|
Package
|
Reason
|
|
arc
|
Fix directory traversal bugs [CVE-2015-9275], arcdie crash when called with more than 1 variable argument and version 1 arc header reading
|
|
astroml-addons
|
Fix Python 3 dependencies
|
|
base-files
|
Update for the point release
|
|
c3p0
|
Fix XML External Entity vulnerability [CVE-2018-20433]
|
|
ca-certificates-java
|
Fix temporary jvm-*.cfg generation on armhf
|
|
chkrootkit
|
Fix regular expression for filtering out dhcpd and dhclient as false positives from the packet sniffer test
|
|
compactheader
|
Update to work with newer Thunderbird versions
|
|
courier
|
Fix @piddir@ substitution
|
|
cups
|
Security fixes [CVE-2017-18248 CVE-2018-4700]
|
|
debian-edu-config
|
Fix configuration of personal web pages; re-enable offline installation of a combi server including diskless workstation support; enable Chromium homepage setting at installation time and via LDAP
|
|
debian-installer
|
Rebuild for the point release
|
|
debian-installer-netboot-images
|
Rebuild against proposed-updates
|
|
debian-security-support
|
Update support status of various packages
|
|
dnspython
|
Fix error when parsing nsec3 bitmap from text
|
|
egg
|
Skip emacsen-install for unsupported xemacs21
|
|
erlang
|
Do not install Erlang mode for XEmacs
|
|
espeakup
|
debian/espeakup.service: Fix compatibility with older versions of systemd
|
|
freerdp
|
Fix security issues [CVE-2018-8786 CVE-2018-8787 CVE-2018-8788]; add CredSSP v3 and RDP proto v6 support
|
|
ganeti-os-noop
|
Fix size detection for non-block devices
|
|
glibc
|
Fix several security isses [CVE-2017-15670 CVE-2017-15671 CVE-2017-15804 CVE-2017-1000408 CVE-2017-1000409 CVE-2017-16997 CVE-2017-18269 CVE-2018-11236 CVE-2018-11237]; avoid segmentation faults on CPUs with AVX512-F; fix a use after free in pthread_create(); check for postgresql in NSS check; fix pthread_cond_wait() in the pshared case on non-x86.
|
|
gnulib
|
vasnprintf: Fix heap memory overrun bug [CVE-2018-17942]
|
|
gnupg2
|
Avoid crash when importing without a TTY
|
|
graphite-api
|
Fix RequiresMountsFor spelling in systemd service
|
|
grokmirror
|
Add missing dependency on python-pkg-resources
|
|
gvrng
|
Fix permissions problem that prevented starting gvrng; generate correct Python dependencies
|
|
ibus
|
Fix multi-arch installation by removing the gir package's Python dependency
|
|
icinga2
|
Fix timestamps being stored as local time in PostgreSQL
|
|
intel-microcode
|
Add accumulated fixes for Westmere EP (signature 0x206c2) [Intel SA-00161 CVE-2018-3615 CVE-2018-3620 CVE-2018-3646 Intel SA-00115 CVE-2018-3639 CVE-2018-3640 Intel SA-0088 CVE-2017-5753 CVE-2017-5754]
|
|
isort
|
Fix Python dependencies
|
|
jdupes
|
Fix potential crash on ARM
|
|
kmodpy
|
Remove incorrect Multi-Arch: same from python-kmodpy
|
|
libapache2-mod-perl2
|
Don't allow <Perl> sections in user controlled configuration [CVE-2011-2767]
|
|
libb2
|
Detect if the system can use AVX before actually using it
|
|
libdatetime-timezone-perl
|
Update included data
|
|
libemail-address-list-perl
|
Fix DoS vulnerability [CVE-2018-18898]
|
|
libemail-address-perl
|
Fix DoS vulnerabilities [CVE-2015-7686 CVE-2018-12558]
|
|
libgpod
|
python-gpod: Add missing dependency on python-gobject-2
|
|
libssh
|
Fix broken server-side keyboard-interactive authentication
|
|
linux
|
New upstream release; new upstream version; fix build failures on arm64 and mips*; libceph: fix CEPH_FEATURE_CEPHX_V2 check in calc_signature()
|
|
linux-igd
|
Make the init script require $network
|
|
lttng-modules
|
