-2024-46816 CVE-2024-46823 CVE-2024-50063 CVE-2025-21853 CVE-2025-22126 CVE-2025-37838

Binary debdiffs: i386

Lintian issues: i386source

linux-signed-i386 6.1.133+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5900

µdebs: present

Closes: 1050352 1085949 1088682 1100746 1100928

CVEs referenced: CVE-2023-52857 CVE-2024-24855 CVE-2024-26656 CVE-2024-26767 CVE-2024-26982 CVE-2024-27056 CVE-2024-35866 CVE-2024-38611 CVE-2024-40973 CVE-2024-43831 CVE-2024-46772 CVE-2024-47753 CVE-2024-47754 CVE-2024-50056 CVE-2024-50246 CVE-2024-53166 CVE-2024-57977 CVE-2024-58002 CVE-2024-58079 CVE-2025-21702 CVE-2025-21756 CVE-2025-21838 CVE-2025-21918

mediawiki 1:1.39.12-1~deb12u1 Installability problems ACCEPTED

DSA: 5901

CVEs referenced: CVE-2025-32696 CVE-2025-32697 CVE-2025-32698 CVE-2025-32699 CVE-2025-32700 CVE-2025-3469

Binary debdiffs: all

mercurial 6.3.2-1+deb12u1 Installability problems ACCEPTED

DSA: 5883

Closes: 1100899

CVEs referenced: CVE-2023-27043 CVE-2025-2361

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

mongo-c-driver 1.23.1-1+deb12u1 Installability problems ACCEPTED

Reason: fix infinite loop issue [CVE-2023-0437]; fix integer overflow issue [CVE-2024-6381]; fix buffer overflow issues [CVE-2024-6383 CVE-2025-0755]

Request: 1103557

CVEs referenced: CVE-2023-0437 CVE-2024-6381 CVE-2024-6383 CVE-2025-0755

network-manager 1.42.4-1+deb12u1 Installability problems ACCEPTED

Reason: fix crash dereferencing NULL pointer during debug logging [CVE-2024-6501]

Request: 1101067

Closes: 1076294

CVEs referenced: CVE-2024-6501

nginx 1.22.1-9+deb12u2 Installability problems i386 mipsel s390x ACCEPTED

Reason: fix buffer underread and unordered chunk vulnerabilities in mp4 [CVE-2024-7347]

Request: 1100336

CVEs referenced: CVE-2024-7347

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

openjdk-17 17.0.15+6-1~deb12u1 Installability problems ACCEPTED

DSA: 5913

Binary debdiffs: arm64

openrazer 3.5.1+dfsg-2+deb12u1 Installability problems ACCEPTED

Reason: fix out of bounds read issue [CVE-2025-32776]

Request: 1104026

CVEs referenced: CVE-2025-32776

opensaml 3.2.1-3+deb12u1 Installability problems ACCEPTED

DSA: 5879

Closes: 1100464

opensnitch 1.5.8.1-1+b3 Installability problems ACCEPTED

Distribution mismatch: bookworm, sid

Reason: rebuild for outdated Built-Using (golang-github-google-nftables/0.1.0-3)

Binary debdiffs: amd64arm64armhfppc64el

openssl 3.0.16-1~deb12u1 Installability problems ACCEPTED

Reason: new upstream stable release; fix timing side channel issue [CVE-2024-13176]

Request: 1103469

µdebs: present

Closes: 1094027

CVEs referenced: CVE-2024-13176

perl 5.36.0-7+deb12u2 Installability problems ACCEPTED

DSA: 5902

CVEs referenced: CVE-2024-56406

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

php8.2 8.2.28-1~deb12u1 Installability problems ACCEPTED

DSA: 5878

CVEs referenced: CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

phpmyadmin 4:5.2.1+dfsg-1+deb12u1 Installability problems ACCEPTED

Reason: fix XSS vulnerabilities [CVE-2025-24529 CVE-2025-24530]

