Queue Overview for "proposed-updates"

TODO items

Removals

List of missing builds
List of missing packages relative to security archive

Resolution Pending (8 uploads for 8 packages)

Package Version Version Problems Installability Problems Architectures Action
brotli 1.0.7-2+deb10u1 Installability problems Built: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390xsource ?

DSA: 4801

CVEs referenced: CVE-2020-8927

horizon 3:14.0.2-3+deb10u1 Installability problems Built: source More info needed

Reason: fix change of WEBROOT

Request: 945592 

Queries on changes; could also do with better description
lttng-modules 2.10.8-1+deb10u1 Installability problems Built: source ?

Closes: 972321

octavia 3.0.0-3+deb10u1 Installability problems Built: source More info needed

Reason: some changes need further discussion; too late for 10.2

Request: 941901

Closes: 941897

CVEs referenced: CVE-2019-17134

pdns 4.1.6-3+deb10u1 Installability problems Built: source ?

Closes: 970729 970737

CVEs referenced: CVE-2019-10203 CVE-2020-17482

postgresql-11 11.10-0+deb10u1 Installability problems Built: source ?

Closes: 974063

CVEs referenced: CVE-2020-25694 CVE-2020-25695 CVE-2020-25696

samba 2:4.9.5+dfsg-5+deb10u1 Installability problems Built: allsource Missing: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x Ok

DSA: 4513

CVEs referenced: CVE-2019-10197

webkit2gtk 2.30.3-1~deb10u1 Installability problems Built: allamd64arm64armelarmhfi386mipsmipselppc64els390xsource Missing: mips64el Ok

DSA: 4797

CVEs referenced: CVE-2020-13584 CVE-2020-9948 CVE-2020-9951 CVE-2020-9952 CVE-2020-9983

Binary debdiffs: allamd64arm64armelarmhfi386mipsmipselppc64els390x

Lintian issues: mipsmipselsource

Pending Processing (0 uploads for 0 packages)

Processed (111 uploads for 80 packages)

Package Version Version Problems Installability Problems Action
base-files 10.3+deb10u7 Installability problems ACCEPTED

Reason: update for the point release

blueman 2.0.8-1+deb10u1 Installability problems ACCEPTED

DSA: 4781

CVEs referenced: CVE-2020-15238

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

ca-certificates 20200601~deb10u1 Installability problems ACCEPTED

Reason: update Mozilla CA bundle to 2.40, blacklist distrusted Symantec roots and expired "AddTrust External Root"

Request: 962152

µdebs: present

Closes: 911289 955038 956411 961907

Binary debdiffs: all

choose-mirror 2.99+deb10u2 Installability problems ACCEPTED

Reason: update mirror list

µdebs: only

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

codemirror-js 5.43.0-1+deb10u1 Installability problems ACCEPTED

DSA: 4789

CVEs referenced: CVE-2020-7760

cups 2.2.10-6+deb10u4 Installability problems ACCEPTED

Reason: fix 'printer-alert' invalid free

Request: 976018

Closes: 961345

dav4tbsync 1.23-1~deb10u1 Installability problems ACCEPTED

Reason: new upstream release, compatible with newer Thunderbird versions

Request: 975086

Binary debdiffs: all

dav4tbsync 1.21-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream release, compatible with newer Thunderbird versions

Request: 971808

Binary debdiffs: all

dav4tbsync 1.16-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream release, compatible with newer Thunderbird versions

Request: 971808

Closes: 971808

debian-installer 20190702+deb10u7 Installability problems ACCEPTED

Reason: use 4.19.0-13 Linux kernel ABI; add grub2 to Built-Using

Closes: 968998

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

debian-installer-netboot-images 20190702+deb10u7 Installability problems ACCEPTED

Reason: rebuild against proposed-updates

Binary debdiffs: all

Lintian issues: all

distro-info-data 0.41+deb10u3 Installability problems ACCEPTED

Reason: add Ubuntu 21.04, Hirsute Hippo

Request: 973655

dpdk 18.11.10-1~deb10u2 Installability problems ACCEPTED

Reason: fix armhf build with NEON

Request: 971277

Binary debdiffs: allamd64arm64armhfi386ppc64el

dpdk 18.11.10-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream stable release; fix remote code execution issue [CVE-2020-14374], TOCTOU issues [CVE-2020-14375], buffer overflow [CVE-2020-14376], buffer over read [CVE-2020-14377] and integer underflow [CVE-2020-14377]

