Queue Overview for "proposed-updates"

List of missing builds
List of missing packages relative to security archive

Resolution Pending (15 uploads for 13 packages)

Package	Version	Version Problems	Installability Problems	Architectures	Action
awstats	7.9-1+deb13u1		Installability problems	Built: source	?
Closes: 1131878 CVEs referenced: CVE-2025-63261
chromium	146.0.7680.177-1~deb13u1	Version problems testing (146.0.7680.153-1)	Installability problems	Built: allamd64arm64armhfi386ppc64elsource	?
DSA: 6192 CVEs referenced: CVE-2026-5272 CVE-2026-5273 CVE-2026-5274 CVE-2026-5275 CVE-2026-5276 CVE-2026-5277 CVE-2026-5278 CVE-2026-5279 CVE-2026-5280 CVE-2026-5281 CVE-2026-5282 CVE-2026-5283 CVE-2026-5284 CVE-2026-5285 CVE-2026-5286 CVE-2026-5287 CVE-2026-5288 CVE-2026-5289 CVE-2026-5290 CVE-2026-5291 CVE-2026-5292 Lintian issues: source
chromium	146.0.7680.164-1~deb13u1	Version problems testing (146.0.7680.153-1)	Installability problems	Built: allamd64arm64armhfi386source Missing: ppc64el	?
DSA: 6177 CVEs referenced: CVE-2026-4673 CVE-2026-4674 CVE-2026-4675 CVE-2026-4676 CVE-2026-4677 CVE-2026-4678 CVE-2026-4679 CVE-2026-4680 Lintian issues: source
ckermit	416~beta12-1+deb13u1		Installability problems	Built: source
Reason: waiting for confirmation from maintainer Closes: 1118629 1123025 CVEs referenced: CVE-2025-68920
courier	1.4.1-3+deb13u2		Installability problems	Built: source
Reason: fixme Closes: 1132026 Lintian issues: source no bug filed
erlang	1:27.3.4.1+dfsg-1+deb13u2		Installability problems	Built: source	?
Closes: 1128651 1130912 CVEs referenced: CVE-2026-21620 CVE-2026-23941 CVE-2026-23942 CVE-2026-23943 Lintian issues: source
freerdp3	3.15.0+dfsg-2.1+deb13u1		Installability problems	Built: source	?
Closes: 1112191 1121299 CVEs referenced: CVE-2025-4478 CVE-2026-22851 CVE-2026-22852 CVE-2026-22853 CVE-2026-22854 CVE-2026-22855 CVE-2026-22856 CVE-2026-22857 CVE-2026-22858 CVE-2026-22859 CVE-2026-23530 CVE-2026-23531 CVE-2026-23532 CVE-2026-23533 CVE-2026-23534 CVE-2026-23732 CVE-2026-23883 CVE-2026-23884 CVE-2026-23948 CVE-2026-24491 CVE-2026-24675 CVE-2026-24676 CVE-2026-24677 CVE-2026-24678 CVE-2026-24679 CVE-2026-24680 CVE-2026-24681 CVE-2026-24682 CVE-2026-24683 CVE-2026-24684 CVE-2026-25941 CVE-2026-25942 CVE-2026-25952 CVE-2026-25953 CVE-2026-25954 CVE-2026-25955 CVE-2026-25959 CVE-2026-25997 CVE-2026-26271 CVE-2026-26955 CVE-2026-26965 CVE-2026-26986 CVE-2026-27015
glib2.0	2.84.4-3~deb13u3		Installability problems	Built: source
Reason: fix timezone handling with Debian & Ubuntu's symlinks; fix missing input validation in g_buffered_input_stream_peek [CVE-2026-0988]; fix integer overflow in base64 encoding [CVE-2026-1484]; fix buffer underflow vulnerability in content type parsing [CVE-2026-1485]; fix integer overflow in unicode conversion [CVE-2026-1489] Request: 1128227 µdebs: present Closes: 1119919 1125752 1126549 1126550 1126551 CVEs referenced: CVE-2026-0988 CVE-2026-1484 CVE-2026-1485 CVE-2026-1489 Lintian issues: source d-i ack pending
nginx	1.26.3-3+deb13u3		Installability problems	Built: source	?
CVEs referenced: CVE-2026-27651 CVE-2026-27654 CVE-2026-27784 CVE-2026-28753 CVE-2026-28755 CVE-2026-32647
php-league-commonmark	2.7.0-1+deb13u1		Installability problems	Built: source	?
CVEs referenced: CVE-2026-30838 CVE-2026-33347
python-authlib	1.6.0-1+deb13u1		Installability problems	Built: source	?
