Queue Overview for "proposed-updates"

Removals

List of missing builds
List of missing packages relative to security archive

Resolution Pending (9 uploads for 9 packages)

Package Version Version Problems Installability Problems Architectures Action
cacti 1.2.24+ds1-1+deb12u5 Installability problems Built: allsource ?

DSA: 5862

CVEs referenced: CVE-2024-27082 CVE-2024-43362 CVE-2024-43363 CVE-2024-43364 CVE-2024-43365 CVE-2024-45598 CVE-2024-54145 CVE-2025-22604 CVE-2025-24367 CVE-2025-24368

Lintian issues: all

chromium 133.0.6943.53-1~deb12u1 Version problems testing (132.0.6834.159-1) Installability problems Built: allamd64armhfi386ppc64elsource Missing: arm64 Ok

DSA: 5859

CVEs referenced: CVE-2025-0444 CVE-2025-0445 CVE-2025-0451

Lintian issues: amd64armhfi386ppc64elsource

dcmtk 3.6.7-9~deb12u2 Installability problems Built: source ?

Closes: 1074483 1093043 1093047

CVEs referenced: CVE-2024-27628 CVE-2024-34508 CVE-2024-34509 CVE-2024-47796 CVE-2024-52333

libapache-mod-jk 1:1.2.48-2+deb12u2 Installability problems Built: source ?

Closes: 1082713

CVEs referenced: CVE-2024-46544

libtasn1-6 4.19.0-2+deb12u1 Installability problems Built: amd64arm64armhfs390xsource Missing: allarmeli386mips64elmipselppc64el ?

DSA: 5863

Closes: 1095406

CVEs referenced: CVE-2024-12133

pam-pkcs11 0.6.12-1+deb12u1 Installability problems Built: amd64arm64armelarmhfi386mips64elmipselppc64els390xsource ?

DSA: 5864

Closes: 1095402

CVEs referenced: CVE-2025-24032 CVE-2025-24531

thunderbird 1:128.7.0esr-1~deb12u1 Version problems testing (1:128.6.0esr-1) Installability problems Built: allamd64arm64i386ppc64elsource Missing: mips64els390x ?

DSA: 5861

CVEs referenced: CVE-2024-11704 CVE-2025-0510 CVE-2025-1009 CVE-2025-1010 CVE-2025-1011 CVE-2025-1012 CVE-2025-1013 CVE-2025-1014 CVE-2025-1015 CVE-2025-1016 CVE-2025-1017

Lintian issues: i386

webkit2gtk 2.46.6-1~deb12u1 Installability problems Built: allamd64arm64armelarmhfi386mips64elppc64els390xsource Missing: mipsel ?

DSA: 5865

Binary debdiffs: amd64arm64armelarmhfi386mips64elppc64els390x

Lintian issues: mips64el

xen 4.17.5+23-ga4e5191dc0-2 Installability problems Built: source ?

Closes: 1092495

CVEs referenced: CVE-2023-28746 CVE-2023-46841 CVE-2023-46842 CVE-2024-2193 CVE-2024-2201 CVE-2024-31142 CVE-2024-31143 CVE-2024-31145 CVE-2024-31146 CVE-2024-45817 CVE-2024-45818 CVE-2024-45819

Pending Processing (0 uploads for 0 packages)

Processed (64 uploads for 54 packages)

Package Version Version Problems Installability Problems Action
389-ds-base 2.3.1+dfsg1-1+deb12u1 Installability problems ACCEPTED

Reason: fix crash when modifying userPassword using malformed input [CVE-2024-2199 CVE-2024-8445]; prevent denial of service while attempting to log in with a user with a malformed hash in their password [CVE-2024-5953]; prevent denial of service on the directory server with specially-crafted LDAP query [CVE-2024-3657]

