Tuxcare Errata System 0.0.1 5.10 2026-04-14T15:24:35 Debian 10 * SECURITY UPDATE: path Equivalence leads to Remote Code Execution and/or Information disclosure - debian/patches/CVE-2025-24813.patch: Enhance lifecycle of temporary files used by partial PUT - CVE-2025-24813 Critical TuxCare License Agreement CVE-2025-24813 Debian 10 * SECURITY UPDATE: mod_rewrite proxy handler substitution and prefix_stat vulnerabilities - debian/patches/CVE-2024-38474-38475-*.patch: tighten up prefix_stat and %3f handling, add better question mark tracking to avoid UnsafeAllow3F - CVE-2024-38474, CVE-2024-38475 Critical TuxCare License Agreement CVE-2024-38476 CVE-2024-38474 CVE-2024-40725 CVE-2024-38475 CVE-2024-39884 Debian 10 * SECURITY UPDATE: excessive aggregate terms potentially leading to memory corruption - debian/patches/CVE-2025-6965.patch: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns - CVE-2025-6965 Critical TuxCare License Agreement CVE-2025-6965 Debian 10 * SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: HTTP/2 - per-iteration stream handling limit. - CVE-2023-44487 Important TuxCare License Agreement CVE-2023-44487 Debian 10 * SECURITY_UPDATE: avoid segfault on ${0::0/0~09J} - debian/patches/CVE-2022-48174.patch: Fix shell segfault in malformed arithmetic expressions - CVE-2022-48174 Critical TuxCare License Agreement CVE-2022-48174 Debian 10 * SECURITY UPDATE: Authentication bypass in external authentication plug-ins with only partially correct credentials - debian/patches/CVE-2022-0547.patch: disallow multiple deferred authentication plug-ins - CVE-2022-0547 * Update sample keys for testing - debian/sample-keys/* - debian/rules - debian/source/include-binaries Critical TuxCare License Agreement CVE-2022-0547 Debian 10 * SECURITY UPDATE: out-of-bound write - debian/patches/CVE-2024-11236: fix integer overflow causing in an out-of-bounds write ldap_escape() - CVE-2024-11236 * SECURITY UPDATE: incorrect URL truncation - debian/patches/CVE-2025-1861: fix possible incorrect URL truncation and redirecting to a wrong location - CVE-2025-1217 - CVE-2025-1734 - CVE-2025-1861 * SECURITY UPDATE: inadequate validation of user-supplied headers may lead to header misinterpretation - debian/patches/CVE-2025-1736.patch: Fix GHSA-hgf5-96fm-v528: Correct http user header CRLF check - CVE-2025-1736 Critical TuxCare License Agreement CVE-2024-11236 CVE-2025-1861 CVE-2025-1736 Debian 10 * SECURITY UPDATE: AD DC can be forced to issue rc4-hmac Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix session key selection algorithm for selecting the ticket in strongest-to-weakest order, thus allowing the target server to select better encryption - CVE-2022-45141 Critical TuxCare License Agreement CVE-2022-45141 Debian 10 * SECURITY UPDATE: heap-based buffer overflow in function bfd_getl32 in objdump - debian/patches/CVE-2021-46174.patch: Don't read past end of section when concatentating stab strings in read_section_stabs_debugging_info() in rddbg.c - CVE-2021-46174 * SECURITY UPDATE: heap buffer overflow in find_section_in_set() in readelf - debian/patches/CVE-2022-44840.patch: Scan the pool directly - CVE-2022-44840 Important TuxCare License Agreement CVE-2022-44840 CVE-2021-46174 Debian 10 * SECURITY UPDATE: use-after-free vulnerability in XML schema processing - debian/patches/CVE-2024-56171.patch: Fix use-after-free after xmlSchemaItemListAdd in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables - CVE-2024-56171 Critical TuxCare License Agreement CVE-2024-56171 Debian 10 * SECURITY UPDATE: uncontrolled recursion leading to stack overflow via crafted XPath expressions - debian/patches/CVE-2025-9714.patch: Make XPath depth check work with recursive invocations to prevent stack overflows - CVE-2025-9714 Important TuxCare License Agreement CVE-2025-32415 CVE-2025-27113 CVE-2022-49043 CVE-2025-32414 CVE-2024-25062 Debian 10 * SECURITY UPDATE: stack-based buffer overflow in disassemble_bytes function - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow by restricting size of insn_width buffer - CVE-2025-0840 Important TuxCare License Agreement CVE-2025-0840 Debian 10 * SECURITY UPDATE: