Queue Overview for "proposed-updates"

Lintian issues: source

CVEs referenced: CVE-2026-25635 CVE-2026-25636 CVE-2026-25731 CVE-2026-26064 CVE-2026-26065 CVE-2026-27810 CVE-2026-27824

Lintian issues: source

DSA: 6214

CVEs referenced: CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6299 CVE-2026-6300 CVE-2026-6301 CVE-2026-6302 CVE-2026-6303 CVE-2026-6304 CVE-2026-6305 CVE-2026-6306 CVE-2026-6307 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6318 CVE-2026-6319 CVE-2026-6358 CVE-2026-6359 CVE-2026-6360 CVE-2026-6361 CVE-2026-6362 CVE-2026-6363 CVE-2026-6364

Lintian issues: source

DSA: 6205

Closes: 1132651

CVEs referenced: CVE-2026-5858 CVE-2026-5859 CVE-2026-5860 CVE-2026-5861 CVE-2026-5862 CVE-2026-5863 CVE-2026-5864 CVE-2026-5865 CVE-2026-5866 CVE-2026-5867 CVE-2026-5868 CVE-2026-5869 CVE-2026-5870 CVE-2026-5871 CVE-2026-5872 CVE-2026-5873 CVE-2026-5874 CVE-2026-5875 CVE-2026-5876 CVE-2026-5877 CVE-2026-5878 CVE-2026-5879 CVE-2026-5880 CVE-2026-5881 CVE-2026-5882 CVE-2026-5883 CVE-2026-5884 CVE-2026-5885 CVE-2026-5886 CVE-2026-5887 CVE-2026-5888 CVE-2026-5889 CVE-2026-5890 CVE-2026-5891 CVE-2026-5892 CVE-2026-5893 CVE-2026-5894 CVE-2026-5895 CVE-2026-5896 CVE-2026-5897 CVE-2026-5898 CVE-2026-5899 CVE-2026-5900 CVE-2026-5901 CVE-2026-5902 CVE-2026-5903 CVE-2026-5904 CVE-2026-5905 CVE-2026-5906 CVE-2026-5907 CVE-2026-5908 CVE-2026-5909 CVE-2026-5910 CVE-2026-5911 CVE-2026-5912 CVE-2026-5913 CVE-2026-5914 CVE-2026-5915 CVE-2026-5918 CVE-2026-5919

Lintian issues: source

Reason: waiting for confirmation from maintainer

Closes: 1118629 1123025

CVEs referenced: CVE-2025-68920

Reason: fixme

Closes: 1132026

Lintian issues: source

no bug filed
         

Closes: 1128651 1130912

CVEs referenced: CVE-2026-21620 CVE-2026-23941 CVE-2026-23942 CVE-2026-23943

Lintian issues: source

Closes: 1112191 1121299

CVEs referenced: CVE-2025-4478 CVE-2026-22851 CVE-2026-22852 CVE-2026-22853 CVE-2026-22854 CVE-2026-22855 CVE-2026-22856 CVE-2026-22857 CVE-2026-22858 CVE-2026-22859 CVE-2026-23530 CVE-2026-23531 CVE-2026-23532 CVE-2026-23533 CVE-2026-23534 CVE-2026-23732 CVE-2026-23883 CVE-2026-23884 CVE-2026-23948 CVE-2026-24491 CVE-2026-24675 CVE-2026-24676 CVE-2026-24677 CVE-2026-24678 CVE-2026-24679 CVE-2026-24680 CVE-2026-24681 CVE-2026-24682 CVE-2026-24683 CVE-2026-24684 CVE-2026-25941 CVE-2026-25942 CVE-2026-25952 CVE-2026-25953 CVE-2026-25954 CVE-2026-25955 CVE-2026-25959 CVE-2026-25997 CVE-2026-26271 CVE-2026-26955 CVE-2026-26965 CVE-2026-26986 CVE-2026-27015

Closes: 1131274

CVEs referenced: CVE-2026-34881

µdebs: present

CVEs referenced: CVE-2026-4878

Closes: 1129256

CVEs referenced: CVE-2024-36600

CVEs referenced: CVE-2026-40198 CVE-2026-40199

Closes: 1132016 1132017

CVEs referenced: CVE-2026-32853 CVE-2026-32854

DSA: 6217

DSA: 6218

Closes: 1133189

CVEs referenced: CVE-2026-3308

Binary debdiffs: i386s390x

CVEs referenced: CVE-2026-27651 CVE-2026-27654 CVE-2026-27784 CVE-2026-28753 CVE-2026-28755 CVE-2026-32647

