Queue Overview for "proposed-updates"
List of missing builds
List of missing packages relative to security archive
Resolution Pending (8 uploads for 8 packages)
| Package | Version | Version Problems | Installability Problems | Architectures | Action |
|---|---|---|---|---|---|
| 7zip | 25.01+dfsg-1~deb13u2 | Installability problems | Built: source | ? | |
|
Lintian issues: source |
|||||
| ckermit | 416~beta12-1+deb13u1 | Installability problems | Built: source |
|
|
|
Reason: waiting for confirmation from maintainer CVEs referenced: CVE-2025-68920 |
|||||
| courier | 1.4.1-3+deb13u2 | Installability problems | Built: source |
|
|
|
Reason: fixme Closes: 1132026 Lintian issues: source
no bug filed
|
|||||
| cpp-httplib | 0.18.7-1+deb13u1 | Installability problems | Built: arm64armelppc64elsource Missing: amd64armhfi386riscv64s390x | ? | |
|
DSA: 6228 Closes: 1104926 CVEs referenced: CVE-2025-46728 CVE-2025-52887 CVE-2025-53629 |
|||||
| incus | 6.0.4-2+deb13u7 | Installability problems | Built: allamd64arm64armelarmhfi386ppc64elriscv64s390xsource | ? | |
|
DSA: 6244 CVEs referenced: CVE-2026-40195 CVE-2026-40197 CVE-2026-40243 CVE-2026-40251 CVE-2026-41647 CVE-2026-41648 CVE-2026-41684 CVE-2026-41685 Binary debdiffs: all |
|||||
| shim-helpers-amd64-signed | 1+16.1+2~deb13u1 | Version problems testing (1+15.8+1) | Installability problems | Built: source | ? |
| shim-helpers-arm64-signed | 1+16.1+2~deb13u1 | Version problems testing (1+15.8+1) | Installability problems | Built: source | ? |
| systemd | 257.13-1~deb13u1 | Installability problems | Built: source | ? | |
|
Closes: 1116344 CVEs referenced: CVE-2026-29111 CVE-2026-40225 CVE-2026-40226 CVE-2026-4105 Lintian issues: source |
|||||
Pending Processing (0 uploads for 0 packages)
Processed (145 uploads for 119 packages)
| Package | Version | Version Problems | Installability Problems | Action |
|---|---|---|---|---|
| awstats | 7.9-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: prevent command injection [CVE-2025-63261] Request: 1132727 Closes: 1131878 CVEs referenced: CVE-2025-63261 Binary debdiffs: all Lintian issues: all |
||||
| bepasty | 1.2.1-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix loading pygments CSS Request: 1129951 Closes: 1124997 Binary debdiffs: all |
||||
| bind9 | 1:9.20.21-1~deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6181 CVEs referenced: CVE-2026-1519 CVE-2026-3104 CVE-2026-3119 CVE-2026-3591 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| bird2 | 2.17.1-1+deb13u2 | Installability problems | ACCEPTED | |
|
Reason: ASPA: Fix downstream validation; BGP: Fix restart behavior on reconfiguration; filters: Fix string attributes; logging: Fix error handling Request: 1132869 |
||||
| bubblewrap | 0.11.0-2+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix privilege escalation issue [CVE-2026-41163] Request: 1134965 Closes: 1134704 CVEs referenced: CVE-2026-41163 |
||||
| calibre | 8.5.0+ds-1+deb13u2 | Installability problems | ACCEPTED | |
|
Reason: fix path traversal issues [CVE-2026-25635 CVE-2026-25636 CVE-2026-26064 CVE-2026-26065]; fix code execution issue [CVE-2026-25731]; fix HTTP response header injection issue [CVE-2026-27810]; fix IP ban bypass issue [CVE-2026-27824] Missing builds: amd64 i386 Request: 1127428 CVEs referenced: CVE-2026-25635 CVE-2026-25636 CVE-2026-25731 CVE-2026-26064 CVE-2026-26065 CVE-2026-27810 CVE-2026-27824 |
||||
| chromium | 147.0.7727.137-1~deb13u1 | Version problems testing (147.0.7727.116-1) | Installability problems | ACCEPTED |
|
DSA: 6239 Closes: 1052440 CVEs referenced: CVE-2026-7333 CVE-2026-7334 CVE-2026-7335 CVE-2026-7336 CVE-2026-7337 CVE-2026-7338 CVE-2026-7339 CVE-2026-7340 CVE-2026-7341 CVE-2026-7342 CVE-2026-7343 CVE-2026-7344 CVE-2026-7345 CVE-2026-7346 CVE-2026-7347 CVE-2026-7348 CVE-2026-7349 CVE-2026-7350 CVE-2026-7351 CVE-2026-7352 CVE-2026-7353 CVE-2026-7354 CVE-2026-7355 CVE-2026-7356 CVE-2026-7357 CVE-2026-7358 CVE-2026-7359 CVE-2026-7360 CVE-2026-7361 CVE-2026-7363 Lintian issues: source |
||||
| chromium | 147.0.7727.116-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6230 Closes: 1134412 CVEs referenced: CVE-2026-6919 CVE-2026-6920 CVE-2026-6921 |
||||
| chromium | 147.0.7727.101-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6214 CVEs referenced: CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6299 CVE-2026-6300 CVE-2026-6301 CVE-2026-6302 CVE-2026-6303 CVE-2026-6304 CVE-2026-6305 CVE-2026-6306 CVE-2026-6307 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6318 CVE-2026-6319 CVE-2026-6358 CVE-2026-6359 CVE-2026-6360 CVE-2026-6361 CVE-2026-6362 CVE-2026-6363 CVE-2026-6364 |
||||
