Queue Overview for "proposed-updates"

DSA: 5944

Closes: 1107837

CVEs referenced: CVE-2025-6191 CVE-2025-6192

Binary debdiffs: amd64arm64armhfi386ppc64el

Lintian issues: amd64arm64armhfi386ppc64el

Testing migration
         

DSA: 5942

CVEs referenced: CVE-2025-5958 CVE-2025-5959

Binary debdiffs: amd64arm64i386ppc64el

Reason: not yet fixed in unstable

Closes: 1102006

CVEs referenced: CVE-2025-30472

Closes: 1036095 1041377 1051638 1053317 1061173 1061952 1069728 1072112 1072413 1073156 1074969 1079025

CVEs referenced: CVE-2023-39350 CVE-2023-39351 CVE-2023-39352 CVE-2023-39353 CVE-2023-39354 CVE-2023-39355 CVE-2023-39356 CVE-2023-40181 CVE-2023-40186 CVE-2023-40188 CVE-2023-40567 CVE-2023-40589 CVE-2024-22211 CVE-2024-32039 CVE-2024-32040 CVE-2024-32041 CVE-2024-32458 CVE-2024-32459 CVE-2024-32460 CVE-2024-32661

Lintian issues: source

µdebs: present

Closes: 1106802

Closes: 1104548

CVEs referenced: CVE-2025-46337

Lintian issues: all

Reason: not yet fixed in unstable

CVEs referenced: CVE-2025-30224

Reason: not yet fixed in unstable

CVEs referenced: CVE-2025-30224

Closes: 1104635

CVEs referenced: CVE-2025-4215

Lintian issues: source

Reason: fix libaom encoder output validity

Request: 1107069

Closes: 1106884

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

µdebs: present

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: add Sectigo Public Server Authentication Root E46 and Sectigo Public Server Authentication Root R46

µdebs: present

Closes: 1095913

Binary debdiffs: all

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: mipsel

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5935

CVEs referenced: CVE-2025-5068 CVE-2025-5419

This upload was superseded by a more current one.

DSA: 5929

CVEs referenced: CVE-2025-5063 CVE-2025-5064 CVE-2025-5065 CVE-2025-5066 CVE-2025-5067 CVE-2025-5280 CVE-2025-5281 CVE-2025-5283

Binary debdiffs: amd64arm64armhfi386ppc64el

Lintian issues: amd64arm64armhfi386ppc64el

This upload was superseded by a more current one.

DSA: 5920

CVEs referenced: CVE-2025-4609 CVE-2025-4664

Lintian issues: amd64arm64armhfi386ppc64el

This upload was superseded by a more current one.

DSA: 5916

CVEs referenced: CVE-2025-4372

Lintian issues: amd64arm64i386ppc64el

This upload was superseded by a more current one.

DSA: 5914

CVEs referenced: CVE-2025-4050 CVE-2025-4051 CVE-2025-4052 CVE-2025-4096

Lintian issues: amd64arm64i386ppc64el

Reason: prevent DoS with crafted document [CVE-2023-26819]; prevent heap buffer overflow [CVE-2023-53154]

Request: 1107852

Closes: 1103687

CVEs referenced: CVE-2023-26819 CVE-2023-53154

Reason: fix regression handling sftp://host/~ URIs

Request: 1107902

CVEs referenced: CVE-2023-27534

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix quoting in Exim configuration; gosa-sync: fix password verification; fix quoting in gosa.conf

Request: 1107147

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix shell injection vulnerability in multihop handling [CVE-2025-47203]

Request: 1105888

CVEs referenced: CVE-2025-47203

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

µdebs: present

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix denial of service issues [CVE-2023-52425 CVE-2024-8176]; fix parser crash [CVE-2024-50602]

Request: 1102752

µdebs: present

CVEs referenced: CVE-2023-52425 CVE-2024-50602 CVE-2024-8176

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Missing builds: mips64el

DSA: 5926

CVEs referenced: CVE-2025-5263 CVE-2025-5264 CVE-2025-5266 CVE-2025-5267 CVE-2025-5268 CVE-2025-5269

Lintian issues: armhfi386

This upload was superseded by a more current one.

DSA: 5922

CVEs referenced: CVE-2025-4920 CVE-2025-4921

Lintian issues: armhfi386

DSA: 5939

CVEs referenced: CVE-2025-2760 CVE-2025-2761 CVE-2025-48797 CVE-2025-48798

Reason: fix incorrect LD_LIBRARY_PATH search in dlopen for static setuid binaries [CVE-2025-4802]; improve memory layout of structures in exp/exp10/expf functions; add an SVE implementation of memset on aarch64; improve generic implementation of memset on aarch64

Request: 1106761

µdebs: present

CVEs referenced: CVE-2025-4802

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: all

This upload was superseded by a more current one.

