Debian buster Openstack images changelog 10.13.1-20220915 Updates in 3 source package(s), 6 binary package(s): Source glib2.0, binaries: libglib2.0-0:amd64 libglib2.0-0:arm64 glib2.0 (2.58.3-2+deb10u4) buster-security; urgency=medium * CVE-2021-3800: information leak using CHARSETALIASDIR envvar. Source sqlite3, binaries: libsqlite3-0:amd64 libsqlite3-0:arm64 sqlite3 (3.27.2-3+deb10u2) buster-security; urgency=high * CVE-2020-35525: Prevent a potential null pointer deference issue in INTERSEC query processing. * CVE-2020-35527: Prevent an out-of-bounds access issue that could be exploited via ALTER TABLE in views that have a nested FROM clauses. * CVE-2021-20223: Prevent an issue with the "unicode61" tokenizer related to Unicode control characters ("class Cc") and embedded NUL characters being misinterpreted as tokens. Source zlib, binaries: zlib1g:amd64 zlib1g:arm64 zlib (1:1.2.11.dfsg-1+deb10u2) buster-security; urgency=medium * Non-maintainer upload by the LTS Team. * CVE-2022-37434: heap buffer overflow via large gzip header extra field (Closes: #1016710). -- Steve McIntyre <93sam@debian.org> Thu, 15 Sep 2022 12:47:24 +0000 10.13.0 First build for 10.13.0 release -- Steve McIntyre <93sam@debian.org> Sat, 10 Sep 2022 21:13:47 +0000