Request: 971277

CVEs referenced: CVE-2020-14374 CVE-2020-14375 CVE-2020-14376 CVE-2020-14377 CVE-2020-14378

Binary debdiffs: allamd64arm64i386ppc64el

eas4tbsync 1.20-1~deb10u1 Installability problems ACCEPTED

Reason: new upstream release, compatible with newer Thunderbird versions

Request: 971809

Binary debdiffs: all

eas4tbsync 1.16-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream release, compatible with newer Thunderbird versions

Request: 971809

Closes: 971809

edk2 0~20181115.85588389-3+deb10u2 Installability problems ACCEPTED

Reason: fix integer overflow in DxeImageVerificationHandler [CVE-2019-14562]

Request: 970518

Closes: 968819

CVEs referenced: CVE-2019-14562

efivar 37-2+deb10u1 Installability problems ACCEPTED

Reason: add support for nvme-fabrics and nvme-subsystem devices; fix uninitialized variable in parse_acpi_root, saving possible segfault

Request: 975425

Closes: 975417

enigmail 2:2.2.4-0.2~deb10u1 Installability problems ACCEPTED

Reason: introduce migration assistant to Thunderbird's built-in GPG support

Request: 975975

Binary debdiffs: all

Lintian issues: source

espeak 1.48.04+dfsg-7+deb10u1 Installability problems ACCEPTED

Reason: fix using espeak with mbrola-fr4 when mbrola-fr1 is not installed

Request: 971944

µdebs: present

fastd 18-3+deb10u1 Installability problems ACCEPTED

Reason: fix memory leak when receiving too many invalid packets [CVE-2020-27638]

Request: 972651

Closes: 972521

CVEs referenced: CVE-2020-27638

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

firefox-esr 78.5.0esr-1~deb10u1 Installability problems ACCEPTED

DSA: 4793

CVEs referenced: CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968

Lintian issues: armhfi386mipsmipsel

firefox-esr 78.4.1esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4788

CVEs referenced: CVE-2020-26950

Lintian issues: armhfi386mipsmipsel

firefox-esr 78.4.0esr-1~deb10u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4778

Lintian issues: armhfi386mipsmipsel

firefox-esr 78.4.0esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4778

CVEs referenced: CVE-2020-15683 CVE-2020-15969

Binary debdiffs: arm64armhfi386mipsmipselppc64els390x

Lintian issues: armhfi386mipsmipsel

firefox-esr 78.3.0esr-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4768

Closes: 939412 946249 946547 960012 960084

CVEs referenced: CVE-2018-6156 CVE-2019-11734 CVE-2019-11735 CVE-2019-11737 CVE-2019-11738 CVE-2019-11740 CVE-2019-11741 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11745 CVE-2019-11746 CVE-2019-11747 CVE-2019-11748 CVE-2019-11749 CVE-2019-11750 CVE-2019-11752 CVE-2019-11754 CVE-2019-11756 CVE-2019-11757 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-11765 CVE-2019-15903 CVE-2019-17000 CVE-2019-17001 CVE-2019-17002 CVE-2019-17005 CVE-2019-17008 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-17013 CVE-2019-17014 CVE-2019-17016 CVE-2019-17017 CVE-2019-17020 CVE-2019-17022 CVE-2019-17023 CVE-2019-17024 CVE-2019-17025 CVE-2019-17026 CVE-2019-20503 CVE-2019-5849 CVE-2019-9812 CVE-2020-12387 CVE-2020-12390 CVE-2020-12391 CVE-2020-12392 CVE-2020-12394 CVE-2020-12395 CVE-2020-12396 CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12407 CVE-2020-12408 CVE-2020-12409 CVE-2020-12410 CVE-2020-12411 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15658 CVE-2020-15659 CVE-2020-15664 CVE-2020-15670 CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 CVE-2020-6463 CVE-2020-6514 CVE-2020-6796 CVE-2020-6798 CVE-2020-6800 CVE-2020-6801 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6808 CVE-2020-6809 CVE-2020-6810 CVE-2020-6811 CVE-2020-6812 CVE-2020-6813 CVE-2020-6814 CVE-2020-6815 CVE-2020-6819 CVE-2020-6820 CVE-2020-6821 CVE-2020-6822 CVE-2020-6823 CVE-2020-6824 CVE-2020-6825 CVE-2020-6826 CVE-2020-6831

