Queue Overview for "proposed-updates"

DSA: 5386

Binary debdiffs: amd64arm64armhfi386ppc64el

Lintian issues: source

CVEs referenced: CVE-2023-1810 CVE-2023-1811 CVE-2023-1812 CVE-2023-1813 CVE-2023-1814 CVE-2023-1815 CVE-2023-1816 CVE-2023-1817 CVE-2023-1818 CVE-2023-1819 CVE-2023-1820 CVE-2023-1821 CVE-2023-1822 CVE-2023-1823

Binary debdiffs: armhfppc64el

Lintian issues: source

DSA: 5360

Closes: 1031730

CVEs referenced: CVE-2022-48337 CVE-2022-48338 CVE-2022-48339

Broken on mips64el
         

DSA: 5385

Closes: 982794

CVEs referenced: CVE-2023-1945 CVE-2023-29533 CVE-2023-29535 CVE-2023-29536 CVE-2023-29539 CVE-2023-29541 CVE-2023-29548 CVE-2023-29550

Lintian issues: armhfi386source

Closes: 1018816

Lintian issues: source

Closes: 1011863

DSA: 5388

CVEs referenced: CVE-2023-0836

Closes: 1031185 1033774

CVEs referenced: CVE-2023-0180 CVE-2023-0184 CVE-2023-0185 CVE-2023-0187 CVE-2023-0188 CVE-2023-0189 CVE-2023-0190 CVE-2023-0191 CVE-2023-0194 CVE-2023-0195 CVE-2023-0198 CVE-2023-0199

Lintian issues: source

DSA: 5384

CVEs referenced: CVE-2022-36354 CVE-2022-41639 CVE-2022-41649 CVE-2022-41684 CVE-2022-41794 CVE-2022-41837 CVE-2022-41838 CVE-2022-41977 CVE-2022-41981 CVE-2022-41988 CVE-2022-41999 CVE-2022-43592 CVE-2022-43593 CVE-2022-43594 CVE-2022-43595 CVE-2022-43596 CVE-2022-43597 CVE-2022-43598 CVE-2022-43599 CVE-2022-43600 CVE-2022-43601 CVE-2022-43602 CVE-2022-43603

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5387

Closes: 1034042

CVEs referenced: CVE-2023-1668

Lintian issues: amd64arm64i386ppc64el

DSA: 5146

CVEs referenced: CVE-2021-41136

DSA: 5146

Closes: 1005391 1008723

CVEs referenced: CVE-2022-23634 CVE-2022-24790

DSA: 5389

CVEs referenced: CVE-2021-22942 CVE-2023-23913 CVE-2023-28120

DSA: 5354

CVEs referenced: CVE-2020-3299 CVE-2020-3315 CVE-2021-1223 CVE-2021-1224 CVE-2021-1236 CVE-2021-1494 CVE-2021-1495 CVE-2021-34749 CVE-2021-40114

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64el

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64elsource

Version greater than sid, sec suggest removal
         

Lintian issues: source

Reason: fix validity checks, including fixing deletion of feeds and folders

Request: 1028571

Closes: 1027689

Lintian issues: source

Reason: don't automatically enable apache2-doc.conf; fix regressions in http2 and mod_rewrite introduced in 2.4.56

Request: 1033770

Closes: 1018718 1033284 1033408

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allmips64elmipsel

This upload was superseded by a more current one.

DSA: 5376

Closes: 1032476

CVEs referenced: CVE-2023-25690 CVE-2023-27522

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allmips64elmipsel

DSA: 5370

CVEs referenced: CVE-2022-24963

Lintian issues: mips64elmipselsource

DSA: 5364

CVEs referenced: CVE-2022-25147

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64el

Lintian issues: source

DSA: 5358

CVEs referenced: CVE-2022-23537 CVE-2022-23547 CVE-2022-31031 CVE-2022-37325 CVE-2022-39244 CVE-2022-39269 CVE-2022-42705 CVE-2022-42706

Reason: set stop timeout to 5 seconds, so as not to needlessly block system shutdowns

Request: 1030264

µdebs: present

Closes: 890833

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix local denial of service issue [CVE-2021-3468]

Request: 1028386

Closes: 984938

CVEs referenced: CVE-2021-3468

DSA: 5329

CVEs referenced: CVE-2022-3094 CVE-2022-3736 CVE-2022-3924

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: prevent stack overflow and denial of service [CVE-2022-4904]

Request: 1031652

Closes: 1031525

CVEs referenced: CVE-2022-4904

Lintian issues: mips64elmipselsource

DSA: 5382

Closes: 1033295

CVEs referenced: CVE-2023-27586

Reason: avoid privilege escalation

Request: 1026078

Upload does not match approved diff, no response on request
         

DSA: 5377

Closes: 1015367 1033015 1033223

CVEs referenced: CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531 CVE-2023-1532 CVE-2023-1533 CVE-2023-1534

This upload was superseded by a more current one.