CVEs referenced: CVE-2025-59420 CVE-2025-61920 CVE-2025-62706 CVE-2025-68158

Closes: 1117858 1117859

CVEs referenced: CVE-2025-61911 CVE-2025-61912

Closes: 1124764 1126740 1126745 1126762 1126780 1126787

CVEs referenced: CVE-2025-11468 CVE-2025-12084 CVE-2025-13462 CVE-2025-13836 CVE-2025-13837 CVE-2025-15282 CVE-2025-6069 CVE-2025-6075 CVE-2025-8194 CVE-2025-8291 CVE-2026-0672 CVE-2026-0865 CVE-2026-1299 CVE-2026-2297

DSA: 6211

Lintian issues: i386riscv64source

Closes: 1128785 1129310 1129311 1129312 1129314 1129315

CVEs referenced: CVE-2026-2913 CVE-2026-3145 CVE-2026-3146 CVE-2026-3147 CVE-2026-3281 CVE-2026-3282 CVE-2026-3283 CVE-2026-3284

Reason: prevent command injection [CVE-2025-63261]

Request: 1132727

Closes: 1131878

CVEs referenced: CVE-2025-63261

Binary debdiffs: all

Lintian issues: all

Reason: fix loading pygments CSS

Request: 1129951

Closes: 1124997

Binary debdiffs: all

DSA: 6181

CVEs referenced: CVE-2026-1519 CVE-2026-3104 CVE-2026-3119 CVE-2026-3591

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Lintian issues: amd64arm64armelarmhfi386ppc64elriscv64s390x

DSA: 6192

CVEs referenced: CVE-2026-5272 CVE-2026-5273 CVE-2026-5274 CVE-2026-5275 CVE-2026-5276 CVE-2026-5277 CVE-2026-5278 CVE-2026-5279 CVE-2026-5280 CVE-2026-5281 CVE-2026-5282 CVE-2026-5283 CVE-2026-5284 CVE-2026-5285 CVE-2026-5286 CVE-2026-5287 CVE-2026-5288 CVE-2026-5289 CVE-2026-5290 CVE-2026-5291 CVE-2026-5292

Lintian issues: source

This upload was superseded by a more current one.

DSA: 6177

CVEs referenced: CVE-2026-4673 CVE-2026-4674 CVE-2026-4675 CVE-2026-4676 CVE-2026-4677 CVE-2026-4678 CVE-2026-4679 CVE-2026-4680

This upload was superseded by a more current one.

DSA: 6171

Closes: 1130569

CVEs referenced: CVE-2026-4439 CVE-2026-4440 CVE-2026-4441 CVE-2026-4442 CVE-2026-4443 CVE-2026-4444 CVE-2026-4445 CVE-2026-4446 CVE-2026-4447 CVE-2026-4448 CVE-2026-4449 CVE-2026-4450 CVE-2026-4451 CVE-2026-4452 CVE-2026-4453 CVE-2026-4454 CVE-2026-4455 CVE-2026-4456 CVE-2026-4457 CVE-2026-4458 CVE-2026-4459 CVE-2026-4460 CVE-2026-4461 CVE-2026-4462 CVE-2026-4463 CVE-2026-4464

This upload was superseded by a more current one.

DSA: 6165

CVEs referenced: CVE-2026-3909 CVE-2026-3910

This upload was superseded by a more current one.

DSA: 6164

CVEs referenced: CVE-2026-3913 CVE-2026-3914 CVE-2026-3915 CVE-2026-3916 CVE-2026-3917 CVE-2026-3918 CVE-2026-3919 CVE-2026-3920 CVE-2026-3921 CVE-2026-3922 CVE-2026-3923 CVE-2026-3924 CVE-2026-3925 CVE-2026-3926 CVE-2026-3927 CVE-2026-3928 CVE-2026-3929 CVE-2026-3930 CVE-2026-3931 CVE-2026-3932 CVE-2026-3934 CVE-2026-3935 CVE-2026-3936 CVE-2026-3937 CVE-2026-3938 CVE-2026-3939 CVE-2026-3940 CVE-2026-3941 CVE-2026-3942

Binary debdiffs: amd64armhfi386

Lintian issues: amd64arm64armhfi386ppc64el

Reason: rebuild with updated openssl

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Reason: rebuild with updated incus