missing TLS certificate verification - debian/patches/fixes/CVE-2023-31484.patch: enable SSL/TLS cert checking in .../CPAN/HTTP/Client.pm - CVE-2023-31484 Important TuxCare License Agreement CVE-2023-31484 Debian 10 * SECURITY UPDATE: privilege escalation via symlinks - debian/patches/CVE-2021-23240.patch: fix opportunity for local unprivileged user to gain file ownership via symlinks. * SECURITY UPDATE: unauthorized commands execution on unintended hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462 * SECURITY UPDATE: row hammer attack - debian/patches/CVE-2023-42465.patch: make return values resist to single bit flips - CVE-2023-42465 Important TuxCare License Agreement CVE-2023-42465 CVE-2025-32462 CVE-2021-23240 Debian 10 * SECURITY UPDATE: privilege escalation vulnerability in privileged mode - debian/patches/CVE-2019-18276.patch: fix setuid/setgid handling when bash is running in privileged mode, use setresuid/setresgid over setuid/setgid when available - CVE-2019-18276 Important TuxCare License Agreement CVE-2019-18276 Debian 10 * SECURITY UPDATE: potential Denial of Service via TLS connection - debian/patches/CVE-2020-14058.patch: Fix sending of unknown validation errors to cert validator - CVE-2020-14058 * SECURITY UPDATE: improper Validation of Specified Index leads to Denial of Service via TLS Handshake vulnerability - debian/patches/CVE-2023-46724.patch: Fix validation of certificates with CN=* due to Buffer UnderRead in SSL CN Parsing issue (#1523) - CVE-2023-46724 * SECURITY UPDATE: denial of Service vulnerability in HTTP Chunked decoder due to uncontrolled recursion bug - debian/patches/CVE-2024-25111.patch: Fix infinite recursion when parsing HTTP chunks, prevent progress in call chain by stopping HttpStateData recursion - CVE-2024-25111 * SECURITY UPDATE: denial of Service vulnerability in the NTLM authentication credentials parser due to incorrect input validation - debian/patches/CVE-2020-8517.patch: Fix incorrect input validation allowing writing outside of buffer and leading to denial of service - CVE-2020-8517 * SECURITY UPDATE: denial of Service vulnerability against HTTP header parsing due to a Collapse of Data into Unsafe Value - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values to prevent DoS - CVE-2024-25617 * SECURITY UPDATE: denial of Service vulnerability by a trusted server - debian/rules: Disable ESI due to unfixed multiple issues in ESI causing DoS by a trusted server - debian/control: Remove dependencies used by ESI - CVE-2024-45802 Important TuxCare License Agreement CVE-2020-14058 CVE-2023-46724 CVE-2024-45802 CVE-2024-25111 CVE-2024-25617 CVE-2020-8517 Debian 10 * SECURITY UPDATE: Bypassing of some rewrite rules by a specially crafted request - debian/patches/CVE-2025-31651.patch: better handling of URLs - CVE-2025-31651 Critical TuxCare License Agreement CVE-2025-31651 CVE-2024-38286 Debian 10 * SECURITY UPDATE: Heap-based Buffer Overflow in visual mode - debian/patches/CVE-2022-3520.patch: check that the column does not become negative - CVE-2022-3520 Critical TuxCare License Agreement CVE-2022-1735 CVE-2021-3973 CVE-2022-1629 CVE-2022-3520 CVE-2022-1620 CVE-2021-3903 Debian 10 * SECURITY UPDATE: out-of-bounds access - debian/patches/CVE-2017-9118.patch: fix out of bounds access in php_pcre_replace_impl - CVE-2017-9118 * SECURITY UPDATE: improper validation of HTTP_REDIRECT_STATUS variable in CGI binary - debian/patches/CVE-2024-8927.patch: fix Apache server name check; remove references to redirect.so and Netscape; check configuration override first - CVE-2024-8927 * SECURITY UPDATE: buffer overread vulnerability - debian/patches/CVE-2024-11233.patch: move bound check upwards to fix single byte overread with convert.quoted-printable-decode filter - CVE-2024-11233 * SECURITY UPDATE: URI is not properly sanitized - debian/patches/CVE-2024-11234.patch: when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user - CVE-2024-11234 * SECURITY UPDATE: incomplete check in escaping functions - debian/patches/CVE-2025-1735.patch: pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid. - CVE-2025-1735 Important TuxCare License Agreement