DSA: 5371

CVEs referenced: CVE-2023-1213 CVE-2023-1214 CVE-2023-1215 CVE-2023-1216 CVE-2023-1217 CVE-2023-1218 CVE-2023-1219 CVE-2023-1220 CVE-2023-1221 CVE-2023-1222 CVE-2023-1223 CVE-2023-1224 CVE-2023-1225 CVE-2023-1226 CVE-2023-1227 CVE-2023-1228 CVE-2023-1229 CVE-2023-1230 CVE-2023-1231 CVE-2023-1232 CVE-2023-1233 CVE-2023-1234 CVE-2023-1235 CVE-2023-1236

Lintian issues: ppc64el

This upload was superseded by a more current one.

DSA: 5359

CVEs referenced: CVE-2023-0927 CVE-2023-0928 CVE-2023-0929 CVE-2023-0930 CVE-2023-0931 CVE-2023-0932 CVE-2023-0933 CVE-2023-0941

Lintian issues: ppc64el

This upload was superseded by a more current one.

DSA: 5345

Closes: 1030160

CVEs referenced: CVE-2023-0696 CVE-2023-0697 CVE-2023-0698 CVE-2023-0699 CVE-2023-0700 CVE-2023-0701 CVE-2023-0702 CVE-2023-0703 CVE-2023-0704 CVE-2023-0705

Lintian issues: ppc64el

This upload was superseded by a more current one.

DSA: 5328

Closes: 1011346

CVEs referenced: CVE-2023-0471 CVE-2023-0472 CVE-2023-0473 CVE-2023-0474

This upload was superseded by a more current one.

DSA: 5317

CVEs referenced: CVE-2023-0128 CVE-2023-0129 CVE-2023-0130 CVE-2023-0131 CVE-2023-0132 CVE-2023-0133 CVE-2023-0134 CVE-2023-0135 CVE-2023-0136 CVE-2023-0137 CVE-2023-0138 CVE-2023-0139 CVE-2023-0140 CVE-2023-0141

Lintian issues: ppc64el

This upload was superseded by a more current one.

DSA: 5302

CVEs referenced: CVE-2022-4436 CVE-2022-4437 CVE-2022-4438 CVE-2022-4439 CVE-2022-4440

DSA: 5338

Closes: 1029562

CVEs referenced: CVE-2022-47951

Binary debdiffs: all

Reason: new upstream stable release; fix possible remote code execution issue in the HFS+ file parser [CVE-2023-20032], possible information leak in the DMG file parser [CVE-2023-20052]

Request: 1031536

Closes: 1031509

CVEs referenced: CVE-2023-20032 CVE-2023-20052

Reason: add new non-free-firmware component, fixing upgrades to bookworm

Request: 1031783

Closes: 1029803

Lintian issues: allsource

Reason: fix denial of service issue [CVE-2023-25153]; fix possible privilege escalation via incorrect setup of supplementary groups [CVE-2023-25173]

Request: 1031630

CVEs referenced: CVE-2023-25153 CVE-2023-25173

Binary debdiffs: all

Reason: fix capability escalation issue due to containers being incorrectly started with non-empty default permissions [CVE-2022-27650]

Request: 1031109

CVEs referenced: CVE-2022-27650

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5365

CVEs referenced: CVE-2023-23916

This upload was superseded by a more current one.

DSA: 5365

CVEs referenced: CVE-2022-27774

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

This upload was superseded by a more current one.

DSA: 5330

CVEs referenced: CVE-2022-27774

This upload was superseded by a more current one.

