Queue Overview for "proposed-updates"

TODO items

List of missing builds
List of missing packages relative to security archive

Resolution Pending (8 uploads for 8 packages)

PackageVersionVersion ProblemsInstallability ProblemsArchitecturesAction
apt1.4.8 Installability ProblemsBuilt:source ?

Closes: 839259

asterisk1:13.14.1~dfsg-2+deb9u1 Installability Problemsarm64 armel armhf i386 mips mips64el mipsel ppc64el s390xBuilt:all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x source ?

Reason: security update

DSA: 3964

Closes: 873907 873908

CVEs referenced: CVE-2017-14099 CVE-2017-14100

Binary debdiffs: arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

expat2.2.0-2+deb9u1 Installability ProblemsBuilt:amd64 armel armhf i386 mips mipsel ppc64el s390x source Missing:arm64 mips64el Ok

Reason: security update

DSA: 3898

µdebs: present

CVEs referenced: CVE-2016-9063 CVE-2017-9233

Lintian issues: i386

ffmpeg7:3.2.7-1~deb9u1 Installability ProblemsBuilt:arm64 armel armhf mips64el mipsel ppc64el s390x source Missing:all amd64 i386 mips Ok

Reason: security update

DSA: 3957

CVEs referenced: CVE-2016-11399 CVE-2017-11665 CVE-2017-11719 CVE-2017-9608 CVE-2017-9993

Binary debdiffs: arm64 armel armhf mips64el mipsel ppc64el s390x

icedove1:52.3.0-4~deb9u1 Installability ProblemsBuilt:all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x source ?

Reason: security update

DSA: 3968

Binary debdiffs: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x source

libwpd0.10.1-5+deb9u1 Installability ProblemsBuilt:source ?

Closes: 876001

opendkim2.11.0~alpha-10+deb9u1 Installability ProblemsBuilt:amd64 source ?

Closes: 864162

Lintian issues: amd64

qemu1:2.8+dfsg-6+deb9u2 Installability ProblemsBuilt:amd64 armel armhf i386 mips mips64el mipsel ppc64el source Missing:arm64 s390x Ok

Reason: security update

DSA: 3925

Closes: 865755 867751 869171 869173 869945

CVEs referenced: CVE-2017-10806 CVE-2017-10911 CVE-2017-11334 CVE-2017-11434 CVE-2017-9375 CVE-2017-9524

Binary debdiffs: amd64 armel armhf i386 mips mipsel ppc64el

Pending Processing (0 uploads for 0 packages)

Processed (122 uploads for 111 packages)

PackageVersionVersion ProblemsInstallability ProblemsAction
aodh3.0.0-4+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3953

Closes: 872605

CVEs referenced: CVE-2017-12440

apache22.4.25-3+deb9u3 Installability ProblemsACCEPTED

Reason: security update

DSA: 3980

Closes: 876109

CVEs referenced: CVE-2017-9798

apache22.4.25-3+deb9u2 Installability ProblemsACCEPTED

This upload was superseded by a more current one.

Reason: security update

DSA: 3913

CVEs referenced: CVE-2017-9788

at-spi2-core2.22.0-6+deb9u1 Installability ProblemsACCEPTED

Reason: fix crash on switching windows

Missing builds: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

µdebs: present

Closes: 872912

atril1.16.1-2+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3916

Closes: 868500

CVEs referenced: CVE-2017-1000083

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

augeas1.8.0-1+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3949

Closes: 872400

CVEs referenced: CVE-2017-7555

bareos16.2.4-3+deb9u1 Installability ProblemsACCEPTED

Reason: fix permissions of bareos-dir logrotate config on upgrade; fix file corruption when using SHA1 signature

Closes: 864926 869608

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

bind91:9.10.3.dfsg.P4-12.3+deb9u3 Installability ProblemsACCEPTED

Reason: import upcoming DNSSEC KSK-2017

µdebs: present

bind91:9.10.3.dfsg.P4-12.3+deb9u2 Installability ProblemsACCEPTED

This upload was superseded by a more current one.

