|
Package
|
Reason
|
|
2ping
|
Add missing dependency on python-pkg-resources
|
|
abiword
|
Resolve binary file conflict between abiword-dbgsym and abiword-plugin-grammar-dbgsym
|
|
adminer
|
Don't allow connections to privileged ports [CVE-2018-7667]
|
|
animals
|
Fix incorrect file permissions that made the game unusable
|
|
apache2
|
Upgrade mod_http and mod_proxy_http2 to the versions from 2.4.33, fixing segfaults, high memory usage and potential crash [CVE-2018-1302]; make the apache-htcacheclean init script actually use /etc/default/apache-htcacheclean for its config
|
|
auto-complete-el
|
Add upstream fix for emacs25; adjust the emacs dependencies to the emacs versions in stretch; set auto-complete-el.emacsen-compat to silence installation warning
|
|
awffull
|
Do not use removed options in /etc/cron.daily/awffull
|
|
ax25-tools
|
Avoid segmentation fault at runtime
|
|
base-files
|
Update for the point release
|
|
blktrace
|
Fix buffer overflow in btt [CVE-2018-10689]
|
|
ca-certificates
|
Update Mozilla CA bundle to version 2.22; bug fixes
|
|
camo
|
Add missing dependency on openssl
|
|
cffi
|
Add missing files for cffi-libffi and cffi-toolchain; add several missing dependencies
|
|
check-postgres
|
Update testsuite to handle pg_get_indexdef() now always including the schema name
|
|
clamav
|
New upstream version; don't fail on recently removed config options
|
|
clustershell
|
Add missing dependency on python-pkg-resources
|
|
debian-installer
|
Update for -7 kernel ABI
|
|
debian-installer-netboot-images
|
Rebuild for the point release
|
|
debian-security-support
|
Update included data
|
|
dehydrated
|
Fix failure to create fullchain.pem
|
|
devscripts
|
uscan: fix the new package version regex for filenamemangle; debsign: fix bash completion; bts: support the new ftbfs tag; uscan: support HTTPS in the sf.net redirector; debcheckout: support salsa.debian.org; debdiff: sort shlibs files before comparing, reducing diff noise; uscan: actually support --copy
|
|
disc-cover
|
Fix perl error when running disc-cover
|
|
discover
|
Use correct type for the length parameter of the getline() call
|
|
django-xmlrpc
|
Fix python3 dependencies
|
|
dosbox
|
Fix crashes with core=dynamic
|
|
dpdk
|
New upstream stable update
|
|
dpkg
|
Fix integer overflow in deb(5) format version parser; fix directory traversal with dpkg-deb --raw-extract; add support for riscv64 CPU; do not normalize args past a passthrough stop word in Dpkg::Getopt; parse start-stop-daemon usernames and groupnames starting with digits correctly; always use the binary version for the .buildinfo filename
|
|
dput-ng
|
Add jessie-backports-sloppy and stretch-backports targets; include 'testing' in the rm-managed suites and 'oldstable' in protected distributions ; add ports-master profile; FTP: parse and use optional [:port] part for fqdn
|
|
elastix
|
Rebuild with ITK that has been built with gcc 6
|
|
email2trac
|
Fix detection of Trac 1.2
|
|
faad2
|
Fix several DoS issues via crafted MP4 files [CVE-2017-9218 CVE-2017-9219 CVE-2017-9220 CVE-2017-9221 CVE-2017-9222 CVE-2017-9223 CVE-2017-9253 CVE-2017-9254 CVE-2017-9255 CVE-2017-9256 CVE-2017-9257]
|
|
faker
|
Add missing dependency on python-ipaddress
|
|
fastkml
|
Add missing dependency on pkg-resources
|
|
file
|
Avoid reading past the end of buffer [CVE-2018-10360]
|
|
freedink-dfarc
|
Fix directory traversal in D-Mod extractor [CVE-2018-0496]
|
|
ganeti
|
Properly verify SSL certificates during VM export
|
|
ghostscript
|
Fix segfault with fuzzing file in gxht_thresh_image_init(); fix buffer overflow in fill_threshold_buffer [CVE-2016-10317]; pdfwrite - Guard against trying to output an infinite number [CVE-2018-10194]
|
|
git-annex
|
Security fixes [CVE-2018-10857 CVE-2018-10859]
|
|
glx-alternatives
|
New upstream version
|
|
gridengine
|
Use correct paths to qmon pixmaps; fix FTBFS on armhf
|
|
intel-microcode
|
Update included microcode, including fixes for Spectre v2 [CVE-2017-5715]
|
|
jdresolve
|
Fix incompatibility with libnet-dns-perl in Debian 8 and later
|
|
libb64
|
Rebuild with PIE
|
|