CVE-2017-9118 CVE-2024-11233 CVE-2025-1735 CVE-2024-11234 CVE-2024-8927 Debian 10 * SECURITY UPDATE: uninitialized-heap vulnerability in tic4x_print_cond function - debian/patches/CVE-2020-35342.patch: Initialize all elements of the condtable array to fix uninitialized heap memory issue in tic4x_print_cond function - CVE-2020-35342 Important TuxCare License Agreement CVE-2020-35342 CVE-2021-45078 Debian 10 * SECURITY UPDATE: insecure privilege dropping vulnerability - debian/patches/CVE-2019-20044-*.patch: improve error handling in setopt command, add OpenSSH-based setresuid/setresgid wrappers, simplify and secure privilege dropping logic, add comprehensive tests for PRIVILEGED option - CVE-2019-20044 Important TuxCare License Agreement CVE-2019-20044 Debian 10 * SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2019-9923.patch: fix a NULL pointer dereference when parsing certain archives that have malformed extended headers in pax_decode_header() in sparse.c - CVE-2019-9923 Important TuxCare License Agreement CVE-2019-9923 Debian 10 * SECURITY UPDATE: Buffer Over-read because of invalid cursor position after "0;" range - debian/patches/CVE-2022-1927.patch: check the cursor position when it was set by ";" in the range - CVE-2022-1927 * SECURITY UPDATE: Use After Free in spell command - debian/patches/CVE-2022-2042.patch: initialize "attr", check for empty line early - CVE-2022-2042 * SECURITY UPDATE: Out-of-bounds Read when regex pattern starts with illegal byte - debian/patches/CVE-2022-2581.patch: do not match a character with an illegal byte - CVE-2022-2581 * SECURITY UPDATE: Heap-based Buffer Overflow with for loop over NULL string - debian/patches/CVE-2022-2849.patch: make sure mb_ptr2len() consistently returns zero for NUL - CVE-2022-2849 Important TuxCare License Agreement CVE-2022-2042 CVE-2022-1927 CVE-2022-2849 CVE-2022-2581 Debian 10 * SECURITY UPDATE: null pointer dereference in mod_proxy - debian/patches/CVE-2024-38477.patch: validate hostname in modules/proxy/proxy_util.c. Restart from the original URL on reconnect in modules/http2/mod_proxy_http2.c. - CVE-2024-38477 Important TuxCare License Agreement CVE-2024-38477 Debian 10 * SECURITY UPDATE: multiple vulnerabilities in AWK implementation - debian/patches/CVE-2021-423xx-awk.patch: fix issues with argument parsing, delete statement validation, length() parsing, post-increment/decrement on literals, expression handling, regex splitting, use-after-realloc, and maxfields underflow - CVE-2021-42378 - CVE-2021-42379 - CVE-2021-42380 - CVE-2021-42381 - CVE-2021-42382 - CVE-2021-42384 - CVE-2021-42385 - CVE-2021-42386 Important TuxCare License Agreement CVE-2021-42382 CVE-2021-42385 CVE-2021-42379 CVE-2021-42386 CVE-2021-42381 CVE-2021-42378 CVE-2021-42384 CVE-2021-42380 Debian 10 * SECURITY UPDATE: excessive cached HTTP response header size causing worker process stall or crash - debian/patches/CVE-2023-5824.patch: Refactor serialized HTTP response header handling to prevent cache flow - CVE-2023-5824 * SECURITY UPDATE: Use-After-Free in the HTTP Collapsed Forwarding Feature - debian/patches/CVE-2023-5824.patch: Removed Use-After-Free during refactor serialized HTTP response header - CVE-2023-49288 Important TuxCare License Agreement CVE-2023-49288 CVE-2023-5824 Debian 10 * SECURITY UPDATE: out-of-bounds stack write flaw in 64-bit architectures - debian/patches/CVE-2024-1013.patch: Fix incompatible pointer-to-integer types causing out-of-bounds stack writes on 64-bit architectures - CVE-2024-1013 Important TuxCare License Agreement CVE-2024-1013 Debian 10 * SECURITY UPDATE: Heap-based Buffer Overflow - debian/patches/CVE-2022-1733.patch: Check for NUL to prevent reading past end of the line when C-indenting - CVE-2022-1733 * SECURITY UPDATE: Use After Free - debian/patches/CVE-2022-1796.patch: Fix accessing freed memory when line is flushed by making a copy of the search pattern - CVE-2022-1796 * SECURITY UPDATE: Heap-based Buffer Overflow - debian/patches/CVE-2022-1886.patch: Check the length is more than zero to fix access before start of text with a put command - CVE-2022-1886 * SECURITY UPDATE: Use After Free - debian/patches/CVE-2022-3016.patch: Return QF_ABORT when location list changed in autocmd - CVE-2022-3016 Important TuxCare License Agreement CVE-2022-1886 CVE-2022-1796 CVE-2022-1733 CVE-2022-3016 Debian 10 * SECURITY UPDATE: multiple vulnerabilities in vms-alpha.c parse_module - debian/patches/CVE-2022-47673_CVE-2023-25584-*.patch: fix null pointer dereference in parse_module by adding return value checking for bfd_zalloc calls, fix potential out of bounds memory access in DST record parsing loop - CVE-2022-47673, CVE-2023-25584 Important TuxCare License Agreement CVE-2022-47673 CVE-2023-25584 Debian 10 * SECURITY UPDATE: denial of service via bfd_mach_o_get_synthetic_symtab in match-o.c - debian/patches/CVE-2022-47695.patch: Fix segmentation fault in compare_symbols function by excluding section and synthetic symbols before checking symbol flags - CVE-2022-47695 Important TuxCare License Agreement CVE-2022-47695 Debian 10 * SECURITY UPDATE: template injection allows code injection through specially crafted files - debian/patches/CVE-2023-5764.patch: avoid evaluate unsafe conditions - debian/patches/CVE-2023-5764-ext-tests.patch: addional tests - CVE-2023-5764 Important TuxCare License Agreement CVE-2023-5764 Debian 10 * SECURITY UPDATE: Improper restriction of XML External Entity Reference - debian/patches/CVE-2024-45490.patch: Reject negative len for XML_ParseBuffer - CVE-2024-45490 Important TuxCare License Agreement CVE-2024-45490 Debian 10 * SECURITY UPDATE: fix integer overflow in libbfd - debian/patches/CVE-2025-1000876.patch: Add overflow checks to prevent potential memory allocation issues from integer overflow - CVE-2025-1000876 Important TuxCare License Agreement CVE-2022-47696 CVE-2018-1000876 Debian 10 * SECURITY UPDATE: Reading past end of completion with a long line and 'infercase' set - debian/patches/CVE-2022-2343.patch: Allocate the string if needed - CVE-2022-2343 * SECURITY UPDATE: Accessing uninitialized memory when completing long line - debian/patches/CVE-2022-2522.patch: Terminate string with NUL. - CVE-2022-2522 Important TuxCare License Agreement CVE-2022-2125 CVE-2023-0049 CVE-2022-4292 CVE-2022-3591 CVE-2022-2264 CVE-2022-2845 CVE-2022-2344 CVE-2022-2206 CVE-2022-2257 CVE-2022-2210 CVE-2022-2182 CVE-2022-2522 CVE-2022-2207 CVE-2022-2175 CVE-2022-2183 CVE-2022-2343 CVE-2022-2345 CVE-2022-2289 CVE-2022-2126 CVE-2022-2124 CVE-2022-2287 CVE-2022-2286 CVE-2022-2284 Debian 10 * SECURITY UPDATE: missing SSL certificate validation vulnerability in wget - debian/patches/CVE-2018-1000500-1.patch: implement TLS verification with CENABLE_FEATURE_WGET_OPENSSL - debian/patches/CVE 2018-1000500-2.patch: fix openssl options for cert verification - CVE-2018-1000500 * SECURITY UPDATE: escape sequence injection attack - debian/patches/CVE-2022-28391-1.patch: sockaddr2str: ensure only printable characters are returned for the hostname part - debian/patches/CVE-2022-28391-2.patch: nslookup: sanitize all printed strings - CVE-2022-28391 * SECURITY UPDATE: directory traversal vulnerability in CPIO command - debian/patches/CVE-2023-39810.patch: archival: disallow path traversals - debian/config/pkg/*: regenerate to add the new FEATURE_PATH_TRAVERSAL_PROTECTION option - CVE-2023-39810 Important TuxCare License Agreement CVE-2018-1000500 CVE-2023-39810 CVE-2022-28391 Debian 10 * SECURITY UPDATE: integer overflow in PAC parsing - debian/patches/CVE-2022-42898.patch: catch overflows that result from adding PAC_INFO_BUFFER_SIZE - CVE-2022-42898 Important TuxCare License Agreement CVE-2022-42898 Debian 10 * SECURITY UPDATE: Stack-based Buffer Overflow with unexpected :finally - debian/patches/CVE-2022-3296.patch: check CSF_TRY can be found - CVE-2022-3296 * Fix Test_terminal_noblock() - debian/patches/fix-flaky-terminal-noblock-test.patch Important TuxCare License Agreement CVE-2024-22667 CVE-2023-5344 CVE-2023-4750 CVE-2023-0433 CVE-2022-3296 CVE-2023-5535 CVE-2023-0288 CVE-2023-4735 CVE-2023-4733 CVE-2023-4751 Debian 10 * SECURITY UPDATE: Overwrite a local file - debian/patches/CVE-2023-30630.patch: Prevent --dump-bin from overwriting local files to address privilege escalation vulnerability - CVE-2023-30630 Important TuxCare License Agreement CVE-2023-30630 Debian 10 * SECURITY UPDATE: The DNS message parsing code in `named` includes a section whose computational complexity is overly high - debian/patches/CVE-2023-4408.patch: refactoring parsing code - debian/patches/CVE-2023-4408-1.patch: fix DNSSEC test suite - debian/libdns1100.symbols: some function declarations were removed according to the CVE-2023-4408.patch - CVE-2023-4408 * Add patch for enabling automated testing Important TuxCare License Agreement CVE-2023-4408 Debian 10 * SECURITY UPDATE: DNS string buffer overflow - debian/patches/CVE-2020-10745.patch: add input validation to prevent buffer overflows when handling DNS/NBT names with consecutive dots or exceeding RFC 1035 255-byte limit. The fix enforces proper bounds checking and component length validation in ndr_push_dns_string() and ndr_push_nbt_string() functions. - CVE-2020-10745 * SECURITY UPDATE: panic in krb5_pac_parse() - debian/patches/0001-Additional-fix-for-CVE-2022-42898.patch: check pointer for NULL - CVE-2022-42898 Important TuxCare License Agreement CVE-2020-10745 Debian 10 * SECURITY UPDATE: mishandling of semicolons in userinfo - debian/patches/CVE-2024-38428.patch: properly re-implement userinfo parsing in src/url.c. - CVE-2024-38428 Critical TuxCare License Agreement CVE-2024-38428 Debian 10 * SECURITY UPDATE: Unsafe chown/chmod operations in .service files - debian/patches/CVE-2021-44038.patch: remove chown/chmod commands from the .service files - CVE-2021-44038 Important TuxCare License Agreement CVE-2021-44038 Debian 10 * SECURITY UPDATE: Integer Overflow in g_option_group_add_entries - debian/patches/CVE-2020-35457.patch: goption: add a precondition to avoid GOptionEntry list overflow - CVE-2020-35457 Important TuxCare License Agreement CVE-2020-35457 Debian 10 * SECURITY UPDATE: malicious remote servers to write arbitrary files inside the directories of connecting peers: - debian/patches/els/0001-CVE-2022-29154.patch: fix insufficient validation of file names. - CVE-2022-29154. * SECURITY UPDATE: path traversal vulnerability. - debian/patches/els/0002-CVE-2024-12087.patch: refuse a duplicate dirlist and range check dir_ndx before use - CVE-2024-12087 * SECURITY UPDATE: rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it: - debian/patches/els/0003-CVE-2024-12088.patch: make --safe-links stricter. - CVE-2024-12088. Important TuxCare License Agreement CVE-2022-29154 CVE-2024-12088 CVE-2024-12087 Debian 10 * SECURITY UPDATE: Privilege chaining vulnerability - debian/patches/CVE-2019-3843.patch: introduce functionality for blocking chmod() for suid/sgid files with new unit setting RestrictSUIDSGID= - CVE-2019-3843 * SECURITY UPDATE: Privilege chaining vulnerability - debian/patches/CVE-2019-3844.patch: imply NNP and SUID/SGID restriction for DynamicUser=yes service - CVE-2019-3844 Important TuxCare License Agreement CVE-2019-3844 CVE-2019-3843 Debian 10 * SECURITY UPDATE: failure to redact HTTP authentication credentials in error handling allows information disclosure - debian/patches/CVE-2025-62168.patch: Fix HttpRequest::pack to mask sensitive information to prevent disclosure - CVE-2025-62168 Important TuxCare License Agreement CVE-2025-62168 Debian 10 * SECURITY UPDATE: stack memory exhaustion vulnerability - debian/patches/CVE-2020-10704.patch: fix vulnerability where a deeply nested filter in an unauthenticated LDAP search can exhaust the LDAP server's attack memory causing a SIGSEGV - CVE-2020-10704 Important TuxCare License Agreement CVE-2020-10704 Debian 10 * SECURITY UPDATE: Directory permission cleanup vulnerability leading to DoS - debian/patches/CVE-2025-6297.patch: Fix cleanup for control member with restricted directories - CVE-2025-6297 Low TuxCare License Agreement CVE-2025-6297 Debian 10 * SECURITY UPDATE: Buffer overflow when ELF section size is invalid - debian/patches/CVE-2019-1010180.patch: Skip processing invalid ELF sections - CVE-2019-1010180 Important TuxCare License Agreement CVE-2019-1010180 Debian 10 * SECURITY UPDATE: improper neutralization of quoting syntax in libpq functions allows SQL injection via psql