Request: 1093238

Closes: 1072531 1082852

CVEs referenced: CVE-2024-2199 CVE-2024-3657 CVE-2024-5953 CVE-2024-8445

bind9 1:9.18.33-1~deb12u2 Installability problems ACCEPTED

DSA: 5854

CVEs referenced: CVE-2024-11187 CVE-2024-12705

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

bup 0.33.7-1~deb12u1 Installability problems ACCEPTED

Reason: new upstream bugfix release

Request: 1093670

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

chromium 132.0.6834.159-1~deb12u1 Installability problems ACCEPTED

DSA: 5855

CVEs referenced: CVE-2025-0762

chromium 132.0.6834.110-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5848

Closes: 1072299

CVEs referenced: CVE-2025-0611 CVE-2025-0612

Binary debdiffs: amd64arm64armhfi386ppc64el

Lintian issues: allamd64arm64armhfi386ppc64el

chromium 132.0.6834.83-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5844

CVEs referenced: CVE-2025-0434 CVE-2025-0435 CVE-2025-0436 CVE-2025-0437 CVE-2025-0438 CVE-2025-0439 CVE-2025-0440 CVE-2025-0441 CVE-2025-0442 CVE-2025-0443 CVE-2025-0446 CVE-2025-0447 CVE-2025-0448

Binary debdiffs: amd64arm64armhfi386ppc64el

Lintian issues: amd64arm64armhfi386ppc64el

chromium 131.0.6778.264-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5840

Closes: 1091459

CVEs referenced: CVE-2025-0291

Binary debdiffs: ppc64el

Lintian issues: amd64armhfi386ppc64el

chromium 131.0.6778.204-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5834

CVEs referenced: CVE-2024-12692 CVE-2024-12693 CVE-2024-12694 CVE-2024-12695

Binary debdiffs: arm64

Lintian issues: amd64arm64armhfi386

containerd 1.6.20~ds1-1+deb12u1 Installability problems ACCEPTED

Reason: fix tests causing FTBFS on the auto-builder network

Request: 1093136

Closes: 1070411

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

curl 7.88.1-10+deb12u9 Installability problems c-i failed: mmdebstrap/1.3.5-7 [i386] ACCEPTED

Reason: fix unintended HTTPS upgrades or premature reversion to HTTP when both subdomains and parent domains are used [CVE-2024-9681]; prevent stopping of stunnel before retries in the built-time tests

Request: 1092048

CVEs referenced: CVE-2024-9681

dns-root-data 2024071801~deb12u1 Installability problems ACCEPTED

Reason: add the DNSKEY record for KSK-2024

Request: 1092455

Binary debdiffs: all

elpa 2022.11.001-2+deb12u1 Installability problems ACCEPTED

Reason: fix tests on machines with 2 vCPU or fewer

Request: 1091789

Closes: 1057556

firefox-esr 128.7.0esr-1~deb12u1 Installability problems ACCEPTED

Missing builds: mips64el

DSA: 5858

CVEs referenced: CVE-2024-11704 CVE-2025-1009 CVE-2025-1010 CVE-2025-1011 CVE-2025-1012 CVE-2025-1013 CVE-2025-1014 CVE-2025-1016 CVE-2025-1017

Lintian issues: armhfi386

firefox-esr 128.6.0esr-1~deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5839

CVEs referenced: CVE-2025-0237 CVE-2025-0238 CVE-2025-0239 CVE-2025-0240 CVE-2025-0241 CVE-2025-0242 CVE-2025-0243

Lintian issues: armhfi386

flightgear 1:2020.3.16+dfsg-1+deb12u1 Installability problems ACCEPTED

Reason: fix sandbox bypass vulnerability in Nasal scripts [CVE-2025-0781]