libdate-holidays-de-perl
|
Mark Reformation Day as a holiday in Niedersachsen and Bremen
|
|
libdatetime-timezone-perl
|
Update included data
|
|
libextractor
|
Various security fixes [CVE-2017-15266 CVE-2017-15267 CVE-2017-15600 CVE-2017-15601 CVE-2017-15602 CVE-2017-15922 CVE-2017-17440]
|
|
libipc-run-perl
|
Fix memory leak
|
|
liblouis
|
Fix buffer overflow [CVE-2018-11410]; fix several buffer overflows [CVE-2018-11440 CVE-2018-11577 CVE-2018-11683 CVE-2018-11684 CVE-2018-11685 2018-12085]
|
|
libosmium
|
Output coordinate with value of -2^31 correctly; fix buffers larger than 2^32 bytes
|
|
linux
|
New upstream stable release 4.9.110
|
|
linux-latest
|
Update to -7 kernel ABI
|
|
llvm-toolchain-4.0
|
New package for rust backports; fix build on s390x
|
|
local-apt-repository
|
Stop breaking apt when the package is removed but not purged
|
|
loook
|
Fix handling of password protected files
|
|
miniupnpd
|
Fix DoS [CVE-2017-1000494]
|
|
nss-pam-ldapd
|
Increase size of hostname buffer
|
|
nvidia-graphics-drivers
|
New upstream version
|
|
obfsproxy
|
Don't install the broken AppArmor profile
|
|
openldap
|
Fix an out-of-sync issue with delta-syncrepl replication in multi-master environments; really fix upgrades when the config contains backslash-escaped special characters
|
|
openstack-debian-images
|
Set CloudStack after OpenStack in the datasource_list, to avoid a 120s delay in cloud-init when booting a machine in an OpenStack cloud
|
|
patch
|
Fix arbitrary command execution in ed-style patches [CVE-2018-1000156]
|
|
piglit
|
Fix missing dependency on python-mako
|
|
postgresql-9.6
|
New upstream release
|
|
postgresql-common
|
Prevent upgrading/removing server packages from stopping other major version clusters when running systemd
|
|
psad
|
Add missing dependencies on net-tools and iproute2
|
|
pysurfer
|
Add missing dependency on python-matplotlib
|
|
python-cluster
|
Add missing dependency on pkg-resources
|
|
python-pyorick
|
Fix import failure by adding missing dependency on python3-numpy
|
|
python-scruffy
|
Add missing dependencies on pkg-resources
|
|
r-cran-mi
|
Add missing dependency on r-cran-arm
|
|
redis
|
Correct RunTimeDirectory -> RuntimeDirectory typo in systemd .service files
|
|
reportbug
|
Notify the security team or LTS team about a possible regression if reporting a bug against a package containing a security fix
|
|
rustc
|
New upstream release to support Firefox ESR
|
|
salt
|
Fix salt-ssh minion copied over configuration from the Salt Master without adjusting permissions [CVE-2017-8109]
|
|
shared-mime-info
|
Switch dpkg trigger to noawait, fixing upgrade issues from jessie
|
|
showq
|
Fix prefix, so application actually works
|
|
source-highlight
|
Fix dependency on libboost-regex-dev
|
|
starplot
|
Fix startup crash
|
|
subversion
|
Reject commits which would introduce hash collisions with existing data, thus addressing the SHA1/shattered issue
|
|
sus
|
Update to new version, technically identical to SUSv4 + TC1 + TC2
|
|
systemd
|
networkd-ndisc: Handle missing MTU gracefully; allow RemoveIPC= to be set in the unit file not only via D-Bus; nspawn: Add missing -E to getopt_long'; login: Respect --no-wall when cancelling a shutdown request
|
|
tclreadline
|
Fix shared library build on ppc64el
|
|
thefuck
|
Add missing dependency on pkg-resources
|
|
tinyproxy
|
Do not stop listening after SIGHUP; fix configuration file path; add missing dependency on adduser
|
|
tlslite-ng
|
Verify MAC even if the padding is 1 byte long
|
|
tzdata
|
New upstream release
|
|
unison
|
Rebuild with stretch's ocaml
|
|
variety
|
Fix shell injection on deleting files to trash; fix shell injection in filter and clock with specially crafted filenames; harden ImageMagick calls against potential shell injection
|
|
xapian-core
|
Fix MSet::snippet() to escape HTML in all cases [CVE-2018-499]
|
|
xerces-c
|
Fix Denial of Service via external DTD reference [CVE-2017-12627]; fix a regression that forced gcc to use SSE2, even on platforms that do not support it
|
|
xrdp
|
Fix off-by-one error which could lead to crashes
|