CVEs referenced: CVE-2025-59420 CVE-2025-61920 CVE-2025-62706 CVE-2025-68158
python-bottle-sqlite	0.2.0-4+deb13u1		Installability problems	Built: source	?
Closes: 1132009
python-tornado	6.4.2-3+deb13u2		Installability problems	Built: allamd64arm64armelarmhfi386ppc64elriscv64s390xsource
DSA: 6195 CVEs referenced: CVE-2025-67725
python-tornado	6.4.2-3+deb13u1		Installability problems	Built: arm64armelarmhfppc64elriscv64s390xsource
Distribution mismatch: trixie-security Reason: superceded Closes: 1122660 1122661 1122663 CVEs referenced: CVE-2025-67724 CVE-2025-67725 CVE-2025-67726
roundcube	1.6.15+dfsg-0+deb13u1		Installability problems	Built: allsource	?
DSA: 6196 Closes: 1131182 1132268 CVEs referenced: CVE-2026-35537 CVE-2026-35538 CVE-2026-35539 CVE-2026-35540 CVE-2026-35541 CVE-2026-35542 CVE-2026-35543 CVE-2026-35544 CVE-2026-35545

Pending Processing (0 uploads for 0 packages)

Processed (57 uploads for 53 packages)

Package	Version	Installability Problems	Action
bepasty	1.2.1-1+deb13u1	Installability problems	ACCEPTED
Reason: fix loading pygments CSS Request: 1129951 Closes: 1124997 Binary debdiffs: all
bind9	1:9.20.21-1~deb13u1	Installability problems	ACCEPTED
DSA: 6181 CVEs referenced: CVE-2026-1519 CVE-2026-3104 CVE-2026-3119 CVE-2026-3591 Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x Lintian issues: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
chromium	146.0.7680.153-1~deb13u1	Installability problems	ACCEPTED
DSA: 6171 Closes: 1130569 CVEs referenced: CVE-2026-4439 CVE-2026-4440 CVE-2026-4441 CVE-2026-4442 CVE-2026-4443 CVE-2026-4444 CVE-2026-4445 CVE-2026-4446 CVE-2026-4447 CVE-2026-4448 CVE-2026-4449 CVE-2026-4450 CVE-2026-4451 CVE-2026-4452 CVE-2026-4453 CVE-2026-4454 CVE-2026-4455 CVE-2026-4456 CVE-2026-4457 CVE-2026-4458 CVE-2026-4459 CVE-2026-4460 CVE-2026-4461 CVE-2026-4462 CVE-2026-4463 CVE-2026-4464 Lintian issues: source
chromium	146.0.7680.80-1~deb13u1	Installability problems	ACCEPTED
This upload was superseded by a more current one. DSA: 6165 CVEs referenced: CVE-2026-3909 CVE-2026-3910
chromium	146.0.7680.71-1~deb13u1	Installability problems	ACCEPTED
This upload was superseded by a more current one. DSA: 6164 CVEs referenced: CVE-2026-3913 CVE-2026-3914 CVE-2026-3915 CVE-2026-3916 CVE-2026-3917 CVE-2026-3918 CVE-2026-3919 CVE-2026-3920 CVE-2026-3921 CVE-2026-3922 CVE-2026-3923 CVE-2026-3924 CVE-2026-3925 CVE-2026-3926 CVE-2026-3927 CVE-2026-3928 CVE-2026-3929 CVE-2026-3930 CVE-2026-3931 CVE-2026-3932 CVE-2026-3934 CVE-2026-3935 CVE-2026-3936 CVE-2026-3937 CVE-2026-3938 CVE-2026-3939 CVE-2026-3940 CVE-2026-3941 CVE-2026-3942 Binary debdiffs: amd64 armhf i386 Lintian issues: amd64 arm64 armhf i386 ppc64el
distrobuilder	3.2-2+b6	Installability problems	ACCEPTED
Reason: rebuild with updated incus Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
ejabberd	24.12-3+deb13u2	Installability problems ppc64el riscv64	ACCEPTED
Reason: ignore certificate purpose for incoming s2s connections Request: 1130812 Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
ejabberd-contrib	0.2025.01.11~dfsg0-2+deb13u2	Installability problems amd64 arm64 armel armhf i386 ppc64el riscv64 s390x	ACCEPTED
Reason: rebuild with updated ejabberd Request: 1130815 Binary debdiffs: all amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
erlang-p1-tls	1.1.22-1+deb13u1	Installability problems	ACCEPTED
Reason: accept client certificates without sslpurpose flag Request: 1130813 Closes: 1127369 Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