| chromium | 147.0.7727.55-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6205 Closes: 1132651 CVEs referenced: CVE-2026-5858 CVE-2026-5859 CVE-2026-5860 CVE-2026-5861 CVE-2026-5862 CVE-2026-5863 CVE-2026-5864 CVE-2026-5865 CVE-2026-5866 CVE-2026-5867 CVE-2026-5868 CVE-2026-5869 CVE-2026-5870 CVE-2026-5871 CVE-2026-5872 CVE-2026-5873 CVE-2026-5874 CVE-2026-5875 CVE-2026-5876 CVE-2026-5877 CVE-2026-5878 CVE-2026-5879 CVE-2026-5880 CVE-2026-5881 CVE-2026-5882 CVE-2026-5883 CVE-2026-5884 CVE-2026-5885 CVE-2026-5886 CVE-2026-5887 CVE-2026-5888 CVE-2026-5889 CVE-2026-5890 CVE-2026-5891 CVE-2026-5892 CVE-2026-5893 CVE-2026-5894 CVE-2026-5895 CVE-2026-5896 CVE-2026-5897 CVE-2026-5898 CVE-2026-5899 CVE-2026-5900 CVE-2026-5901 CVE-2026-5902 CVE-2026-5903 CVE-2026-5904 CVE-2026-5905 CVE-2026-5906 CVE-2026-5907 CVE-2026-5908 CVE-2026-5909 CVE-2026-5910 CVE-2026-5911 CVE-2026-5912 CVE-2026-5913 CVE-2026-5914 CVE-2026-5915 CVE-2026-5918 CVE-2026-5919 |
||||
| chromium | 146.0.7680.177-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6192 CVEs referenced: CVE-2026-5272 CVE-2026-5273 CVE-2026-5274 CVE-2026-5275 CVE-2026-5276 CVE-2026-5277 CVE-2026-5278 CVE-2026-5279 CVE-2026-5280 CVE-2026-5281 CVE-2026-5282 CVE-2026-5283 CVE-2026-5284 CVE-2026-5285 CVE-2026-5286 CVE-2026-5287 CVE-2026-5288 CVE-2026-5289 CVE-2026-5290 CVE-2026-5291 CVE-2026-5292 |
||||
| chromium | 146.0.7680.164-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6177 CVEs referenced: CVE-2026-4673 CVE-2026-4674 CVE-2026-4675 CVE-2026-4676 CVE-2026-4677 CVE-2026-4678 CVE-2026-4679 CVE-2026-4680 |
||||
| chromium | 146.0.7680.153-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6171 Closes: 1130569 CVEs referenced: CVE-2026-4439 CVE-2026-4440 CVE-2026-4441 CVE-2026-4442 CVE-2026-4443 CVE-2026-4444 CVE-2026-4445 CVE-2026-4446 CVE-2026-4447 CVE-2026-4448 CVE-2026-4449 CVE-2026-4450 CVE-2026-4451 CVE-2026-4452 CVE-2026-4453 CVE-2026-4454 CVE-2026-4455 CVE-2026-4456 CVE-2026-4457 CVE-2026-4458 CVE-2026-4459 CVE-2026-4460 CVE-2026-4461 CVE-2026-4462 CVE-2026-4463 CVE-2026-4464 |
||||
| chromium | 146.0.7680.80-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6165 CVEs referenced: CVE-2026-3909 CVE-2026-3910 |
||||
| chromium | 146.0.7680.71-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6164 CVEs referenced: CVE-2026-3913 CVE-2026-3914 CVE-2026-3915 CVE-2026-3916 CVE-2026-3917 CVE-2026-3918 CVE-2026-3919 CVE-2026-3920 CVE-2026-3921 CVE-2026-3922 CVE-2026-3923 CVE-2026-3924 CVE-2026-3925 CVE-2026-3926 CVE-2026-3927 CVE-2026-3928 CVE-2026-3929 CVE-2026-3930 CVE-2026-3931 CVE-2026-3932 CVE-2026-3934 CVE-2026-3935 CVE-2026-3936 CVE-2026-3937 CVE-2026-3938 CVE-2026-3939 CVE-2026-3940 CVE-2026-3941 CVE-2026-3942 |
||||
| curl | 8.14.1-2+deb13u3 | Installability problems | ACCEPTED | |
|
Reason: fix server certificate verification issue [CVE-2025-13034] Request: 1130040 CVEs referenced: CVE-2025-13034 Lintian issues: amd64arm64armelarmhfi386ppc64elriscv64s390xsource |
||||
| dar | 2.7.17-1+b12 | Installability problems | ACCEPTED | |
|
Reason: rebuild with updated openssl Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| distro-info-data | 0.66+deb13u2 | Installability problems | ACCEPTED | |
|
Reason: add Ubuntu 26.10 "Stonking Stingray" Request: 1134901 Lintian issues: source |
||||
| distrobuilder | 3.2-2+b6 | Installability problems | ACCEPTED | |
|
Reason: rebuild with updated incus Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| dnsdist | 1.9.14-0+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6235 CVEs referenced: CVE-2026-0396 CVE-2026-0397 CVE-2026-24028 CVE-2026-24029 CVE-2026-24030 CVE-2026-27853 CVE-2026-27854 CVE-2026-33254 CVE-2026-33257 CVE-2026-33260 CVE-2026-33593 CVE-2026-33594 CVE-2026-33595 CVE-2026-33596 CVE-2026-33597 CVE-2026-33598 CVE-2026-33599 CVE-2026-33602 Lintian issues: amd64arm64armelarmhfi386ppc64elriscv64s390xsource |
||||
| dovecot | 1:2.4.1+dfsg1-6+deb13u4 | Installability problems | ACCEPTED | |
|
DSA: 6197 CVEs referenced: CVE-2025-59028 CVE-2025-59031 CVE-2025-59032 CVE-2026-24031 CVE-2026-27855 CVE-2026-27856 CVE-2026-27857 CVE-2026-27858 CVE-2026-27859 CVE-2026-27860 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| ejabberd | 24.12-3+deb13u2 | Installability problems ppc64el riscv64 | ACCEPTED | |
|
Reason: ignore certificate purpose for incoming s2s connections Request: 1130812 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| ejabberd-contrib | 0.2025.01.11~dfsg0-2+deb13u2 | Installability problems amd64 arm64 armel armhf i386 ppc64el riscv64 s390x | ACCEPTED | |
|
Reason: rebuild with updated ejabberd Request: 1130815 Binary debdiffs: allamd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| epics-base | 7.0.8.1+dfsg1-7+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: skip failing test Request: 1135156 Closes: 1108052 |
||||
| erlang | 1:27.3.4.1+dfsg-1+deb13u2 | Installability problems | ACCEPTED | |
|
Reason: fix path traversal issues [CVE-2026-21620 CVE-2026-23942[; fix HTTP request smuggling issue [CVE-2026-23941]; fix denial of service issue [CVE-2026-23943] Request: 1132321 CVEs referenced: CVE-2026-21620 CVE-2026-23941 CVE-2026-23942 CVE-2026-23943 Binary debdiffs: all Lintian issues: allamd64arm64armelarmhfi386ppc64elriscv64s390xsource |
||||
| erlang-p1-tls | 1.1.22-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: accept client certificates without sslpurpose flag Request: 1130813 Closes: 1127369 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| feed2toot | 0.17-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: ensure compatibility with Python 3.13 Request: 1130050 Closes: 1118778 Binary debdiffs: all Lintian issues: source |