in certain usage patterns - debian/patches/CVE-2025-1094.patch: Fix handling of invalidly encoded data in escaping functions - CVE-2025-1094 Important TuxCare License Agreement CVE-2025-1094 Debian 10 * SECURITY UPDATE: use after free in Samba AD DC RPC server - debian/patches/CVE-2021-3738-pre.patch: prepare service routines before fixing CVE-2021-3738 - debian/patches/CVE-2021-3738.patch: avoids a crash caused by use-after-free in Samba AD DC RPC server - CVE-2021-3738.patch Important TuxCare License Agreement CVE-2021-3738 Debian 10 * SECURITY UPDATE: Heap-buffer overflow when switching buffers in visual mode - debian/patches/CVE-2025-22134.patch: fix visual mode heap-buffer-overflow by resetting VIsual mode on :all - CVE-2025-22134 Moderate TuxCare License Agreement CVE-2025-22134 Debian 10 * SECURITY UPDATE: VerifyHostKeyDNS server impersonation - debian/patches/CVE-2025-26465.patch: Fix cases where error codes were not correctly set - CVE-2025-26465 Moderate TuxCare License Agreement CVE-2025-26465 Debian 10 * SECURITY UPDATE: elevation of privilege vulnerability - debian/patches/CVE-2020-1472.patch: fix vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC) - CVE-2020-1472 Low TuxCare License Agreement CVE-2020-1472 Debian 10 * SECURITY UPDATE: DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. - debian/patches/CVE-2025-32728.patch: fix logic error in DisableForwarding option - CVE-2025-32728 Low TuxCare License Agreement CVE-2025-32728 Debian 10 * SECURITY UPDATE: Carriage Return injection in credential protocol - debian/patches/CVE-2024-52006.patch: fix Carriage Return injection in credential protocol - CVE-2024-52006 Important TuxCare License Agreement CVE-2024-52006 Debian 10 * SECURITY UPDATE: heap buffer overflow in array_merge() - debian/patches/CVE-2025-14178.patch: fix integer overflow in the precomputation of element counts using zend_hash_num_elements() - CVE-2025-14178 Important TuxCare License Agreement CVE-2025-14178 Debian 10 * SECURITY UPDATE: fix DoS by a client that connect to cupsd sends slow messages. - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client. - CVE-2025-58436. * Fix test/run-stp-tests.sh - debian/patches/waiting-limit.patch: limit the waiting for a server dunring tests Moderate TuxCare License Agreement CVE-2025-58436 Debian 10 * SECURITY UPDATE: improper encoding or escaping of credential handling - debian/patches/CVE-2024-50349.patch: fix ANSI escape sequence vulnerability that occurs when asking for credentials interactively - CVE-2024-50349 Moderate TuxCare License Agreement CVE-2024-50349 Debian 10 * SECURITY UPDATE: Ownership checks for local repositories - debian/patches/CVE-2024-32004.patch: add fix for ownership check in local repositories - CVE-2024-32004 Important TuxCare License Agreement CVE-2024-32004 Debian 10 * SECURITY UPDATE: memory corruption in armor parser - debian/patches/CVE-2025-68973.patch: fix faulty double increment. - CVE-2025-68973 Important TuxCare License Agreement CVE-2025-68973 Debian 10 * SECURITY UPDATE: Make XML_ExternalEntityParserCreate copy unknown encoding handler user data - debian/patches/CVE-2026-24515.patch: copy unknown encoding handler user data and add tests to cover effect - CVE-2026-24515 Low TuxCare License Agreement CVE-2026-24515 Debian 10 * SECURITY UPDATE: check oct argument for NULL in PKCS12_item_decrypt_d2i_e() - debian/patches/CVE-2025-69421.patch: fix a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. - CVE-2025-69421 Important TuxCare License Agreement CVE-2025-69421 Debian 10 * SECURITY UPDATE: check return code of UTF8_putc - debian/patches/CVE-2025-69419.patch: add missing return code checks for UTF8_putc in a_strex.c and OPENSSL_uni2utf8 in p12_utl.c. - CVE-2025-69419 Important TuxCare License Agreement CVE-2025-69419 Debian 10 * SECURITY UPDATE: Buffer underflow / integer overflow in GVariant text format parser - debian/patches/CVE-2025-14087.patch: fix potential integer overflow parsing strings, bytestrings, and child element counts in gvariant-parser.c - CVE-2025-14087 Critical TuxCare License Agreement CVE-2025-14087 Debian 10 * SECURITY UPDATE: bearer token