|
Package
|
Reason
|
|
arch-test
|
Fix detection of s390x sometimes failing
|
|
asterisk
|
Fix crash when negotiating for T.38 with a declined stream [CVE-2019-15297], SIP request can change address of a SIP peer [CVE-2019-18790], AMI user could execute system commands [CVE-2019-18610], segfault in pjsip show history with IPv6 peers
|
|
bacula
|
Fix oversized digest strings allow a malicious client to cause a heap overflow in the director's memory [CVE-2020-11061]
|
|
base-files
|
Update /etc/debian_version for the point release
|
|
calamares-settings-debian
|
Disable displaymanager module
|
|
cargo
|
New upstream release, to support upcoming Firefox ESR versions
|
|
chocolate-doom
|
Fix missing validation [CVE-2020-14983]
|
|
chrony
|
Prevent symlink race when writing to the PID file [CVE-2020-14367]; fix temperature reading
|
|
debian-installer
|
Update Linux ABI to 4.19.0-11
|
|
debian-installer-netboot-images
|
Rebuild against proposed-updates
|
|
diaspora-installer
|
Use --frozen option to bundle install to use upstream Gemfile.lock; don't exclude Gemfile.lock during upgrades; don't overwrite config/oidc_key.pem during upgrades; make config/schedule.yml writeable
|
|
dojo
|
Fix prototype pollution in deepCopy method [CVE-2020-5258] and in jqMix method [CVE-2020-5259]
|
|
dovecot
|
Fix dsync sieve filter sync regression; fix handling of getpwent result in userdb-passwd
|
|
facter
|
Change Google GCE Metadata endpoint from v1beta1 to v1
|
|
gnome-maps
|
Fix an issue with misaligned shape layer rendering
|
|
gnome-shell
|
LoginDialog: Reset auth prompt on VT switch before fade in [CVE-2020-17489]
|
|
gnome-weather
|
Prevent a crash when the configured set of locations are invalid
|
|
grunt
|
Use safeLoad when loading YAML files [CVE-2020-7729]
|
|
gssdp
|
New upstream stable release
|
|
gupnp
|
New upstream stable release; prevent the CallStranger attack [CVE-2020-12695]; require GSSDP 1.0.5
|
|
haproxy
|
logrotate.conf: use rsyslog helper instead of SysV init script; reject messages where chunked is missing from Transfer-Encoding [CVE-2019-18277]
|
|
icinga2
|
Fix symlink attack [CVE-2020-14004]
|
|
incron
|
Fix cleanup of zombie processes
|
|
inetutils
|
Fix remote code execution issue [CVE-2020-10188]
|
|
libcommons-compress-java
|
Fix denial of service issue [CVE-2019-12402]
|
|
libdbi-perl
|
Fix memory corruption in XS functions when Perl stack is reallocated [CVE-2020-14392]; fix a buffer overflow on an overlong DBD class name [CVE-2020-14393]; fix a NULL profile dereference in dbi_profile() [CVE-2019-20919]
|
|
libvncserver
|
libvncclient: bail out if UNIX socket name would overflow [CVE-2019-20839]; fix pointer aliasing/alignment issue [CVE-2020-14399]; limit max textchat size [CVE-2020-14405]; libvncserver: add missing NULL pointer checks [CVE-2020-14397]; fix pointer aliasing/alignment issue [CVE-2020-14400]; scale: cast to 64 bit before shifting [CVE-2020-14401]; prevent OOB accesses [CVE-2020-14402 CVE-2020-14403 CVE-2020-14404]
|
|
libx11
|
Fix integer overflows [CVE-2020-14344 CVE-2020-14363]
|
|
lighttpd
|
Backport several usability and security fixes
|
|
linux
|
New upstream stable release; increase ABI to 11
|
|
linux-latest
|
Update for -11 Linux kernel ABI
|
|
linux-signed-amd64
|
New upstream stable release
|
|
linux-signed-arm64
|
New upstream stable release
|
|
linux-signed-i386
|
New upstream stable release
|
|
llvm-toolchain-7
|
New upstream release, to support upcoming Firefox ESR versions; fix bugs affecting rustc build
|
|
lucene-solr
|
Fix security issue in DataImportHandler configuration handling [CVE-2019-0193]
|
|
milkytracker
|
Fix heap overflow [CVE-2019-14464], stack overflow [CVE-2019-14496], heap overflow [CVE-2019-14497], use after free [CVE-2020-15569]
|
|
node-bl
|
Fix over-read vulnerability [CVE-2020-8244]
|
|
node-elliptic
|
Prevent malleability and overflows [CVE-2020-13822]
|
|
node-mysql
|
Add localInfile option to control LOAD DATA LOCAL INFILE [CVE-2019-14939]
|
|
node-url-parse
|
Fix insufficient validation and sanitization of user input [CVE-2020-8124]
|
|
npm
|
Don't show password in logs [CVE-2020-15095]
|
|
orocos-kdl
|
Remove explicit inclusion of default include path, fixing issues with cmake < 3.16
|
|
postgresql-11
|
New upstream stable release; set a secure search_path in logical replication walsenders and apply workers [CVE-2020-14349]; make contrib modules' installation scripts more secure [CVE-2020-14350]
|
|
postgresql-common
|
Don't drop plpgsql before testing extensions
|
|
pyzmq
|
Asyncio: wait for POLLOUT on sender in can_connect
|
|
qt4-x11
|
Fix buffer overflow in XBM parser [CVE-2020-17507]
|
|
qtbase-opensource-src
|
Fix buffer overflow in XBM parser [CVE-2020-17507]; fix clipboard breaking when timer wraps after 50 days
|
|
ros-actionlib
|
Load YAML safely [CVE-2020-10289]
|
|
rustc
|
New upstream release, to support upcoming Firefox ESR versions
|
|
rust-cbindgen
|
New upstream release, to support upcoming Firefox ESR versions
|
|
ruby-ronn
|
Fix handling of UTF-8 content in manpages
|
|
s390-tools
|
Hardcode perl dependency instead of using ${perl:Depends}, fixing installation under debootstrap
|