Binary debdiffs: allamd64arm64armhfi386mipsmips64elmipselppc64els390x

Lintian issues: amd64arm64armhfi386mipsmips64elmipselppc64els390x

fish 3.0.2-2+deb10u1 Installability problems ACCEPTED

Reason: ensure TTY options are restored on exit

Request: 971685

Closes: 970777

freecol 0.11.6+dfsg2-2+deb10u1 Installability problems ACCEPTED

Reason: fix XML External Entity vulnerability [CVE-2018-1000825]

Request: 971869

Closes: 917023

CVEs referenced: CVE-2018-1000825

freetype 2.9.1-3+deb10u2 Installability problems ACCEPTED

DSA: 4777

µdebs: present

Closes: 972586

CVEs referenced: CVE-2020-15999

Lintian issues: allsource

gajim-omemo 2.6.27-1+deb10u1 Installability problems ACCEPTED

Reason: use 12-byte IV, for better compatibility with iOS clients

Request: 972796

glances 3.1.0-1+deb10u1 Installability problems ACCEPTED

Reason: listen only on localhost by default

Request: 970999

Closes: 970812

Binary debdiffs: all

httpcomponents-client 4.5.7-1+deb10u1 Installability problems ACCEPTED

DSA: 4772

CVEs referenced: CVE-2020-13956

Lintian issues: source

iptables-persistent 1.0.11+deb10u1 Installability problems ACCEPTED

Reason: don't force-load kernel modules; improve rule flushing logic

Request: 963340

Closes: 961589 963012

krb5 1.17-3+deb10u1 Installability problems REJECTED_PERMANENTLY: postgresql-11/11.9-0+deb10u1 [ppc64el] ACCEPTED

DSA: 4795

Closes: 973880

CVEs referenced: CVE-2020-28196

lacme 0.5-1+deb10u2 Installability problems ACCEPTED

Reason: use upstream certificate chain instead of an hardcoded one, easing support for new Let's Encrypt root and intermediate certificates

Request: 975870

Closes: 975862

Binary debdiffs: all

libdatetime-timezone-perl 1:2.23-1+2020d Installability problems ACCEPTED

Reason: update included data

Request: 972389

libdatetime-timezone-perl 1:2.23-1+2020c Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: update included data

Request: 972389

libdatetime-timezone-perl 1:2.23-1+2020b Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: update included data

Request: 971954

libexif 0.6.21-5.1+deb10u5 Installability problems ACCEPTED

DSA: 4786

CVEs referenced: CVE-2020-0452

libimobiledevice 1.2.1~git20181030.92c5462-2+deb10u1 Installability problems ACCEPTED

Reason: add partial support for iOS 14

Request: 970816

libjpeg-turbo 1:1.5.2-2+deb10u1 Installability problems ACCEPTED

Reason: fix denial of service [CVE-2018-1152], buffer over read [CVE-2018-14498], possible remote code execution [CVE-2019-2201], buffer over read [CVE-2020-13790]

Request: 972183

Closes: 902950 924678 962829

CVEs referenced: CVE-2018-1152 CVE-2018-14498 CVE-2019-2201 CVE-2020-13790

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

libproxy 0.4.15-5+deb10u1 Installability problems mips mips64el ACCEPTED

DSA: 4800

Closes: 968366 971394

CVEs referenced: CVE-2020-25219 CVE-2020-26154

Binary debdiffs: all

librsvg 2.44.10-2.1+deb10u3 Installability problems ACCEPTED

Reason: fix another build failure with rustc 1.41

Missing builds: ppc64el

Binary debdiffs: amd64arm64armhfi386mipsmips64elmipsels390x

librsvg 2.44.10-2.1+deb10u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: fix build failures with newer rustc, and ppc64el and s390x with the fix for CVE-2019-20446