Request: 1094360

CVEs referenced: CVE-2025-0781

Lintian issues: source

gensim 4.2.0+dfsg-1+deb12u1 Installability problems ACCEPTED

Reason: fix FTBFS on single-CPU machines

Request: 1091848

git 1:2.39.5-0+deb12u2 Installability problems install upgrade ACCEPTED

DSA: 5850

CVEs referenced: CVE-2024-50349 CVE-2024-52006

git-lfs 3.3.0-1+deb12u1 Installability problems ACCEPTED

DSA: 5849

CVEs referenced: CVE-2024-53263

golang-github-containers-buildah 1.28.2+ds1-3+deb12u1 Installability problems ACCEPTED

Reason: disable a test known to fail on the auto-builder network, fixing FTBFS

Request: 1094495

Closes: 1072147

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

gss 1.0.4-1+deb12u1 Installability problems ACCEPTED

Reason: fix FTBFS caused by an expired Kerberos ticket

Missing builds: armel armhf i386 mipsel

Request: 1091842

Closes: 1076885

Binary debdiffs: allamd64arm64mips64elppc64els390x

joblib 1.2.0-4+deb12u1 Installability problems ACCEPTED

Reason: fix FTBFS on single-CPU systems

Request: 1091786

Closes: 1085692

kexec-tools 1:2.0.25-3+deb12u2 Installability problems ACCEPTED

Reason: fix path for systemd units with merged /usr; drop depedencies no longer required

Request: 1086622

µdebs: present

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

lemonldap-ng 2.16.1+ds-deb12u5 Installability problems ACCEPTED

Reason: fix CSRF vulnerability on 2FA registration interface [CVE-2024-52948]

Request: 1093755

CVEs referenced: CVE-2024-52948

librabbitmq 0.11.0-1+deb12u1 Installability problems ACCEPTED

Reason: add option to read username/password from file [CVE-2023-35789]

Request: 1089984

Closes: 1037322

CVEs referenced: CVE-2023-35789

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

libreoffice 4:7.4.7-1+deb12u6 Installability problems ACCEPTED

DSA: 5846

CVEs referenced: CVE-2024-12425 CVE-2024-12426

Binary debdiffs: all

Lintian issues: all

libtar 1.2.20-8+deb12u1 Installability problems ACCEPTED

Reason: fix out-of-bounds read in gnu_longlink() [CVE-2021-33643]; fix out-of-bounds read in gnu_longname() [CVE-2021-33644]; fix memory leak in th_read() [CVE-2021-33645]; fix memory leak in th_read() [CVE-2021-33646]

Request: 1093625

CVEs referenced: CVE-2021-33643 CVE-2021-33644 CVE-2021-33645 CVE-2021-33646

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: mips64elmipsel

linux 6.1.128-1 Installability problems ACCEPTED

DSA: 5860

µdebs: present

Closes: 1093243 1094766

CVEs referenced: CVE-2024-36899 CVE-2024-49994 CVE-2024-50014 CVE-2024-50047 CVE-2024-50164 CVE-2024-50304 CVE-2024-53124 CVE-2024-53128 CVE-2024-53170 CVE-2024-53229 CVE-2024-53685 CVE-2024-56551 CVE-2024-56599 CVE-2024-56608 CVE-2024-56631 CVE-2024-56664 CVE-2024-56703 CVE-2024-57887 CVE-2024-57892 CVE-2024-57907

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

linux 6.1.124-1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Reason: new upstream release; bump ABI to 30

µdebs: present

Closes: 1092772

CVEs referenced: CVE-2024-56582 CVE-2024-56759

linux-signed-amd64 6.1.128+1 Installability problems amd64 ACCEPTED

DSA: 5860

µdebs: present

Closes: 1093243 1094766

CVEs referenced: CVE-2024-36899 CVE-2024-49994 CVE-2024-50014 CVE-2024-50047 CVE-2024-50164 CVE-2024-50304 CVE-2024-53124 CVE-2024-53128 CVE-2024-53170 CVE-2024-53229 CVE-2024-53685 CVE-2024-56551 CVE-2024-56599 CVE-2024-56608 CVE-2024-56631 CVE-2024-56664 CVE-2024-56703 CVE-2024-57887 CVE-2024-57892 CVE-2024-57907