||||
| firefox-esr | 140.10.1esr-1~deb13u1 | Version problems testing (140.10.0esr-1) | Installability problems all | ACCEPTED |
|
DSA: 6236 CVEs referenced: CVE-2026-7320 CVE-2026-7321 CVE-2026-7322 CVE-2026-7323 |
||||
| firefox-esr | 140.10.0esr-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6225 CVEs referenced: CVE-2026-6746 CVE-2026-6747 CVE-2026-6748 CVE-2026-6749 CVE-2026-6750 CVE-2026-6751 CVE-2026-6752 CVE-2026-6753 CVE-2026-6754 CVE-2026-6757 CVE-2026-6761 CVE-2026-6762 CVE-2026-6763 CVE-2026-6764 CVE-2026-6765 CVE-2026-6766 CVE-2026-6767 CVE-2026-6769 CVE-2026-6770 CVE-2026-6771 CVE-2026-6772 CVE-2026-6776 CVE-2026-6785 CVE-2026-6786 |
||||
| firefox-esr | 140.9.1esr-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6202 CVEs referenced: CVE-2026-5731 CVE-2026-5732 CVE-2026-5734 |
||||
| firefox-esr | 140.9.0esr-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6178 CVEs referenced: CVE-2025-59375 CVE-2026-4684 CVE-2026-4685 CVE-2026-4686 CVE-2026-4688 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695 CVE-2026-4696 CVE-2026-4697 CVE-2026-4698 CVE-2026-4699 CVE-2026-4700 CVE-2026-4701 CVE-2026-4702 CVE-2026-4704 CVE-2026-4705 CVE-2026-4706 CVE-2026-4707 CVE-2026-4708 CVE-2026-4709 CVE-2026-4710 CVE-2026-4713 CVE-2026-4714 CVE-2026-4715 CVE-2026-4716 CVE-2026-4717 CVE-2026-4718 CVE-2026-4719 CVE-2026-4720 CVE-2026-4721 |
||||
| flatpak | 1.16.6-1~deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6207 Closes: 1132943 1132944 1132945 1132946 CVEs referenced: CVE-2026-34078 CVE-2026-34079 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x Lintian issues: source |
||||
| freeciv | 3.1.4+ds-2+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6173 CVEs referenced: CVE-2026-33250 |
||||
| freerdp3 | 3.15.0+dfsg-2.1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix issues with large certificates; fix clipboard paste issue; fix segmentation fault issue [CVE-2025-4478]; fix use-after-free issues [CVE-2026-22851 CVE-2026-22856 CVE-2026-22857 CVE-2026-23883 CVE-2026-23884 CVE-2026-24491 CVE-2026-24675 CVE-2026-24676 CVE-2026-24678 CVE-2026-24680 CVE-2026-24681 CVE-2026-24683 CVE-2026-24684 CVE-2026-25952 CVE-2026-25953 CVE-2026-25954 CVE-2026-25955 CVE-2026-25959 CVE-2026-25997 CVE-2026-26986]; fix buffer overflow issues [CVE-2026-22852 CVE-2026-22853 CVE-2026-22854 CVE-2026-23530 CVE-2026-23531 CVE-2026-23532 CVE-2026-23533 CVE-2026-23534 CVE-2026-23732]; fix out-of-bounds read issues [CVE-2026-22855 CVE-2026-22859 CVE-2026-24677 CVE-2026-24679 CVE-2026-24682 CVE-2026-25941 CVE-2026-25942]; fix buffer underflow issues [CVE-2026-22858 CVE-2026-26955]; fix null pointer dereference issue [CVE-2026-23948]; fix buffer over-read issue [CVE-2026-26271; fix out-of-bounds write issue [CVE-2026-26965]; fix denial of service issue [CVE-2026-27015] Missing builds: i386 riscv64 Request: 1127479 CVEs referenced: CVE-2025-4478 CVE-2026-22851 CVE-2026-22852 CVE-2026-22853 CVE-2026-22854 CVE-2026-22855 CVE-2026-22856 CVE-2026-22857 CVE-2026-22858 CVE-2026-22859 CVE-2026-23530 CVE-2026-23531 CVE-2026-23532 CVE-2026-23533 CVE-2026-23534 CVE-2026-23732 CVE-2026-23883 CVE-2026-23884 CVE-2026-23948 CVE-2026-24491 CVE-2026-24675 CVE-2026-24676 CVE-2026-24677 CVE-2026-24678 CVE-2026-24679 CVE-2026-24680 CVE-2026-24681 CVE-2026-24682 CVE-2026-24683 CVE-2026-24684 CVE-2026-25941 CVE-2026-25942 CVE-2026-25952 CVE-2026-25953 CVE-2026-25954 CVE-2026-25955 CVE-2026-25959 CVE-2026-25997 CVE-2026-26271 CVE-2026-26955 CVE-2026-26965 CVE-2026-26986 CVE-2026-27015 |
||||
| freetype | 2.13.3+dfsg-1+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6168 µdebs: present Closes: 1129606 CVEs referenced: CVE-2026-23865 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| gdk-pixbuf | 2.42.12+dfsg-4+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6206 µdebs: present Closes: 1132501 CVEs referenced: CVE-2026-5201 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| gimp | 3.0.4-3+deb13u8 | Installability problems | ACCEPTED | |
|
DSA: 6215 CVEs referenced: CVE-2026-4150 CVE-2026-4151 CVE-2026-4152 CVE-2026-4153 |
||||
| git-lfs | 3.6.1-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix arbitrary file write issue [CVE-2025-26625] Request: 1134421 Closes: 1118339 CVEs referenced: CVE-2025-26625 Binary debdiffs: all |
||||
| glance | 2:30.0.0-3+deb13u2 | Installability problems | ACCEPTED | |
|
Reason: fix build failure Request: 1132768 |
||||
| glance | 2:30.0.0-3+deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. Reason: fix server-side request forgery issue [CVE-2026-34881] Request: 1132768 Closes: 1131274 CVEs referenced: CVE-2026-34881 |
||||
| glib2.0 | 2.84.4-3~deb13u3 | Installability problems | ACCEPTED | |
|