Reason: security update

DSA: 3904

µdebs: present

CVEs referenced: CVE-2017-3142

bluez5.43-2+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3972

Closes: 875633

CVEs referenced: CVE-2017-1000250

bridge-utils1.5-13+deb9u1 Installability ProblemsACCEPTED

Reason: fix a problem with some vlan interfaces not being created

Closes: 866687

catdoc1:0.94.3~git20160113.dbc9ec6+dfsg-1+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3917

Closes: 867717

CVEs referenced: CVE-2017-11110

chromium-browser60.0.3112.78-1~deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3926

CVEs referenced: CVE-2017-5087 CVE-2017-5088 CVE-2017-5089 CVE-2017-5091 CVE-2017-5092 CVE-2017-5093 CVE-2017-5094 CVE-2017-5095 CVE-2017-5096 CVE-2017-5097 CVE-2017-5098 CVE-2017-5099 CVE-2017-5100 CVE-2017-5101 CVE-2017-5102 CVE-2017-5103 CVE-2017-5104 CVE-2017-5105 CVE-2017-5106 CVE-2017-5107 CVE-2017-5108 CVE-2017-5109 CVE-2017-5110 CVE-2017-7000

Binary debdiffs: all amd64 arm64 armhf i386

Lintian issues: amd64 arm64 armhf i386 source

chrony3.0-4+deb9u1 Installability ProblemsACCEPTED

Reason: do not pass 'burst' command to chronyc

Closes: 868491

connman1.33-3+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3956

Closes: 872844

CVEs referenced: CVE-2017-12865

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

cvs2:1.12.13+real-22+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3940

Closes: 871810

CVEs referenced: CVE-2017-12836

cvxopt1.1.4-1.5+deb9u1 Installability ProblemsACCEPTED

Reason: remove the unneccessary and non-working compatibility layer for lpx_main()

Closes: 840159

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

db5.35.3.28-12+b2 Installability ProblemsACCEPTED

Reason: rebuild with new sbuild to fix changelog date

Closes: 806012

dbus1.10.22-0+deb9u1 Installability ProblemsACCEPTED

Reason: new upstream stable release

µdebs: present

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: mips mips64el mipsel

desktop-base9.0.2+deb9u1 Installability ProblemsACCEPTED

Reason: fix XML syntax errors in gnome wallpaper description files making Joy wallpapers unavailable by default; ensure postinst doesn’t fail on upgrade even when an incomplete theme pack is active

Closes: 858643 862228

Binary debdiffs: all

dns-root-data2017072601~deb9u1 Installability ProblemsACCEPTED

Reason: update root.hints to 2017072601 version; change the state of KSK-2017 to VALID

dnsdist1.1.0-2+deb9u1 Installability ProblemsACCEPTED

Reason: security fixes [CVE-2016-7069 CVE-2017-7557]

Closes: 872854

CVEs referenced: CVE-2016-7069 CVE-2017-7557

dnsviz0.6.4-1+deb9u1 Installability ProblemsACCEPTED

Reason: cherry-pick upstream fixes related to root.hints and root.keys changes

emacs2424.5+1-11+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3970

emacs2525.1+1-4+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3975

Closes: 875447

erlang-p1-tls1.0.7-2+deb9u1 Installability ProblemsACCEPTED

Reason: fix ECDH curves

Closes: 871264

evolution3.22.6-1+deb9u1 Installability ProblemsACCEPTED

Reason: fix hangs on right click in composer window

Missing builds: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Closes: 871626

expect5.45-7+deb9u1 Installability ProblemsACCEPTED

Reason: properly check for EOF, to avoid losing input

fife0.4.0-3+deb9u1 Installability ProblemsACCEPTED

Reason: fix memory leak

Closes: 871782

file1:5.30-1+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3965

CVEs referenced: CVE-2017-1000249

Binary debdiffs: all

firefox-esr52.3.0esr-1~deb9u1 Installability ProblemsupgradeACCEPTED

Reason: security update

DSA: 3928

Closes: 865650

CVEs referenced: CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7807

Binary debdiffs: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x source

firefox-esr52.2.0esr-1~deb9u1 Installability ProblemsACCEPTED

This upload was superseded by a more current one.