Request: 966028

CVEs referenced: CVE-2019-20446

librsvg 2.44.10-2.1+deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: fix denial of service via "billion laughs" attack [CVE-2019-20446]

Request: 966028

CVEs referenced: CVE-2019-20446

libxml2 2.9.4+dfsg1-7+deb10u1 Installability problems ACCEPTED

Reason: fix denial of service [CVE-2017-18258], NULL pointer dereference [CVE-2018-14404], infinite loop [CVE-2018-14567], memory leak [CVE-2019-19956 CVE-2019-20388], infinite loop [CVE-2020-7595]

Request: 974695

Closes: 895245 901817 949582 949583

CVEs referenced: CVE-2017-18258 CVE-2018-14404 CVE-2018-14567 CVE-2019-19956 CVE-2019-20388 CVE-2020-7595

linux 4.19.160-2 Installability problems ACCEPTED

Reason: net: Disable MLX5_ESWITCH on mips and mipsel (Fixes FTBFS)

µdebs: present

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

linux 4.19.160-1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream stable release

µdebs: present

Closes: 949863 968623 971058

CVEs referenced: CVE-2019-19039 CVE-2019-19377 CVE-2019-19770 CVE-2019-19816 CVE-2020-0423 CVE-2020-14351 CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-25705 CVE-2020-27673 CVE-2020-27675 CVE-2020-27777 CVE-2020-28941 CVE-2020-28974 CVE-2020-4788 CVE-2020-8694

Binary debdiffs: allamd64arm64armelarmhfi386ppc64els390x

Lintian issues: allamd64arm64armelarmhfi386ppc64els390x

linux 4.19.152-1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4774

µdebs: present

Closes: 908712

CVEs referenced: CVE-2020-12351 CVE-2020-12352 CVE-2020-25211 CVE-2020-25643 CVE-2020-25645

linux-latest 105+deb10u8 Installability problems ACCEPTED

Reason: update for 4.19.0-13 kernel ABI

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

linux-latest 105+deb10u7 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4774

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

linux-signed-amd64 4.19.160+2 Installability problems ACCEPTED

Distribution mismatch: buster-proposed-updates

Reason: new upstream stable release

µdebs: present

Binary debdiffs: amd64

Lintian issues: amd64

linux-signed-amd64 4.19.160+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Distribution mismatch: buster-proposed-updates

Reason: new upstream stable release

µdebs: present

Closes: 949863 968623 971058

CVEs referenced: CVE-2019-19039 CVE-2019-19377 CVE-2019-19770 CVE-2019-19816 CVE-2020-0423 CVE-2020-14351 CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-25705 CVE-2020-27673 CVE-2020-27675 CVE-2020-27777 CVE-2020-28941 CVE-2020-28974 CVE-2020-4788 CVE-2020-8694

linux-signed-amd64 4.19.152+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4774

µdebs: present

Closes: 908712

CVEs referenced: CVE-2020-12351 CVE-2020-12352 CVE-2020-25211 CVE-2020-25643 CVE-2020-25645

linux-signed-arm64 4.19.160+2 Installability problems ACCEPTED

Distribution mismatch: buster-proposed-updates

Reason: new upstream stable release

µdebs: present

Binary debdiffs: arm64

Lintian issues: arm64

linux-signed-arm64 4.19.160+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Distribution mismatch: buster-proposed-updates

Reason: new upstream stable release

µdebs: present

Closes: 949863 968623 971058

CVEs referenced: CVE-2019-19039 CVE-2019-19377 CVE-2019-19770 CVE-2019-19816 CVE-2020-0423 CVE-2020-14351 CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-25705 CVE-2020-27673 CVE-2020-27675 CVE-2020-27777 CVE-2020-28941 CVE-2020-28974 CVE-2020-4788 CVE-2020-8694

linux-signed-arm64 4.19.152+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4774