feed2toot	0.17-1+deb13u1	Installability problems	ACCEPTED
Reason: ensure compatibility with Python 3.13 Request: 1130050 Closes: 1118778 Binary debdiffs: all Lintian issues: source
firefox-esr	140.9.0esr-1~deb13u1	Installability problems	ACCEPTED
DSA: 6178 CVEs referenced: CVE-2025-59375 CVE-2026-4684 CVE-2026-4685 CVE-2026-4686 CVE-2026-4688 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695 CVE-2026-4696 CVE-2026-4697 CVE-2026-4698 CVE-2026-4699 CVE-2026-4700 CVE-2026-4701 CVE-2026-4702 CVE-2026-4704 CVE-2026-4705 CVE-2026-4706 CVE-2026-4707 CVE-2026-4708 CVE-2026-4709 CVE-2026-4710 CVE-2026-4713 CVE-2026-4714 CVE-2026-4715 CVE-2026-4716 CVE-2026-4717 CVE-2026-4718 CVE-2026-4719 CVE-2026-4720 CVE-2026-4721 Lintian issues: armhf i386 riscv64 source
freeciv	3.1.4+ds-2+deb13u1	Installability problems	ACCEPTED
DSA: 6173 CVEs referenced: CVE-2026-33250 Binary debdiffs: armel armhf i386
freetype	2.13.3+dfsg-1+deb13u1	Installability problems	ACCEPTED
DSA: 6168 µdebs: present Closes: 1129606 CVEs referenced: CVE-2026-23865 Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
gnutls28	3.8.9-3+deb13u3	Installability problems c-i failed: chrony/4.6.1-3+deb13u1 [ppc64el] chrony/4.6.1-3+deb13u1 [s390x] ngircd/27-2 [ppc64el]	ACCEPTED
Reason: Preserve extension order across client Hello retry Request: 1130735 Closes: 1130152
gst-plugins-bad1.0	1.26.2-3+deb13u1	Installability problems	ACCEPTED
DSA: 6190 CVEs referenced: CVE-2026-2923 CVE-2026-3081 CVE-2026-3082 CVE-2026-3084 CVE-2026-3086 Binary debdiffs: i386 s390x
gst-plugins-base1.0	1.26.2-1+deb13u1	Installability problems	ACCEPTED
DSA: 6167 CVEs referenced: CVE-2026-2921
gst-plugins-ugly1.0	1.26.3-4+deb13u1	Installability problems	ACCEPTED
DSA: 6191 CVEs referenced: CVE-2026-2920 CVE-2026-2922 Binary debdiffs: s390x
gvfs	1.57.2-2+deb13u1	Installability problems	ACCEPTED
Reason: use control connection address for PASV data [CVE-2026-28295]; reject paths containing CR/LF characters [CVE-2026-28296] Request: 1132174 Closes: 1129285 1129286 CVEs referenced: CVE-2026-28295 CVE-2026-28296
heimdal	7.8.git20221117.28daf24+dfsg-9+deb13u1	Installability problems	ACCEPTED
Reason: fix memory leak in heimdal-clients; add build dependency on libcrypt-dev Request: 1130553 Closes: 1102912 1130242 Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x Lintian issues: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
imagemagick	8:7.1.1.43+dfsg1-1+deb13u7	Installability problems	ACCEPTED
DSA: 6169 CVEs referenced: CVE-2026-28493 CVE-2026-28494 CVE-2026-28686 CVE-2026-28687 CVE-2026-28688 CVE-2026-28689 CVE-2026-28690 CVE-2026-28691 CVE-2026-28692 CVE-2026-28693 CVE-2026-30883 CVE-2026-30929 CVE-2026-30931 CVE-2026-30935 CVE-2026-30936 CVE-2026-30937 CVE-2026-31853 CVE-2026-32259 Binary debdiffs: i386 s390x
imagemagick	8:7.1.1.43+dfsg1-1+deb13u6	Installability problems	ACCEPTED
This upload was superseded by a more current one. DSA: 6158 CVEs referenced: CVE-2026-24481 CVE-2026-24484 CVE-2026-24485 CVE-2026-25576 CVE-2026-25637 CVE-2026-25638 CVE-2026-25794 CVE-2026-25795 CVE-2026-25796 CVE-2026-25797 CVE-2026-25798 CVE-2026-25799 CVE-2026-25897 CVE-2026-25898 CVE-2026-25965 CVE-2026-25966 CVE-2026-25967 CVE-2026-25968 CVE-2026-25969 CVE-2026-25970 CVE-2026-25971 CVE-2026-25982 CVE-2026-25983 CVE-2026-25985 CVE-2026-25986 CVE-2026-25987 CVE-2026-25988 CVE-2026-25989 CVE-2026-26066 CVE-2026-26283 CVE-2026-26284 CVE-2026-26983 CVE-2026-27798 CVE-2026-27799