Reason: security update

DSA: 3881

Closes: 726230 812493 821952 822807 824784 832297 832298 832301 833719 836533 838478 838902 838911 850265 850720 852009 854258 854397 854640 857281

CVEs referenced: CVE-2016-0718 CVE-2016-2804 CVE-2016-2806 CVE-2016-2807 CVE-2016-2808 CVE-2016-2811 CVE-2016-2812 CVE-2016-2814 CVE-2016-2815 CVE-2016-2816 CVE-2016-2817 CVE-2016-2818 CVE-2016-2819 CVE-2016-2820 CVE-2016-2821 CVE-2016-2822 CVE-2016-2825 CVE-2016-2827 CVE-2016-2828 CVE-2016-2829 CVE-2016-2830 CVE-2016-2831 CVE-2016-2832 CVE-2016-2833 CVE-2016-2835 CVE-2016-2836 CVE-2016-2837 CVE-2016-2838 CVE-2016-2839 CVE-2016-5250 CVE-2016-5251 CVE-2016-5252 CVE-2016-5254 CVE-2016-5255 CVE-2016-5256 CVE-2016-5257 CVE-2016-5258 CVE-2016-5259 CVE-2016-5260 CVE-2016-5261 CVE-2016-5262 CVE-2016-5263 CVE-2016-5264 CVE-2016-5265 CVE-2016-5266 CVE-2016-5268 CVE-2016-5270 CVE-2016-5271 CVE-2016-5272 CVE-2016-5273 CVE-2016-5274 CVE-2016-5275 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-5279 CVE-2016-5280 CVE-2016-5281 CVE-2016-5282 CVE-2016-5283 CVE-2016-5284 CVE-2016-5287 CVE-2016-5288 CVE-2016-5289 CVE-2016-5290 CVE-2016-5291 CVE-2016-5292 CVE-2016-5296 CVE-2016-5297 CVE-2016-9063 CVE-2016-9064 CVE-2016-9066 CVE-2016-9067 CVE-2016-9068 CVE-2016-9070 CVE-2016-9071 CVE-2016-9073 CVE-2016-9075 CVE-2016-9076 CVE-2016-9077 CVE-2016-9078 CVE-2016-9079 CVE-2016-9080 CVE-2016-9893 CVE-2016-9894 CVE-2016-9895 CVE-2016-9896 CVE-2016-9897 CVE-2016-9898 CVE-2016-9899 CVE-2016-9900 CVE-2016-9901 CVE-2016-9902 CVE-2016-9903 CVE-2016-9904 CVE-2017-5373 CVE-2017-5374 CVE-2017-5375 CVE-2017-5376 CVE-2017-5377 CVE-2017-5378 CVE-2017-5379 CVE-2017-5380 CVE-2017-5381 CVE-2017-5382 CVE-2017-5383 CVE-2017-5384 CVE-2017-5385 CVE-2017-5386 CVE-2017-5387 CVE-2017-5388 CVE-2017-5389 CVE-2017-5390 CVE-2017-5391 CVE-2017-5393 CVE-2017-5396 CVE-2017-5398 CVE-2017-5399 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5403 CVE-2017-5404 CVE-2017-5405 CVE-2017-5406 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410 CVE-2017-5412 CVE-2017-5413 CVE-2017-5414 CVE-2017-5415 CVE-2017-5416 CVE-2017-5417 CVE-2017-5418 CVE-2017-5419 CVE-2017-5420 CVE-2017-5421 CVE-2017-5422 CVE-2017-5426 CVE-2017-5427 CVE-2017-5428 CVE-2017-5429 CVE-2017-5430 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5449 CVE-2017-5451 CVE-2017-5454 CVE-2017-5455 CVE-2017-5456 CVE-2017-5459 CVE-2017-5460 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466 CVE-2017-5467 CVE-2017-5469 CVE-2017-5470 CVE-2017-5472 CVE-2017-7749 CVE-2017-7750 CVE-2017-7751 CVE-2017-7752 CVE-2017-7754 CVE-2017-7756 CVE-2017-7757 CVE-2017-7758 CVE-2017-7764 CVE-2017-7778

