Accepted base-files 10.3+deb10u2 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 10 Nov 2019 13:17:26 +0100 Source: base-files Architecture: source Version: 10.3+deb10u2 Distribution: buster Urgency: medium Maintainer: Santiago Vila Changed-By: Santiago Vila Changes: base-files (10.3+deb10u2) buster; urgency=medium . * Change /etc/debian_version to 10.2, for Debian 10.2 point release. Checksums-Sha1: 99d86de8709adaae8a316dee1f92fde56a329acb 1103 base-files_10.3+deb10u2.dsc 34cbfe4ec2791dd17629cd2ba83b6e1cd5e11fb0 65300 base-files_10.3+deb10u2.tar.xz b204ba250ff97bcfb51fdc9bd5760bed65f9974e 4748 base-files_10.3+deb10u2_source.buildinfo Checksums-Sha256: fef7e9a1640ebad9a182839b36ec9af2148b3997c994f0ffe971e4659b4d119f 1103 base-files_10.3+deb10u2.dsc bf7fe4f15b5ae89622c471b8d0ad0dac24409b5045499c1c399c9d1b68feb31f 65300 base-files_10.3+deb10u2.tar.xz 0278cc599c55b416a8d98b83c162eeac8a37572302c013ba373df8080d0d2bdd 4748 base-files_10.3+deb10u2_source.buildinfo Files: 56dbe6f84ed89f30871e6e378c46e843 1103 admin required base-files_10.3+deb10u2.dsc 10af11df20b3fbec4a7d6d6372eec017 65300 admin required base-files_10.3+deb10u2.tar.xz 39965a61e6cee2b9a2823181efbebc49 4748 admin required base-files_10.3+deb10u2_source.buildinfo -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEE1Uw7+v+wQt44LaXXQc5/C58bizIFAl3IADgACgkQQc5/C58b izJpPgf/VWuOjjQiMgLiqVR0gtAp2il9yzuejuIt8fOvS2GaZbl8RN6ijw2B+AD5 7vfHb/4q6Q+2GNgdSB8D6ro+54ezshDALezjp4p/iOpgtpMnBngsXQRXbFnmDeRF 0OgmWUqeQTqJw1CeITaL4K8esCjF6oLiuLXttALWAuQ0XrMj4byU1R7dle1MzNQ/ IVabDqWNO4TfzrnS9CoINDV9wpS4J7UsjlC1gf0WY4L6k85WrSlXSle2eSWsPij3 yPCZWnx6qmO4eB2GWQYBr9jWLsPnzr4KCHghspefgtCfKP46YYCqGc8Tb5BsruYV GpO5dmXS/TM8xSrITHLFtJOzTzWsWA== =VjPy -END PGP SIGNATURE-
Accepted python-oslo.messaging 8.1.4-1+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 27 Oct 2019 18:01:18 +0100 Source: python-oslo.messaging Architecture: source Version: 8.1.4-1+deb10u1 Distribution: buster Urgency: medium Maintainer: Debian OpenStack Changed-By: Thomas Goirand Changes: python-oslo.messaging (8.1.4-1+deb10u1) buster; urgency=medium . * New upstream point release, with an important fix: - Fix switch connection destination when a rabbitmq cluster node disappear. Checksums-Sha1: 63c49b91754d4172ac673ffd3953accb131e48c9 4201 python-oslo.messaging_8.1.4-1+deb10u1.dsc 5496eecf38f71fbe3a8e5e157ea0121c301ae386 209580 python-oslo.messaging_8.1.4.orig.tar.xz 7b2fcd198fcefa480b57d065a343d3aa66824884 10024 python-oslo.messaging_8.1.4-1+deb10u1.debian.tar.xz 2b94284f1bd9b2d64dfd7fb198cc54da71625135 16482 python-oslo.messaging_8.1.4-1+deb10u1_amd64.buildinfo Checksums-Sha256: 53d148697ee84b32a9842f3a8a7dc5bb1a6e3307aaf03447a9b5a36e0a6ce689 