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

DSA: 6197

CVEs referenced: CVE-2025-59028 CVE-2025-59031 CVE-2025-59032 CVE-2026-24031 CVE-2026-27855 CVE-2026-27856 CVE-2026-27857 CVE-2026-27858 CVE-2026-27859 CVE-2026-27860

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Reason: ignore certificate purpose for incoming s2s connections

Request: 1130812

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Reason: rebuild with updated ejabberd

Request: 1130815

Binary debdiffs: allamd64arm64armelarmhfi386ppc64elriscv64s390x

Reason: accept client certificates without sslpurpose flag

Request: 1130813

Closes: 1127369

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Reason: ensure compatibility with Python 3.13

Request: 1130050

Closes: 1118778

Binary debdiffs: all

Lintian issues: source

DSA: 6202

CVEs referenced: CVE-2026-5731 CVE-2026-5732 CVE-2026-5734

Lintian issues: armhfi386riscv64source

This upload was superseded by a more current one.

DSA: 6178

CVEs referenced: CVE-2025-59375 CVE-2026-4684 CVE-2026-4685 CVE-2026-4686 CVE-2026-4688 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695 CVE-2026-4696 CVE-2026-4697 CVE-2026-4698 CVE-2026-4699 CVE-2026-4700 CVE-2026-4701 CVE-2026-4702 CVE-2026-4704 CVE-2026-4705 CVE-2026-4706 CVE-2026-4707 CVE-2026-4708 CVE-2026-4709 CVE-2026-4710 CVE-2026-4713 CVE-2026-4714 CVE-2026-4715 CVE-2026-4716 CVE-2026-4717 CVE-2026-4718 CVE-2026-4719 CVE-2026-4720 CVE-2026-4721

Lintian issues: armhfi386riscv64

DSA: 6207

Closes: 1132943 1132944 1132945 1132946

CVEs referenced: CVE-2026-34078 CVE-2026-34079

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Lintian issues: source

DSA: 6173

CVEs referenced: CVE-2026-33250

Binary debdiffs: armelarmhfi386

DSA: 6168

µdebs: present

Closes: 1129606

CVEs referenced: CVE-2026-23865

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

DSA: 6206

µdebs: present

Closes: 1132501

CVEs referenced: CVE-2026-5201

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

DSA: 6215

CVEs referenced: CVE-2026-4150 CVE-2026-4151 CVE-2026-4152 CVE-2026-4153

Reason: fix timezone handling with Debian & Ubuntu's symlinks; fix missing input validation in g_buffered_input_stream_peek [CVE-2026-0988]; fix integer overflow in base64 encoding [CVE-2026-1484]; fix buffer underflow vulnerability in content type parsing [CVE-2026-1485]; fix integer overflow in unicode conversion [CVE-2026-1489]

Request: 1128227

µdebs: present

Closes: 1119919 1125752 1126549 1126550 1126551

CVEs referenced: CVE-2026-0988 CVE-2026-1484 CVE-2026-1485 CVE-2026-1489

Lintian issues: source

Reason: Preserve extension order across client Hello retry

Request: 1130735

Closes: 1130152

DSA: 6190

CVEs referenced: CVE-2026-2923 CVE-2026-3081 CVE-2026-3082 CVE-2026-3084 CVE-2026-3086

Binary debdiffs: i386s390x

DSA: 6167

CVEs referenced: CVE-2026-2921

DSA: 6191

CVEs referenced: CVE-2026-2920 CVE-2026-2922

Binary debdiffs: s390x

Reason: use control connection address for PASV data [CVE-2026-28295]; reject paths containing CR/LF characters [CVE-2026-28296]

Request: 1132174

Closes: 1129285 1129286

CVEs referenced: CVE-2026-28295 CVE-2026-28296

Reason: fix memory leak in heimdal-clients; add build dependency on libcrypt-dev

Request: 1130553

Closes: 1102912 1130242

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Lintian issues: amd64arm64armelarmhfi386ppc64elriscv64s390x

DSA: 6169

CVEs referenced: CVE-2026-28493 CVE-2026-28494 CVE-2026-28686 CVE-2026-28687 CVE-2026-28688 CVE-2026-28689 CVE-2026-28690 CVE-2026-28691 CVE-2026-28692 CVE-2026-28693 CVE-2026-30883 CVE-2026-30929 CVE-2026-30931 CVE-2026-30935 CVE-2026-30936 CVE-2026-30937 CVE-2026-31853 CVE-2026-32259

Binary debdiffs: i386s390x

This upload was superseded by a more current one.

