Queue Overview for "proposed-updates"

Closes: 970066

CVEs referenced: CVE-2020-6097

Closes: 973442

Closes: 969361

Closes: 980240

Closes: 935080

Closes: 919642

Lintian issues: source

Closes: 980834

Closes: 928009

Lintian issues: source

Closes: 954402

DSA: 4838

Closes: 980326

CVEs referenced: CVE-2021-3181

DSA: 4826

Closes: 979364

CVEs referenced: CVE-2020-8252 CVE-2020-8265 CVE-2020-8287

Closes: 979670

CVEs referenced: CVE-2021-1056

Lintian issues: source

Closes: 969085 969755 969889 969894 970093 970390 972468 972511 979672

CVEs referenced: CVE-2021-1056

Lintian issues: source

Reason: some changes need further discussion; too late for 10.2

Request: 941901

Closes: 941897

CVEs referenced: CVE-2019-17134

DSA: 4836

Closes: 980132

CVEs referenced: CVE-2015-8011 CVE-2020-27827

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64el

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64elsource

DSA: 4513

CVEs referenced: CVE-2019-10197

Blocked by #939419; cannot be accepted
         

Closes: 930613 957284 977272 979121

Lintian issues: source

DSA: 4839

CVEs referenced: CVE-2021-3156

DSA: 4808

CVEs referenced: CVE-2020-27350

Binary debdiffs: amd64i386

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 4801

CVEs referenced: CVE-2020-8927

Reason: update Mozilla CA bundle to 2.40, blacklist distrusted Symantec roots and expired "AddTrust External Root"

Request: 962152

µdebs: present

Closes: 911289 955038 956411 961907

Binary debdiffs: all

Reason: fix SQL injection issue [CVE-2020-35701] and stored XSS issue

Request: 980762

Closes: 979998

CVEs referenced: CVE-2020-35701

DSA: 4832

Closes: 979135 979520

CVEs referenced: CVE-2020-15995 CVE-2020-16043 CVE-2021-21106 CVE-2021-21107 CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111 CVE-2021-21112 CVE-2021-21113 CVE-2021-21114 CVE-2021-21115 CVE-2021-21116

This upload was superseded by a more current one.

DSA: 4824

CVEs referenced: CVE-2019-8075 CVE-2020-15959 CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966 CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 CVE-2020-15972 CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 CVE-2020-15976 CVE-2020-15977 CVE-2020-15978 CVE-2020-15979 CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983 CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987 CVE-2020-15988 CVE-2020-15989 CVE-2020-15990 CVE-2020-15991 CVE-2020-15992 CVE-2020-15999 CVE-2020-16000 CVE-2020-16001 CVE-2020-16002 CVE-2020-16003 CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16007 CVE-2020-16008 CVE-2020-16009 CVE-2020-16011 CVE-2020-16012 CVE-2020-16013 CVE-2020-16014 CVE-2020-16015 CVE-2020-16016 CVE-2020-16017 CVE-2020-16018 CVE-2020-16019 CVE-2020-16020 CVE-2020-16021 CVE-2020-16022 CVE-2020-16023 CVE-2020-16024 CVE-2020-16025 CVE-2020-16026 CVE-2020-16027 CVE-2020-16028 CVE-2020-16029 CVE-2020-16030 CVE-2020-16031 CVE-2020-16032 CVE-2020-16033 CVE-2020-16034 CVE-2020-16035 CVE-2020-16036 CVE-2020-16037 CVE-2020-16038 CVE-2020-16039 CVE-2020-16040 CVE-2020-16041 CVE-2020-16042 CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530 CVE-2020-6531 CVE-2020-6532 CVE-2020-6533 CVE-2020-6534 CVE-2020-6535 CVE-2020-6536 CVE-2020-6537 CVE-2020-6538 CVE-2020-6539 CVE-2020-6540 CVE-2020-6541 CVE-2020-6542 CVE-2020-6543 CVE-2020-6544 CVE-2020-6545 CVE-2020-6546 CVE-2020-6547 CVE-2020-6548 CVE-2020-6549 CVE-2020-6550 CVE-2020-6551 CVE-2020-6552 CVE-2020-6553 CVE-2020-6554 CVE-2020-6555 CVE-2020-6556 CVE-2020-6557 CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567 CVE-2020-6568 CVE-2020-6569 CVE-2020-6570 CVE-2020-6571 CVE-2020-6573 CVE-2020-6574 CVE-2020-6575 CVE-2020-6576

Binary debdiffs: amd64arm64armhfi386

Lintian issues: allamd64arm64armhfi386

DSA: 4829

CVEs referenced: CVE-2020-26262

Reason: list-devices-linux: Support partitions on USB UAS devices

Request: 980458

µdebs: only

Closes: 980455

Reason: add missing build-dependency on tzdata

Closes: 943695

Binary debdiffs: all

Lintian issues: source

DSA: 4825

CVEs referenced: CVE-2020-24386 CVE-2020-25275

Reason: CryptoPkg/BaseCryptLib: fix NULL dereference [CVE-2019-14584]

Request: 977511

Closes: 977300

CVEs referenced: CVE-2019-14584

DSA: 4827

CVEs referenced: CVE-2020-16044

Lintian issues: armhfi386mipsmipsel

This upload was superseded by a more current one.