Request: 1102399

CVEs referenced: CVE-2025-24529 CVE-2025-24530

policyd-rate-limit 1.0.1.1-2.1+deb12u1 Installability problems ACCEPTED

Reason: Fix startup with newer python3-yaml

Request: 1101993

Closes: 1022034

prometheus 2.42.0+ds-5+b6 Installability problems ACCEPTED

Reason: rebuild for outdated Built-Using (docker.io/20.10.24+dfsg1-1)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

prometheus-postfix-exporter 0.3.0-4+b3 Installability problems ACCEPTED

Distribution mismatch: bookworm, sid

Reason: rebuild for outdated Built-Using (docker.io/20.10.24+dfsg1-1)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

python-django 3:3.2.19-1+deb12u2 Installability problems c-i failed: python-django-storages/1.13.2-1 [amd64] python-django-storages/1.13.2-1 [arm64] python-django-storages/1.13.2-1 [armel] python-django-storages/1.13.2-1 [armhf] python-django-storages/1.13.2-1 [i386] python-django-storages/1.13.2-1 [ppc64el] python-django-storages/1.13.2-1 [s390x] ACCEPTED

Reason: fix regular expression-based denial of service issue [CVE-2023-36053], denial of service issues [CVE-2024-38875 CVE-2024-39614 CVE-2024-41990 CVE-2024-41991], user enumeration issue [CVE-2024-39329], directory traversal issue [CVE-2024-39330], excessive memory consumption issue [CVE-2024-41989], SQL injection issue [CVE-2024-42005]

Request: 1079454

Closes: 1076069 1078074

CVEs referenced: CVE-2023-36053 CVE-2024-38875 CVE-2024-39329 CVE-2024-39330 CVE-2024-39614 CVE-2024-41989 CVE-2024-41990 CVE-2024-41991 CVE-2024-42005

Binary debdiffs: all

Lintian issues: all

python-h11 0.14.0-1.1~deb12u1 Version problems testing (0.14.0-1) Installability problems ACCEPTED

Reason: fix request smuggling issue [CVE-2025-43859]

Request: 1104350

Closes: 1104056

CVEs referenced: CVE-2025-43859

python3.11 3.11.2-6+deb12u6 Installability problems ACCEPTED

Reason: fix misparsing issues [CVE-2025-0938 CVE-2025-1795]

Request: 1104401

CVEs referenced: CVE-2025-0938 CVE-2025-1795

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

qemu 1:7.2+dfsg-7+deb12u13 Installability problems c-i failed: ganeti/3.0.2-3 [i386] initramfs-tools/0.142+deb12u3 [i386] ACCEPTED

Reason: new upstream bugfix release

Request: 1104626

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

qemu 1:7.2+dfsg-7+deb12u12+b1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: rebuild for outdated Built-Using (glibc/2.36-9+deb12u9, gnutls28/3.7.9-2+deb12u3)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

qtbase-opensource-src 5.15.8+dfsg-11+deb12u3 Installability problems ACCEPTED

Reason: delay HTTP2 communication until encrypted() can be responded to [CVE-2024-39936]; fix crash with null checks in table iface methods

Request: 1101301

Closes: 1076293 1081682

CVEs referenced: CVE-2024-39936

rails 2:6.1.7.10+dfsg-1~deb12u1 Installability problems c-i failed: ruby-sprockets-rails/3.4.1-2 [amd64] ACCEPTED

DSA: 5881

Closes: 1051057 1051058 1065119 1072705 1085376 1089755

CVEs referenced: CVE-2023-28362 CVE-2023-38037 CVE-2024-26144 CVE-2024-28103 CVE-2024-41128 CVE-2024-47887 CVE-2024-47888 CVE-2024-47889 CVE-2024-54133

