Debian buster Openstack images changelog 10.12.7-20220706 Updates in 2 source package(s), 4 binary package(s): Source gnupg2, binaries: gpgv:amd64 gpgv:arm64 gnupg2 (2.2.12-1+deb10u2) buster-security; urgency=high [ Roger Shimizu ] * d/control: Update Build-Depends: libgpg-error-dev (>= 1.35) [ Daniel Kahn Gillmor ] * fix broken status line (Closes: #1014157) Source linux-latest, binaries: linux-image-cloud-amd64:amd64 linux-image-arm64:arm64 linux-latest (105+deb10u16) buster-security; urgency=medium * Update to 4.19.0-21 linux-latest (105+deb10u15) buster; urgency=medium * Update to 4.19.0-20 linux-latest (105+deb10u14) buster-security; urgency=high * Update to 4.19.0-19 * linux-image: Add NEWS for unprivileged eBPF change linux-latest (105+deb10u13) buster; urgency=medium * Update to 4.19.0-18 linux-latest (105+deb10u12) buster; urgency=medium * Update to 4.19.0-17 linux-latest (105+deb10u11) buster; urgency=medium * Update to 4.19.0-16 linux-latest (105+deb10u10) buster; urgency=medium * Update to 4.19.0-15 linux-latest (105+deb10u9) buster-security; urgency=high * Update to 4.19.0-14 linux-latest (105+deb10u8) buster; urgency=medium * Update to 4.19.0-13 linux-latest (105+deb10u7) buster-security; urgency=high * Update to 4.19.0-12 linux-latest (105+deb10u6) buster; urgency=medium * Update to 4.19.0-11 linux-latest (105+deb10u5) buster; urgency=medium * Update to 4.19.0-10 linux-latest (105+deb10u4) buster; urgency=medium * Update to 4.19.0-9 linux-latest (105+deb10u3) buster; urgency=medium * Update to 4.19.0-8 linux-latest (105+deb10u2) buster; urgency=medium * Update to 4.19.0-7 linux-latest (105+deb10u1) buster; urgency=medium * Update to 4.19.0-6 linux-latest (105) unstable; urgency=medium * Update to 4.19.0-5 linux-latest (104) unstable; urgency=medium * Update to 4.19.0-4 linux-latest (103) unstable; urgency=medium * Update to 4.19.0-3 linux-latest (102) unstable; urgency=medium * Update to 4.19.0-2 linux-latest (101) unstable; urgency=medium * Update to 4.19.0-1 linux-latest (100) unstable; urgency=medium [ Romain Perier ] * Update to 4.18.0-3 linux-latest (99) unstable; urgency=medium * Update to 4.18.0-2 linux-latest (98) unstable; urgency=medium * Update to 4.18.0-1 linux-latest (97) unstable; urgency=medium * Update to 4.17.0-3 linux-latest (96) unstable; urgency=medium [ Romain Perier ] * Update to 4.17.0-2 linux-latest (95) unstable; urgency=medium [ Romain Perier ] * Update to 4.17.0-1 linux-latest (94) unstable; urgency=medium [ Ben Hutchings ] * Substitute source package name in lintian-overrides * Change binary package names to include any source package name suffix * Don't build redundant linux-doc, linux-source, linux-tools packages [ Salvatore Bonaccorso ] * Update to 4.16.0-2 linux-latest (93) unstable; urgency=medium * Update to 4.16.0-1 linux-latest (92) unstable; urgency=medium * Update to 4.15.0-3 linux-latest (91) unstable; urgency=medium [ Ben Hutchings ] * debian/control: Point Vcs URLs to Salsa [ Salvatore Bonaccorso ] * Update to 4.15.0-2 linux-latest (90) unstable; urgency=medium * Update to 4.15.0-1 linux-latest (89) unstable; urgency=medium * Update to 4.14.0-3 linux-latest (88) unstable; urgency=medium * Update to 4.14.0-2 linux-latest (87) unstable; urgency=medium * linux-image: Add back-dated NEWS for vsyscall change in Linux 4.10 * linux-doc: Add symlinks to current documentation * Update to 4.14.0-1 * linux-image: Add back-dated NEWS about AppArmor introduction linux-latest (86) unstable; urgency=medium * Add myself to Uploaders * Update to 4.13.0-1 linux-latest (85) unstable; urgency=medium * debian/control: Remove