Queue Overview for "proposed-updates"

DSA: 4714

CVEs referenced: CVE-2020-6423 CVE-2020-6430 CVE-2020-6431 CVE-2020-6432 CVE-2020-6433 CVE-2020-6434 CVE-2020-6435 CVE-2020-6436 CVE-2020-6437 CVE-2020-6438 CVE-2020-6439 CVE-2020-6440 CVE-2020-6441 CVE-2020-6442 CVE-2020-6443 CVE-2020-6444 CVE-2020-6445 CVE-2020-6446 CVE-2020-6447 CVE-2020-6448 CVE-2020-6454 CVE-2020-6455 CVE-2020-6456 CVE-2020-6457 CVE-2020-6458 CVE-2020-6459 CVE-2020-6460 CVE-2020-6461 CVE-2020-6462 CVE-2020-6463 CVE-2020-6464 CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469 CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474 CVE-2020-6475 CVE-2020-6476 CVE-2020-6478 CVE-2020-6479 CVE-2020-6480 CVE-2020-6481 CVE-2020-6482 CVE-2020-6483 CVE-2020-6484 CVE-2020-6485 CVE-2020-6486 CVE-2020-6487 CVE-2020-6488 CVE-2020-6489 CVE-2020-6490 CVE-2020-6491 CVE-2020-6493 CVE-2020-6494 CVE-2020-6495 CVE-2020-6496 CVE-2020-6497 CVE-2020-6498 CVE-2020-6505 CVE-2020-6506 CVE-2020-6507 CVE-2020-6509 CVE-2020-6831

Binary debdiffs: amd64arm64

Lintian issues: allamd64arm64source

DSA: 4711

Closes: 951876

CVEs referenced: CVE-2020-4067 CVE-2020-6061 CVE-2020-6062

CVEs referenced: CVE-2018-10958 CVE-2018-10999 CVE-2018-16336

Closes: 954070

Lintian issues: source

DSA: 4713

CVEs referenced: CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421

Lintian issues: armhfi386mipsmipselsource

Reason: fix change of WEBROOT

Request: 945592

Queries on changes; could also do with better description
         

DSA: 4712

Closes: 927828 927830 928206 928207 931189 931190 931191 931192 931193 931196 931342 931447 931448 931452 931453 931454 931455 931457 931740 932079 941670 941671 947308 947309 955025

CVEs referenced: CVE-2019-10649 CVE-2019-11470 CVE-2019-11472 CVE-2019-11597 CVE-2019-11598 CVE-2019-12974 CVE-2019-12975 CVE-2019-12976 CVE-2019-12977 CVE-2019-12978 CVE-2019-12979 CVE-2019-13135 CVE-2019-13137 CVE-2019-13295 CVE-2019-13297 CVE-2019-13300 CVE-2019-13301 CVE-2019-13304 CVE-2019-13305 CVE-2019-13307 CVE-2019-13308 CVE-2019-13309 CVE-2019-13311 CVE-2019-13454 CVE-2019-14981 CVE-2019-15139 CVE-2019-15140 CVE-2019-16708 CVE-2019-16710 CVE-2019-16711 CVE-2019-16713 CVE-2019-19948 CVE-2019-19949 CVE-2019-7175 CVE-2019-7395 CVE-2019-7396 CVE-2019-7397 CVE-2019-7398

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

Closes: 962345

CVEs referenced: CVE-2020-0182 CVE-2020-0198

Reason: maidag: drop setuid privileges for all delivery operations but mda [CVE-2019-18862]

Closes: 944265

CVEs referenced: CVE-2019-18862

Awaiting fix in unstable (and potential version change)
         

Closes: 940848

CVEs referenced: CVE-2019-3689

Closes: 951091 956458 960735 963766

CVEs referenced: CVE-2020-5963 CVE-2020-5967

Closes: 956458 960735 963908

CVEs referenced: CVE-2020-5963 CVE-2020-5967

Reason: some changes need further discussion; too late for 10.2

Request: 941901

Closes: 941897

CVEs referenced: CVE-2019-17134

DSA: 4662

Binary debdiffs: allamd64arm64armhfi386mipsppc64els390x

Lintian issues: source

DSA: 4626

Lintian issues: source

DSA: 4513

CVEs referenced: CVE-2019-10197

DSA: 4681

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elppc64els390x

Lintian issues: mipsmips64elsource

DSA: 4686

Closes: 947124

CVEs referenced: CVE-2019-17571

Binary debdiffs: all

Lintian issues: all

DSA: 4685

CVEs referenced: CVE-2020-3810

Binary debdiffs: amd64i386

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

CI: [elbrus] the maintainer is aware and has fixed it in git
         

Reason: ensure removal succeeds under non-English locales; do not fail removal if some files no longer exist; add missing dependencies on pciutils and ca-certificates