Reason: fix timezone handling with Debian & Ubuntu's symlinks; fix missing input validation in g_buffered_input_stream_peek [CVE-2026-0988]; fix integer overflow in base64 encoding [CVE-2026-1484]; fix buffer underflow vulnerability in content type parsing [CVE-2026-1485]; fix integer overflow in unicode conversion [CVE-2026-1489] Request: 1128227 µdebs: present Closes: 1119919 1125752 1126549 1126550 1126551 CVEs referenced: CVE-2026-0988 CVE-2026-1484 CVE-2026-1485 CVE-2026-1489 Lintian issues: source |
||||
| gnutls28 | 3.8.9-3+deb13u3 | Installability problems | ACCEPTED | |
|
Reason: Preserve extension order across client Hello retry Request: 1130735 Closes: 1130152 |
||||
| gst-plugins-bad1.0 | 1.26.2-3+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6190 CVEs referenced: CVE-2026-2923 CVE-2026-3081 CVE-2026-3082 CVE-2026-3084 CVE-2026-3086 |
||||
| gst-plugins-base1.0 | 1.26.2-1+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6167 CVEs referenced: CVE-2026-2921 |
||||
| gst-plugins-ugly1.0 | 1.26.3-4+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6191 CVEs referenced: CVE-2026-2920 CVE-2026-2922 Binary debdiffs: s390x |
||||
| gvfs | 1.57.2-2+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: use control connection address for PASV data [CVE-2026-28295]; reject paths containing CR/LF characters [CVE-2026-28296] Request: 1132174 CVEs referenced: CVE-2026-28295 CVE-2026-28296 |
||||
| heimdal | 7.8.git20221117.28daf24+dfsg-9+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix memory leak in heimdal-clients; add build dependency on libcrypt-dev Request: 1130553 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| imagemagick | 8:7.1.1.43+dfsg1-1+deb13u8 | Installability problems | ACCEPTED | |
|
DSA: 6240 CVEs referenced: CVE-2026-32636 CVE-2026-33535 CVE-2026-33536 CVE-2026-33899 CVE-2026-33900 CVE-2026-33901 CVE-2026-33902 CVE-2026-33905 CVE-2026-33908 CVE-2026-34238 CVE-2026-40169 CVE-2026-40183 CVE-2026-40310 CVE-2026-40311 CVE-2026-40312 Lintian issues: allamd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| imagemagick | 8:7.1.1.43+dfsg1-1+deb13u7 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6169 CVEs referenced: CVE-2026-28493 CVE-2026-28494 CVE-2026-28686 CVE-2026-28687 CVE-2026-28688 CVE-2026-28689 CVE-2026-28690 CVE-2026-28691 CVE-2026-28692 CVE-2026-28693 CVE-2026-30883 CVE-2026-30929 CVE-2026-30931 CVE-2026-30935 CVE-2026-30936 CVE-2026-30937 CVE-2026-31853 CVE-2026-32259 |
||||
| imagemagick | 8:7.1.1.43+dfsg1-1+deb13u6 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6158 CVEs referenced: CVE-2026-24481 CVE-2026-24484 CVE-2026-24485 CVE-2026-25576 CVE-2026-25637 CVE-2026-25638 CVE-2026-25794 CVE-2026-25795 CVE-2026-25796 CVE-2026-25797 CVE-2026-25798 CVE-2026-25799 CVE-2026-25897 CVE-2026-25898 CVE-2026-25965 CVE-2026-25966 CVE-2026-25967 CVE-2026-25968 CVE-2026-25969 CVE-2026-25970 CVE-2026-25971 CVE-2026-25982 CVE-2026-25983 CVE-2026-25985 CVE-2026-25986 CVE-2026-25987 CVE-2026-25988 CVE-2026-25989 CVE-2026-26066 CVE-2026-26283 CVE-2026-26284 CVE-2026-26983 CVE-2026-27798 CVE-2026-27799 |
||||
| incus | 6.0.4-2+deb13u6 | Installability problems | ACCEPTED | |
|
DSA: 6212 CVEs referenced: CVE-2026-34178 CVE-2026-34179 |
||||
| incus | 6.0.4-2+deb13u5 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6184 CVEs referenced: CVE-2026-28384 CVE-2026-33542 CVE-2026-33743 CVE-2026-33897 |
||||
| inetutils | 2:2.6-3+deb13u3 | Installability problems | ACCEPTED | |
|
DSA: 6193 CVEs referenced: CVE-2026-24061 CVE-2026-32746 CVE-2026-32772 Binary debdiffs: arm64 |
||||
| jpeg-xl | 0.11.2-0.1~deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix uninitialised memory read issues [CVE-2025-12474 CVE-2026-1837]; fix cross build failure; fix "nojava" build profile; fix build on big-endian architectures Missing builds: armel riscv64 Request: 1135145 Closes: 1092659 1110508 1110520 1114914 1123400 1128067 1128068 CVEs referenced: CVE-2025-12474 CVE-2026-1837 |
||||
| jtreg7 | 7.5.2+1+ds2-3~deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6231 Binary debdiffs: all Lintian issues: source |
||||
| kpackage | 5.116.0-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: skip flaky test Request: 1134828 Closes: 1031061 |
||||
| libcap2 | 1:2.75-10+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix time of check / time of use issue [CVE-2026-4878] Request: 1132991 µdebs: present CVEs referenced: CVE-2026-4878 Lintian issues: all |
||||
| libcdio | 2.2.0-4.1~deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix buffer overflow issue [CVE-2024-36600] Request: 1134262 Closes: 1129256 CVEs referenced: CVE-2024-36600 |
||||
| libcryptx-perl | 0.085-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix "Crypt::PK key generation is not fork safe and will generate identical keys" [CVE-2026-41564] Request: 1134802 CVEs referenced: CVE-2026-41564 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| libdatetime-timezone-perl | 1:2.65-1+2026a | Installability problems | ACCEPTED | |
|
Reason: update to database 2026a Request: 1131470 |
||||
| libnet-cidr-lite-perl | 0.22-3~deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix ACL bypass issues [CVE-2026-40198 CVE-2026-40199] Request: 1133269 CVEs referenced: CVE-2026-40198 CVE-2026-40199 |
||||
