| Package |
Reason |
| aegisub |
Fix crash when selecting a language from the bottom of the Spell checker language list; fix crash when right-clicking in the subtitles text box |
| akonadi |
Fix various crashes / deadlock issues |
| base-files |
Update /etc/debian_version for the point release |
| capistrano |
Fix failure to remove old releases when there were too many |
| cron |
Stop using obsolete SELinux API |
| cyrus-imapd |
Fix data loss on upgrade from version 3.0.0 or earlier |
| debian-edu-config |
Handle newer Firefox ESR configuration files; add post-up stanza to /etc/network/interfaces eth0 entry conditionally |
| debian-installer |
Fix unreadable fonts on hidpi displays in netboot images booted with EFI |
| debian-installer-netboot-images |
Rebuild against proposed-updates |
| distro-info-data |
Add Ubuntu 20.04 LTS, Focal Fossa |
| dkimpy-milter |
New upstream stable release; fix sysvinit support; catch more ASCII encoding errors to improve resilience against bad data; fix message extraction so that signing in the same pass through the milter as verifying works correctly |
| emacs |
Update the EPLA packaging key |
| fence-agents |
Fix incomplete removal of fence_amt_ws |
| flatpak |
New upstream stable release |
| flightcrew |
Security fixes [CVE-2019-13032 CVE-2019-13241] |
| fonts-noto-cjk |
Fix over-aggressive font selection of Noto CJK fonts in modern web browsers under Chinese locale |
| freetype |
Properly handle phantom points for variable hinted fonts |
| gdb |
Rebuild against new libbabeltrace, with higher version number to avoid conflict with earlier upload |
| glib2.0 |
Ensure libdbus clients can authenticate with a GDBusServer like the one in ibus |
| gnome-shell |
New upstream stable release; fix truncation of long messages in Shell-modal dialogs; avoid crash on reallocation of dead actors |
| gnome-sound-recorder |
Fix crash when selecting a recording |
| gnustep-base |
Disable gdomap daemon that was accidentally enabled on upgrades from stretch |
| graphite-web |
Remove unused send_email function [CVE-2017-18638]; avoid hourly error in cron when there is no whisper database |
| inn2 |
Fix negotiation of DHE ciphersuites |
| libapache-mod-auth-kerb |
Fix use after free bug leading to crash |
| libdate-holidays-de-perl |
Mark International Childrens Day (Sep 20th) as a holiday in Thuringia from 2019 onwards |
| libdatetime-timezone-perl |
Update included data |
| libofx |
Fix null pointer dereference issue [CVE-2019-9656] |
| libreoffice |
Fix the postgresql driver with PostgreSQL 12 |
| libsixel |
Fix several security issues [CVE-2018-19756 CVE-2018-19757 CVE-2018-19759 CVE-2018-19761 CVE-2018-19762 CVE-2018-19763 CVE-2019-3573 CVE-2019-3574] |
| libxslt |
Fix dangling pointer in xsltCopyText [CVE-2019-18197] |
| lucene-solr |
Disable obsolete call to ContextHandler in solr-jetty9.xml; fix Jetty permissions on SOLR index |
| mariadb-10.3 |
New upstream stable release |
| modsecurity-crs |
Fix PHP script upload rules [CVE-2019-13464] |
| mutter |
New upstream stable release |
| ncurses |
Fix several security issues [CVE-2019-17594 CVE-2019-17595] and other issues in tic |
| ndppd |
Avoid world writable PID file, that was breaking daemon init scripts |
| network-manager |
Fix file permissions for /var/lib/NetworkManager/secret_key and /var/lib/NetworkManager |
| node-fstream |
Fix arbitrary file overwrite issue [CVE-2019-13173] |
| node-set-value |
Fix prototype pollution [CVE-2019-10747] |
| node-yarnpkg |
Force using HTTPS for regular registries |
| nx-libs |
Fix regressions introduced in previous upload, affecting x2go |
| open-vm-tools |
Fix memory leaks and error handling |
| openvswitch |
Update debian/ifupdown.sh to allow setting-up the MTU; fix Python dependencies to use Python 3 |
| picard |
Update translations to fix crash with Spanish locale |
| plasma-applet-redshift-control |
Fix manual mode when used with redshift versions above 1.12 |
| postfix |
New upstream stable release; work around poor TCP loopback performance |
| python-cryptography |
Fix test suite failures when built against newer OpenSSL versions; fix a memory leak triggerable when parsing x509 certificate extensions like AIA |
| python-flask-rdf |
Add Depends on python{3,}-rdflib |
| python-oslo.messaging |
New upstream stable release; fix switch connection destination when a rabbitmq cluster node disappears |
| python-werkzeug |
Ensure Docker containers have unique debugger PINs [CVE-2019-14806] |
| python2.7 |
Fix several security issues [CVE-2018-20852 CVE-2019-10160 CVE-2019-16056 CVE-2019-16935 CVE-2019-9740 CVE-2019-9947] |
| quota |
Fix rpc.rquotad spinning at 100% CPU |
| rpcbind |
Allow remote calls to be enabled at run-time |
| shelldap |
Repair SASL authentications, add a ‘sasluser’ option |
| sogo |
Fix display of PGP-signed e-mails |
| spf-engine |
New upstream stable release; fix sysvinit support |
| standardskriver |
Fix deprecation warning from config.RawConfigParser; use external ip command rather than deprecated ifconfig command |
| swi-prolog |
Use HTTPS when contacting upstream pack servers |
| systemd |
core: never propagate reload failure to service result; fix sync_file_range failures in nspawn containers on arm, ppc; fix RootDirectory not working when used in combination with User; ensure that access controls on systemd-resolved’s D-Bus interface are enforced correctly [CVE-2019-15718]; fix StopWhenUnneeded=true for mount units; make MountFlags=shared work again |
| tmpreaper |
Prevent breaking of systemd services that use PrivateTmp=true |
| trapperkeeper-webserver-jetty9-clojure |
Restore SSL compatibility with newer Jetty versions |
| tzdata |
New upstream release |
| ublock-origin |
New upstream version, compatible with Firefox ESR68 |
| uim |
Resurrect libuim-data as a transitional package, fixing some issues after upgrades to buster |
| vanguards |
New upstream stable release; prevent a reload of tor’s configuration via SIGHUP causing a denial-of-service for vanguards protections |