Request: 962306

Closes: 956858 960791

Binary debdiffs: all

DSA: 4689

µdebs: present

Closes: 945171

CVEs referenced: CVE-2019-6477 CVE-2020-8616 CVE-2020-8617

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

CI: [elbrus] pdns autopkgtest usually doesn't pass
         

Reason: fix index corruption bug leading to data loss

Request: 959661

Closes: 953615

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: update required version of ruby-molinillo

Request: 960020

Closes: 945481

Binary debdiffs: all

Reason: update Mozilla CA bundle to 2.40, blacklist distrusted Symantec roots and expired "AddTrust External Root"

Request: 962152

µdebs: present

Closes: 911289 955038 956411 961907

Binary debdiffs: all

Reason: new upstream release; security fixes [CVE-2020-3327 CVE-2020-3341]

Request: 961439

CVEs referenced: CVE-2020-3327 CVE-2020-3341

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allsource

Reason: fix the Python module's handling of values containing "="

Request: 959890

Closes: 959887

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 4690

Closes: 960963

CVEs referenced: CVE-2020-10957 CVE-2020-10958 CVE-2020-10967

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

Reason: new upstream release

Request: 961212

CVEs referenced: CVE-2020-10722 CVE-2020-10723 CVE-2020-10724

Binary debdiffs: amd64arm64armhfi386ppc64el

Lintian issues: allsource

This upload was superseded by a more current one.

DSA: 4688

CVEs referenced: CVE-2020-10722 CVE-2020-10723 CVE-2020-10724

Lintian issues: all

DSA: 4687

CVEs referenced: CVE-2020-12783

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

DSA: 4695

Closes: 961762

CVEs referenced: CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410

Lintian issues: armhfi386mipsmipselsource

This upload was superseded by a more current one.

DSA: 4678

CVEs referenced: CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-6831

Lintian issues: allamd64arm64armhfi386mipsmips64elmipselppc64els390x

Reason: fix smartcard logins; security fixes [CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526]

Request: 961978

Closes: 919281

CVEs referenced: CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 4697

Closes: 962289

CVEs referenced: CVE-2020-13777

CI: [elbrus] pdns autopkgtest usually doesn't pass
         

DSA: 4675

Closes: 935099 947311 951758

CVEs referenced: CVE-2019-16709 CVE-2019-19953

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

DSA: 4701

CVEs referenced: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549

Binary debdiffs: amd64i386

This upload was superseded by a more current one.

DSA: 4701

CVEs referenced: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549

Reason: fix HTTPS support in jigdo-lite and jigdo-mirror

Request: 962982

Closes: 962776

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 4679

Closes: 959900

Binary debdiffs: all

Reason: fix nginx configuration regression introduced by CVE-2019-19791 fix

Request: 960395

Closes: 960392

CVEs referenced: CVE-2019-19791

Lintian issues: source

Reason: rename Apache configuration file so it can be automatically enabled and disabled

Request: 962227

Closes: 928813

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: new upstream stable release; add an unversioned meta-package

Request: 961441

Closes: 939824

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: mipsmips64elmipselsource

Reason: security fixes [CVE-2020-13112 CVE-2020-13113 CVE-2020-13114]

Request: 961803

Closes: 961407 961409 961410

CVEs referenced: CVE-2020-13112 CVE-2020-13113 CVE-2020-13114

Lintian issues: source

This upload was superseded by a more current one.

Reason: security fixes [CVE-2020-12767 CVE-2020-0093]

Request: 961019

Closes: 960199

CVEs referenced: CVE-2020-0093 CVE-2020-12767

DSA: 4684

Closes: 960458

CVEs referenced: CVE-2020-1763

Reason: fix cache corruption crash, CVE-2019-19333, CVE-2019-19334

Request: 960376

Closes: 946217

CVEs referenced: CVE-2019-19333 CVE-2019-19334

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: armel

DSA: 4699

µdebs: present

Closes: 960271

CVEs referenced: CVE-2019-19462 CVE-2019-3016 CVE-2020-0543 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-12114 CVE-2020-12464 CVE-2020-12768 CVE-2020-12770 CVE-2020-13143

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: mipsmips64elmipselppc64elsource

DSA: 4699

µdebs: present

Closes: 960271

CVEs referenced: CVE-2019-19462 CVE-2019-3016 CVE-2020-0543 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-12114 CVE-2020-12464 CVE-2020-12768 CVE-2020-12770 CVE-2020-13143

Binary debdiffs: amd64

DSA: 4699

µdebs: present

Closes: 960271

CVEs referenced: CVE-2019-19462 CVE-2019-3016 CVE-2020-0543 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-12114 CVE-2020-12464 CVE-2020-12768 CVE-2020-12770 CVE-2020-13143

Binary debdiffs: arm64

DSA: 4699

µdebs: present

Closes: 960271

CVEs referenced: CVE-2019-19462 CVE-2019-3016 CVE-2020-0543 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-12114 CVE-2020-12464 CVE-2020-12768 CVE-2020-12770 CVE-2020-13143

Binary debdiffs: i386

Lintian issues: i386

Reason: fix conffile management

Request: 961514

Closes: 851618 930485 931078 932779 949835

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 4707

This upload was superseded by a more current one.