4201 python-oslo.messaging_8.1.4-1+deb10u1.dsc 227dfb97620468c0e1bf66bb6fad4a7f5f6bcb300efab2bc8ca8826236a7e9a5 209580 python-oslo.messaging_8.1.4.orig.tar.xz 50119ace49fa798484a1c6d0c588420186b8e6cba26dc8eaafb546d7d2596a81 10024 python-oslo.messaging_8.1.4-1+deb10u1.debian.tar.xz eacfbfbe14aa1a4e572bbe84ccc7ef88921bd201e6f1abe5e83db1a9d840ad0c 16482 python-oslo.messaging_8.1.4-1+deb10u1_amd64.buildinfo Files: d223884a7645cefcba889b4ec7ca69c4 4201 python optional python-oslo.messaging_8.1.4-1+deb10u1.dsc df687c72ed6feb460b36e9605de5897b 209580 python optional python-oslo.messaging_8.1.4.orig.tar.xz 6f6b8cb801e2fa237f381c5aa1e55ce5 10024 python optional python-oslo.messaging_8.1.4-1+deb10u1.debian.tar.xz 6fe4093824d55b03cb230eb606940eb5 16482 python optional python-oslo.messaging_8.1.4-1+deb10u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAl3IMqwACgkQ1BatFaxr Q/71FA//ec/pwj6yMCASwo59gyyGVfBGRgNyr8WTaMuB0ez/H7qakqhJXoMi9hyF I2rma2ljJaDPcEPDuEd3YQp24QGyW+0ivZ2zA68iKoZjpjPATkT/mrIQfPZYZSqp qMfcEGRM3ychJVS+USAcg/nD9VQhV7NDNzmPXdJ4/IAOuajyIA80N0x2Nkr85Ye3 QD4THCz87z3cMWTgUfIF9kO4ktV/YdraDCIiIxcO0BYlhSXnsK+TJd4FUpGazRjj WdJfDVPsevqOjgKwyG3SaNiDVQJsxT56DU/FW4x6z9Puc3f2o3r2tukILZM+SbGM wql3kf3LAB0oB16zj+cFJiZWByZ1AUkf4Jq3pZkB9Q263eKdxnuqV9W8+boXqovU /8JiXzJVevYq81EjTu8cc7Y84eUe76/wo8WltCc/TUse8yJ0GpNGbVFVu+Xa4stT wWf11PW75WkGt71M9gJIa5jrCsBipAtrMXLhcK8MOCFM3680eVPl9u6LQfLOkPx9 6yAGDdqu5ar+b88EEd2vfbW8rSMrYUinc9q84XGfC6Ti+Ip0Q1P+KPzzpJaFttdi pbBGtbnOPwEBjwbPx42pEmu28ul1rcRi1ojwuJ6we2TQpzZ8idcNJzHeijLPdFLQ ihwCQojiEHpO+sqcbUEVX1qSocr7DR3H3MkRJlr4TQXGuXKM6Hs= =n9vI -END PGP SIGNATURE-
Accepted node-fstream 1.0.10-1+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 01 Sep 2019 22:37:19 +0200 Source: node-fstream Architecture: source Version: 1.0.10-1+deb10u1 Distribution: buster Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Xavier Guimard Closes: 931408 Changes: node-fstream (1.0.10-1+deb10u1) buster; urgency=medium . * Team upload * Clobber a Link if it's in the way of a File (Closes: #931408, CVE-2019-13173) Checksums-Sha1: 88ee92d8bac4343c4970e4649b90b35d24eaf3de 2077 node-fstream_1.0.10-1+deb10u1.dsc 1b0080f7cc2452cd67e7a93f9cdf6391a664c980 3168 node-fstream_1.0.10-1+deb10u1.debian.tar.xz Checksums-Sha256: 6696853c3ae8830153b48791def8076a7701c15dd20158ee269180a88277ed9d 2077 node-fstream_1.0.10-1+deb10u1.dsc 33b0232cdb788f2ec1c91694038e529db0abaab7cd771faffdca0a5dde05a7f4 3168 node-fstream_1.0.10-1+deb10u1.debian.tar.xz Files: ba01ad99b1e801b5a5458dc2bcb2fb30 2077 web extra node-fstream_1.0.10-1+deb10u1.dsc cb5c919312108ffc154d3f137674549b 3168 web extra node-fstream_1.0.10-1+deb10u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEAN/li4tVV3nRAF7J9tdMp8mZ7ukFAl3HwqcACgkQ9tdMp8mZ 