| libpng1.6 | 1.6.48-1+deb13u4 | Installability problems | ACCEPTED | |
|
DSA: 6189 µdebs: present CVEs referenced: CVE-2026-33416 CVE-2026-33636 |
||||
| libreoffice-texmaths | 0.49-1.1~deb13u1 | Installability problems | ACCEPTED | |
|
Reason: add dependency on dvipng/dvisvgm Request: 1130821 Binary debdiffs: all |
||||
| libvncserver | 0.9.15+dfsg-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix out of bounds read issue [CVE-2026-32853]; fix NULL pointer dereference issue [CVE-2026-32854] Request: 1132878 CVEs referenced: CVE-2026-32853 CVE-2026-32854 |
||||
| libxml-parser-perl | 2.47-2~deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6182 Closes: 378412 CVEs referenced: CVE-2006-10002 CVE-2006-10003 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| libyaml-syck-perl | 1.34-2+deb13u2 | Installability problems | ACCEPTED | |
|
DSA: 6175 CVEs referenced: CVE-2026-4177 |
||||
| linux | 6.12.85-1 | Installability problems | ACCEPTED | |
|
DSA: 6238 µdebs: present Closes: 1127612 1130930 1132622 CVEs referenced: CVE-2024-14027 CVE-2025-22117 CVE-2025-38426 CVE-2025-38627 CVE-2025-39764 CVE-2025-40005 CVE-2025-40135 CVE-2025-40147 CVE-2025-40150 CVE-2025-68239 CVE-2025-68334 CVE-2025-68736 CVE-2025-71152 CVE-2025-71161 CVE-2025-71221 CVE-2025-71269 CVE-2026-22981 CVE-2026-22985 CVE-2026-22986 CVE-2026-22993 CVE-2026-23070 CVE-2026-23104 CVE-2026-23138 CVE-2026-23157 CVE-2026-23210 CVE-2026-23226 CVE-2026-23227 CVE-2026-23231 CVE-2026-23239 CVE-2026-23240 CVE-2026-23245 CVE-2026-23255 CVE-2026-23274 CVE-2026-23276 CVE-2026-23277 CVE-2026-23278 CVE-2026-23281 CVE-2026-23364 CVE-2026-23368 CVE-2026-23375 CVE-2026-23386 CVE-2026-23389 CVE-2026-23391 CVE-2026-23392 CVE-2026-23393 CVE-2026-23395 CVE-2026-23396 CVE-2026-23397 CVE-2026-23398 CVE-2026-23399 CVE-2026-23401 CVE-2026-23414 CVE-2026-23417 CVE-2026-23442 CVE-2026-31407 CVE-2026-31431 CVE-2026-31531 CVE-2026-31532 CVE-2026-31628 CVE-2026-31786 CVE-2026-31787 CVE-2026-31788 Binary debdiffs: allamd64arm64armelarmhfi386ppc64elriscv64s390x Lintian issues: allamd64arm64armelarmhfi386ppc64elriscv64s390xsource |
||||
| linux | 6.12.74-2 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6162 µdebs: present |
||||
| linux-signed-amd64 | 6.12.85+1 | Installability problems amd64 | ACCEPTED | |
|
DSA: 6238 µdebs: present Closes: 1127612 1130930 1132622 CVEs referenced: CVE-2024-14027 CVE-2025-22117 CVE-2025-38426 CVE-2025-38627 CVE-2025-39764 CVE-2025-40005 CVE-2025-40135 CVE-2025-40147 CVE-2025-40150 CVE-2025-68239 CVE-2025-68334 CVE-2025-68736 CVE-2025-71152 CVE-2025-71161 CVE-2025-71221 CVE-2025-71269 CVE-2026-22981 CVE-2026-22985 CVE-2026-22986 CVE-2026-22993 CVE-2026-23070 CVE-2026-23104 CVE-2026-23138 CVE-2026-23157 CVE-2026-23210 CVE-2026-23226 CVE-2026-23227 CVE-2026-23231 CVE-2026-23239 CVE-2026-23240 CVE-2026-23245 CVE-2026-23255 CVE-2026-23274 CVE-2026-23276 CVE-2026-23277 CVE-2026-23278 CVE-2026-23281 CVE-2026-23364 CVE-2026-23368 CVE-2026-23375 CVE-2026-23386 CVE-2026-23389 CVE-2026-23391 CVE-2026-23392 CVE-2026-23393 CVE-2026-23395 CVE-2026-23396 CVE-2026-23397 CVE-2026-23398 CVE-2026-23399 CVE-2026-23401 CVE-2026-23414 CVE-2026-23417 CVE-2026-23442 CVE-2026-31407 CVE-2026-31431 CVE-2026-31531 CVE-2026-31532 CVE-2026-31628 CVE-2026-31786 CVE-2026-31787 CVE-2026-31788 Binary debdiffs: amd64 |
||||
| linux-signed-amd64 | 6.12.74+2 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6162 µdebs: present |
||||
| linux-signed-arm64 | 6.12.85+1 | Installability problems arm64 | ACCEPTED | |
|
DSA: 6238 µdebs: present Closes: 1127612 1130930 1132622 CVEs referenced: CVE-2024-14027 CVE-2025-22117 CVE-2025-38426 CVE-2025-38627 CVE-2025-39764 CVE-2025-40005 CVE-2025-40135 CVE-2025-40147 CVE-2025-40150 CVE-2025-68239 CVE-2025-68334 CVE-2025-68736 CVE-2025-71152 CVE-2025-71161 CVE-2025-71221 CVE-2025-71269 CVE-2026-22981 CVE-2026-22985 CVE-2026-22986 CVE-2026-22993 CVE-2026-23070 CVE-2026-23104 CVE-2026-23138 CVE-2026-23157 CVE-2026-23210 CVE-2026-23226 CVE-2026-23227 CVE-2026-23231 CVE-2026-23239 CVE-2026-23240 CVE-2026-23245 CVE-2026-23255 CVE-2026-23274 CVE-2026-23276 CVE-2026-23277 CVE-2026-23278 CVE-2026-23281 CVE-2026-23364 CVE-2026-23368 CVE-2026-23375 CVE-2026-23386 CVE-2026-23389 CVE-2026-23391 CVE-2026-23392 CVE-2026-23393 CVE-2026-23395 CVE-2026-23396 CVE-2026-23397 CVE-2026-23398 CVE-2026-23399 CVE-2026-23401 CVE-2026-23414 CVE-2026-23417 CVE-2026-23442 CVE-2026-31407 CVE-2026-31431 CVE-2026-31531 CVE-2026-31532 CVE-2026-31628 CVE-2026-31786 CVE-2026-31787 CVE-2026-31788 Binary debdiffs: arm64 |
||||
| linux-signed-arm64 | 6.12.74+2 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6162 µdebs: present |
||||
| luanti | 5.10.0+dfsg-5+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6217 |
||||
| lxd | 5.0.2+git20231211.1364ae4-9+deb13u5 | Installability problems | ACCEPTED | |
|
DSA: 6213 CVEs referenced: CVE-2026-34177 CVE-2026-34178 CVE-2026-34179 Lintian issues: all |
||||
| lxd | 5.0.2+git20231211.1364ae4-9+deb13u4 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6188 CVEs referenced: CVE-2026-28384 CVE-2026-33542 CVE-2026-33897 Lintian issues: all |