DSA: 5330

CVEs referenced: CVE-2021-22946 CVE-2022-32221 CVE-2022-43552

Reason: add missing dependency on python3-distutils

Request: 1025329

Closes: 1025327

Binary debdiffs: all

Reason: add bookworm keys; move stretch keys to the removed keyring

Request: 1033157

µdebs: present

Closes: 1029214 1029215

Binary debdiffs: all

Reason: extend the 2023 signing key's expiration by one year; add 2024 signing key; move 2022 signing key to the removed keyring

Request: 1030732

µdebs: present

Binary debdiffs: all

Lintian issues: source

DSA: 5379

Closes: 1033370

CVEs referenced: CVE-2023-28686

Reason: new upstream stable release

Request: 1026074

Binary debdiffs: amd64arm64armhfi386ppc64el

Reason: fix build failure by adding build dependency on e2fsprogs

Request: 1027772

Closes: 1027361

DSA: 5314

Closes: 1025009

CVEs referenced: CVE-2022-45939

Reason: fix client authentication bypass issue [CVE-2022-37026]; use -O1 optimization for armel because -O2 makes erl segfault on certain platforms, e.g. Marvell

Closes: 1023673

CVEs referenced: CVE-2022-37026

Reason: security fixes [CVE-2021-29458 CVE-2021-29463 CVE-2021-29464 CVE-2021-29470 CVE-2021-29473 CVE-2021-29623 CVE-2021-32815 CVE-2021-34334 CVE-2021-34335 CVE-2021-3482 CVE-2021-37615 CVE-2021-37616 CVE-2021-37618 CVE-2021-37619 CVE-2021-37620 CVE-2021-37621 CVE-2021-37622 CVE-2021-37623]

Request: 1028395

Closes: 986888 987277 987450 987736 988241 988242 988481 992705 992706 992707

CVEs referenced: CVE-2021-29458 CVE-2021-29463 CVE-2021-29464 CVE-2021-29470 CVE-2021-29473 CVE-2021-29623 CVE-2021-31292 CVE-2021-32815 CVE-2021-34334 CVE-2021-34335 CVE-2021-3482 CVE-2021-37615 CVE-2021-37616 CVE-2021-37618 CVE-2021-37619 CVE-2021-37620 CVE-2021-37621 CVE-2021-37622 CVE-2021-37623

Binary debdiffs: all

Lintian issues: mips64elmipselsource

Missing builds: mips64el mipsel

DSA: 5374

CVEs referenced: CVE-2023-25751 CVE-2023-25752 CVE-2023-28162 CVE-2023-28164 CVE-2023-28176

Lintian issues: allamd64arm64armhfi386ppc64els390xsource

This upload was superseded by a more current one.

DSA: 5350

CVEs referenced: CVE-2023-0767 CVE-2023-25728 CVE-2023-25729 CVE-2023-25730 CVE-2023-25732 CVE-2023-25735 CVE-2023-25737 CVE-2023-25739 CVE-2023-25742 CVE-2023-25744 CVE-2023-25746

Lintian issues: allamd64arm64i386ppc64els390x

This upload was superseded by a more current one.

DSA: 5322

Closes: 1028809

CVEs referenced: CVE-2022-46871 CVE-2022-46877 CVE-2023-23598 CVE-2023-23601 CVE-2023-23602 CVE-2023-23603 CVE-2023-23605

Lintian issues: allamd64arm64armhfi386ppc64els390x

This upload was superseded by a more current one.

DSA: 5301

CVEs referenced: CVE-2022-46872 CVE-2022-46874 CVE-2022-46878 CVE-2022-46880 CVE-2022-46881 CVE-2022-46882

Binary debdiffs: allamd64arm64armhfi386ppc64els390x

Lintian issues: arm64armhfi386

This upload was superseded by a more current one.

DSA: 5282

CVEs referenced: CVE-2022-45403 CVE-2022-45404 CVE-2022-45405 CVE-2022-45406 CVE-2022-45408 CVE-2022-45409 CVE-2022-45410 CVE-2022-45411 CVE-2022-45412 CVE-2022-45416 CVE-2022-45418 CVE-2022-45420 CVE-2022-45421

Binary debdiffs: allamd64arm64armhfi386ppc64els390x

Lintian issues: arm64armhfi386

This upload was superseded by a more current one.

DSA: 5259

CVEs referenced: CVE-2022-42927 CVE-2022-42928 CVE-2022-42929 CVE-2022-42932

Binary debdiffs: allamd64arm64armhfi386ppc64els390x

Lintian issues: arm64armhfi386

This upload was superseded by a more current one.