µdebs: present

Closes: 908712

CVEs referenced: CVE-2020-12351 CVE-2020-12352 CVE-2020-25211 CVE-2020-25643 CVE-2020-25645

linux-signed-i386 4.19.160+2 Installability problems ACCEPTED

Distribution mismatch: buster-proposed-updates

Reason: new upstream stable release

µdebs: present

Binary debdiffs: i386

Lintian issues: i386

linux-signed-i386 4.19.160+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Distribution mismatch: buster-proposed-updates

Reason: new upstream stable release

µdebs: present

Closes: 949863 968623 971058

CVEs referenced: CVE-2019-19039 CVE-2019-19377 CVE-2019-19770 CVE-2019-19816 CVE-2020-0423 CVE-2020-14351 CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-25705 CVE-2020-27673 CVE-2020-27675 CVE-2020-27777 CVE-2020-28941 CVE-2020-28974 CVE-2020-4788 CVE-2020-8694

linux-signed-i386 4.19.152+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4774

µdebs: present

Closes: 908712

CVEs referenced: CVE-2020-12351 CVE-2020-12352 CVE-2020-25211 CVE-2020-25643 CVE-2020-25645

lmod 6.6-0.3+deb10u1 Installability problems ACCEPTED

Reason: change architecture to "any" - required due to LUA_PATH and LUA_CPATH being determined at build time

Missing builds: all

Request: 972963

Closes: 951508

mariadb-10.3 1:10.3.27-0+deb10u1 Version problems testing (1:10.3.24-2) Installability problems ACCEPTED

Reason: new upstream stable release; security fixes [CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 CVE-2020-28912]

Request: 975837

Closes: 970681 972780

CVEs referenced: CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 CVE-2020-28912

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

mariadb-10.3 1:10.3.25-0+deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4776

CVEs referenced: CVE-2020-15180

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

mediawiki 1:1.31.10-1~deb10u1 Installability problems ACCEPTED

DSA: 4767

CVEs referenced: CVE-2020-15005 CVE-2020-17367 CVE-2020-17368 CVE-2020-25689 CVE-2020-25812 CVE-2020-25813 CVE-2020-25814 CVE-2020-25827 CVE-2020-25828

Binary debdiffs: all

Lintian issues: all

moin 1.9.9-1+deb10u1 Installability problems ACCEPTED

DSA: 4787

CVEs referenced: CVE-2020-15275 CVE-2020-25074

Binary debdiffs: all

mupdf 1.14.0+ds1-4+deb10u2 Installability problems ACCEPTED

DSA: 4794

Closes: 971595

CVEs referenced: CVE-2020-26519

mutt 1.10.1-2.1+deb10u4 Installability problems ACCEPTED

Reason: ensure IMAP connection is closed after a connection error [CVE-2020-28896]

Request: 975514

CVEs referenced: CVE-2020-28896

neomutt 20180716+dfsg.1-1+deb10u2 Installability problems ACCEPTED

Reason: ensure IMAP connection is closed after a connection error [CVE-2020-28896]

Request: 975616

CVEs referenced: CVE-2020-28896

node-object-path 0.11.4-2+deb10u1 Installability problems ACCEPTED

Reason: fix prototype pollution in set() [CVE-2020-15256]

Request: 972694

CVEs referenced: CVE-2020-15256

node-pathval 1.1.0-3+deb10u1 Installability problems ACCEPTED

Reason: fix prototype pollution [CVE-2020-7751]

Request: 972903

Closes: 972895

CVEs referenced: CVE-2020-7751

okular 4:17.12.2-2.2+deb10u1 Installability problems ACCEPTED

Reason: fix code execution via action link [CVE-2020-9359]

Request: 971866

Closes: 954891

CVEs referenced: CVE-2020-9359

openjdk-11 11.0.9.1+1-1~deb10u2 Installability problems ACCEPTED

Reason: disable tests

Closes: 975728

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: all

openjdk-11 11.0.9.1+1-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream release; fix JVM crash