||||
| mailman-suite | 0+20240312-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: add django.contrib.humanize to recommended apps in sample config Request: 1120015 Closes: 1116708 Binary debdiffs: all |
||||
| mediawiki | 1:1.43.8+dfsg-1~deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6208 CVEs referenced: CVE-2026-34086 CVE-2026-34087 CVE-2026-34088 CVE-2026-34089 CVE-2026-34090 CVE-2026-34091 CVE-2026-34092 CVE-2026-34093 CVE-2026-34094 CVE-2026-34095 CVE-2026-5266 Binary debdiffs: all |
||||
| multipart | 1.2.1-2+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6161 CVEs referenced: CVE-2026-28356 |
||||
| mumble | 1.5.735-5+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix Opus buffer overrun leading to crash Request: 1131017 Closes: 1129178 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| mupdf | 1.25.1+ds1-6+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6218 Closes: 1133189 CVEs referenced: CVE-2026-3308 |
||||
| netatalk | 4.2.3~ds-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix authentication in complex AD environments Request: 1117453 Closes: 1111652 |
||||
| netty | 1:4.1.48-10+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6160 Closes: 1111105 1113994 1118282 1123606 CVEs referenced: CVE-2025-55163 CVE-2025-58056 CVE-2025-58057 CVE-2025-59419 CVE-2025-67735 Binary debdiffs: all Lintian issues: source |
||||
| nginx | 1.26.3-3+deb13u3 | Installability problems | ACCEPTED | |
|
Reason: fix buffer overflow issues [CVE-2026-27654 CVE-2026-27784 CVE-2026-32647]; fix session authentication issues [CVE-2026-27651 CVE-2026-28753]; fix OCSP result bypass issue [CVE-2026-28755] Request: 1132345 CVEs referenced: CVE-2026-27651 CVE-2026-27654 CVE-2026-27784 CVE-2026-28753 CVE-2026-28755 CVE-2026-32647 Binary debdiffs: armhf |
||||
| ngtcp2 | 1.11.0-1+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6222 Closes: 1134197 CVEs referenced: CVE-2026-40170 |
||||
| node-flatted | 3.2.7~ds-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix prototype pollution issue [CVE-2026-33228] Request: 1131505 Closes: 1131462 CVEs referenced: CVE-2026-33228 |
||||
| node-node-rsa | 1.1.1-5+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix builds with OpenSSL 3 Request: 1131339 Closes: 1117354 |
||||
| node-tar | 6.2.1+~cs7.0.8-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: properly sanitize absolute linkpaths [CVE-2026-23745]; normalize out unicode ligatures [CVE-2026-23950]; properly sanitize hard links containing '..' [CVE-2026-24842]; prevent hardlinking to files outside the extraction root [CVE-2026-26960]; strip leading '/' before sanitizing '..' [CVE-2026-29786]; prevent escaping symlinks with drive-relative paths [CVE-2026-31802] Request: 1131776 Closes: 1129378 CVEs referenced: CVE-2026-23745 CVE-2026-23950 CVE-2026-24842 CVE-2026-26960 CVE-2026-29786 CVE-2026-31802 Binary debdiffs: all |
||||
| nodejs | 20.19.2+dfsg-1+deb13u2 | Installability problems | ACCEPTED | |
|
DSA: 6183 CVEs referenced: CVE-2026-21637 CVE-2026-21710 CVE-2026-21713 CVE-2026-21714 CVE-2026-21715 CVE-2026-21716 CVE-2026-21717 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x Lintian issues: allamd64arm64armelarmhfi386ppc64elriscv64s390xsource |
||||
| nodejs | 20.19.2+dfsg-1+deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6166 CVEs referenced: CVE-2025-23085 CVE-2025-55130 CVE-2025-55131 CVE-2025-55132 CVE-2025-59465 CVE-2025-59466 CVE-2026-21637 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| ntfs-3g | 1:2022.10.3-5+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6221 µdebs: present CVEs referenced: CVE-2026-40706 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| numba | 0.61.2+dfsg-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: conditionally skip tests requiring more CPUs than available Request: 1135265 Closes: 1108051 |
||||
| opam | 2.3.0-1+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6216 |
||||
| openjdk-21 | 21.0.11+10-1~deb13u2 | Installability problems amd64 arm64 armel armhf i386 ppc64el riscv64 s390x | ACCEPTED | |
|
DSA: 6231 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x Lintian issues: source |
||||
| openjdk-21 | 21.0.11+10-1~deb13u1 | Installability problems armel riscv64 | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6231 |
||||
| openssh | 1:10.0p1-7+deb13u2 | Installability problems | ACCEPTED | |
|
DSA: 6204 µdebs: present Closes: 1130595 CVEs referenced: CVE-2026-3497 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x Lintian issues: source |
||||
| openssl | 3.5.5-1~deb13u2 | Installability problems | ACCEPTED | |
|
DSA: 6201 µdebs: present Closes: 1130650 CVEs referenced: CVE-2026-2673 CVE-2026-28387 CVE-2026-28389 CVE-2026-28390 CVE-2026-31789 CVE-2026-31790 |
||||
| orca | 48.1-1+deb13u2 | Installability problems | ACCEPTED | |
|
Reason: remove lightdm wrapper on package removal Request: 1135300 Closes: 826542 Binary debdiffs: all |
||||
| packagekit | 1.3.1-1+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6226 Binary debdiffs: s390x |
||||