Reason: fix incorrect LD_LIBRARY_PATH search in dlopen for static setuid binaries [CVE-2025-4802]; improve memory layout of structures in exp/exp10/expf functions; add an SVE implementation of memset on aarch64; improve generic implementation of memset on aarch64

Request: 1106761

µdebs: present

CVEs referenced: CVE-2025-4802

Binary debdiffs: amd64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: all

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

µdebs: present

Reason: fix FTBFS caused by an expired Kerberos ticket

Missing builds: armel armhf i386 mipsel

Request: 1091842

Closes: 1076885

Binary debdiffs: allamd64arm64mips64elppc64els390x

DSA: 5941

Closes: 1106285

CVEs referenced: CVE-2025-3887

Reason: fix build on systems with a single CPU

Request: 1106328

Closes: 1105896

Binary debdiffs: amd64i386

Reason: fix build on systems with a single CPU

Request: 1106300

Closes: 1105896

Binary debdiffs: amd64

Lintian issues: allamd64

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

DSA: 5924

Closes: 1105172

CVEs referenced: CVE-2024-28956 CVE-2024-43420 CVE-2024-45332 CVE-2025-20012 CVE-2025-20054 CVE-2025-20103 CVE-2025-20623 CVE-2025-24495

Binary debdiffs: amd64i386

Reason: fix arbitrary code execution issue [CVE-2025-27516]

Request: 1105996

Closes: 1099690

CVEs referenced: CVE-2025-27516

Reason: fix path for systemd units with merged /usr; drop depedencies no longer required

Request: 1086622

µdebs: present

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

systemd change not required; do not release
         

Reason: fix message tampering issue [CVE-2025-3576]; disable issuance of tickets using RC4 or triple-DES session keys by default

Request: 1104882

Closes: 1103525

CVEs referenced: CVE-2025-3576

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5930

Closes: 1105883 1105885

CVEs referenced: CVE-2025-48174 CVE-2025-48175

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5943

CVEs referenced: CVE-2025-6019

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390xsource

Reason: fix operation with newer systemd versions

Request: 1102091

Closes: 1101745

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: mips64elmipsel

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

µdebs: present

DSA: 5936

Closes: 1107311

CVEs referenced: CVE-2011-10007

Reason: fix uninitialized variable issue

Request: 1107217

Closes: 1104900

Reason: fix out-of-bounds read issues [CVE-2025-43961 CVE-2025-43962 CVE-2025-43963]; enforce minimum w0 and w1 values [CVE-2025-43964]

Request: 1106536

Closes: 1103781 1103782 1103783

CVEs referenced: CVE-2025-43961 CVE-2025-43962 CVE-2025-43963 CVE-2025-43964

Binary debdiffs: i386

DSA: 5928

Closes: 1106689

Reason: fix arbitrary file edit issue [CVE-2025-40908]

Request: 1107116

CVEs referenced: CVE-2025-40908

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5925

µdebs: present

CVEs referenced: CVE-2024-26807 CVE-2024-35790 CVE-2024-36903 CVE-2024-36927 CVE-2024-43840 CVE-2024-53203 CVE-2024-53209 CVE-2025-21645 CVE-2025-21931 CVE-2025-22062 CVE-2025-37967

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

This upload was superseded by a more current one.

DSA: 5925

µdebs: present

CVEs referenced: CVE-2024-28956 CVE-2025-21839 CVE-2025-37819

DSA: 5925

µdebs: present

CVEs referenced: CVE-2024-26807 CVE-2024-35790 CVE-2024-36903 CVE-2024-36927 CVE-2024-43840 CVE-2024-53203 CVE-2024-53209 CVE-2025-21645 CVE-2025-21931 CVE-2025-22062 CVE-2025-37967

Binary debdiffs: amd64

Lintian issues: amd64source

This upload was superseded by a more current one.

DSA: 5925

µdebs: present

CVEs referenced: CVE-2024-28956 CVE-2025-21839 CVE-2025-37819

DSA: 5925

µdebs: present

CVEs referenced: CVE-2024-26807 CVE-2024-35790 CVE-2024-36903 CVE-2024-36927 CVE-2024-43840 CVE-2024-53203 CVE-2024-53209 CVE-2025-21645 CVE-2025-21931 CVE-2025-22062 CVE-2025-37967

Binary debdiffs: arm64

Lintian issues: arm64source

This upload was superseded by a more current one.

DSA: 5925

µdebs: present

CVEs referenced: CVE-2024-28956 CVE-2025-21839 CVE-2025-37819

DSA: 5925

µdebs: present

CVEs referenced: CVE-2024-26807 CVE-2024-35790 CVE-2024-36903 CVE-2024-36927 CVE-2024-43840 CVE-2024-53203 CVE-2024-53209 CVE-2025-21645 CVE-2025-21931 CVE-2025-22062 CVE-2025-37967

Binary debdiffs: i386

Lintian issues: i386source

This upload was superseded by a more current one.

