Queue Overview for "proposed-updates"

Lintian issues: source

Closes: 993784

Reason: fix "mod_radius leaks memory contents to radius server" and "sftp connection aborts with "Corrupted MAC on input""

Closes: 992920 993173

Not yet fixed in unstable
         

DSA: 4975

CVEs referenced: CVE-2021-30858

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: mips64elmipsel

DSA: 4976

CVEs referenced: CVE-2021-30858

Binary debdiffs: amd64arm64armeli386mips64elmipselppc64els390x

Lintian issues: mips64elmipsel

DSA: 4977

Binary debdiffs: amd64arm64armhfi386

Lintian issues: amd64arm64armhfi386

Distribution mismatch: bullseye-security

Reason: security update

CVEs referenced: CVE-2021-33193

Reason: prevent out-of-bounds array dereference

Request: 992843

Closes: 992789

CVEs referenced: CVE-2021-35940

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix crash when using LATEST=yes

Request: 993720

Closes: 986462

Reason: security fix

Request: 993899

CVEs referenced: CVE-2021-38173

Distribution mismatch: bullseye-security

Reason: security update

CVEs referenced: CVE-2021-3672

Reason: new upstream stable release; fix clamdscan segfaults when --fdpass and --multipass are used together with ExcludePath

Request: 993822

Closes: 987861 988218

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: avoid duplicate includedir in /etc/sudoers

Request: 992153

Closes: 991629

Reason: fix a use-after-free in DBstats

Request: 994574

Closes: 993770

Reason: fix handling of large files

Request: 992547

Closes: 992542

Reason: make --bpo target bullseye-backports

Request: 992435

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Distribution mismatch: bullseye-security

Reason: security update

Closes: 991705 991706

CVEs referenced: CVE-2021-31291 CVE-2021-31292

Binary debdiffs: all

Reason: fix segmentation fault and security regression

Request: 992063

Closes: 992400

CVEs referenced: CVE-2021-36386

DSA: 4969

CVEs referenced: CVE-2021-38493

Lintian issues: armhfi386mipsel

This upload was superseded by a more current one.

Distribution mismatch: bullseye-security

Reason: security update

CVEs referenced: CVE-2021-29980 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29988 CVE-2021-29989

Binary debdiffs: amd64arm64armhfi386mips64elmipselppc64els390x

Lintian issues: armhfi386mipsel

Reason: fix thread crash, sample configuration

Request: 993604

Closes: 992036 992207

Reason: new upstream stable release

Request: 993281

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: new upstream stable release; solve circular Conflicts with galera-3 by no longer providing a virtual "galera" package

Request: 993282

Closes: 990708

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 4972

Closes: 994011

CVEs referenced: CVE-2021-3781

DSA: 4966

CVEs referenced: CVE-2021-21834 CVE-2021-21836 CVE-2021-21837 CVE-2021-21838 CVE-2021-21839 CVE-2021-21840 CVE-2021-21841 CVE-2021-21842 CVE-2021-21843 CVE-2021-21844 CVE-2021-21845 CVE-2021-21846 CVE-2021-21847 CVE-2021-21848 CVE-2021-21849 CVE-2021-21850 CVE-2021-21852 CVE-2021-21853 CVE-2021-21854 CVE-2021-21855 CVE-2021-21857 CVE-2021-21858 CVE-2021-21859 CVE-2021-21860 CVE-2021-21861

DSA: 4964

Closes: 992971

CVEs referenced: CVE-2021-39365

DSA: 4968

Closes: 993303

CVEs referenced: CVE-2021-40346

Lintian issues: source

This upload was superseded by a more current one.

DSA: 4960

Reason: smooth upgrade path

Missing builds: mipsel

Request: 993825

Closes: 992068

Reason: properly handle UTF-8 process names

Request: 993792

Reason: also use dbus to detect accessibility being enabled

Request: 994022

Reason: fix KDC null dereference crash on FAST request with no server field [CVE-2021-37750]; fix memory leak in krb5_gss_inquire_cred

Request: 993276

Closes: 991140 992607

CVEs referenced: CVE-2021-37750

Lintian issues: source

DSA: 4962

This upload was superseded by a more current one.

DSA: 4962

CVEs referenced: CVE-2021-3731

This upload was superseded by a more current one.