Binary debdiffs: amd64

Lintian issues: amd64source

linux-signed-amd64 6.1.124+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Distribution mismatch: bookworm-proposed-updates

Reason: new upstream release; bump ABI to 30

µdebs: present

Closes: 1092772

CVEs referenced: CVE-2024-56582 CVE-2024-56759

linux-signed-arm64 6.1.128+1 Installability problems arm64 ACCEPTED

DSA: 5860

µdebs: present

Closes: 1093243 1094766

CVEs referenced: CVE-2024-36899 CVE-2024-49994 CVE-2024-50014 CVE-2024-50047 CVE-2024-50164 CVE-2024-50304 CVE-2024-53124 CVE-2024-53128 CVE-2024-53170 CVE-2024-53229 CVE-2024-53685 CVE-2024-56551 CVE-2024-56599 CVE-2024-56608 CVE-2024-56631 CVE-2024-56664 CVE-2024-56703 CVE-2024-57887 CVE-2024-57892 CVE-2024-57907

Binary debdiffs: arm64

Lintian issues: arm64source

linux-signed-arm64 6.1.124+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Distribution mismatch: bookworm-proposed-updates

Reason: new upstream release; bump ABI to 30

µdebs: present

Closes: 1092772

CVEs referenced: CVE-2024-56582 CVE-2024-56759

linux-signed-i386 6.1.128+1 Installability problems i386 ACCEPTED

DSA: 5860

µdebs: present

Closes: 1093243 1094766

CVEs referenced: CVE-2024-36899 CVE-2024-49994 CVE-2024-50014 CVE-2024-50047 CVE-2024-50164 CVE-2024-50304 CVE-2024-53124 CVE-2024-53128 CVE-2024-53170 CVE-2024-53229 CVE-2024-53685 CVE-2024-56551 CVE-2024-56599 CVE-2024-56608 CVE-2024-56631 CVE-2024-56664 CVE-2024-56703 CVE-2024-57887 CVE-2024-57892 CVE-2024-57907

Binary debdiffs: i386

Lintian issues: i386source

linux-signed-i386 6.1.124+1 Installability problems ACCEPTED

This upload was superseded by a more current one.

Distribution mismatch: bookworm-proposed-updates

Reason: new upstream release; bump ABI to 30

µdebs: present

Closes: 1092772

CVEs referenced: CVE-2024-56582 CVE-2024-56759

linuxcnc 2.9.0~pre1+git20230208.f1270d6ed7-1+deb12u1 Installability problems ACCEPTED

Reason: fix multi axes movement on single axis G0 MDI call

Request: 1075901

Closes: 1053251

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

mariadb 1:10.11.9-0+deb12u1 Installability problems c-i failed: ruby-moneta/1.5.2-1 [armel] ACCEPTED

Reason: new upstream stable release; fix security issue [CVE-2024-21096]

Missing builds: s390x

Request: 1080370

CVEs referenced: CVE-2024-21096

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64el

Lintian issues: allsource

mozc 2.28.4715.102+dfsg-2.2+deb12u1 Installability problems ACCEPTED

Reason: install fcitx icons to the correct locations

Request: 1091869

Closes: 1091829

Binary debdiffs: allamd64arm64armelarmhfi386

ndcube 2.0.3-1+deb12u1 Installability problems ACCEPTED

Reason: ignore test warnings from astropy

Request: 1091845

Closes: 1055877

node-axios 1.2.1+dfsg-1+deb12u1 Installability problems ACCEPTED

Reason: fix CSRF vulnerability [CVE-2023-45857]; fix potential vulnerability in URL when determining an origin [CVE-2024-57965]