Binary debdiffs: all amd64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: all amd64 armel armhf i386 mips mips64el mipsel ppc64el s390x

firefox-esr52.2.0esr-1~deb8u1 Installability ProblemsREJECTED

Reason: security update

DSA: 3881

flatpak0.8.7-2~deb9u1 Installability ProblemsACCEPTED

Reason: new upstream stable release; prevent deploying files with inappropriate permissions; restore compatibility with libostree 2017.7

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: mips mips64el mipsel

fontforge1:20161005~dfsg-4+deb9u1Version problemstesting (1:20161005~dfsg-4)Installability ProblemsACCEPTED

Reason: security update

DSA: 3958

CVEs referenced: CVE-2017-11568 CVE-2017-11569 CVE-2017-11571 CVE-2017-11572 CVE-2017-11574 CVE-2017-11575 CVE-2017-11576 CVE-2017-11577

Binary debdiffs: i386

freeradius3.0.12+dfsg-5+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3930

Closes: 868765

CVEs referenced: CVE-2017-10978 CVE-2017-10983 CVE-2017-10984 CVE-2017-10985 CVE-2017-10986 CVE-2017-10987

freerdp1.1.0~git20140921.1.440916e+dfsg1-13+deb9u2 Installability ProblemsACCEPTED

Reason: enable TLS >= 1.1 support

Closes: 871478

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

freerdp1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1 Installability ProblemsACCEPTED

This upload was superseded by a more current one.

Reason: security update

DSA: 3923

Closes: 869880

CVEs referenced: CVE-2017-2834 CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838 CVE-2017-2839

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

freexl1.0.2-2+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3976

Closes: 875690 875691

CVEs referenced: CVE-2017-2923 CVE-2017-2924

Binary debdiffs: armel armhf i386 mips mips64el mipsel s390x

gdk-pixbuf2.36.5-2+deb9u1Version problemstesting (2.36.5-2)Installability ProblemsACCEPTED

Reason: security update

DSA: 3978

µdebs: present

CVEs referenced: CVE-2017-2862

Binary debdiffs: arm64

git1:2.11.0-3+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3934

CVEs referenced: CVE-2017-1000117

gnome-exe-thumbnailer0.9.4-2+deb9u1 Installability ProblemsACCEPTED

Reason: switch to msitools' msiinfo for ProductVersion fetching, replacing the insecure VBScript-based parsing [CVE-2017-11421]; fix unreadable white-on-white text on version labels

Closes: 868705

CVEs referenced: CVE-2017-11421

Binary debdiffs: all

gnutls283.5.8-5+deb9u3 Installability ProblemsACCEPTED

Reason: fix OCSP verification errors, especially with ecdsa signatures

gosa-plugin-mailaddress0.99.5-2+deb9u1 Installability ProblemsACCEPTED

Reason: fix parent constructor calls, for compatibility with PHP7

Closes: 869214

Binary debdiffs: all

haveged1.9.1-5+deb9u1 Installability ProblemsACCEPTED

Reason: start haveged.service after systemd-tmpfiles-setup.service has been run

Closes: 858134

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

imagemagick8:6.9.7.4+dfsg-11+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3914

Closes: 863126 864273 864274 867367 867721 867778 867798 867806 867808 867810 867811 867812 867821 867823 867824 867825 867826 867893 867894 867896 867897 868184 868264

CVEs referenced: CVE-2017-10928 CVE-2017-11141 CVE-2017-11170 CVE-2017-11188 CVE-2017-9144 CVE-2017-9439 CVE-2017-9440 CVE-2017-9500 CVE-2017-9501

Binary debdiffs: all

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

ioquake31.36+u20161101+dfsg1-2+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3948

Closes: 870725

CVEs referenced: CVE-2017-11721 CVE-2017-6903

iortcw1.50a+dfsg1-3+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3941

CVEs referenced: CVE-2017-11721

ipsec-tools1:0.8.2+20140711-8+deb9u1 Installability ProblemsACCEPTED

Reason: security fix [CVE-2016-10396]