7uliHg//VWLhYR2rEqbJZBCNCOfk5lDuMPckRLNpEWrfqX6qh5MVUst5+SBI/GJw GWMsgFNRFOTOsO/xcRfwfY8CLcg42au6bzm7FFY8uhZ7S66C260QXKFxaTbAY98W Z3/8B32DcYltq5usQ/5l0/EuTnA43ZdC5vdH6X4VG/+q/kzakhzh8XO6XhFZocbk vnk6wF+sgp1Gjy1mfwu5ZSq5JieLnm4GBvd3EjyD20vI/eDutjJFQugWlbROr2NY 13Gl2m1TLPfTjx1+nk6RiRSWbBcv6ZRXB+n38l1n5V/cJKC2i8tI8T4yO1mapZy3 fdwOGzsDgqbMZYYLfb1TNjsjLeb/xHwlBEGeFuC4BcUJQWJStqMIVb/MFJAMbEGX nXjKfbASwMWxulNS7dhvHR0rrUgal2m3I/GhkELSfbs+J1bOeN++ffPCl2ma0EWj 22yaP3qlXHY7maGhqJWEFmRLMFuLbMGutmrDvembCz/VeOxOXUOJMSv6M7Xr5RfB WxhKzzurqoOA7fZis4Qonp5lV3ly0YQe47qf6Uxd3bHy/iOYIlZKpU8O++yhM7P3 mxo4FHuxxOYIiPmScGjZElWiQFBLKS/5s/l8n/uuGgb/FtiHDRzwGWxsXNvuj2fe Q15ui2uC5TH85kuO8Kl2QgPddSUsseBdjbuPuCM5JfCzp1uSJ88= =PRID -END PGP SIGNATURE-
Accepted chromium 78.0.3904.97-1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 09 Nov 2019 19:01:23 + Source: chromium Architecture: source Version: 78.0.3904.97-1~deb10u1 Distribution: buster-security Urgency: medium Maintainer: Debian Chromium Team Changed-By: Michael Gilbert Changes: chromium (78.0.3904.97-1~deb10u1) buster-security; urgency=medium . * New upstream stable release. - CVE-2019-5869: Use-after-free in Blink. Reported by Zhe Jin - CVE-2019-5870: Use-after-free in media. Reported by Guang Gong - CVE-2019-5871: Heap overflow in Skia. Reported by Anonymous - CVE-2019-5872: Use-after-free in Mojo. Reported by Zhe Jin - CVE-2019-5874: External URIs may trigger other browsers. Reported by James Lee - CVE-2019-5875: URL bar spoof. Reported by Khalil Zhani - CVE-2019-5876: Use-after-free in media. Reported by Man Yue Mo - CVE-2019-5877: Out-of-bounds access in V8. Reported by Guang Gong - CVE-2019-5878: Use-after-free in V8. Reported by Guang Gong - CVE-2019-5879: Extensions can read some local files. Reported by Jinseo Kim - CVE-2019-5880: SameSite cookie bypass. Reported by Jun Kokatsu - CVE-2019-13659: URL spoof. Reported by Lnyas Zhang - CVE-2019-13660: Full screen notification overlap. Reported by Wenxu Wu - CVE-2019-13661: Full screen notification spoof. Reported by Wenxu Wu - CVE-2019-13662: CSP bypass. Reported by David Erceg - CVE-2019-13663: IDN spoof. Reported by Lnyas Zhang - CVE-2019-13664: CSRF bypass. Reported by thomas "zemnmez" shadwell - CVE-2019-13665: Multiple file download protection bypass. Reported by Jun Kokatsu - CVE-2019-13666: Side channel using storage size estimate. Reported by Tom Van Goethem - CVE-2019-13667: URI bar spoof when using external app URIs. Reported by Khalil Zhani - CVE-2019-13668: Global window leak via console. Reported by David Erceg - CVE-2019-13669: HTTP authentication spoof. Reported by Khalil Zhani - CVE-2019-13670: V8 memory corruption in regex. Reported by Guang Gong - CVE-2019-13671: Dialog box fails to show origin. Reported by xisigr - CVE-2019-13673: Cross-origin information leak using devtools. Reported by David Erceg - CVE-2019-13674: IDN spoofing. Reported by Khalil Zhani - CVE-2019-13675: Extensions can be disabled by trailing slash. Reported by Jun Kokatsu - CVE-2019-13676: Google URI shown for certificate warning. Reported by Wenxu Wu - CVE-2019-13677: Chrome web store origin needs to be isolated. Reported by Jun Kokatsu - CVE-2019-13678: Download dialog spoofing. Reported by Ronni Skansing - CVE-2019-13679: User gesture needed for printing. Reported by Conrad Irwin - CVE-2019-13680: IP address spoofing to servers. Reported by Thijs Alkemade - CVE-2019-13681: Bypass on download restrictions. Reported by David Erceg - CVE-2019-13682: Site isolation bypass. Reported by Jun Kokatsu - CVE-2019-13683: Exceptions leaked by devtools. Reported by David Erceg - CVE-2019-13685: Use-after-free in UI. Reported by Khalil Zhani - CVE-2019-13686: Use-after-free in offline pages. Reported by Brendon - CVE-2019-13687: Use-after-free in media. Reported by Man Yue Mo - CVE-2019-13688: Use-after-free in media. Reported by Man Yue Mo Tiszka - CVE-2019-13691: Omnibox spoof. Reported by David Erceg - CVE-2019-13692: SOP bypass. Reported by Jun Kokatsu - CVE-2019-13693: Use-after-free in IndexedDB. Reported by Guang Gong - CVE-2019-13694: Use-after-free in WebRTC. Reported by banananapenguin - CVE-2019-13695: Use-after-free in audio. Reported by Man Yue Mo - CVE-2019-13696: Use-after-free in V8. Reported by Guang Gong - CVE-2019-13697: Cross-origin size leak. Reported by Luan Herrera - CVE-2019-13699: Use-after-free in media. Reported by Man Yue Mo - CVE-2019-13700: Buffer overrun in Blink. Reported by Man Yue Mo - CVE-2019-13701: URL spoof in navigation. Reported by David Erceg - CVE-2019-13702: Privilege elevation in Installer. Reported by Phillip Langlois and Edward Torkington - CVE-2019-13703: URL bar spoofing. Reported by Khalil Zhani - CVE-2019-13704: CSP bypass. Reported by Jun Kokatsu - CVE-2019-13705: Extension permission bypass. Reported by Luan Herrera - CVE-2019-13706: Out-of-bounds read in PDFium. Reported by pdknsk - CVE-2019-13707: File storage disclosure. Reported by Andrea Palazzo - CVE-2019-13708: HTTP authentication spoof. Reported by Khalil Zhani - CVE-2019-13709: File download protection bypass. Reported by Zhong Zhaochen - CVE-2019-13710: File download protection bypass. Reported by bernardo.mrod - CVE-2019-13711: Cross-context information leak. Reported by David Erceg - CVE-2019-13713: Cross-origin data leak. Reported by David Erc