DSA: 5237

CVEs referenced: CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959 CVE-2022-40960 CVE-2022-40962

Binary debdiffs: allamd64arm64i386ppc64els390x

Lintian issues: arm64i386

Reason: fix open redirect vulnerability [CVE-2021-23385]

Request: 1031279

CVEs referenced: CVE-2021-23385

Lintian issues: all

Reason: new upstream stable release; escape special characters when displaying permissions and metadata [CVE-2023-28101]; don't allow copy/paste via the TIOCLINUX ioctl when running in a Linux virtual console [CVE-2023-28100]

Request: 1033160

Closes: 1033098 1033099

CVEs referenced: CVE-2023-28100 CVE-2023-28101

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

DSA: 5362

CVEs referenced: CVE-2022-37032

DSA: 5306

CVEs referenced: CVE-2021-40393 CVE-2021-40394 CVE-2021-40401 CVE-2021-40403

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

DSA: 5383

Closes: 1033757

CVEs referenced: CVE-2023-28879

This upload was superseded by a more current one.

Reason: fix path for PostScript helper file in ps2epsi

Request: 1029619

Closes: 1003926 1029541

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5357

CVEs referenced: CVE-2023-22490 CVE-2023-23946

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

This upload was superseded by a more current one.

DSA: 5332

CVEs referenced: CVE-2022-23521 CVE-2022-24765 CVE-2022-29187 CVE-2022-39253 CVE-2022-39260 CVE-2022-41903

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5336

Closes: 1029563

CVEs referenced: CVE-2022-47951

DSA: 5349

CVEs referenced: CVE-2023-0361

Reason: do not enter the process user namespace [CVE-2022-1227]

Request: 1027258

Closes: 1020907

CVEs referenced: CVE-2022-1227

Reason: make previously internal functions publicly accessible, required to allow fixing CVE-2022-1227 in other packages

Request: 1027257

CVEs referenced: CVE-2022-1227

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix authentication cache poisoning issue [CVE-2022-46146]

Request: 1026177

Closes: 1025127

CVEs referenced: CVE-2022-46146

Binary debdiffs: all

This upload was superseded by a more current one.

Reason: patch tests to avoid race condition

Request: 1026177

Closes: 1013578

Reason: fix incorrect matching when the last of multiple patterns includes a backref

Request: 1029680

Closes: 1029235

Reason: fix Wayland + EGL on GLES-only platforms

Request: 1031926

µdebs: present

Closes: 1020937

Lintian issues: mips64elmipselsource

DSA: 5348

CVEs referenced: CVE-2023-0056 CVE-2023-25725

Lintian issues: source

DSA: 5344

CVEs referenced: CVE-2022-45142

DSA: 5313

CVEs referenced: CVE-2022-41853

Lintian issues: source

DSA: 5347

CVEs referenced: CVE-2022-44267 CVE-2022-44268

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: new upstream bug-fix release

Request: 1033079

Closes: 1031334

CVEs referenced: CVE-2022-21216 CVE-2022-21233 CVE-2022-33196 CVE-2022-33972 CVE-2022-38090

Binary debdiffs: amd64i386

Lintian issues: amd64i386source

Reason: fix IPv6 address lifetime handling

Request: 1028313

µdebs: present

Closes: 1022969

Reason: fix build failure with libjettison-java 1.5.3

Request: 1028486

Reason: fix arbitrary code execution issue [CVE-2022-21797]

Request: 1033578

Closes: 1020820

CVEs referenced: CVE-2022-21797

Binary debdiffs: all

DSA: 5318

Closes: 1024429

CVEs referenced: CVE-2022-44641

Lintian issues: all

Reason: fix URL validation bypass issue; fix 2FA issue when using AuthBasic handler [CVE-2023-28862]

Request: 1030598

CVEs referenced: CVE-2023-28862

NOTE: needs unblock for bookworm
         

Reason: fix open redirect issue [CVE-2022-23527]

Request: 1026447

Closes: 1026444

CVEs referenced: CVE-2022-23527

Lintian issues: mips64elmipselsource

Reason: fix buffer overflow issue [CVE-2022-22728]

Request: 1029217

Closes: 1018191

CVEs referenced: CVE-2022-22728

DSA: 5307

Closes: 1025910

CVEs referenced: CVE-2021-37533

Binary debdiffs: all

Lintian issues: all

Reason: update included data

Request: 1033669

Binary debdiffs: all

This upload was superseded by a more current one.