Frederik Schüler from Uploaders field * Update to 4.12.0-2 linux-latest (84) unstable; urgency=medium * Update to 4.12.0-1 (Closes: #872055) linux-latest (83) unstable; urgency=medium * Update to 4.11.0-2 linux-latest (82) unstable; urgency=medium * Revert changes to debug symbol meta-packages (Closes: #866691) linux-latest (81) unstable; urgency=medium * Update to 4.11.0-1 * Stop generating various transitional packages needed in stretch linux-latest (80) unstable; urgency=medium * Re-introduce xen-linux-system-amd64 *again* as transitional package (Closes: #857039) * Update to 4.9.0-3 linux-latest (79) unstable; urgency=medium * Update to 4.9.0-2 linux-latest (78) unstable; urgency=medium * debian/rules: Use dpkg-parsechangelog -S option to select fields * linux-image: Delete NEWS for version 76 about vsyscall changes, now reverted * Update to 4.9.0-1 linux-latest (77) unstable; urgency=medium * Update to 4.8.0-2 * Use debhelper compatibility level 9 * Re-introduce xen-linux-system packages, accidentally dropped in version 75 linux-latest (76) unstable; urgency=medium * Update to 4.8.0-1 * linux-image-{686-pae,amd64}: Delete old NEWS * linux-image: Add back-dated NEWS for conntrack helpers change in Linux 4.7 (Closes: #839632) * linux-image: Add NEWS for security hardening config changes for Linux 4.8 linux-latest (75) unstable; urgency=medium * Update to 4.7.0-1 * Rename and move debug symbol meta-packages to the debug archive * debian/control: Set priority of transitional packages to extra * debian/control: Update Standards-Version to 3.9.8; no changes needed linux-latest (74) unstable; urgency=medium * Update to 4.6.0-1 linux-latest (73) unstable; urgency=medium * Update to 4.5.0-2 linux-latest (72) unstable; urgency=medium * Update to 4.5.0-1 linux-latest (71) unstable; urgency=medium * Update to 4.4.0-1 - Change linux-{image,headers}-{kirkwood,orion5x} to transitional packages linux-latest (70) unstable; urgency=medium * Change linux-{image,headers}-586 to transitional packages linux-latest (69) unstable; urgency=medium * Update to 4.3.0-1 linux-latest (68) unstable; urgency=medium * Update to 4.2.0-1 * debian/bin/gencontrol.py: Use Python 3 linux-latest (67) unstable; urgency=medium * Adjust for migration to git: - Add .gitignore file - debian/control: Update Vcs-* fields * .gitignore: Ignore linux-perf build directory * Update to 4.1.0-2 * Change source format to 3.0 (native) so that .git directory is excluded by default linux-latest (66) unstable; urgency=medium * Update to 4.1.0-1 * Rename linux-tools to linux-perf, providing linux-tools as a transitional package linux-latest (65) unstable; urgency=medium * Update to 4.0.0-2 linux-latest (64) unstable; urgency=medium * Update to 4.0.0-1 * Stop generating linux-{headers,image}-486 transitional packages * debian/control: Build-Depend on linux-headers-*-all, so that after an ABI bump linux is auto-built before linux-latest on each architecture. (Closes: #746618) linux-latest (63) unstable; urgency=medium * Update to 3.16.0-4 - Change linux-{image,headers}-486 to transitional packages linux-latest (62) unstable; urgency=medium * Update to 3.16-3 (Closes: #766078) linux-latest (61) unstable; urgency=medium * Update to 3.16-2 linux-latest (60) unstable; urgency=medium * linux-image-{686-pae,amd64}: Add backdated NEWS for introduction of xz compression affecting Xen (Closes: #727736) * Update to 3.16-1 linux-latest (59) unstable; urgency=medium * Update to 3.14-2 linux-latest (58) unstable; urgency=medium * Rebuild to include arm64 and ppc64el architectures linux-latest (57) unstable; urgency=medium * Suppress lintian warnings about linux-image-dbg metapackages not looking like debug info packages * debian/control: Update Standards-Version to 3.9.5; no changes needed * Update to 3.14-1 linux-latest (56) unstable; urgency=medium * Update to 3.13-1 linux-latest (55) unstable; urgency=low * Update to 3.12-1 linux-latest (54) unstable; urgency=low * Update to 3.11-2 linux-latest (53) unstable; urgency=low * Add linux-image--dbg metapackages, providing the virtual package linux-latest-image-dbg * Update standards-version to 3.9.4; no changes required * Change section and priority fields to match archive overrides * Update to 3.11-1 * Stop providing virtual package linux-headers linux-latest (52) unstable; urgency=low * Update to 3.10-3 linux-latest (51) unstable; urgency=low * Update to 3.10-2 linux-latest (50) unstable; urgency=low * Update to 3.10-1 linux-latest (49) unstable; urgency=low * Update to 3.9-1 linux-latest (48) unstable; urgency=low * Update to 3.8-2 (Closes: #708842) linux-latest (47) unstable; urgency=low * Update to 3.8-1 * Remove transitional packages provided in wheezy linux-latest (46) unstable; urgency=low * Set Priority: extra, as currently overridden in the archive (Closes: #689846) * Add Czech debconf template translation (Michal Šimůnek) (Closes: #685501) * Update to 3.2.0-4 (Closes: #688222, #689864) linux-latest (45) unstable; urgency=low * Update to 3.2.0-3 linux-latest (44) unstable; urgency=high [ Ben Hutchings ] * Update debconf template translations: - Add Polish (Michał Kułach) (Closes: #659571) - Add Turkish (Mert Dirik) (Closes: #660119) * Update standards-version to 3.9.3: - Do not move packages to the 'metapackages' section, as that will cause APT not to auto-remove their dependencies * Move transitional packages to the section 'oldlibs', so that APT will treat the replacement packages as manually installed * Update to 3.2.0-2 * Stop generating linux-{headers,image}-2.6- transitional packages for flavours added since Linux 3.0 linux-latest (43) unstable; urgency=low * Add Vcs-{Svn,Browser} fields * Add debconf template translations: - Danish (Joe Hansen) (Closes: #656642) - Spanish (Slime Siabef) (Closes: #654681) - Italian (Stefano Canepa) (Closes: #657386) * [s390] Update the check for flavours without modules, removing the useless linux-headers{,-2.6}-s390x-tape packages linux-latest (42) unstable; urgency=low * Rename source package to linux-latest * Add debconf template translations: - Portugese (Miguel Figueiredo) (Closes: #651123) - Serbian latin (Zlatan Todoric) (Closes: #635895) - Russian (Yuri Kozlov) (Closes: #652431) - Japanese (Nobuhiro Iwamatsu) (Closes: #655687) * Update to 3.2.0-1 linux-latest-2.6 (41) unstable; urgency=low * Remove dependency on module makefiles in linux-support package * Update to 3.1.0-1 linux-latest-2.6 (40) unstable; urgency=low * Add debconf template translations: - Serbian cyrillic (Zlatan Todoric) (Closes: #635893) - German (Holger Wansing) (Closes: #637764) - French (Debian French l10n team) (Closes: #636624) - Swedish (Martin Bagge) (Closes: #640058) - Dutch (Jeroen Schot) (Closes: #640115) - Catalan (Innocent De Marchi) (Closes: #642109) * Update to 3.0.0-2 linux-latest-2.6 (39) unstable; urgency=low * Update to 3.0.0-1 linux-latest-2.6 (38) experimental; urgency=low * Correct xen-linux-system transitional package names linux-latest-2.6 (37) experimental; urgency=low * Update to 3.0.0-rc5 * Restore xen-linux-system- packages * Remove common description text from linux-image-2.6- packages linux-latest-2.6 (36) experimental; urgency=low * Update to 3.0.0-rc1 - Add