Request: 1094751

Closes: 1056099 1094731

CVEs referenced: CVE-2023-45857 CVE-2024-57965

node-postcss 8.4.20+~cs8.0.23-1+deb12u1 Installability problems ACCEPTED

Reason: fix mishandling of non-integer values leading to denial of service in nanoid [CVE-2024-55565]; fix parsing of external untrusted CSS [CVE-2023-44270]

Request: 1091460

Closes: 1053282

CVEs referenced: CVE-2023-44270 CVE-2024-55565

openafs 1.8.9-1+deb12u1 Installability problems ACCEPTED

DSA: 5842

Closes: 1087406 1087407

CVEs referenced: CVE-2024-10394 CVE-2024-10396 CVE-2024-10397

openjdk-17 17.0.14+7-1~deb12u1 Installability problems ACCEPTED

DSA: 5857

Binary debdiffs: all

openjpeg2 2.5.0-2+deb12u1 Installability problems ACCEPTED

DSA: 5851

Closes: 1081908 1092675 989775

CVEs referenced: CVE-2021-3575 CVE-2023-39327 CVE-2024-56826 CVE-2024-56827

pam-u2f 1.1.0-1.1+deb12u1 Installability problems ACCEPTED

DSA: 5853

CVEs referenced: CVE-2025-23013

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

pdns-recursor 4.8.8-1+deb12u1 Installability problems ACCEPTED

DSA: 5852

Closes: 1083285

CVEs referenced: CVE-2024-25590

puma 5.6.5-3+deb12u1 Installability problems ACCEPTED

Reason: fix behaviour when parsing chunked transfer encoding bodies and zero-length Content-Length headers [CVE-2023-40175]; limit size of chunk extensions [CVE-2024-21647]; prevent manipulation of headers set by intermediate proxies [CVE-2024-45614]

Request: 1091795

Closes: 1050079 1060345 1082379

CVEs referenced: CVE-2023-40175 CVE-2024-21647 CVE-2024-45614

python-django 3:3.2.19-1+deb12u2 Installability problems c-i failed: python-django-storages/1.13.2-1 [amd64] python-django-storages/1.13.2-1 [arm64] python-django-storages/1.13.2-1 [armel] python-django-storages/1.13.2-1 [armhf] python-django-storages/1.13.2-1 [i386] python-django-storages/1.13.2-1 [ppc64el] python-django-storages/1.13.2-1 [s390x] ACCEPTED

Reason: fix regular expression-based denial of service issue [CVE-2023-36053], denial of service issues [CVE-2024-38875 CVE-2024-39614 CVE-2024-41990 CVE-2024-41991], user enumeration issue [CVE-2024-39329], directory traversal issue [CVE-2024-39330], excessive memory consumption issue [CVE-2024-41989], SQL injection issue [CVE-2024-42005]

Request: 1079454

Closes: 1076069 1078074

CVEs referenced: CVE-2023-36053 CVE-2024-38875 CVE-2024-39329 CVE-2024-39330 CVE-2024-39614 CVE-2024-41989 CVE-2024-41990 CVE-2024-41991 CVE-2024-42005

Binary debdiffs: all

Lintian issues: all

python-pycdlib 1.12.0+ds1-4+deb12u1 Installability problems ACCEPTED

Reason: run tests only if /tmp is tmpfs, otherwise they are known to fail

Request: 1091787

Closes: 1002789

rapiddisk 9.0.0-1+deb12u1 Installability problems upgrade ACCEPTED

Reason: support Linux versions up to 6.10

Request: 1077916

Closes: 1069945 1070418

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

redis 5:7.0.15-1~deb12u3 Installability problems ACCEPTED

DSA: 5856

Closes: 1092370

CVEs referenced: CVE-2024-46981 CVE-2024-51741

rsync 3.2.7-1+deb12u2 Installability problems ACCEPTED

DSA: 5843

Closes: 1093052 1093089

rsync 3.2.7-1+deb12u1 Installability problems ACCEPTED

This upload was superseded by a more current one.