Reason: update included data

Request: 1033412

Binary debdiffs: all

DSA: 5346

Closes: 1004963 1014977 1014999 1025816 1027179 1029357 1029396 1029397

CVEs referenced: CVE-2020-21594 CVE-2020-21595 CVE-2020-21596 CVE-2020-21597 CVE-2020-21598 CVE-2020-21599 CVE-2020-21600 CVE-2020-21601 CVE-2020-21602 CVE-2020-21603 CVE-2020-21604 CVE-2020-21605 CVE-2020-21606 CVE-2021-35452 CVE-2021-36408 CVE-2021-36409 CVE-2021-36410 CVE-2021-36411 CVE-2022-1253 CVE-2022-43235 CVE-2022-43236 CVE-2022-43237 CVE-2022-43238 CVE-2022-43239 CVE-2022-43240 CVE-2022-43241 CVE-2022-43242 CVE-2022-43243 CVE-2022-43244 CVE-2022-43245 CVE-2022-43248 CVE-2022-43249 CVE-2022-43250 CVE-2022-43252 CVE-2022-43253 CVE-2022-47655

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: armelarmhfmips64elmipsel

Reason: enhance compatibility with newer kernel versions - Linux 5.11 no longer has if_frad.h, termiox removed since kernel 5.12

Request: 1025703

Closes: 997222

Reason: enable SSH key verification by defualt [CVE-2023-22742]

Request: 1031948

Closes: 1029368

CVEs referenced: CVE-2023-22742

DSA: 5339

Closes: 1029400

CVEs referenced: CVE-2023-24038

Binary debdiffs: all

DSA: 5323

CVEs referenced: CVE-2021-43113

Binary debdiffs: all

DSA: 5312

CVEs referenced: CVE-2022-40150 CVE-2022-45685 CVE-2022-45693

Binary debdiffs: all

Lintian issues: source

DSA: 5305

Lintian issues: source

Reason: fix privilege escalation issue [CVE-2022-1227]; fix capability escalation issue due to containers being incorrectly started with non-empty default permissions [CVE-2022-27649]

Request: 1034039

Closes: 1020906 1020907

CVEs referenced: CVE-2022-1227 CVE-2022-27649

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

This upload was superseded by a more current one.

Reason: fix privilege escalation issue [CVE-2022-1227]; fix capability escalation issue due to containers being incorrectly started with non-empty default permissions [CVE-2022-27649]

Request: 1034039

Closes: 1020906 1020907

CVEs referenced: CVE-2022-1227 CVE-2022-27649

Reason: avoid empty -Djava.class.path= [CVE-2022-38745]

Request: 1033506

CVEs referenced: CVE-2022-38745

Binary debdiffs: all

Lintian issues: all

This upload was superseded by a more current one.

Reason: change Croatia's default currency to Euro

Request: 1027298

Binary debdiffs: all

DSA: 5368

Closes: 1031821

CVEs referenced: CVE-2023-23009

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

Reason: fix test failures when combined with newer Xen versions

Request: 1030709

This upload was superseded by a more current one.

Reason: fix container reboot-related issues

Request: 1024805

Closes: 983871 991773

Reason: fix infinite loop issues [CVE-2022-44617 CVE-2022-46285]; fix double free issue in error handling code; fix "compression commands depend on PATH" [CVE-2022-4883]

Request: 1029651

CVEs referenced: CVE-2022-44617 CVE-2022-46285 CVE-2022-4883

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

DSA: 5315

Closes: 1027754

CVEs referenced: CVE-2022-41966

Binary debdiffs: all

Lintian issues: source

DSA: 5324

µdebs: present

Closes: 1008501 1027430 1027483 825141

CVEs referenced: CVE-2022-2873 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-45934 CVE-2022-4696 CVE-2022-47929 CVE-2023-0179 CVE-2023-0266 CVE-2023-0394 CVE-2023-23454 CVE-2023-23455

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

DSA: 5324

µdebs: present

Closes: 1008501 1027430 1027483 825141

CVEs referenced: CVE-2022-2873 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-45934 CVE-2022-4696 CVE-2022-47929 CVE-2023-0179 CVE-2023-0266 CVE-2023-0394 CVE-2023-23454 CVE-2023-23455

Binary debdiffs: amd64

Lintian issues: amd64source

DSA: 5324

µdebs: present

Closes: 1008501 1027430 1027483 825141

CVEs referenced: CVE-2022-2873 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-45934 CVE-2022-4696 CVE-2022-47929 CVE-2023-0179 CVE-2023-0266 CVE-2023-0394 CVE-2023-23454 CVE-2023-23455