incus	6.0.4-2+deb13u5	Installability problems	ACCEPTED
DSA: 6184 CVEs referenced: CVE-2026-28384 CVE-2026-33542 CVE-2026-33743 CVE-2026-33897 Binary debdiffs: all i386 s390x
inetutils	2:2.6-3+deb13u3	Installability problems	ACCEPTED
DSA: 6193 Closes: 1130741 1130742 CVEs referenced: CVE-2026-24061 CVE-2026-32746 CVE-2026-32772 Binary debdiffs: arm64
libdatetime-timezone-perl	1:2.65-1+2026a	Installability problems	ACCEPTED
Reason: update to database 2026a Request: 1131470
libpng1.6	1.6.48-1+deb13u4	Installability problems	ACCEPTED
DSA: 6189 µdebs: present Closes: 1132012 1132013 CVEs referenced: CVE-2026-33416 CVE-2026-33636 Lintian issues: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
libreoffice-texmaths	0.49-1.1~deb13u1	Installability problems	ACCEPTED
Reason: add dependency on dviphg/dvisvgm Request: 1130821 Binary debdiffs: all
libxml-parser-perl	2.47-2~deb13u1	Installability problems c-i failed: ikiwiki/3.20250501-1 [ppc64el]	ACCEPTED
DSA: 6182 Closes: 378412 CVEs referenced: CVE-2006-10002 CVE-2006-10003 Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
libyaml-syck-perl	1.34-2+deb13u2	Installability problems	ACCEPTED
DSA: 6175 CVEs referenced: CVE-2026-4177
linux	6.12.74-2	Installability problems	ACCEPTED
DSA: 6162 µdebs: present Binary debdiffs: all amd64 arm64 armel armhf i386 ppc64el riscv64 s390x Lintian issues: amd64 arm64 armel armhf ppc64el riscv64 s390x source
linux-signed-amd64	6.12.74+2	Installability problems amd64	ACCEPTED
DSA: 6162 µdebs: present Binary debdiffs: amd64 Lintian issues: amd64 source
linux-signed-arm64	6.12.74+2	Installability problems arm64	ACCEPTED
DSA: 6162 µdebs: present Binary debdiffs: arm64 Lintian issues: arm64 source
lxd	5.0.2+git20231211.1364ae4-9+deb13u4	Installability problems	ACCEPTED
DSA: 6188 CVEs referenced: CVE-2026-28384 CVE-2026-33542 CVE-2026-33897 Binary debdiffs: all i386 s390x Lintian issues: all
mailman-suite	0+20240312-1+deb13u1	Installability problems	ACCEPTED
Reason: add django.contrib.humanize to recommended apps in sample config Request: 1120015 Closes: 1116708 Binary debdiffs: all
multipart	1.2.1-2+deb13u1	Installability problems	ACCEPTED
DSA: 6161 CVEs referenced: CVE-2026-28356
mumble	1.5.735-5+deb13u1	Installability problems	ACCEPTED
Reason: fix Opus buffer overrun leading to crash Request: 1131017 Closes: 1129178 Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
netatalk	4.2.3~ds-1+deb13u1	Installability problems	ACCEPTED
Reason: fix authentication in complex AD environments Request: 1117453 Closes: 1111652
netty	1:4.1.48-10+deb13u1	Installability problems	ACCEPTED
DSA: 6160 Closes: 1111105 1113994 1118282 1123606 CVEs referenced: CVE-2025-55163 CVE-2025-58056 CVE-2025-58057 CVE-2025-59419 CVE-2025-67735 Binary debdiffs: all Lintian issues: source
node-node-rsa	1.1.1-5+deb13u1	Installability problems	ACCEPTED
Reason: fix builds with OpenSSL 3 Request: 1131339 Closes: 1117354
node-tar	6.2.1+~cs7.0.8-1+deb13u1	Installability problems	ACCEPTED
Reason: properly sanitize absolute linkpaths [CVE-2026-23745]; normalize out unicode ligatures [CVE-2026-23950]; properly sanitize hard links containing '..' [CVE-2026-24842]; prevent hardlinking to files outside the extraction root [CVE-2026-26960]; strip leading '/' before sanitizing '..' [CVE-2026-29786]; prevent escaping symlinks with drive-relative paths [CVE-2026-31802] Request: 1131776 Closes: 1129378 CVEs referenced: CVE-2026-23745 CVE-2026-23950 CVE-2026-24842 CVE-2026-26960 CVE-2026-29786 CVE-2026-31802 Binary debdiffs: all