Fix build on linux-rt 4.9 kernels and kernels >= 4.9.0-3
|
|
mistral
|
Fix std.ssh action may disclose presence of arbitrary files [CVE-2018-16849]
|
|
monkeysign
|
Fix security issue [CVE-2018-12020]; actually send multiple emails instead of a single one
|
|
mpqc
|
Also install sc-libtool
|
|
nvidia-graphics-drivers
|
New upstream release
|
|
nvidia-modprobe
|
New upstream release
|
|
nvidia-persistenced
|
New upstream release
|
|
nvidia-settings
|
New upstream release
|
|
nvidia-xconfig
|
New upstream release
|
|
openni2
|
Fix armhf baseline violation and armel FTBFS caused by NEON usage
|
|
openvpn
|
Fix NCP behaviour on TLS reconnect, causing AEAD Decrypt error: cipher final failed errors
|
|
parsedatetime
|
Add support for Python 3
|
|
pdns
|
Fix security issues [CVE-2018-1046 CVE-2018-10851]; fix MySQL queries with stored procedures; fix LDAP, Lua, OpenDBX backends not finding domains
|
|
pdns-recursor
|
Fix security issues [CVE-2018-10851 CVE-2018-14626 CVE-2018-14644]
|
|
photocollage
|
Add missing dependency on gir1.2-gtk-3.0
|
|
postfix
|
New upstream stable release; avoid postconf failures when postfix-instance-generator runs during boot
|
|
postgresql-9.6
|
New upstream release
|
|
postgrey
|
No change rebuild
|
|
pylint-django
|
Fix Python 3 dependencies
|
|
python-acme
|
Backport newer version for tls-sni-01 deprecation
|
|
python-arpy
|
Fix Python 3 dependencies
|
|
python-certbot
|
Backport newer version for tls-sni-01 deprecation
|
|
python-certbot-apache
|
Update for deprecation of tls-sni-01
|
|
python-certbot-nginx
|
Update for deprecation of tls-sni-01
|
|
python-hypothesis
|
Fix (inverted) dependencies of python3-hypothesis and python-hypothesis-doc
|
|
python-josepy
|
New package, required by Certbot
|
|
pyzo
|
Add missing dependency on python3-pkg-resources
|
|
r-cran-readxl
|
Fix crash bugs [CVE-2018-20450 CVE-2018-20452]
|
|
rtkit
|
Move dbus and polkit from Recommends to Depends
|
|
ruby-rack
|
Fix a possible cross-site scripting vulnerability [CVE-2018-16471]
|
|
samba
|
New upstream release; s3:ntlm_auth: fix memory leak in manage_gensec_request(); ignore nmbd start errors when there is no non-loopback interface or no local IPv4 non-loopback interface; fix CVE-2018-14629 regression on a non-CNAME record
|
|
sl-modem
|
Support Linux versions > 3
|
|
sogo-connector
|
Update to work with newer Thunderbird versions
|
|
sox
|
Really apply fixes for CVE-2014-8145
|
|
ssh-agent-filter
|
Fix two-byte out-of-bounds stack write
|
|
supercollider
|
Disable support for XEmacs and Emacs <=23
|
|
sympa
|
Remove /etc/sympa/sympa.conf-smime.in from conffiles; use full path for head command in Sympa configuration file
|
|
twitter-bootstrap3
|
Fix multiple security vulnerabilities [CVE-2018-14040 CVE-2018-14041 CVE-2018-14042]
|
|
tzdata
|
New upstream release
|
|
uglifyjs
|
Fix manpage contents
|
|
uriparser
|
Fix multiple security vulnerabilties [CVE-2018-19198 CVE-2018-19199 CVE-2018-19200]
|
|
vm
|
Drop support for xemacs21
|
|
vulture
|
Add missing dependency on python3-pkg-resources
|
|
wayland
|
Fix possible integer overflow [CVE-2017-16612]
|
|
wicd
|
Always depend on net-tools, rather than alternatives
|
|
wvstreams
|
Work around stack corruption
|
|
xapian-core
|
Fix leaks of freelist blocks in corner cases, which then get reported as DatabaseCorruptError by Database::check()
|
|
xkeycaps
|
Prevent segfault in commands.c when more than 8 keysyms per key are present
|
|
yosys
|
Fix ModuleNotFoundError: No module named 'smtio'
|
|
z3
|
Remove incorrect Multi-Arch: same from python-z3
|
