|
Package
|
Reason
|
|
apt
|
Accept suite name changes for repositories by default (e.g. stable -> oldstable)
|
|
awstats
|
Fix remote file access issues [CVE-2020-29600 CVE-2020-35176]
|
|
base-files
|
Update /etc/debian_version for the 10.10 point release
|
|
berusky2
|
Fix segfault at startup
|
|
clamav
|
New upstream stable release; fix denial of security issue [CVE-2021-1405]
|
|
clevis
|
Fix support for TPMs that only support SHA256
|
|
connman
|
dnsproxy: Check the length of buffers before memcpy [CVE-2021-33833]
|
|
crmsh
|
Fix code execution issue [CVE-2020-35459]
|
|
debian-installer
|
Use 4.19.0-17 Linux kernel ABI
|
|
debian-installer-netboot-images
|
Rebuild against proposed-updates
|
|
dnspython
|
XFR: do not attempt to compare to a non-existent expiration value
|
|
dput-ng
|
Fix crash in the sftp uploader in case of EACCES from the server; update codenames; make dcut dm work for non-uploading DMs; fix a TypeError in http upload exception handling; don't try and construct uploader email from system hostname in .dak-commands files
|
|
eterm
|
Fix code execution issue [CVE-2021-33477]
|
|
exactimage
|
Fix build with C++11 and OpenEXR 2.5.x
|
|
fig2dev
|
Fix buffer overflow [CVE-2021-3561]; several output fixes; rebuild testsuite during build and in autopkgtest
|
|
fluidsynth
|
Fix use-after-free issue [CVE-2021-28421]
|
|
freediameter
|
Fix denial of service issue [CVE-2020-6098]
|
|
fwupd
|
Fix generation of the vendor SBAT string; stop using dpkg-dev in fwupd.preinst; new upstream stable version
|
|
fwupd-amd64-signed
|
Sync with fwupd
|
|
fwupd-arm64-signed
|
Sync with fwupd
|
|
fwupd-armhf-signed
|
Sync with fwupd
|
|
fwupd-i386-signed
|
Sync with fwupd
|
|
fwupdate
|
Improve SBAT support
|
|
fwupdate-amd64-signed
|
Sync with fwupdate
|
|
fwupdate-arm64-signed
|
Sync with fwupdate
|
|
fwupdate-armhf-signed
|
Sync with fwupdate
|
|
fwupdate-i386-signed
|
Sync with fwupdate
|
|
glib2.0
|
Fix several integer overflow issues [CVE-2021-27218 CVE-2021-27219]; fix a symlink attack affecting file-roller [CVE-2021-28153]
|
|
gnutls28
|
Fix null-pointer dereference issue [CVE-2020-24659]; add several improvements to memory reallocation
|
|
golang-github-docker-docker-credential-helpers
|
Fix double free issue [CVE-2019-1020014]
|
|
htmldoc
|
Fix buffer overflow issues [CVE-2019-19630 CVE-2021-20308]
|
|
ipmitool
|
Fix buffer overflow issues [CVE-2020-5208]
|
|
ircii
|
Fix denial of service issue [CVE-2021-29376]
|
|
isc-dhcp
|
Fix buffer overrun issue [CVE-2021-25217]
|
|
isync
|
Reject funny mailbox names from IMAP LIST/LSUB [CVE-2021-20247]; fix handling of unexpected APPENDUID response code [CVE-2021-3578]
|
|
jackson-databind
|
Fix external entity expansion issue [CVE-2020-25649] and several serialization-related issues [CVE-2020-24616 CVE-2020-24750 CVE-2020-35490 CVE-2020-35491 CVE-2020-35728 CVE-2020-36179 CVE-2020-36180 CVE-2020-36181 CVE-2020-36182 CVE-2020-36183 CVE-2020-36184 CVE-2020-36185 CVE-2020-36186 CVE-2020-36187 CVE-2020-36188 CVE-2020-36189 CVE-2021-20190]
|
|
klibc
|
malloc: Set errno on failure; fix several overflow issues [CVE-2021-31873 CVE-2021-31870 CVE-2021-31872]; cpio: Fix possible crash on 64-bit systems [CVE-2021-31871]; {set,long}jmp [s390x]: save/restore the correct FPU registers
|
|
libbusiness-us-usps-webtools-perl
|
Update to new US-USPS API
|
|
libgcrypt20
|
Fix weak ElGamal encryption with keys not generated by GnuPG/libgcrypt [CVE-2021-33560]
|
|
libgetdata
|
Fix use after free issue [CVE-2021-20204]
|
|
libmateweather
|
Adapt to renaming of America/Godthab to America/Nuuk in tzdata
|
|
libxml2
|
Fix out-of-bounds read in xmllint [CVE-2020-24977]; fix use-after-free issues in xmllint [CVE-2021-3516 CVE-2021-3518]; validate UTF8 in xmlEncodeEntities [CVE-2021-3517]; propagate error in xmlParseElementChildrenContentDeclPriv; fix exponential entity expansion attack [CVE-2021-3541]