Request: 975874

Closes: 975728

Binary debdiffs: allamd64arm64armhfi386ppc64els390x

Lintian issues: all

openjdk-11 11.0.9+11-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4779

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: all

openldap 2.4.47+dfsg-3+deb10u4 Installability problems ACCEPTED

DSA: 4792

CVEs referenced: CVE-2020-25709 CVE-2020-25710

openldap 2.4.47+dfsg-3+deb10u3 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4782

pacemaker 2.0.1-5+deb10u1 Installability problems ACCEPTED

DSA: 4791

Closes: 973254

CVEs referenced: CVE-2020-25654

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

partman-auto 149+deb10u1 Installability problems ACCEPTED

Reason: increase /boot sizes in most recipes to between 512 and 768M, to better handle kernel ABI changes and larger initramfses; cap RAM size as used for swap partition calculations, resolving issues on machines with more RAM than disk space

µdebs: only

Closes: 893886 949651 950344 951709

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

pcaudiolib 1.1-3+deb10u1 Installability problems ACCEPTED

Reason: cap cancellation latency to 10ms

Request: 972814

Lintian issues: source

plinth 19.1+deb10u1 Installability problems ACCEPTED

Reason: apache: Disable mod_status [CVE-2020-25073]

Request: 971062

CVEs referenced: CVE-2020-25073

puma 3.12.0-2+deb10u2 Installability problems ACCEPTED

Reason: fix HTTP injection and HTTP smuggling issues [CVE-2020-5247 CVE-2020-5249 CVE-2020-11076 CVE-2020-11077]

Request: 972310

Closes: 952766 953122 972102

CVEs referenced: CVE-2020-11076 CVE-2020-11077 CVE-2020-5247 CVE-2020-5249

Lintian issues: source

python-flask-cors 3.0.7-1+deb10u1 Installability problems ACCEPTED

DSA: 4775

Closes: 969362

CVEs referenced: CVE-2020-25032

Binary debdiffs: all

rails 2:5.2.2.1+dfsg-1+deb10u2 Installability problems ACCEPTED

DSA: 4766

CVEs referenced: CVE-2020-15169 CVE-2020-8162 CVE-2020-8164 CVE-2020-8165 CVE-2020-8166 CVE-2020-8167

raptor2 2.0.14-1.1~deb10u1 Installability problems ACCEPTED

DSA: 4785

Closes: 973889

CVEs referenced: CVE-2017-18926

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

Lintian issues: source

ros-ros-comm 1.14.3+ds1-5+deb10u2 Installability problems ACCEPTED

Reason: fix integer overflow [CVE-2020-16124]

Request: 972351

CVEs referenced: CVE-2020-16124

Lintian issues: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

ruby2.5 2.5.5-3+deb10u3 Installability problems ACCEPTED

Reason: fix potential HTTP request smuggling vulnerability in WEBrick [CVE-2020-25613]

Request: 972161

CVEs referenced: CVE-2020-25613

sddm 0.18.0-1+deb10u1 Installability problems ACCEPTED

DSA: 4783

Closes: 973748

CVEs referenced: CVE-2020-28049

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

sleuthkit 4.6.5-1+deb10u1 Installability problems ACCEPTED

Reason: fix stack buffer overflow in yaffsfs_istat [CVE-2020-10232]

Request: 970655

Closes: 953976

CVEs referenced: CVE-2020-10232

Binary debdiffs: amd64arm64mipsmips64elmipselppc64el

spice 0.14.0-1.3+deb10u1 Installability problems ACCEPTED

DSA: 4771

CVEs referenced: CVE-2020-14355

spip 3.2.4-1+deb10u3 Installability problems ACCEPTED

DSA: 4798

Lintian issues: source

sqlite3 3.27.2-3+deb10u1 Installability problems ACCEPTED

Reason: fix division by zero [CVE-2019-16168], NULL pointer dereference [CVE-2019-19923], mishandling of NULL pathname during an update of a ZIP archive [CVE-2019-19925], mishandling of embedded NULs in filenames [CVE-2019-19959], possible crash with stacking unwinding [CVE-2019-20218], integer overflow [CVE-2020-13434], segmentation fault [CVE-2020-13435], use-after-free issue [CVE-2020-13630], NULL pointer dereference [CVE-2020-13632], heap overflow [CVE-2020-15358]