leakage to IMAP/LDAP/POP3/SMTP hosts via cross-protocol redirects - debian/patches/CVE-2025-14524.patch: Require permission when redirected for bearer use and prevent sending bearer token to other hosts; fix unconditional reuse of oauth bearer during redirects. - CVE-2025-14524 Low TuxCare License Agreement CVE-2025-14524 Debian 10 * SECURITY UPDATE: Stack-Based buffer overflow in Netbeans - debian/patches/CVE-2026-26269.patch: fix stack-based buffer overflow in NetBeans integration that could lead to a crash or arbitrary code execution via a malicious server - CVE-2026-26269 Important TuxCare License Agreement CVE-2026-26269 Debian 10 * SECURITY UPDATE: Fix vulnerabilities in GSS message token handling - debian/patches/CVE-2024-37370-CVE-2024-37371.patch: Verify Extra Count field in CFX wrap tokens, validate plaintext length in gss_unwrap, and prevent IOV unwrap header buffer overrun - CVE-2024-37370 - CVE-2024-37371 Critical TuxCare License Agreement CVE-2024-37370 CVE-2024-37371 Debian 10 * SECURITY UPDATE: acceptance of hosts not listed in specified known_hosts file during SSH-based transfers - debian/patches/CVE-2025-15079.patch: Set both knownhosts options to same file and fix surprises caused by libssh exposing separate KNOWNHOSTS and GLOBAL_KNOWNHOSTS options. - CVE-2025-15079 * Regenerate Server-localhost-lastSAN-sv test certificate with SHA-256 - debian/patches/regenerate-lastSAN-cert-sha256.patch: Fix "ca md too weak" error with OpenSSL 1.1.1+ by replacing SHA-1 signed certificate with SHA-256. Also fixes Makefile.am bug for lastSAN target. * Update failed test - debian/patches/26_CVE-2021-22876.patch: Update test to avoid using unsupported commands * Update failed test - debian/patches/fix-test323-errorcode.patch: two valid error codes now * Disable some tests - debian/rules: add option to disable tests marked as flaky, fail the build if any test fails - debian/patches/add-flaky-to-test1592.patch: mark test1592 as flaky - debian/patches/disable-nss-failing-tests.patch: libnsspem.so is not available on Debian 10 * Remove unsupported test: - debian/patches/test8-verify-that-ctrl-byte-cookies-are-ignored.patch: no ctrl-byte-cookies are supported Low TuxCare License Agreement CVE-2025-15079 Debian 10 * SECURITY UPDATE: reuse of connections using HTTP Negotiate - debian/patches/CVE-2026-1965.patch: fix reuse of connections using HTTP Negotiate and fix copy and paste url_match_auth_nego mistake. - CVE-2026-1965 * Bearer token sent without checking auth is allowed - debian/patches/CVE-2026-3783.patch: only send bearer if auth is allowed. - CVE-2026-3783 * Proxy credential reuse across different credentials - debian/patches/CVE-2026-3784.patch: compare proxy credentials in proxy_info_matches to prevent connection reuse with wrong auth. - CVE-2026-3784 Moderate TuxCare License Agreement CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 Debian 10 * SECURITY UPDATE: Improve determination of buffer size bufSize in function doContent - debian/patches/CVE-2026-25210.patch: fix integer overflow in doContent tag buffer reallocation - CVE-2026-25210 Important TuxCare License Agreement CVE-2026-25210 Debian 10 * SECURITY UPDATE: SNI hostname not stored for NIO2 and APR connectors - debian/patches/CVE-2025-66614.patch: store SNI hostname for NIO2 and APR connections so that SNI checks are not bypassed - CVE-2025-66614 Critical TuxCare License Agreement CVE-2025-66614 Debian 10 * SECURITY UPDATE: Crash when recovering a corrupted swap file - debian/patches/CVE-2026-28421.patch: add bounds checks in swap file recovery to prevent heap-buffer-overflow and SEGV from crafted swap files - CVE-2026-28421 * SECURITY UPDATE: Command injection via crafted netrw URIs - debian/patches/CVE-2026-28417.patch: fix command injection in netrw via crafted scp:// URIs by adding strict hostname validation and shellescape() - CVE-2026-28417 Important TuxCare License Agreement CVE-2026-28417 CVE-2026-28421 Debian 10 * SECURITY UPDATE: Denial of Service in ICP request handling via double rfc1738_escape() call causing heap use-after-free - debian/patches/CVE-2026-33526.patch: Remove redundant rfc1738_escape() call