DSA: 5843

CVEs referenced: CVE-2024-12084 CVE-2024-12085 CVE-2024-12086 CVE-2024-12087 CVE-2024-12088 CVE-2024-12747

rsyslog 8.2302.0-1+deb12u1 Installability problems ACCEPTED

Reason: avoid sementation fault if a SIGTERM is received during startup

Request: 1092504

Closes: 1092450

runit-services 0.5.5~deb12u2 Installability problems ACCEPTED

Reason: do not enable dhclient service by default

Request: 1089612

Closes: 1086131

Binary debdiffs: all

seqan3 3.2.0+ds-6+deb12u1 Installability problems ACCEPTED

Reason: fix parallel running of tests

Request: 1091791

Closes: 1087373

Binary debdiffs: all

simgear 1:2020.3.16+dfsg-1+deb12u1 Installability problems ACCEPTED

Reason: fix sandbox bypass vulnerability in Nasal scripts [CVE-2025-0781]

Request: 1094352

CVEs referenced: CVE-2025-0781

Lintian issues: source

snapcast 0.26.0+dfsg1-1+deb12u1 Installability problems ACCEPTED

DSA: 5847

CVEs referenced: CVE-2023-36177

Binary debdiffs: armel

subversion 1.14.2-4+deb12u1 Installability problems ACCEPTED

Reason: fix vulnerable parsing of control characters in paths served by mod_dav_svn [CVE-2024-46901]

Request: 1092133

CVEs referenced: CVE-2024-46901

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

sunpy 4.1.2-1+deb12u1 Installability problems ACCEPTED

Reason: ignore test warnings from astropy

Request: 1091847

Closes: 1055892

thunderbird 1:128.6.0esr-1~deb12u1 Installability problems ACCEPTED

Missing builds: mips64el s390x

DSA: 5841

Closes: 1088615

Binary debdiffs: amd64arm64ppc64el

Lintian issues: i386source

tomcat10 10.1.34-0+deb12u1 Installability problems ACCEPTED

DSA: 5845

CVEs referenced: CVE-2024-34750 CVE-2024-38286 CVE-2024-50379 CVE-2024-52316 CVE-2024-54677 CVE-2024-56337

Binary debdiffs: all

Lintian issues: allsource

vagrant 2.3.4+dfsg-1+deb12u1 Installability problems ACCEPTED

Reason: fix URL of public Vagrant registry

Request: 1094180

Closes: 1092987

vim 2:9.0.1378-2+deb12u1 Installability problems ACCEPTED

Reason: fix crash when expanding "~" in substitute [CVE-2023-2610]; fix buffer-overflow in vim_regsub_both() [CVE-2023-4738]; fix heap use after free in ins_compl_get_exp() [CVE-2023-4752]; fix heap-buffer-overflow in vim_regsub_both [CVE-2023-4781]; fix buffer-overflow in trunc_string() [CVE-2023-5344]; fix stack-buffer-overflow in option callback functions [CVE-2024-22667]; fix heap-buffer-overflow in ins_typebuf (CVE-2024-43802]; fix use-after-free when closing a buffer [CVE-2024-47814]

Missing builds: armel armhf i386 mipsel

Request: 1094646

Closes: 1035955 1053694 1084806

CVEs referenced: CVE-2023-2610 CVE-2023-4738 CVE-2023-4752 CVE-2023-4781 CVE-2023-5344 CVE-2024-22667 CVE-2024-43802 CVE-2024-47814

xen 4.17.5+23-ga4e5191dc0-1 Installability problems ACCEPTED

DSA: 5836

CVEs referenced: CVE-2023-28746 CVE-2023-46841 CVE-2023-46842 CVE-2024-2193 CVE-2024-2201 CVE-2024-31142 CVE-2024-31143 CVE-2024-31145 CVE-2024-31146 CVE-2024-45817 CVE-2024-45818 CVE-2024-45819

Binary debdiffs: amd64arm64armhf