linux-doc, linux-headers-, linux-source and linux-tools packages - Change *-2.6-* to transitional packages linux-latest-2.6 (35.1) unstable; urgency=low [ Bastian Blank ] * Update to 2.6.39-2. linux-latest-2.6 (35) unstable; urgency=low * Update to 2.6.39-1 - Change linux-image{,-2.6}-686{,-bigmem} to transitional packages linux-latest-2.6 (34) unstable; urgency=low * [hppa] Update to 2.6.38-2a linux-latest-2.6 (33) unstable; urgency=low * Update to 2.6.38-2 linux-latest-2.6 (32) unstable; urgency=low * Update to 2.6.38-1 linux-latest-2.6 (31) unstable; urgency=low * Update to 2.6.37-2 linux-latest-2.6 (30) unstable; urgency=low * Update to 2.6.37-1 linux-latest-2.6 (29) unstable; urgency=low * Add xen-linux-system-2.6-* meta-packages (Closes: #402414) * Add bug presubj message for image meta packages directing users to the real image packages (Closes: #549591) * Fix repetition in description of linux-image-2.6-xen-amd64 (Closes: #598648) * [x86] Correct lists of suitable processors linux-latest-2.6 (28) unstable; urgency=low * Move NEWS from linux-2.6, since apt-listchanges only shows it for upgraded packages * Add linux-tools-2.6 meta package * Change versions for linux-doc-2.6 and linux-source-2.6 to match those of the other meta packages linux-latest-2.6 (27) unstable; urgency=low * Really build linux-doc-2.6 and linux-source-2.6 meta packages linux-latest-2.6 (26) unstable; urgency=low [ Joachim Breitner ] * Create linux-doc-2.6 and linux-source-2.6 meta packages (Closes: 347284) [ Ben Hutchings ] * Update to 2.6.32-5. * Update standards-version to 3.8.4; no changes required. * Explicitly describe all packages as meta-packages. linux-latest-2.6 (25) unstable; urgency=high * Update package description templates in line with linux-2.6. * Update to 2.6.32-3. * Set urgency to 'high' since this must transition with linux-2.6. linux-latest-2.6 (24) unstable; urgency=low * Update to 2.6.32-2. linux-latest-2.6 (23) unstable; urgency=low * Update to 2.6.32-trunk. linux-latest-2.6 (22) unstable; urgency=low * Update to 2.6.31-1. linux-latest-2.6 (21) unstable; urgency=low [ Bastian Blank ] * Update to 2.6.30-2. [ Ben Hutchings ] * Add myself to uploaders. linux-latest-2.6 (20) unstable; urgency=low * Move into kernel section. * Update to 2.6.30-1. linux-latest-2.6 (19) unstable; urgency=low * Update to 2.6.29-2. * Use debhelper compat level 7. * Update copyright file. linux-latest-2.6 (18) unstable; urgency=low * Update to 2.6.29-1. * Use dh_prep. * Remove lenny transition packages. linux-latest-2.6 (17) unstable; urgency=low * Use correct part of the config for image type. * Add description parts to all image packages. linux-latest-2.6 (16) unstable; urgency=low * Rebuild to pick up new images linux-latest-2.6 (15) unstable; urgency=low * Update to 2.6.26-1. * Make linux-image-* complete meta packages. linux-latest-2.6 (14) unstable; urgency=low * Update to 2.6.25-2. linux-latest-2.6 (13) unstable; urgency=low * Add transitional packages for k7. linux-latest-2.6 (12) unstable; urgency=low * Update to 2.6.24-1. linux-latest-2.6 (11) unstable; urgency=low * Update to 2.6.22-3. linux-latest-2.6 (10) unstable; urgency=low * Update to 2.6.22-2. linux-latest-2.6 (9) unstable; urgency=low * Update to 2.6.22-1. linux-latest-2.6 (8) unstable; urgency=low * Update to 2.6.21-2. * Add modules meta packages. * Provide linux-latest-modules-*. (closes: #428783) linux-latest-2.6 (7) unstable; urgency=low * Update to 2.6.21-1. * Remove etch transition packages. linux-latest-2.6 (6) unstable; urgency=low * Update to 2.6.18-4. * i386: Add amd64 transition packages. linux-latest-2.6 (5) unstable; urgency=low * Update to 2.6.18-3. -- Steve McIntyre <93sam@debian.org> Wed, 06 Jul 2022 09:55:13 +0000 10.12.6-20220629 Updates in 2 source package(s), 6 binary package(s): Source openssl, binaries: libssl1.1:amd64 openssl:amd64 libssl1.1:arm64 openssl:arm64 openssl (1.1.1n-0+deb10u3) buster-security; urgency=medium * CVE-2022-2068 (The c_rehash script allows command injection). * Update expired certs. Source tzdata, binaries: tzdata:amd64 tzdata:arm64 tzdata (2021a-0+deb10u5) buster; urgency=medium * Cherry-pick patches from upstream: - 07-no-leap-second-2022-06-30.patch: update leap-seconds.list, new expiration date on 28 December 2022. Closes: #1012191. -- Steve McIntyre <93sam@debian.org> Wed, 29 Jun 2022 16:05:15 +0000 10.12.5-20220607 Updates in 2 source package(s), 4 binary package(s): Source dpkg, binaries: dpkg:amd64 dpkg:arm64 dpkg (1.19.8) buster-security; urgency=medium [ Guillem Jover ] * Perl modules: - Dpkg::Source::Archive: Prevent directory traversal for in-place extracts. Reported by Max Justicz . Fixes CVE-2022-1664. * Build system: - Build gitlab CI images for buster instead of sid. [ Updated man pages translations ] * German (Helge Kreutzmann). Source rsyslog, binaries: rsyslog:amd64 rsyslog:arm64 rsyslog (8.1901.0-1+deb10u2) buster-security; urgency=medium * Fix potential heap buffer overflow in TCP syslog server (receiver) components when octet-counted framing is used (CVE-2022-24903, Closes: #1010619) -- Steve McIntyre <93sam@debian.org> Tue, 07 Jun 2022 22:00:25 +0000 10.12.4-20220524 Updates in 1 source package(s), 2 binary package(s): Source libxml2, binaries: libxml2:amd64 libxml2:arm64 libxml2 (2.9.4+dfsg1-7+deb10u4) buster-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow in xmlBufferResize * Fix integer overflows in xmlBuf and xmlBuffer (CVE-2022-29824) (Closes: #1010526) -- Steve McIntyre <93sam@debian.org> Tue, 24 May 2022 19:39:20 +0000 10.12.3-20220518 Updates in 1 source package(s), 4 binary package(s): Source openssl, binaries: libssl1.1:amd64 openssl:amd64 libssl1.1:arm64 openssl:arm64 openssl (1.1.1n-0+deb10u2) buster-security; urgency=medium * CVE-2022-1292 (The c_rehash script allows command injection). -- Steve McIntyre <93sam@debian.org> Wed, 18 May 2022 23:28:24 +0000 10.12.2-20220419 Updates in 2 source package(s), 4 binary package(s): Source gzip, binaries: gzip:amd64 gzip:arm64 gzip (1.9-3+deb10u1) buster-security; urgency=high * zgrep: fix arbitrary-file-write vulnerability addressing CVE-2022-1271 (closes: #1009168) * debian/rules: set execute mode bit on test scripts Source xz-utils, binaries: liblzma5:amd64 liblzma5:arm64 xz-utils (5.2.4-1+deb10u1) buster-security; urgency=high * Non-maintainer upload by the Security Team. * xzgrep: Fix escaping of malicious filenames (ZDI-CAN-16587) (CVE-2022-1271) (Closes: #1009167) -- Steve McIntyre <93sam@debian.org> Wed, 20 Apr 2022 00:24:09 +0000 10.12.1-20220403 Updates in 2 source package(s), 4 binary package(s): Source tzdata, binaries: tzdata:amd64 tzdata:arm64 tzdata (2021a-0+deb10u4) buster; urgency=medium * Cherry-pick patches from tzdata-2022a: - 06-palestine-dst2.patch: Palestine will spring forward on 2022-03-27, not -03-26. Source zlib, binaries: zlib1g:amd64 zlib1g:arm64 zlib (1:1.2.11.dfsg-1+deb10u1) buster-security; urgency=high * Non-maintainer upload by the Security Team. * Fix a bug that can crash deflate on some input when using Z_FIXED (CVE-2018-25032) (Closes: #1008265) -- Steve McIntyre <93sam@debian.org> Sun, 03 Apr 2022 04:45:27 +0000 10.12.0 First build for 10.12.0 release -- Steve McIntyre <93sam@debian.org> Sat, 26 Mar 2022 21:19:41 +0000