|
|
liferea
|
Fix compatibility with webkit2gtk >= 2.32
|
|
linux
|
New upstream stable release; increase ABI to 17; [rt] Update to 4.19.193-rt81
|
|
linux-latest
|
Update to 4.19.0-17 ABI
|
|
linux-signed-amd64
|
New upstream stable release; increase ABI to 17; [rt] Update to 4.19.193-rt81
|
|
linux-signed-arm64
|
New upstream stable release; increase ABI to 17; [rt] Update to 4.19.193-rt81
|
|
linux-signed-i386
|
New upstream stable release; increase ABI to 17; [rt] Update to 4.19.193-rt81
|
|
mariadb-10.3
|
New upstream release; security fixes [CVE-2021-2154 CVE-2021-2166 CVE-2021-27928]; fix Innotop support; ship caching_sha2_password.so
|
|
mqtt-client
|
Fix denial of service issue [CVE-2019-0222]
|
|
mumble
|
Fix remote code execution issue [CVE-2021-27229]
|
|
mupdf
|
Fix use-after-free issue [CVE-2020-16600] and double free issue [CVE-2021-3407]
|
|
nmap
|
Update included MAC prefix list
|
|
node-glob-parent
|
Fix regular expression denial of service issue [CVE-2020-28469]
|
|
node-handlebars
|
Fix code execution issues [CVE-2019-20920 CVE-2021-23369]
|
|
node-hosted-git-info
|
Fix regular expression denial of service issue [CVE-2021-23362]
|
|
node-redis
|
Fix regular expression denial of service issue [CVE-2021-29469]
|
|
node-ws
|
Fix regular expression-related denial of service issue [CVE-2021-32640]
|
|
nvidia-graphics-drivers
|
Fix improper access control vulnerability [CVE-2021-1076]
|
|
nvidia-graphics-drivers-legacy-390xx
|
Fix improper access control vulnerability [CVE-2021-1076]; fix installation failure on Linux 5.11 release candidates
|
|
opendmarc
|
Fix heap overflow issue [CVE-2020-12460]
|
|
openvpn
|
Fix illegal client float issue [CVE-2020-11810]; ensure key state is authenticated before sending push reply [CVE-2020-15078]; increase listen() backlog queue to 32
|
|
php-horde-text-filter
|
Fix cross-site scripting issue [CVE-2021-26929]
|
|
plinth
|
Use session to verify first boot welcome step
|
|
ruby-websocket-extensions
|
Fix denial of service issue [CVE-2020-7663]
|
|
rust-rustyline
|
Fix build with newer rustc
|
|
rxvt-unicode
|
Disable ESC G Q escape sequence [CVE-2021-33477]
|
|
sabnzbdplus
|
Fix code execution vulnerability [CVE-2020-13124]
|
|
scrollz
|
Fix denial of service issue [CVE-2021-29376]
|
|
shim
|
New upstream release; add SBAT support; fix i386 binary relocations; don't call QueryVariableInfo() on EFI 1.10 machines (e.g. older Intel Macs); fix handling of ignore_db and user_insecure_mode; add maintainer scripts to the template packages to manage installing and removing fbXXX.efi and mmXXX.efi when we install/remove the shim-helpers-$arch-signed packages; exit cleanly if installed on a non-EFI system; don't fail if debconf calls return errors
|
|
shim-helpers-amd64-signed
|
Sync with shim
|
|
shim-helpers-arm64-signed
|
Sync with shim
|
|
shim-helpers-i386-signed
|
Sync with shim
|
|
shim-signed
|
Update for new shim; multiple bugfixes in postinst and postrm handling; provide unsigned binaries for arm64 (see NEWS.Debian); exit cleanly if installed on a non-EFI system; don't fail if debconf calls return errors; fix documentation links; build against shim-unsigned 15.4-5~deb10u1; add explicit dependency from shim-signed to shim-signed-common
|
|
speedtest-cli
|
Handle case where ignoreids is empty or contains empty ids
|
|
tnef
|
Fix buffer over-read issue [CVE-2019-18849]
|
|
uim
|
libuim-data: Copy Breaks from uim-data, fixing some upgrade scenarios
|
|
user-mode-linux
|
Rebuild against Linux kernel 4.19.194-1
|
|
velocity
|
Fix potential arbitrary code execution issue [CVE-2020-13936]
|
|
wml
|
Fix regression in Unicode handling
|
|
xfce4-weather-plugin
|
Move to version 2.0 met.no API
|