Binary debdiffs: all

renaissance 0.9.0-4.1+deb12u1 Installability problems ACCEPTED

Reason: avoid exception on startup

Request: 1099673

Closes: 1095596

Binary debdiffs: all

request-tracker4 4.4.6+dfsg-1.1+deb12u2 Installability problems ACCEPTED

DSA: 5911

Closes: 1068452

CVEs referenced: CVE-2024-3262 CVE-2025-2545 CVE-2025-30087

Binary debdiffs: all

request-tracker5 5.0.3+dfsg-3~deb12u3 Installability problems ACCEPTED

DSA: 5909

Closes: 1055128 1068453

CVEs referenced: CVE-2023-41260 CVE-2024-3262 CVE-2025-2545 CVE-2025-30087 CVE-2025-31500 CVE-2025-31501

Binary debdiffs: all

ruby-rack 2.2.13-1~deb12u1 Installability problems ACCEPTED

DSA: 5886

Closes: 1098257 1099546 1100444

CVEs referenced: CVE-2025-25184 CVE-2025-27111 CVE-2025-27610

Binary debdiffs: all

sash 3.8-5+b22 Installability problems ACCEPTED

Distribution mismatch: bookworm, sid

Reason: rebuild for outdated Built-Using (glibc/2.36-9)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

skeema 1.9.0+ds-1+b6 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (containerd/1.6.20~ds1-1, docker.io/20.10.24+dfsg1-1)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

skopeo 1.9.3+ds1-1+b10 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (docker.io/20.10.24+dfsg1-1)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

telegram-desktop 4.6.5+ds-2+b1 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (ms-gsl/4.0.0-2)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64el

thunderbird 1:128.10.0esr-1~deb12u1 Version problems testing (1:128.9.0esr-1) Installability problems ACCEPTED

Missing builds: mips64el s390x

DSA: 5912

Lintian issues: i386

thunderbird 1:128.9.0esr-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5891

Binary debdiffs: amd64arm64i386ppc64el

Lintian issues: i386

tomcat10 10.1.34-0+deb12u2 Installability problems ACCEPTED

DSA: 5893

CVEs referenced: CVE-2025-24813

Binary debdiffs: all

Lintian issues: all

trafficserver 9.2.5+ds-0+deb12u2 Installability problems ACCEPTED

DSA: 5896

Binary debdiffs: amd64arm64

Lintian issues: amd64arm64

tripwire 2.4.3.7-4+b12 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (glibc/2.36-9+deb12u5)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

tzdata 2025b-0+deb12u1 Installability problems ACCEPTED

Reason: new America/Coyhaique zone for Aysén Region in Chile

Request: 1101389

Binary debdiffs: all

user-mode-linux 6.1um4+b5 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (linux/6.1.82-1)

Binary debdiffs: amd64i386

varnish 7.1.1-1.1+deb12u1 Installability problems ACCEPTED

Reason: prevent HTTP/1 client-side desync [CVE-2025-30346]

Request: 1101775

CVEs referenced: CVE-2025-30346

vips 8.14.1-3+deb12u2 Installability problems ACCEPTED

DSA: 5915

CVEs referenced: CVE-2025-29769

webkit2gtk 2.48.1-2~deb12u1 Installability problems ACCEPTED

Missing builds: mipsel

DSA: 5899

Binary debdiffs: amd64arm64armelarmhfi386mips64elppc64els390x

Lintian issues: mips64elsource

webkit2gtk 2.48.0-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5885

Binary debdiffs: allamd64arm64armelarmhfi386mips64elppc64els390x

Lintian issues: mips64el

wireless-regdb 2025.02.20-1~deb12u1 Installability problems ACCEPTED

Reason: new upstream release

Request: 1104452

µdebs: present

Binary debdiffs: all

Lintian issues: source

xmedcon 0.23.0-gtk3+dfsg-1+deb12u2 Installability problems ACCEPTED

Reason: fix buffer overflow [CVE-2025-2581]

Request: 1101064

Closes: 1100986

CVEs referenced: CVE-2025-2581

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

xz-utils 5.4.1-1 Installability problems ACCEPTED

DSA: 5895

CVEs referenced: CVE-2025-31115

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

zsh 5.9-4+b6 Installability problems ACCEPTED

Reason: Rebuild for outdated Built-Using (glibc/2.36-9+deb12u5, libcap2/1:2.66-4)

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x