nodejs	20.19.2+dfsg-1+deb13u2	Installability problems c-i failed: node-mqtt/4.3.7-5 [riscv64]	ACCEPTED
DSA: 6183 CVEs referenced: CVE-2026-21637 CVE-2026-21710 CVE-2026-21713 CVE-2026-21714 CVE-2026-21715 CVE-2026-21716 CVE-2026-21717 Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x Lintian issues: all amd64 arm64 armel armhf i386 ppc64el riscv64 s390x source
nodejs	20.19.2+dfsg-1+deb13u1	Installability problems	ACCEPTED
This upload was superseded by a more current one. DSA: 6166 CVEs referenced: CVE-2025-23085 CVE-2025-55130 CVE-2025-55131 CVE-2025-55132 CVE-2025-59465 CVE-2025-59466 CVE-2026-21637 Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
phosh	0.46.0-3+deb13u1	Installability problems	ACCEPTED
Reason: cell-broadcast-prompt: close dialog on swipe; strip whitespace; wifi-network: don't unconditionally overwrite active access point; don't set active indicator visible Request: 1132011
php-phpseclib	2.0.48-3+deb13u1	Installability problems	ACCEPTED
DSA: 6186 Closes: 1131483 CVEs referenced: CVE-2026-32935
php-phpseclib3	3.0.43-2+deb13u1	Installability problems	ACCEPTED
DSA: 6187 Closes: 1131482 CVEs referenced: CVE-2026-32935
phpseclib	1.0.23-6+deb13u1	Installability problems	ACCEPTED
DSA: 6185 Closes: 1131485 CVEs referenced: CVE-2026-32935
pyasn1	0.6.1-1+deb13u2	Installability problems	ACCEPTED
DSA: 6194 Closes: 1131371 CVEs referenced: CVE-2026-30922
pymupdf	1.25.4+ds1-3+deb13u1	Installability problems c-i failed: pymupdf/1.25.4+ds1-3+deb13u1 [amd64] pymupdf/1.25.4+ds1-3+deb13u1 [arm64] pymupdf/1.25.4+ds1-3+deb13u1 [i386] pymupdf/1.25.4+ds1-3+deb13u1 [ppc64el] pymupdf/1.25.4+ds1-3+deb13u1 [riscv64] pymupdf/1.25.4+ds1-3+deb13u1 [s390x]	ACCEPTED
Reason: improve safety of 'pymupdf embed-extract' when dealing with existing files [CVE-2026-3029] Request: 1131610 CVEs referenced: CVE-2026-3029 Binary debdiffs: i386 s390x
request-tracker5	5.0.7+dfsg-4+deb13u2	Installability problems	ACCEPTED
Reason: fix builds of CKEditor when firefox is >= 148 Request: 1130053 Closes: 1129090 Lintian issues: source
ruby-rack	3.1.20-0+deb13u1	Installability problems	ACCEPTED
DSA: 6180 Closes: 1128479 1128480 CVEs referenced: CVE-2026-22860 CVE-2026-25500 Binary debdiffs: all Lintian issues: source
snapd	2.68.3-3+deb13u1	Installability problems	ACCEPTED
DSA: 6170 Closes: 1131120 CVEs referenced: CVE-2026-3888 Lintian issues: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
spip	4.4.13+dfsg-0+deb13u1	Installability problems	ACCEPTED
DSA: 6174
strongswan	6.0.1-6+deb13u4	Installability problems	ACCEPTED
DSA: 6176 CVEs referenced: CVE-2026-25075 Lintian issues: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x source
sylpheed	3.8.0~beta1-2+deb13u1	Installability problems	ACCEPTED
Reason: add link check to address [CVE-2021-37746] Request: 1130207 CVEs referenced: CVE-2021-37746
thunderbird	1:140.9.0esr-1~deb13u1	Installability problems	ACCEPTED
DSA: 6179 Lintian issues: i386 riscv64 source
unbound	1.22.0-2+deb13u2	Installability problems	ACCEPTED
Reason: never try TLS to reach root nameservers Request: 1130863 Closes: 1129922 Lintian issues: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x
user-mode-linux	6.12um1+b13	Installability problems	ACCEPTED
Reason: rebuild with updated Linux Binary debdiffs: amd64 i386
webkit2gtk	2.50.6-1~deb13u1	Installability problems	ACCEPTED
DSA: 6172 Binary debdiffs: amd64 arm64 armel armhf i386 ppc64el riscv64 s390x Lintian issues: source