DSA: 4707

CVEs referenced: CVE-2020-14093 CVE-2020-14154

DSA: 4708

CVEs referenced: CVE-2020-14093

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

DSA: 4692

Closes: 672155 866038 961060

CVEs referenced: CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811 CVE-2020-3812

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix regression introduced in CVE-2020-8116 fix

Request: 960575

Closes: 960283

CVEs referenced: CVE-2020-8116

Lintian issues: source

Reason: disallow calling "helperMissing" and "blockHelperMissing" directly [CVE-2019-19919]

Request: 947758

CVEs referenced: CVE-2019-19919

CI: the maintainer wants to look into it and deferred it from the point release
         

Reason: fix prototype pollution [CVE-2020-7598]

Request: 953763

Closes: 953762

CVEs referenced: CVE-2020-7598

DSA: 4696

Closes: 962145

CVEs referenced: CVE-2020-11080 CVE-2020-8172 CVE-2020-8174

Lintian issues: allamd64arm64armhfi386mipsmips64elmipselppc64els390x

Reason: avoid issues with expiry of shipped SSL certificates by using those from the ca-certificates package

Request: 962160

Closes: 961984

Binary debdiffs: all

Reason: fix crash at startup

Request: 960804

Closes: 725859

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: source

DSA: 4691

CVEs referenced: CVE-2020-10030 CVE-2020-10995 CVE-2020-12244

Binary debdiffs: amd64arm64armhfi386mipsmips64elmipselppc64els390x

Reason: fix cross-site scripting vulnerability [CVE-2020-8035]

Request: 961945

CVEs referenced: CVE-2020-8035

Lintian issues: allsource

Reason: fix cross-site scripting vulnerability in breadcrumb output [CVE-2020-8034]

Request: 961921

Closes: 961649

CVEs referenced: CVE-2020-8034

Reason: fix issues in accounting due to socket reuse

Request: 960806

Closes: 960792

Binary debdiffs: all

DSA: 4705

CVEs referenced: CVE-2020-13254 CVE-2020-13596 CVE-2020-9402

Binary debdiffs: all

Lintian issues: allsource

Reason: fix saving of user configured MIME categories

Request: 931678

DSA: 4700

Closes: 962123 962124

CVEs referenced: CVE-2020-13964 CVE-2020-13965

This upload was superseded by a more current one.

DSA: 4674

Closes: 959140 959142

CVEs referenced: CVE-2020-12625 CVE-2020-12626

Reason: fix unsafe object creation vulnerability [CVE-2020-10663]

Request: 962255

CVEs referenced: CVE-2020-10663

Binary debdiffs: amd64armelarmhfi386mipsmips64elmipsels390x

CI: [elbrus] mcollective autopkgtest needs rabbitmq which regularly fails to install in CI testbed (bug #956152)
         

DSA: 4676

Closes: 949222 959684

CVEs referenced: CVE-2019-17361 CVE-2020-11651 CVE-2020-11652

Lintian issues: all

DSA: 4682

CVEs referenced: CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12523 CVE-2019-12524 CVE-2019-12526 CVE-2019-12528 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2020-11945 CVE-2020-8449 CVE-2020-8450

Reason: fix out-of-bounds write [CVE-2018-20020], infinite loop [CVE-2018-20021], improper initialisation [CVE-2018-20022], potential denial-of-service [CVE-2018-20024]

Request: 961936

Closes: 945827

CVEs referenced: CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20024

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Reason: fix dropping privileges in nflog runmode

Request: 954716

Closes: 951181

Missing builds: armel armhf

DSA: 4702

Closes: 960465

Lintian issues: allamd64arm64i386mips64elppc64els390xsource

This upload was superseded by a more current one.

DSA: 4683

DSA: 4680

CVEs referenced: CVE-2019-10072 CVE-2019-12418 CVE-2019-17563 CVE-2019-17569 CVE-2020-1935 CVE-2020-1938

Binary debdiffs: all

Lintian issues: allsource

DSA: 4710

Closes: 963629

CVEs referenced: CVE-2020-9494

DSA: 4694

CVEs referenced: CVE-2020-12662 CVE-2020-12663

Lintian issues: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource

DSA: 4704

CVEs referenced: CVE-2020-13428

DSA: 4709

Closes: 962685

CVEs referenced: CVE-2020-4046 CVE-2020-4047 CVE-2020-4048 CVE-2020-4049 CVE-2020-4050

This upload was superseded by a more current one.

DSA: 4677

Closes: 959391

CVEs referenced: CVE-2020-11025 CVE-2020-11026 CVE-2020-11027 CVE-2020-11028 CVE-2020-11029 CVE-2020-11030

Reason: security fix [CVE-2019-13453]

Request: 954020

Closes: 932556

CVEs referenced: CVE-2019-13453

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: source