Closes: 867986

CVEs referenced: CVE-2016-10396

irssi1.0.2-1+deb9u2 Installability ProblemsACCEPTED

Reason: fix null pointer dereference [CVE-2017-10965], use-after-free condition for nicklist [CVE-2017-10966]

Closes: 867598

CVEs referenced: CVE-2017-10965 CVE-2017-10966

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

kanatest0.4.8-3+deb9u1 Installability ProblemsACCEPTED

Reason: remove DISABLE_DEPRECATED flags, they cause implicit pointer conversion and thus a segmentation fault on startup

Closes: 868315

Binary debdiffs: arm64 armel armhf i386 mips mipsel ppc64el s390x

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

kdepim4:16.04.3-4~deb9u1 Installability ProblemsACCEPTED

Reason: fix "send Later with Delay bypasses OpenPGP" [CVE-2017-9604]

Closes: 864804

CVEs referenced: CVE-2017-9604

kf5-messagelib4:16.04.3-3~deb9u1 Installability ProblemsACCEPTED

Reason: fix "send Later with Delay bypasses OpenPGP" [CVE-2017-9604]

Closes: 864803

CVEs referenced: CVE-2017-9604

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

krb51.15-1+deb9u1 Installability ProblemsACCEPTED

Reason: fix security issue where remote authenticated attackers can crash the KDC [CVE-2017-11368]; fix startup if getaddrinfo() returns a wildcard v6 address and handling of explicitly specified v4 wildcard address; fix SRV lookups to respect udp_preference_limit

Closes: 856307 860767 869260

CVEs referenced: CVE-2017-11368

lava-tool0.21-1+deb9u1 Installability ProblemsACCEPTED

Reason: add missing dependency: python-simplejson

Closes: 872782

Binary debdiffs: all

libgcrypt201.7.6-2+deb9u2 Installability ProblemsACCEPTED

Reason: security update

DSA: 3959

µdebs: present

Closes: 873383

CVEs referenced: CVE-2017-0379

Binary debdiffs: all

libgd22.2.4-2+deb9u2 Installability ProblemsACCEPTED

Reason: security update

DSA: 3961

CVEs referenced: CVE-2017-6362

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

libgd22.2.4-2+deb9u1 Installability ProblemsACCEPTED

This upload was superseded by a more current one.

Reason: security update

DSA: 3938

Closes: 869263

CVEs referenced: CVE-2017-7890

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

libmspack0.5-1+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3946

Closes: 868956 871263

CVEs referenced: CVE-2017-11423 CVE-2017-6419

libraw0.17.2-6+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3950

CVEs referenced: CVE-2017-6886 CVE-2017-6887

librsb1.2.0-rc5-3+deb9u1 Installability ProblemsACCEPTED

Reason: fix a few severe bugs leading to numerically wrong results

Closes: 870137

Binary debdiffs: all

libselinux2.6-3+b2 Installability ProblemsACCEPTED

Reason: rebuild with new sbuild to fix changelog date

µdebs: present

Closes: 835503

libsoup2.42.56.0-2+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3929

CVEs referenced: CVE-2017-2885

libxml22.9.4+dfsg1-2.2+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3952

Closes: 863018 863019 863021 863022 870865 870867 870870

CVEs referenced: CVE-2017-0663 CVE-2017-7375 CVE-2017-7376 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050

linux4.9.47-1 Installability ProblemsACCEPTED

Reason: new upstream stable version

µdebs: present

Closes: 862723 865645 865646 866130 866511 866706 867611 868251 868902

CVEs referenced: CVE-2017-1000111 CVE-2017-1000112 CVE-2017-1000370 CVE-2017-1000371 CVE-2017-1000380 CVE-2017-10663 CVE-2017-11600 CVE-2017-12134 CVE-2017-12146 CVE-2017-7518 CVE-2017-8831

Binary debdiffs: all armhf i386 mips mips64el mipsel

Lintian issues: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x source

linux4.9.30-2+deb9u3 Installability ProblemsACCEPTED

This upload was superseded by a more current one.