Binary debdiffs: arm64

Lintian issues: arm64source

DSA: 5324

µdebs: present

Closes: 1008501 1027430 1027483 825141

CVEs referenced: CVE-2022-2873 CVE-2022-3545 CVE-2022-3623 CVE-2022-36280 CVE-2022-41218 CVE-2022-45934 CVE-2022-4696 CVE-2022-47929 CVE-2023-0179 CVE-2023-0266 CVE-2023-0394 CVE-2023-23454 CVE-2023-23455

Binary debdiffs: i386

Lintian issues: i386source

Reason: fix file existence oracle [CVE-2022-47952]

Request: 1029121

CVEs referenced: CVE-2022-47952

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

Reason: fix build failure by adding build dependency on docbook-xsl

Request: 1028054

Closes: 1027828

Reason: new upstream stable release

Request: 1031042

Closes: 1027337

CVEs referenced: CVE-2022-27385

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: all

Reason: remove desktop file

Request: 1031527

Closes: 972146

Binary debdiffs: amd64arm64armelarmhfi386mipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipselppc64els390x

DSA: 5366

µdebs: present

Closes: 1022742

CVEs referenced: CVE-2022-41973 CVE-2022-41974

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: guard against corrupt terminfo data [CVE-2022-29458]; fix tic crash on very long tc/use clauses

Request: 1030888

µdebs: present

Closes: 1009870 1029399

CVEs referenced: CVE-2022-29458

Reason: fix warnings when using "-b" option

Request: 1029147

Closes: 1026927

Lintian issues: source

DSA: 5316

Closes: 1001437 1014769 1027180

CVEs referenced: CVE-2021-37136 CVE-2021-37137 CVE-2021-43797 CVE-2022-41881 CVE-2022-41915

Binary debdiffs: all

Reason: guard against maliciously-sized cookies [CVE-2022-25901]

Request: 1032134

CVEs referenced: CVE-2022-25901

DSA: 5373

CVEs referenced: CVE-2022-43441

Binary debdiffs: arm64armhfi386mips64elmipselppc64els390x

Lintian issues: mips64elmipselsource

Reason: avoid cross-realm object access [CVE-2023-28154]

Request: 1032921

Closes: 1032904

CVEs referenced: CVE-2023-28154

NOTE: needs unblock for bookworm
         

DSA: 5326

Closes: 1014914

Binary debdiffs: amd64arm64armhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armhfi386mips64elmipselppc64els390xsource

This upload was superseded by a more current one.

DSA: 5326

CVEs referenced: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 CVE-2022-35255 CVE-2022-35256 CVE-2022-43548

Binary debdiffs: amd64arm64armhfi386ppc64els390x

Lintian issues: allamd64arm64armhfi386ppc64els390x

This upload was superseded by a more current one.

DSA: 5170

CVEs referenced: CVE-2021-22959 CVE-2021-22960 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824

Binary debdiffs: amd64arm64armhfi386mipselppc64els390x

Lintian issues: amd64arm64armhfi386mipselppc64els390x

DSA: 5337

Closes: 1029561

CVEs referenced: CVE-2022-47951

DSA: 5353

CVEs referenced: CVE-2023-0767

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

DSA: 5331

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

DSA: 5335

Binary debdiffs: all

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

DSA: 5343

µdebs: present

CVEs referenced: CVE-2022-2097 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0286

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

Reason: fix "openvswitch-switch update leaves interfaces down"

Request: 1030113

Closes: 1008684

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

This upload was superseded by a more current one.

DSA: 5319

Closes: 1027273

CVEs referenced: CVE-2022-4337 CVE-2022-4338

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix compatibility with more recent NodeJS versions

Request: 1029728

Closes: 1025220

DSA: 5363

CVEs referenced: CVE-2023-0567 CVE-2023-0568 CVE-2023-0662

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: remove unnecessary build dependency on libatlas-cpp

Request: 1029994

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: ppc64els390x

DSA: 5300

Closes: 1021278

CVEs referenced: CVE-2020-35511

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: source

Reason: new upstream stable release

Request: 1029385

Reason: fix wrong Polar stereographic axis order

Request: 1031410

Closes: 1031392

Reason: new upstream stable release; fix client memory disclosure issue [CVE-2022-41862]

CVEs referenced: CVE-2022-41862

Binary debdiffs: all

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix CSR version to prevent problems with strictly RFC-complying implementations of the ACME API