DSA: 6158

CVEs referenced: CVE-2026-24481 CVE-2026-24484 CVE-2026-24485 CVE-2026-25576 CVE-2026-25637 CVE-2026-25638 CVE-2026-25794 CVE-2026-25795 CVE-2026-25796 CVE-2026-25797 CVE-2026-25798 CVE-2026-25799 CVE-2026-25897 CVE-2026-25898 CVE-2026-25965 CVE-2026-25966 CVE-2026-25967 CVE-2026-25968 CVE-2026-25969 CVE-2026-25970 CVE-2026-25971 CVE-2026-25982 CVE-2026-25983 CVE-2026-25985 CVE-2026-25986 CVE-2026-25987 CVE-2026-25988 CVE-2026-25989 CVE-2026-26066 CVE-2026-26283 CVE-2026-26284 CVE-2026-26983 CVE-2026-27798 CVE-2026-27799

DSA: 6212

CVEs referenced: CVE-2026-34178 CVE-2026-34179

This upload was superseded by a more current one.

DSA: 6184

CVEs referenced: CVE-2026-28384 CVE-2026-33542 CVE-2026-33743 CVE-2026-33897

Binary debdiffs: alli386s390x

DSA: 6193

Closes: 1130741 1130742

CVEs referenced: CVE-2026-24061 CVE-2026-32746 CVE-2026-32772

Binary debdiffs: arm64

Reason: update to database 2026a

Request: 1131470

DSA: 6189

µdebs: present

Closes: 1132012 1132013

CVEs referenced: CVE-2026-33416 CVE-2026-33636

Lintian issues: amd64arm64armelarmhfi386ppc64elriscv64s390x

Reason: add dependency on dvipng/dvisvgm

Request: 1130821

Binary debdiffs: all

DSA: 6182

Closes: 378412

CVEs referenced: CVE-2006-10002 CVE-2006-10003

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

DSA: 6175

CVEs referenced: CVE-2026-4177

DSA: 6162

µdebs: present

Binary debdiffs: allamd64arm64armelarmhfi386ppc64elriscv64s390x

Lintian issues: amd64arm64armelarmhfppc64elriscv64s390xsource

DSA: 6162

µdebs: present

Binary debdiffs: amd64

Lintian issues: amd64source

DSA: 6162

µdebs: present

Binary debdiffs: arm64

Lintian issues: arm64source

DSA: 6213

CVEs referenced: CVE-2026-34177 CVE-2026-34178 CVE-2026-34179

Lintian issues: all

This upload was superseded by a more current one.

DSA: 6188

CVEs referenced: CVE-2026-28384 CVE-2026-33542 CVE-2026-33897

Binary debdiffs: alli386s390x

Lintian issues: all

Reason: add django.contrib.humanize to recommended apps in sample config

Request: 1120015

Closes: 1116708

Binary debdiffs: all

DSA: 6208

CVEs referenced: CVE-2026-34086 CVE-2026-34087 CVE-2026-34088 CVE-2026-34089 CVE-2026-34090 CVE-2026-34091 CVE-2026-34092 CVE-2026-34093 CVE-2026-34094 CVE-2026-34095 CVE-2026-5266

Binary debdiffs: all

Lintian issues: allsource

DSA: 6161

CVEs referenced: CVE-2026-28356

Reason: fix Opus buffer overrun leading to crash

Request: 1131017

Closes: 1129178

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Reason: fix authentication in complex AD environments

Request: 1117453

Closes: 1111652

DSA: 6160

Closes: 1111105 1113994 1118282 1123606

CVEs referenced: CVE-2025-55163 CVE-2025-58056 CVE-2025-58057 CVE-2025-59419 CVE-2025-67735

Binary debdiffs: all

Lintian issues: source

Reason: fix builds with OpenSSL 3

Request: 1131339

Closes: 1117354

Reason: properly sanitize absolute linkpaths [CVE-2026-23745]; normalize out unicode ligatures [CVE-2026-23950]; properly sanitize hard links containing '..' [CVE-2026-24842]; prevent hardlinking to files outside the extraction root [CVE-2026-26960]; strip leading '/' before sanitizing '..' [CVE-2026-29786]; prevent escaping symlinks with drive-relative paths [CVE-2026-31802]

Request: 1131776

Closes: 1129378

CVEs referenced: CVE-2026-23745 CVE-2026-23950 CVE-2026-24842 CVE-2026-26960 CVE-2026-29786 CVE-2026-31802

Binary debdiffs: all

DSA: 6183

CVEs referenced: CVE-2026-21637 CVE-2026-21710 CVE-2026-21713 CVE-2026-21714 CVE-2026-21715 CVE-2026-21716 CVE-2026-21717

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Lintian issues: allamd64arm64armelarmhfi386ppc64elriscv64s390xsource

This upload was superseded by a more current one.