DSA: 4813

CVEs referenced: CVE-2020-16042 CVE-2020-26971 CVE-2020-26973 CVE-2020-26974 CVE-2020-26978 CVE-2020-35111 CVE-2020-35113

Lintian issues: armhfi386mipsmipsel

DSA: 4830

Closes: 980323

CVEs referenced: CVE-2021-21261

This upload was superseded by a more current one.

DSA: 4830

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: check the maximum allowed accuracy level even for system applications; make the Mozilla API key configurable and use a Debian-specific key by default; fix display of the usage indicator

Request: 978091

Closes: 924516 958497

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix test suite error caused by expired certificate

Request: 979074

Closes: 977552

Distribution mismatch: buster-proposed-updates

Reason: when upgrading grub-pc noninteractively, bail out if grub-install fails; explicitly check whether the target device exists before running grub-install; grub-install: Add backup and restore; don't call grub-install on fresh install of grub-pc

Request: 976094

Binary debdiffs: amd64

Lintian issues: source

Distribution mismatch: buster-proposed-updates

Reason: when upgrading grub-pc noninteractively, bail out if grub-install fails; explicitly check whether the target device exists before running grub-install; grub-install: Add backup and restore; don't call grub-install on fresh install of grub-pc

Request: 976094

Binary debdiffs: arm64

Lintian issues: source

Distribution mismatch: buster-proposed-updates

Reason: when upgrading grub-pc noninteractively, bail out if grub-install fails; explicitly check whether the target device exists before running grub-install; grub-install: Add backup and restore; don't call grub-install on fresh install of grub-pc

Request: 976094

Binary debdiffs: i386

Lintian issues: source

Reason: when upgrading grub-pc noninteractively, bail out if grub-install fails; explicitly check whether the target device exists before running grub-install; grub-install: Add backup and restore; don't call grub-install on fresh install of grub-pc

Request: 976094

µdebs: present

Closes: 966575

Binary debdiffs: amd64arm64armelarmhfi386mipselppc64el

DSA: 4833

This upload was superseded by a more current one.

DSA: 4833

DSA: 4820

Closes: 976872

CVEs referenced: CVE-2020-29565

Binary debdiffs: all

Lintian issues: allsource

DSA: 4823

CVEs referenced: CVE-2019-20933

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix bugs in JSON output; fix race condition that DOSes the system when using ip netns add at boot

Request: 978157

Closes: 949235 961278 972784

Reason: do not trigger the irssi core connect timeout prematurely, thus fixing STARTTLS connections

Request: 980799

Closes: 931886

DSA: 4819

CVEs referenced: CVE-2020-35605

Binary debdiffs: all

Lintian issues: source

Reason: update for new tzdata version

Request: 977978

Binary debdiffs: all

Reason: fix test failure with libdbi-perl 1.642-1+deb10u2

Request: 980133

Closes: 974134

Reason: security fix [CVE-2014-10402]

Request: 973342

Closes: 972180

CVEs referenced: CVE-2014-10401 CVE-2014-10402

Reason: fix heap-based buffer over-read [CVE-2020-28241]

Request: 979724

Closes: 973878

CVEs referenced: CVE-2020-28241

Binary debdiffs: amd64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix another build failure with rustc 1.41

Missing builds: ppc64el

Binary debdiffs: amd64arm64armhfi386mipsmips64elmipsels390x

This upload was superseded by a more current one.

Reason: fix build failures with newer rustc, and ppc64el and s390x with the fix for CVE-2019-20446

Request: 966028

CVEs referenced: CVE-2019-20446

This upload was superseded by a more current one.

Reason: fix denial of service via "billion laughs" attack [CVE-2019-20446]

Request: 966028

CVEs referenced: CVE-2019-20446

DSA: 4828

CVEs referenced: CVE-2020-26258 CVE-2020-26259

This upload was superseded by a more current one.

DSA: 4811

CVEs referenced: CVE-2020-26217

Binary debdiffs: all

Reason: fix build on kernel versions >= 4.19.0-10

Request: 973706

Closes: 972321

DSA: 4810

Closes: 977387

CVEs referenced: CVE-2020-27783

This upload was superseded by a more current one.