Reason: security update

DSA: 3927

µdebs: present

CVEs referenced: CVE-2017-1000365 CVE-2017-10810 CVE-2017-10911 CVE-2017-11176 CVE-2017-7346 CVE-2017-7482 CVE-2017-7533 CVE-2017-7541 CVE-2017-7542 CVE-2017-9605

linux-latest80+deb9u2 Installability ProblemsACCEPTED

Reason: update to 4.9.0-4

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

lzma9.22-2+b3 Installability ProblemsACCEPTED

Reason: rebuild with new sbuild to fix changelog date

Closes: 550543 651796

mariadb-10.110.1.26-0+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3955

Closes: 865870

CVEs referenced: CVE-2017-3636 CVE-2017-3641 CVE-2017-3653

Binary debdiffs: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

mate-power-manager1.16.2-1+deb9u1 Installability ProblemsACCEPTED

Reason: don't abort on unknown DBus signal name

Missing builds: amd64 armel armhf mips64el mipsel

Closes: 870121

mate-themes3.22.11-1+deb9u1 Installability ProblemsACCEPTED

Reason: fix font colour of URL bar in Google Chrome

Closes: 864618

mbedtls2.4.2-1+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3967

Closes: 873557

CVEs referenced: CVE-2017-14032

mercurial4.0-1+deb9u1Version problemstesting (4.0-1)Installability ProblemsACCEPTED

Reason: security update

DSA: 3963

CVEs referenced: CVE-2017-1000115 CVE-2017-1000116 CVE-2017-9462

nettle3.3-1+b2 Installability ProblemsACCEPTED

Reason: rebuild with new sbuild to fix changelog date

Closes: 808648 832983

CVEs referenced: CVE-2016-6489

newsbeuter2.9-5+deb9u2 Installability ProblemsACCEPTED

Reason: security update

DSA: 3977

Closes: 876004

CVEs referenced: CVE-2017-14500

newsbeuter2.9-5+deb9u1 Installability ProblemsACCEPTED

This upload was superseded by a more current one.

Reason: security update

DSA: 3947

CVEs referenced: CVE-2017-12904

node-brace-expansion1.1.6-1+deb9u1 Installability ProblemsACCEPTED

Reason: fix regular expression denial of service issue

Closes: 862712

node-dateformat1.0.11-3+deb9u1 Installability ProblemsACCEPTED

Reason: set TZ=UTC for tests to fix build failure

Closes: 863934

ntp1:4.2.8p10+dfsg-3+deb9u1 Installability ProblemsACCEPTED

Reason: build and install /usr/bin/sntp

Missing builds: amd64 armel armhf mips mips64el mipsel

Closes: 793837

Binary debdiffs: arm64 i386 ppc64el s390x

nvidia-graphics-drivers375.82-1~deb9u1 Installability ProblemsACCEPTED

Reason: new upstream long lived branch release 375.82 - security fixes [CVE-2017-6257 CVE-2017-6259], add support for the following GPUs: GeForce GTX 1080 with Max-Q Design, GeForce GTX 1070 with Max-Q Design, GeForce GTX 1060 with Max-Q Design; nvidia-kernel-dkms: Honor parallel setting from dkms

Closes: 864639 866126 868815 869783

CVEs referenced: CVE-2017-6257 CVE-2017-6259

Binary debdiffs: amd64 armhf i386

Lintian issues: amd64 armhf i386

open-vm-tools2:10.1.5-5055683-4+deb9u1 Installability ProblemsACCEPTED

Reason: randomly generate tmp directory name [CVE-2015-5191]

Closes: 869633

CVEs referenced: CVE-2015-5191

openjdk-88u141-b15-1~deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3919

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

openldap2.4.44+dfsg-5+deb9u1 Installability ProblemsACCEPTED

Reason: relax the dependency of libldap-2.4-2 on libldap-common to also permit later versions; fix upgrade failure when olcSuffix contains a backslash; avoid reading the value of the LDAP_OPT_X_TLS_REQUIRE_CERT option from previously freed memory; fix potential endless replication loop in a multi-master delta-syncrepl scenario with 3 or more nodes; fix memory corruption caused by calling sasl_client_init() multiple times and possibly concurrently