Request: 972115

CVEs referenced: CVE-2019-16168 CVE-2019-19923 CVE-2019-19925 CVE-2019-19959 CVE-2019-20218 CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13632 CVE-2020-15358

systemd 241-7~deb10u5 Installability problems ACCEPTED

Reason: basic/cap-list: parse/print numerical capabilities; recognise new capabilities from Linux kernel 5.8; networkd: do not generate MAC for bridge device

Request: 972839

µdebs: present

Closes: 963488 964926

tbsync 2.18-1~deb10u1 Installability problems ACCEPTED

Reason: new upstream release, compatible with newer Thunderbird versions

Request: 971807

Binary debdiffs: all

Lintian issues: source

tbsync 2.16.1-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream release, compatible with newer Thunderbird versions

Request: 971807

Closes: 971807

tcpdump 4.9.3-1~deb10u2 Installability problems ACCEPTED

Reason: fix untrusted input issue in the PPP printer [CVE-2020-8037]

Request: 973917

Closes: 973877

CVEs referenced: CVE-2020-8037

Lintian issues: source

thunderbird 1:78.5.0-1~deb10u1 Installability problems ACCEPTED

Missing builds: armel armhf

DSA: 4796

thunderbird 1:78.4.2-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4790

Closes: 973660

Lintian issues: s390x

thunderbird 1:78.4.0-1~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4780

Binary debdiffs: allamd64arm64i386mips64elppc64el

Lintian issues: amd64arm64i386mips64elppc64el

thunderbird 1:78.3.1-2~deb10u2 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4770

Binary debdiffs: allamd64arm64i386mips64elppc64el

Lintian issues: amd64arm64i386mips64elppc64el

thunderbird 1:78.3.1-2~deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 4770

Binary debdiffs: all

tigervnc 1.9.0+dfsg-3+deb10u3 Installability problems ACCEPTED

Reason: properly store certificate exceptions in native and java VNC viewer [CVE-2020-26117]

Request: 971392

Closes: 971272

CVEs referenced: CVE-2020-26117

tor 0.3.5.12-1 Installability problems ACCEPTED

Reason: new upstream stable release; multiple security, usability, portability, and reliability fixes

Request: 975297

Lintian issues: allsource

transmission 2.94-2+deb10u2 Installability problems ACCEPTED

Reason: fix memory leak

Request: 971915

Closes: 968097

tzdata 2020d-0+deb10u1 Installability problems ACCEPTED

Reason: new upstream release

tzdata 2020b-0+deb10u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream release

Request: 972001

ublock-origin 1.30.0+dfsg-1~deb10u1 Installability problems ACCEPTED

Reason: new upstream version; split plugin to browser-specific packages

Request: 973695

Binary debdiffs: all

Lintian issues: allsource

vips 8.7.4-1+deb10u1 Installability problems ACCEPTED

Reason: fix use of uninitialised variable [CVE-2020-20739]

Request: 976019

CVEs referenced: CVE-2020-20739

wordpress 5.0.11+dfsg1-0+deb10u1 Installability problems ACCEPTED

DSA: 4784

Closes: 971914 973562

CVEs referenced: CVE-2020-28032 CVE-2020-28033 CVE-2020-28034 CVE-2020-28035 CVE-2020-28036 CVE-2020-28037 CVE-2020-28038 CVE-2020-28039 CVE-2020-28040

x11vnc 0.9.13-6+deb10u1 Installability problems ACCEPTED

DSA: 4799

Closes: 975875

CVEs referenced: CVE-2020-29074

Binary debdiffs: amd64arm64armelarmhfi386mipsmips64elmipselppc64els390x

xen 4.11.4+37-g3263f257ca-1 Installability problems ACCEPTED

DSA: 4769

CVEs referenced: CVE-2020-25595 CVE-2020-25596 CVE-2020-25597 CVE-2020-25599 CVE-2020-25600 CVE-2020-25601 CVE-2020-25602 CVE-2020-25603 CVE-2020-25604

yaws 2.0.6+dfsg-1+deb10u1 Installability problems ACCEPTED

DSA: 4773

CVEs referenced: CVE-2020-24379 CVE-2020-24916

Binary debdiffs: allamd64arm64armelarmhfi386mipsmips64elmipselppc64els390x