DSA: 4810

CVEs referenced: CVE-2020-27783

DSA: 4816

Closes: 971985 971986

CVEs referenced: CVE-2020-35474 CVE-2020-35475 CVE-2020-35477 CVE-2020-35478 CVE-2020-35479 CVE-2020-35480

Reason: builder.py: sbuild call: set '--no-arch-all' explicitly

Request: 955277

Binary debdiffs: all

DSA: 4806

Closes: 975372

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

This upload was superseded by a more current one.

DSA: 4806

Closes: 976594 976595

CVEs referenced: CVE-2020-12695 CVE-2020-28926

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: do not allow invalid hazardous string as section name [CVE-2020-7788]

Request: 977735

Closes: 977718

CVEs referenced: CVE-2020-7788

Reason: fix prototype pollution issue [CVE-2020-7774]

Request: 976392

Closes: 976390

CVEs referenced: CVE-2020-7774

DSA: 4807

µdebs: present

CVEs referenced: CVE-2020-1971

DSA: 4822

CVEs referenced: CVE-2020-29361 CVE-2020-29362 CVE-2020-29363

Reason: security fixes [CVE-2019-10203 CVE-2020-17482]

Request: 970745

Closes: 970729 970737

CVEs referenced: CVE-2019-10203 CVE-2020-17482

Binary debdiffs: amd64arm64armhfi386mipsmips64elmipselppc64els390x

DSA: 4817

Closes: 976108

CVEs referenced: CVE-2020-28948 CVE-2020-28949

Reason: fix buffer overflow [CVE-2020-27818]

Request: 976423

Closes: 976350

CVEs referenced: CVE-2020-27818

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: mipsmipsel

Reason: new upstream stable release; security fixes [CVE-2020-25694 CVE-2020-25695 CVE-2020-25696]

Closes: 974063

CVEs referenced: CVE-2020-25694 CVE-2020-25695 CVE-2020-25696

Binary debdiffs: all

DSA: 4809

Closes: 977000

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

This upload was superseded by a more current one.

DSA: 4809

CVEs referenced: CVE-2020-27351

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: automatically use ACMEv2 API for renewals, to avoid issues with ACMEv1 API removal

Request: 976432

Closes: 971045

Binary debdiffs: all

Reason: fix potential SEGFAULT on connection error

Request: 977172

Binary debdiffs: all

DSA: 4821

Closes: 978491

CVEs referenced: CVE-2020-35730

DSA: 4831

Closes: 980057

CVEs referenced: CVE-2020-26298

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 4837

CVEs referenced: CVE-2020-16846 CVE-2020-17490 CVE-2020-25592

Reason: python{,3}-silx: Add dependency on python{,3}-scipy

Request: 980453

Closes: 954352

Binary debdiffs: allamd64arm64armhfi386

Reason: fix buffer overflows [CVE-2020-7039 CVE-2020-8608]

Request: 977895

CVEs referenced: CVE-2020-7039 CVE-2020-8608

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 4818

Closes: 952428 961491 971904 976020

CVEs referenced: CVE-2020-10936 CVE-2020-26880 CVE-2020-26932 CVE-2020-29668 CVE-2020-9369

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: source

Missing builds: armel

DSA: 4815

This upload was superseded by a more current one.

DSA: 4802

Lintian issues: armhf

DSA: 4835

CVEs referenced: CVE-2020-13943 CVE-2020-17527

Binary debdiffs: all

DSA: 4805

CVEs referenced: CVE-2020-17508 CVE-2020-17509

Lintian issues: amd64arm64armhfi386mipsmips64elmipselppc64el

Reason: new upstream release

Binary debdiffs: all

Reason: apply further fixes for CVE-2019-13232

Closes: 963996

CVEs referenced: CVE-2019-13232

DSA: 4834

Closes: 979676

CVEs referenced: CVE-2020-26664

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allmipsmips64elmipsel

DSA: 4797

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: mipsmips64elmipselsource

This upload was superseded by a more current one.

DSA: 4797

CVEs referenced: CVE-2020-13584 CVE-2020-9948 CVE-2020-9951 CVE-2020-9952 CVE-2020-9983

Binary debdiffs: allamd64arm64armelarmhfi386mipsmipselppc64els390x

Lintian issues: mipsmipsel

DSA: 4812

CVEs referenced: CVE-2020-29479 CVE-2020-29480 CVE-2020-29481 CVE-2020-29482 CVE-2020-29483 CVE-2020-29484 CVE-2020-29485 CVE-2020-29486 CVE-2020-29566 CVE-2020-29570 CVE-2020-29571

Lintian issues: source

This upload was superseded by a more current one.

DSA: 4804

CVEs referenced: CVE-2020-27670 CVE-2020-27671 CVE-2020-27672 CVE-2020-27674 CVE-2020-28368 CVE-2020-29040

DSA: 4814

CVEs referenced: CVE-2018-1311

DSA: 4803

µdebs: present

CVEs referenced: CVE-2020-14360 CVE-2020-25712

Lintian issues: source