Closes: 820244 860774 860947 864719 868753

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

openvpn2.4.0-6+deb9u2 Installability ProblemsACCEPTED

Reason: fix broken reconnects due to wrong push digest calculation

Closes: 863110

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

pcb-rnd1.1.4-2 Installability ProblemsACCEPTED

Reason: fix execution of code from a maliciously formed design file

Missing builds: arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

perl5.24.1-3+deb9u2 Installability ProblemsACCEPTED

Reason: security update

DSA: 3982

Closes: 875596 875597

CVEs referenced: CVE-2017-12837 CVE-2017-12883

postgresql-9.69.6.4-0+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3936

CVEs referenced: CVE-2017-7484 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548

Binary debdiffs: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

pyjwt1.4.2-1+deb9u1Version problemstesting (1.4.2-1)Installability ProblemsACCEPTED

Reason: security update

DSA: 3979

CVEs referenced: CVE-2017-11424

qemu1:2.8+dfsg-6+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3920

Closes: 863840 863943 864216 864219 864568 865755 866674

CVEs referenced: CVE-2017-10664 CVE-2017-10911 CVE-2017-9310 CVE-2017-9330 CVE-2017-9373 CVE-2017-9374 CVE-2017-9375 CVE-2017-9524

Binary debdiffs: amd64 arm64 armel armhf i386 mips mipsel ppc64el s390x

request-tracker44.4.1-3+deb9u3 Installability ProblemsACCEPTED

Reason: fix regression in previous security release where incorrect SHA256 passwords could trigger an error

ruby-gnome23.1.0-1+deb9u1 Installability ProblemsACCEPTED

Reason: ruby-{gdk3,gtksourceview2,pango,poppler}: Add missing dependencies

Missing builds: arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Closes: 874365

Binary debdiffs: amd64

ruby-mixlib-archive0.2.0-1+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3915

Closes: 868572

CVEs referenced: CVE-2017-1000026

Lintian issues: all

ruby-rack-cors0.4.0-1+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3931

CVEs referenced: CVE-2017-11173

ruby2.32.3.3-1+deb9u1Version problemstesting (2.3.3-1)Installability ProblemsACCEPTED

Reason: security update

DSA: 3966

Closes: 842432 864860 873802 873906

CVEs referenced: CVE-2015-9096 CVE-2016-7798 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-14064

Binary debdiffs: all

samba2:4.5.8+dfsg-2+deb9u1 Installability Problemsamd64ACCEPTED

This upload was superseded by a more current one.

Reason: security update

DSA: 3909

Closes: 868209

CVEs referenced: CVE-2017-11103

Binary debdiffs: all amd64

Lintian issues: amd64

samba2:4.5.12+dfsg-1 Installability ProblemsACCEPTED

Reason: new upstream release; fix libpam-winbind.prerm to be multiarch-safe; add missing logrotate for /var/log/samba/log.samba; fix outdated DNS Root servers; fix "Non-kerberos logins fails on winbind 4.X when krb5_auth is configured in PAM"

Closes: 647430 739768 771689 803924 810794 865406

CVEs referenced: CVE-2017-11103 CVE-2017-7494

Binary debdiffs: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

smplayer16.11.0~ds0-1+deb9u1 Installability ProblemsACCEPTED

Reason: fix connections to YouTube

Closes: 869411

speech-dispatcher0.8.6-4+deb9u1 Installability ProblemsACCEPTED

Reason: make spd-conf work again

Closes: 860898

strongswan5.5.1-4+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3962

CVEs referenced: CVE-2017-11185 CVE-2017-9022 CVE-2017-9023

subversion1.9.5-1+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3932

CVEs referenced: CVE-2017-9800

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

suricata3.2.1-1+deb9u1 Installability ProblemsACCEPTED

Reason: limit the number of recursive calls in the DER/ASN.1 decoder to avoid stack overflows