Request: 1025925

Closes: 1025891

DSA: 5372

CVEs referenced: CVE-2021-22942 CVE-2021-44528 CVE-2022-21831 CVE-2022-22577 CVE-2022-23633 CVE-2022-27777 CVE-2023-22792 CVE-2023-22794 CVE-2023-22795 CVE-2023-22796

Reason: fix generation of version file

Request: 1028396

Closes: 1028285

Reason: fix some functionality by dropping compatibility with Ruby 1.8

Request: 1029823

Closes: 1029726

DSA: 5310

Closes: 1007225

CVEs referenced: CVE-2022-24720

Reason: new upstream stable release; enable NX support at build time; block Debian grub binaries with sbat < 4

Lintian issues: amd64i386source

This upload was superseded by a more current one.

Reason: new upstream release

Request: 1016179

Distribution mismatch: bullseye-proposed-updates

Reason: new upstream stable release; enable NX support at build time; block Debian grub binaries with sbat < 4

Binary debdiffs: amd64

This upload was superseded by a more current one.

Distribution mismatch: bullseye-proposed-updates

Reason: new upstream release

Request: 1016179

Binary debdiffs: amd64

Distribution mismatch: bullseye-proposed-updates

Reason: new upstream stable release; enable NX support at build time; block Debian grub binaries with sbat < 4

Binary debdiffs: arm64

This upload was superseded by a more current one.

Distribution mismatch: bullseye-proposed-updates

Reason: new upstream release

Request: 1016179

Binary debdiffs: arm64

Distribution mismatch: bullseye-proposed-updates

Reason: new upstream stable release; enable NX support at build time; block Debian grub binaries with sbat < 4

Binary debdiffs: i386

This upload was superseded by a more current one.

Distribution mismatch: bullseye-proposed-updates

Reason: new upstream release

Request: 1016179

Binary debdiffs: i386

Reason: new upstream stable release; enable NX support at build time; block Debian grub binaries with sbat < 4

Binary debdiffs: amd64arm64i386

Reason: add documentation regarding security support / issues

Request: 1031635

Binary debdiffs: all

Lintian issues: all

This upload was superseded by a more current one.

Reason: fix denial of service issues [CVE-2022-25857 CVE-2022-38749 CVE-2022-38750 CVE-2022-38751]

Request: 1031635

CVEs referenced: CVE-2022-25857 CVE-2022-38749 CVE-2022-38750 CVE-2022-38751

Binary debdiffs: all

Lintian issues: all

DSA: 5356

Closes: 1032082

CVEs referenced: CVE-2021-33844

This upload was superseded by a more current one.

DSA: 5356

Closes: 1010374 1012138 1012516 1021133 1021134 1021135

CVEs referenced: CVE-2021-23159 CVE-2021-23172 CVE-2021-23210 CVE-2021-33844 CVE-2021-3643 CVE-2021-40426 CVE-2022-31650 CVE-2022-31651

DSA: 5367

CVEs referenced: CVE-2023-27372

This upload was superseded by a more current one.

DSA: 5325

Lintian issues: all

Reason: fix duplication of code when saving

Request: 1009659

Closes: 989660

DSA: 5321

CVEs referenced: CVE-2023-22809

DSA: 5327

Closes: 1029200

CVEs referenced: CVE-2022-47950

Reason: remove inadvertently introduced dependency increase

Request: 1030851

This upload was superseded by a more current one.

Reason: remove private headers before storing responses with HttpCache [CVE-2022-24894]; remove CSRF tokens from storage on successful login [CVE-2022-24895]

Request: 1030851

CVEs referenced: CVE-2022-24894 CVE-2022-24895

Binary debdiffs: all

DSA: 5369

CVEs referenced: CVE-2022-38725

Reason: fix information leak issue [CVE-2022-4415], denial of service issue [CVE-2022-3821]; ata_id: fix getting Response Code from SCSI Sense Data; logind: fix getting property OnExternalPower via D-Bus; fix crash in systemd-machined

Request: 1026845

µdebs: present

Closes: 1021579 1021644 1023567 1026831

CVEs referenced: CVE-2022-3821 CVE-2022-4415

Missing builds: mips64el

DSA: 5375

Lintian issues: i386source

This upload was superseded by a more current one.

DSA: 5355

Lintian issues: i386

This upload was superseded by a more current one.

DSA: 5303

Binary debdiffs: allamd64arm64i386ppc64els390x

Lintian issues: allamd64arm64i386ppc64els390x

This upload was superseded by a more current one.