DSA: 4962

CVEs referenced: CVE-2021-3693 CVE-2021-3694

Reason: switch to embedded libasm. The version from libasm-java is too new

Request: 992078

Closes: 991991

Binary debdiffs: all

Distribution mismatch: bullseye-security

Reason: security update

CVEs referenced: CVE-2021-36770

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Distribution mismatch: bullseye-security

Reason: security update

CVEs referenced: CVE-2021-20314

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 4965

Closes: 993046

CVEs referenced: CVE-2021-3634

Binary debdiffs: all

Distribution mismatch: bullseye-security

Reason: security update

Closes: 991971

CVEs referenced: CVE-2021-38165

Reason: new upstream stable release; security fixes [CVE-2021-2372 CVE-2021-2389]

Request: 993283

CVEs referenced: CVE-2021-2372 CVE-2021-2389

Binary debdiffs: all

Reason: fix end of file detection

Request: 992978

Reason: avoid a request body bypass

Request: 992956

Closes: 992000

CVEs referenced: CVE-2021-35368

DSA: 4974

Closes: 989846

CVEs referenced: CVE-2021-22895 CVE-2021-32728

Distribution mismatch: bullseye-security

Reason: security update

Closes: 992112

Binary debdiffs: amd64arm64armhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armhfi386mips64elmipselppc64els390xsource

DSA: 4971

µdebs: present

Closes: 988386

CVEs referenced: CVE-2021-33285 CVE-2021-33286 CVE-2021-33287 CVE-2021-33289 CVE-2021-35266 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269 CVE-2021-39251 CVE-2021-39252 CVE-2021-39253 CVE-2021-39254 CVE-2021-39255 CVE-2021-39256 CVE-2021-39257 CVE-2021-39258 CVE-2021-39259 CVE-2021-39260 CVE-2021-39261 CVE-2021-39262 CVE-2021-39263

DSA: 4963

µdebs: present

CVEs referenced: CVE-2021-3711 CVE-2021-3712

Reason: fix projections other than WGS84

Request: 993523

Closes: 993518

Reason: binary rebuild

Request: 994097

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Distribution mismatch: bullseye-security

Reason: security update

CVEs referenced: CVE-2021-36770

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: update for PostgreSQL 13.4 snapshot handling fixes

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: source

Reason: new upstream stable release; fix mis-planning of repeated application of a projection step [CVE-2021-3677]; disallow SSL renegotiation more completely

CVEs referenced: CVE-2021-3449 CVE-2021-3677

Binary debdiffs: all

DSA: 4970

CVEs referenced: CVE-2021-40347

Lintian issues: source

Reason: update suite names following bullseye release

Request: 993793

Closes: 992332

Binary debdiffs: all

Reason: add https URL to the LACNIC TAL

Request: 993049

Binary debdiffs: all

Lintian issues: source

Reason: fix for ruby-rqrcode 1.0 compatibility

Request: 992206

Closes: 992040

Reason: prevent directory escape in renamer function

Request: 993035

CVEs referenced: CVE-2021-29488

Reason: fix rendering of long options in manpage

Request: 994111

Closes: 918555 985003

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix authentication bypass issues [CVE-2020-1957 CVE-2020-11989 CVE-2020-13933 CVE-2020-17510]; update Spring Framework compatibility patch; support Guice 4

Request: 993133

Closes: 955018 968753

CVEs referenced: CVE-2020-11989 CVE-2020-13933 CVE-2020-17510 CVE-2020-1957

Lintian issues: source

DSA: 4967

CVEs referenced: CVE-2021-40153

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: avoid crash when auto-delete is enabled

Request: 993968

Closes: 993243

Reason: include themes in package

Request: 992836

Closes: 992831

DSA: 4973

Lintian issues: i386

This upload was superseded by a more current one.

DSA: 4959

Binary debdiffs: amd64arm64i386mips64elppc64els390x

Lintian issues: i386

Reason: fix a race condition which results in the config not being loaded if several clients are interacting with the server while it's initializing

Request: 994112

Closes: 992202

Distribution mismatch: bullseye-security

Reason: security update

Closes: 991046

CVEs referenced: CVE-2021-30640 CVE-2021-33037

Binary debdiffs: all

DSA: 4961

CVEs referenced: CVE-2021-38385

Reason: fix regression in handling display blocks

Request: 992299

Closes: 992283

Reason: new upstream stable release; fix denial of service issue [CVE-2021-36773]

Request: 993225

CVEs referenced: CVE-2021-36773

Binary debdiffs: all

Lintian issues: allsource

Distribution mismatch: bullseye-security

Reason: security update

Closes: 984949

CVEs referenced: CVE-2020-11988

Binary debdiffs: all

Lintian issues: all