DSA: 5925

µdebs: present

CVEs referenced: CVE-2024-28956 CVE-2025-21839 CVE-2025-37819

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Reason: new upstream stable release; security fixes [CVE-2023-52969 CVE-2023-52970 CVE-2023-52971 CVE-2025-30693 CVE-2025-30722]; fix restart after out of memory

Request: 1104874

Closes: 1073847 1084293 1099515 1100437 1100575 1105976

CVEs referenced: CVE-2023-52969 CVE-2023-52970 CVE-2023-52971 CVE-2025-30693 CVE-2025-30722

Binary debdiffs: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Lintian issues: allamd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix Python scripts

Request: 1104028

Closes: 1104027

Binary debdiffs: arm64

DSA: 5940

Closes: 1106286 1107196

CVEs referenced: CVE-2025-47947 CVE-2025-48866

Reason: fix memory leak issue [CVE-2023-28366]; fix out of bounds memory access issue [CVE-2024-10525]; fix double free issue [CVE-2024-3935]; fix possible segmentation fault issue [CVE-2024-8376]

Request: 1103927

CVEs referenced: CVE-2023-28366 CVE-2024-10525 CVE-2024-3935 CVE-2024-8376

DSA: 5923

Closes: 1106147

This upload was superseded by a more current one.

DSA: 5923

Closes: 1105806

CVEs referenced: CVE-2025-46836

Reason: fix path traversal issues [CVE-2024-12905 CVE-2025-48387]

Request: 1107568

Closes: 1101501

CVEs referenced: CVE-2024-12905 CVE-2025-48387

Reason: fix required rmp-serde version

Request: 1105816

Closes: 1078901

DSA: 5919

Closes: 1105159

CVEs referenced: CVE-2025-22247

Lintian issues: amd64arm64i386

Reason: PgCommon.pm: Set defined path in prepare_exec. Fixes compatibility with trixie's perl version

Closes: 1107154

Binary debdiffs: all

Reason: fix regular expression-based denial of service issue [CVE-2023-36053], denial of service issues [CVE-2024-38875 CVE-2024-39614 CVE-2024-41990 CVE-2024-41991], user enumeration issue [CVE-2024-39329], directory traversal issue [CVE-2024-39330], excessive memory consumption issue [CVE-2024-41989], SQL injection issue [CVE-2024-42005]

Request: 1079454

Closes: 1076069 1078074

CVEs referenced: CVE-2023-36053 CVE-2024-38875 CVE-2024-39329 CVE-2024-39330 CVE-2024-39614 CVE-2024-41989 CVE-2024-41990 CVE-2024-41991 CVE-2024-42005

Binary debdiffs: all

Lintian issues: all

autopkgtest failure in python-django-storages considered blocking for now (elbrus 2025-05-11, see the bug report)
         

DSA: 5938

Closes: 1105886

CVEs referenced: CVE-2025-47287

Reason: fix denial of service issue [CVE-2024-5569]

Request: 1105971

CVEs referenced: CVE-2024-5569

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix integer underflow issue [CVE-2024-57823]; fix heap read buffer overflow issue [CVE-2024-57822]

Request: 1105957

Closes: 1067896

CVEs referenced: CVE-2024-57822 CVE-2024-57823

DSA: 5934

Closes: 1107073

CVEs referenced: CVE-2024-42009 CVE-2025-49113

Reason: fix credential leak issue [CVE-2025-27221]; fix regular expression related denial of service issue [CVE-2023-28755]

Request: 1103926

CVEs referenced: CVE-2023-28755 CVE-2025-27221

Reason: false positive

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: fix arbitrary file write issue [CVE-2025-47273]

Request: 1106721

CVEs referenced: CVE-2025-47273

Reason: fix signature verification issue [CVE-2025-27773]

Request: 1105113

Closes: 1100595

CVEs referenced: CVE-2025-27773

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386ppc64els390x

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: mips64elmipselppc64els390x

DSA: 5931

µdebs: present

CVEs referenced: CVE-2025-4598

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5933

CVEs referenced: CVE-2024-22640 CVE-2024-22641 CVE-2024-32489 CVE-2024-51058 CVE-2024-56519 CVE-2024-56520 CVE-2024-56522 CVE-2024-56527

Missing builds: mips64el s390x

DSA: 5932

Lintian issues: i386

This upload was superseded by a more current one.

DSA: 5921

Lintian issues: i386

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5943

DSA: 5918

Missing builds: mipsel

DSA: 5937

Binary debdiffs: amd64arm64armelarmhfi386mips64elppc64els390x

Lintian issues: mips64el

Reason: fix SQL injection issue [CVE-2025-3818]

Request: 1106756

Closes: 1103780

CVEs referenced: CVE-2025-3818

Reason: fix session restrictions bypass issue [CVE-2023-40184]; fix out-of-bounds read issue [CVE-2023-42822]; fix login restrictions bypass issue [CVE-2024-39917]

Closes: 1051061 1053284 1076769

CVEs referenced: CVE-2023-40184 CVE-2023-42822 CVE-2024-39917

Lintian issues: amd64arm64armelarmhfi386mips64elmipselppc64els390x

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: ppc64el

DSA: 5927

CVEs referenced: CVE-2025-3155

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x

DSA: 5927

CVEs referenced: CVE-2025-3155

Reason: rebuild against glibc 2.36-9+deb12u12

Request: 1106777

Binary debdiffs: amd64arm64armelarmhfi386mips64elmipselppc64els390x