swift2.10.2-1~deb9u1 Installability ProblemsACCEPTED

Reason: new upstream stable release

Binary debdiffs: all

tbdialout1.7.2-1+deb9u1 Installability ProblemsACCEPTED

Reason: include leading plus symbol with tel: URI scheme

Closes: 865961

Binary debdiffs: all

Lintian issues: source

tcpdump4.9.2-1~deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3971

Closes: 867718 873804 873805 873806

tiny-initramfs0.1-4~deb9u1 Installability ProblemsACCEPTED

Reason: add missing dependency on cpio

Closes: 869668

Binary debdiffs: all amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

tomcat88.5.14-1+deb9u2 Installability ProblemsACCEPTED

Reason: security update

DSA: 3974

CVEs referenced: CVE-2017-7674 CVE-2017-7675

Binary debdiffs: all

topal75-2.1+deb9u1 Installability ProblemsACCEPTED

Reason: fix misuse of sed character class syntax

Missing builds: arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Closes: 870825

Binary debdiffs: amd64

torsocks2.2.0-1+deb9u1 Installability ProblemsACCEPTED

Reason: fix check_addr() to return either 0 or 1

unbound1.6.0-3+deb9u1 Installability ProblemsACCEPTED

Reason: fix install of trust anchor when two anchors are present; depend on dns-root-data (>= 2017072601~) for KSK-2017

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

unknown-horizons2017.1+ds-2+deb9u1 Installability ProblemsACCEPTED

Reason: fix memory leak

Closes: 871037

up-imapproxy1.2.8~svn20161210-2+deb9u1 Installability ProblemsACCEPTED

Reason: correct systemd service file

Closes: 868150

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

varnish5.0.0-7+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3924

Lintian issues: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

webkit2gtk2.16.6-0+deb9u1 Installability ProblemsACCEPTED

Reason: upstream security and bugfix release [CVE-2017-2538 CVE-2017-7052 CVE-2017-7018 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7046 CVE-2017-7048 CVE-2017-7055 CVE-2017-7056 CVE-2017-7061 CVE-2017-7064]

Closes: 868126

CVEs referenced: CVE-2017-2538 CVE-2017-7018 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7046 CVE-2017-7048 CVE-2017-7052 CVE-2017-7055 CVE-2017-7056 CVE-2017-7061 CVE-2017-7064

Binary debdiffs: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x

Lintian issues: mips mips64el mipsel

whois5.2.17~deb9u1 Installability ProblemsACCEPTED

Reason: fix whois referrals for .com, .net, .jobs, .bz, .cc and .tv; add several new Indian TLD servers; update the list of gTLDs

Closes: 869920

wordpress-shibboleth1.4-2+deb9u1 Installability ProblemsACCEPTED

Reason: security update

DSA: 3973

Closes: 874416

CVEs referenced: CVE-2017-14313

Binary debdiffs: all

Lintian issues: all

wrk4.0.2-2~deb9u1 Installability ProblemsACCEPTED

Reason: fix build failures

Closes: 801881 855118

xen4.8.1-1+deb9u3Version problemstesting (4.8.1-1+deb9u1)Installability ProblemsACCEPTED

Reason: security update

DSA: 3969

CVEs referenced: CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855

Lintian issues: all amd64 arm64 armhf i386

xen4.8.1-1+deb9u2Version problemstesting (4.8.1-1+deb9u1)Installability ProblemsACCEPTED

This upload was superseded by a more current one.

Reason: security update

DSA: 3969

xfonts-ayu1:1.7a-1+deb9u1 Installability ProblemsACCEPTED

Reason: fix generation of bold and italic fonts

Closes: 870320

Binary debdiffs: all

xkeyboard-config2.19-1.1+deb9u1 Installability ProblemsREJECTED

Reason: incorrect version number

µdebs: present

xkeyboard-config2.19-1+deb9u1 Installability ProblemsACCEPTED

Reason: move Indic layouts back to the main layout list, enabling their use again

µdebs: present

Closes: 865316

yadm1.06-1+deb9u1 Installability ProblemsACCEPTED

Reason: fix race condition which could allow access to private PGP and SSH keys [CVE-2017-11353]

CVEs referenced: CVE-2017-11353