| pdns | 4.9.14-0+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6233 CVEs referenced: CVE-2026-33257 CVE-2026-33260 CVE-2026-33608 CVE-2026-33609 CVE-2026-33610 CVE-2026-33611 Binary debdiffs: s390x |
||||
| pdns-recursor | 5.2.9-0+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6234 CVEs referenced: CVE-2026-33257 CVE-2026-33258 CVE-2026-33259 CVE-2026-33260 CVE-2026-33261 CVE-2026-33600 CVE-2026-33601 |
||||
| phosh | 0.46.0-3+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: cell-broadcast-prompt: close dialog on swipe; strip whitespace; wifi-network: don't unconditionally overwrite active access point; don't set active indicator visible Request: 1132011 |
||||
| php-league-commonmark | 2.7.0-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix DisallowedRawHtml bypass via newline/tab in tag names [CVE-2026-30838]; fix DomainFilteringAdapter hostname boundary bypass [CVE-2026-33347] Request: 1132185 CVEs referenced: CVE-2026-30838 CVE-2026-33347 |
||||
| php-phpseclib | 2.0.48-3+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6186 Closes: 1131483 CVEs referenced: CVE-2026-32935 |
||||
| php-phpseclib3 | 3.0.43-2+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6187 Closes: 1131482 CVEs referenced: CVE-2026-32935 |
||||
| phpseclib | 1.0.23-6+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6185 Closes: 1131485 CVEs referenced: CVE-2026-32935 |
||||
| pillow | 11.1.0-5+deb13u2 | Installability problems | ACCEPTED | |
|
DSA: 6219 CVEs referenced: CVE-2026-40192 |
||||
| proftpd-dfsg | 1.3.8.c+dfsg-4+deb13u2 | Installability problems | ACCEPTED | |
|
Reason: fix SQL injection issue [CVE-2026-42167] Request: 1135374 Closes: 1135119 CVEs referenced: CVE-2026-42167 Lintian issues: source |
||||
| pyasn1 | 0.6.1-1+deb13u2 | Installability problems | ACCEPTED | |
|
DSA: 6194 Closes: 1131371 CVEs referenced: CVE-2026-30922 |
||||
| pymupdf | 1.25.4+ds1-3+deb13u1 | Installability problems c-i failed: pymupdf/1.25.4+ds1-3+deb13u1 [amd64] pymupdf/1.25.4+ds1-3+deb13u1 [arm64] pymupdf/1.25.4+ds1-3+deb13u1 [i386] pymupdf/1.25.4+ds1-3+deb13u1 [ppc64el] pymupdf/1.25.4+ds1-3+deb13u1 [riscv64] pymupdf/1.25.4+ds1-3+deb13u1 [s390x] | ACCEPTED | |
|
Reason: improve safety of 'pymupdf embed-extract' when dealing with existing files [CVE-2026-3029] Request: 1131610 CVEs referenced: CVE-2026-3029 |
||||
| python-aiohttp | 3.11.16-1+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6241 CVEs referenced: CVE-2025-69223 CVE-2025-69224 CVE-2025-69225 CVE-2025-69226 CVE-2025-69227 CVE-2025-69228 CVE-2025-69229 |
||||
| python-authlib | 1.6.0-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix cross-site request forgery issue [CVE-2025-68158]; fix denial of service issues [CVE-2025-62706 CVE-2025-61920]; fix policy bypass issue [CVE-2025-59420] Request: 1129477 CVEs referenced: CVE-2025-59420 CVE-2025-61920 CVE-2025-62706 CVE-2025-68158 |
||||
| python-bottle-sqlite | 0.2.0-4+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix compaibility with Python 3.11+ Request: 1132590 Closes: 1132009 Binary debdiffs: all |
||||
| python-ldap | 3.4.4-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix insufficient escaping issue [CVE-2025-61911]; fix denial of service issue [CVE-2025-61912] Request: 1132935 CVEs referenced: CVE-2025-61911 CVE-2025-61912 Binary debdiffs: all |
||||
| python-oslo.db | 17.2.1-2+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix compatibility with newer mariadb versions Request: 1110851 |
||||
| python-tornado | 6.4.2-3+deb13u2 | Installability problems | ACCEPTED | |
|
DSA: 6195 CVEs referenced: CVE-2025-67725 |
||||
| python3.13 | 3.13.5-2+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix header injection issues [CVE-2025-11468 CVE-2025-15282 CVE-2026-0672 CVE-2026-0865 CVE-2026-1299]; fix denial of service issues [CVE-2025-12084 CVE-2025-13836 CVE-2025-13837 CVE-2025-6069 CVE-2025-6075 CVE-2025-8194]; fix incorrect parsing of TarInfo header [CVE-2025-13462]; fix insufficient validation in zipFile [CVE-2025-8291]; fix missing sys.audit invocation [CVE-2026-2297] Missing builds: all amd64 arm64 armel armhf i386 ppc64el riscv64 s390x Request: 1132941 Closes: 1124764 1126740 1126745 1126762 1126780 1126787 CVEs referenced: CVE-2025-11468 CVE-2025-12084 CVE-2025-13462 CVE-2025-13836 CVE-2025-13837 CVE-2025-15282 CVE-2025-6069 CVE-2025-6075 CVE-2025-8194 CVE-2025-8291 CVE-2026-0672 CVE-2026-0865 CVE-2026-1299 CVE-2026-2297 |
||||
| request-tracker5 | 5.0.7+dfsg-4+deb13u2 | Installability problems | ACCEPTED | |
|
Reason: fix builds of CKEditor when firefox is >= 148 Request: 1130053 Closes: 1129090 Lintian issues: source |
||||
| roundcube | 1.6.15+dfsg-0+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6196 CVEs referenced: CVE-2026-35537 CVE-2026-35538 CVE-2026-35539 CVE-2026-35540 CVE-2026-35541 CVE-2026-35542 CVE-2026-35543 CVE-2026-35544 CVE-2026-35545 |
||||
| ruby-rack | 3.1.20-0+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6180 CVEs referenced: CVE-2026-22860 CVE-2026-25500 Binary debdiffs: all Lintian issues: source |
||||