DSA: 5284

Binary debdiffs: allamd64arm64i386ppc64els390x

Lintian issues: amd64arm64i386ppc64els390x

This upload was superseded by a more current one.

DSA: 5262

Binary debdiffs: allamd64arm64i386ppc64els390x

Lintian issues: amd64arm64i386ppc64els390x

This upload was superseded by a more current one.

DSA: 5238

Binary debdiffs: allamd64

Lintian issues: amd64

DSA: 5361

This upload was superseded by a more current one.

DSA: 5333

CVEs referenced: CVE-2022-48281

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

This upload was superseded by a more current one.

DSA: 5333

CVEs referenced: CVE-2022-1354 CVE-2022-1355 CVE-2022-1622 CVE-2022-1623 CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2867 CVE-2022-2868 CVE-2022-2869 CVE-2022-2953 CVE-2022-34526 CVE-2022-3570 CVE-2022-3597 CVE-2022-3599 CVE-2022-3627 CVE-2022-3636

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipsels390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipsels390x

DSA: 5381

Closes: 1033475

CVEs referenced: CVE-2022-42252 CVE-2022-45143 CVE-2023-28708

Lintian issues: allsource

This upload was superseded by a more current one.

Reason: add OpenJDK 17 support to JDK detection

Request: 1028468

Closes: 1020948

Lintian issues: all

DSA: 5320

Binary debdiffs: all

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource

Reason: interpret v4mapped-IPv6 addresses as IPv4

Request: 1027264

Binary debdiffs: arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5311

CVEs referenced: CVE-2022-32749 CVE-2022-37392

Binary debdiffs: amd64arm64armhfi386mips64elmipselppc64el

Lintian issues: amd64arm64armhfi386mips64elmipselppc64el

Reason: update data for Greenland, Mexico, Morocco, Palestine and Lebanon

Binary debdiffs: all

Reason: fix Non-Responsive Delegation Attack [CVE-2022-3204]; fix "ghost domain names" issue [CVE-2022-30698 CVE-2022-30699]

Request: 1033993

Closes: 1016493

CVEs referenced: CVE-2022-30698 CVE-2022-30699 CVE-2022-3204

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: add support for VirtualBox 7.0

Request: 1030987

Closes: 1026227

Binary debdiffs: all

DSA: 5334

Closes: 1023751

CVEs referenced: CVE-2022-45060

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

Reason: fix build failures by disabling some non-working tests

Request: 1028546

Closes: 1011698 1021551

Binary debdiffs: all

Lintian issues: all

Reason: fix out-of-bounds write issue [CVE-2022-38223]

Request: 1029320

Closes: 1019599

CVEs referenced: CVE-2022-38223

DSA: 5351

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: mips64elmipsel

This upload was superseded by a more current one.

DSA: 5340

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: mips64elmipsel

This upload was superseded by a more current one.

DSA: 5308

CVEs referenced: CVE-2022-42852 CVE-2022-42856 CVE-2022-42863 CVE-2022-42867 CVE-2022-46691 CVE-2022-46692 CVE-2022-46698 CVE-2022-46699 CVE-2022-46700

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: mips64elmipsel

DSA: 5352

CVEs referenced: CVE-2022-42826 CVE-2023-23517 CVE-2023-23518

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: mips64elmipsel

This upload was superseded by a more current one.

DSA: 5341

CVEs referenced: CVE-2022-42826 CVE-2023-23517 CVE-2023-23518

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: mips64elmipsel

This upload was superseded by a more current one.

DSA: 5309

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: mips64elmipsel

Reason: fix build failure with newer imagemagick versions

Request: 1025654

Closes: 991067

Lintian issues: source

Reason: prevent database corruption on disk exhaustion

Request: 1033082

Closes: 1032398

DSA: 5378

Closes: 1033297

CVEs referenced: CVE-2022-23824 CVE-2022-42331 CVE-2022-42332 CVE-2022-42333 CVE-2022-42334

DSA: 5380

µdebs: present

CVEs referenced: CVE-2023-1393

Lintian issues: source

This upload was superseded by a more current one.

DSA: 5342

µdebs: present

CVEs referenced: CVE-2023-0494

This upload was superseded by a more current one.

DSA: 5304

µdebs: present

Closes: 1026071

CVEs referenced: CVE-2022-4283 CVE-2022-46340 CVE-2022-46341 CVE-2022-46342 CVE-2022-46343 CVE-2022-46344