DSA: 6166

CVEs referenced: CVE-2025-23085 CVE-2025-55130 CVE-2025-55131 CVE-2025-55132 CVE-2025-59465 CVE-2025-59466 CVE-2026-21637

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

DSA: 6216

DSA: 6204

µdebs: present

Closes: 1130595

CVEs referenced: CVE-2026-3497

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Lintian issues: source

DSA: 6201

µdebs: present

Closes: 1130650

CVEs referenced: CVE-2026-2673 CVE-2026-28387 CVE-2026-28389 CVE-2026-28390 CVE-2026-31789 CVE-2026-31790

Reason: cell-broadcast-prompt: close dialog on swipe; strip whitespace; wifi-network: don't unconditionally overwrite active access point; don't set active indicator visible

Request: 1132011

Reason: fix DisallowedRawHtml bypass via newline/tab in tag names [CVE-2026-30838]; fix DomainFilteringAdapter hostname boundary bypass [CVE-2026-33347]

Request: 1132185

CVEs referenced: CVE-2026-30838 CVE-2026-33347

DSA: 6186

Closes: 1131483

CVEs referenced: CVE-2026-32935

DSA: 6187

Closes: 1131482

CVEs referenced: CVE-2026-32935

DSA: 6185

Closes: 1131485

CVEs referenced: CVE-2026-32935

DSA: 6194

Closes: 1131371

CVEs referenced: CVE-2026-30922

Reason: improve safety of 'pymupdf embed-extract' when dealing with existing files [CVE-2026-3029]

Request: 1131610

CVEs referenced: CVE-2026-3029

Binary debdiffs: i386s390x

Reason: fix compaibility with Python 3.11+

Request: 1132590

Closes: 1132009

Binary debdiffs: all

DSA: 6195

CVEs referenced: CVE-2025-67725

Reason: fix builds of CKEditor when firefox is >= 148

Request: 1130053

Closes: 1129090

Lintian issues: source

DSA: 6196

Closes: 1131182 1132268

CVEs referenced: CVE-2026-35537 CVE-2026-35538 CVE-2026-35539 CVE-2026-35540 CVE-2026-35541 CVE-2026-35542 CVE-2026-35543 CVE-2026-35544 CVE-2026-35545

DSA: 6180

Closes: 1128479 1128480

CVEs referenced: CVE-2026-22860 CVE-2026-25500

Binary debdiffs: all

Lintian issues: source

Reason: new upstream release; build with default gcc; set SBAT revocation level to 2025021800

Missing lock-step packages: shim-helpers-amd64-signed shim-helpers-arm64-signed shim-signed

Request: 1131861

Lintian issues: source

DSA: 6170

Closes: 1131120

CVEs referenced: CVE-2026-3888

Lintian issues: amd64arm64armelarmhfi386ppc64elriscv64s390x

DSA: 6174

DSA: 6176

CVEs referenced: CVE-2026-25075

Lintian issues: amd64arm64armelarmhfi386ppc64elriscv64s390xsource

Reason: add link check to address [CVE-2021-37746]

Request: 1130207

CVEs referenced: CVE-2021-37746

DSA: 6179

Lintian issues: i386riscv64source

DSA: 6203

Closes: 1132632

CVEs referenced: CVE-2026-4775

Lintian issues: amd64arm64armelarmhfi386ppc64elriscv64s390x

DSA: 6200

Binary debdiffs: all

Reason: never try TLS to reach root nameservers

Request: 1130863

Closes: 1129922

Lintian issues: amd64arm64armelarmhfi386ppc64elriscv64s390x

Reason: rebuild with updated Linux

Binary debdiffs: amd64i386

DSA: 6198

Closes: 1130911

CVEs referenced: CVE-2025-67733 CVE-2026-21863

Lintian issues: source

DSA: 6172

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x

Lintian issues: source

DSA: 6209

Closes: 1132939

CVEs referenced: CVE-2026-34080

Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x