| sed | 4.9-2+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix time of check / time of use issue [CVE-2026-5958] Request: 1135112 Closes: 1134495 CVEs referenced: CVE-2026-5958 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| shim | 16.1-2~deb13u1 | Version problems testing (15.8-1) | Installability problems | ACCEPTED |
|
Reason: new upstream release; build with default gcc; set SBAT revocation level to 2025021800 Missing lock-step packages: shim-helpers-amd64-signed shim-helpers-arm64-signed shim-signed Request: 1131861 Lintian issues: source |
||||
| simpleeval | 1.0.3-1+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6220 Closes: 1130875 CVEs referenced: CVE-2026-32640 Binary debdiffs: all |
||||
| snapd | 2.68.3-3+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6170 Closes: 1131120 CVEs referenced: CVE-2026-3888 |
||||
| spip | 4.4.13+dfsg-0+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6174 |
||||
| stayrtr | 0.6.2-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: stop serving stale VRPs when the validator is stuck; use Restart=on-abnormal instead of on-abort Request: 1124638 |
||||
| strongswan | 6.0.1-6+deb13u5 | Installability problems | ACCEPTED | |
|
DSA: 6227 CVEs referenced: CVE-2026-35328 CVE-2026-35329 CVE-2026-35330 CVE-2026-35331 CVE-2026-35332 CVE-2026-35333 CVE-2026-35334 |
||||
| strongswan | 6.0.1-6+deb13u4 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6176 CVEs referenced: CVE-2026-25075 |
||||
| suricata | 1:7.0.10-1+deb13u4 | Installability problems | ACCEPTED | |
|
Reason: fix denial of service issues [CVE-2026-31932 CVE-2026-31933 CVE-2026-31935 CVE-2026-31937] Request: 1134685 CVEs referenced: CVE-2026-31932 CVE-2026-31933 CVE-2026-31935 CVE-2026-31937 |
||||
| sylpheed | 3.8.0~beta1-2+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: add link check to address [CVE-2021-37746] Request: 1130207 CVEs referenced: CVE-2021-37746 |
||||
| thunderbird | 1:140.10.1esr-1~deb13u1 | Version problems testing (1:140.10.0esr-1) | Installability problems | ACCEPTED |
|
DSA: 6242 |
||||
| thunderbird | 1:140.10.0esr-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6229 |
||||
| thunderbird | 1:140.9.1esr-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6211 |
||||
| thunderbird | 1:140.9.0esr-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6179 |
||||
| tiff | 4.7.0-3+deb13u2 | Installability problems | ACCEPTED | |
|
DSA: 6203 Closes: 1132632 CVEs referenced: CVE-2026-4775 |
||||
| toil | 8.0.0-5+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: conditionally skip tests requiring more CPUs than available Request: 1135228 Closes: 1108056 |
||||
| tor | 0.4.9.6-0+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6200 Binary debdiffs: all |
||||
| tzdata | 2026b-0+deb13u1 | Installability problems c-i failed: golang-github-xenolf-lego/4.9.1-2 [arm64] prometheus-alertmanager/0.28.1+ds-1 [i386] | ACCEPTED | |
|
Reason: new upstream release; update data for British Columbia Request: 1135177 |
||||
| unbound | 1.22.0-2+deb13u2 | Installability problems | ACCEPTED | |
|
Reason: never try TLS to reach root nameservers Request: 1130863 Closes: 1129922 |
||||
| user-mode-linux | 6.12um1+b13 | Installability problems | ACCEPTED | |
|
Reason: rebuild with updated Linux |
||||
| valkey | 8.1.1+dfsg1-3+deb13u2 | Installability problems | ACCEPTED | |
|
DSA: 6198 Closes: 1130911 CVEs referenced: CVE-2025-67733 CVE-2026-21863 Lintian issues: source |
||||
| vips | 8.16.1-1+deb13u1 | Installability problems | ACCEPTED | |
|
Reason: fix buffer overflow issues [CVE-2026-2913 CVE-2026-3147 CVE-2026-3281]; fix memory corruption issue [CVE-2026-3145]; fix null pointer dereference issue [CVE-2026-3146]; fix out of bound read issues [CVE-2026-3282 CVE-2026-3283]; fix integer overflow issue [CVE-2026-3284] Request: 1132858 Closes: 1128785 1129310 1129311 1129312 1129314 1129315 CVEs referenced: CVE-2026-2913 CVE-2026-3145 CVE-2026-3146 CVE-2026-3147 CVE-2026-3281 CVE-2026-3282 CVE-2026-3283 CVE-2026-3284 Binary debdiffs: s390x |
||||
| webkit2gtk | 2.52.3-2~deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6232 Binary debdiffs: allamd64arm64armelarmhfi386ppc64elriscv64s390x Lintian issues: source |
||||
| webkit2gtk | 2.50.6-1~deb13u1 | Installability problems | ACCEPTED | |
|
This upload was superseded by a more current one. DSA: 6172 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| xdg-dbus-proxy | 0.1.6-1+deb13u1 | Installability problems | ACCEPTED | |
|
DSA: 6209 Closes: 1132939 CVEs referenced: CVE-2026-34080 Binary debdiffs: amd64arm64armelarmhfi386ppc64elriscv64s390x |
||||
| xorg-server | 2:21.1.16-1.3+deb13u2 | Installability problems c-i failed: mystiq/20.03.23-3 [riscv64] yoshimi/2.3.3.3-1 [i386] | ACCEPTED | |
|
Reason: fix buffer re-use issue [CVE-2026-33999]; fix / improve bounds checking [CVE-2026-34000 CVE-2026-34003]; fix use after free issue [CVE-2026-34001]; fix out-of-bounds read issue [CVE-2026-34002] Request: 1134330 µdebs: present CVEs referenced: CVE-2026-33999 CVE-2026-34000 CVE-2026-34001 CVE-2026-34002 CVE-2026-34003 |
||||