in icpGetRequest() - CVE-2026-33526 * SECURITY UPDATE: Denial of Service in ICP v3 query handling via use-after-free of HttpRequest object - debian/patches/CVE-2026-32748.patch: Add proper HTTPMSGLOCK/HTTPMSGUNLOCK to doV3Query() to match doV2Query() locking pattern - CVE-2026-32748 * SECURITY UPDATE: Out-of-bounds read in ICP message handling allows information disclosure - debian/patches/CVE-2026-33515.patch: Add icpGetUrl() validation function to check packet bounds and NUL-termination of URLs in ICP messages - CVE-2026-33515 Important TuxCare License Agreement CVE-2026-33526 CVE-2026-32748 CVE-2026-33515 Debian 10 * SECURITY UPDATE: signature verification DoS via malicious subkey - debian/patches/CVE-2025-30258.patch: require signing usage when looking up public key for signature verification, filtering out subkeys without valid backsig. Include upstream regression fixes to preserve verification of signatures from expired/revoked keys. Widen pubkey_usage and req_usage fields from byte to u16 to prevent PUBKEY_USAGE_VERIFY (16384) from being truncated on GnuPG 2.2.x. Add primary-key-only lookup during import to prevent malicious subkey attack at import time. Fix double-free in check_signature_over_key_or_uid when signer is caller-owned. - CVE-2025-30258 Moderate TuxCare License Agreement CVE-2025-30258 Debian 10 * SECURITY UPDATE: fix heap-based buffer overflow in _bfd_elf_parse_eh_frame - debian/patches/CVE-2025-11082.patch: add bounds check before reading buf[1] in the legacy "eh" CIE path - CVE-2025-11082 Important TuxCare License Agreement CVE-2025-11082 Debian 10 * SECURITY UPDATE: fix vulnerability in stream handling - debian/patches/CVE-2025-53019.patch: fix vulnerability in stream handling - CVE-2025-53019 * SECURITY UPDATE: fix integer overflow in resize - debian/patches/CVE-2025-55212.patch: fix integer overflow in resize - CVE-2025-55212 * SECURITY UPDATE: fix heap-based buffer overflow in image processing - debian/patches/CVE-2025-55298.patch: fix heap-based buffer overflow in image processing - CVE-2025-55298 * SECURITY UPDATE: fix buffer overflow in BMP coder - debian/patches/CVE-2025-57803.patch: fix buffer overflow in BMP coder - CVE-2025-57803 * SECURITY UPDATE: fix vulnerability in PNG coder - debian/patches/CVE-2025-55154.patch: fix vulnerability in PNG coder - CVE-2025-55154 * SECURITY UPDATE: fix buffer overflow in BMP coder on 32-bit systems - debian/patches/CVE-2025-62171.patch: fix buffer overflow in BMP coder on 32-bit systems - CVE-2025-62171 * SECURITY UPDATE: fix stack overflow via infinite recursion in MSL and SVG coders - debian/patches/CVE-2025-68618.patch: fix stack overflow via infinite recursion in MSL and SVG coders - CVE-2025-68618 * SECURITY UPDATE: fix denial of service in SVG coder - debian/patches/CVE-2025-69204.patch: fix denial of service in SVG coder - CVE-2025-69204 Important TuxCare License Agreement CVE-2025-62171 CVE-2025-55212 CVE-2025-57803 CVE-2025-69204 CVE-2025-55298 CVE-2025-55154 CVE-2025-68618 CVE-2025-53019 Debian 10 * SECURITY UPDATE: fix division by zero in YUV coder - debian/patches/CVE-2026-25799.patch: fix division by zero in YUV coder - CVE-2026-25799 * SECURITY UPDATE: fix NULL pointer dereference in SFW coder - debian/patches/CVE-2026-25795.patch: fix NULL pointer dereference in SFW coder - CVE-2026-25795 * SECURITY UPDATE: fix infinite loop in META coder - debian/patches/CVE-2026-26066.patch: fix infinite loop in META coder - CVE-2026-26066 * SECURITY UPDATE: fix vulnerability in JPEG coder - debian/patches/CVE-2026-26283.patch: fix vulnerability in JPEG coder - CVE-2026-26283 * SECURITY UPDATE: fix NULL pointer dereference in cache handling - debian/patches/CVE-2026-25798.patch: fix NULL pointer dereference in cache handling - CVE-2026-25798 * SECURITY UPDATE: fix vulnerability in PSD coder - debian/patches/CVE-2026-24481.patch: fix vulnerability in PSD coder - CVE-2026-24481 * SECURITY UPDATE: fix vulnerability in stegano coder - debian/patches/CVE-2026-25796.patch: fix vulnerability in stegano coder - CVE-2026-25796 * SECURITY UPDATE: fix vulnerability in FX processing - debian/patches/CVE-2026-27798.patch: fix vulnerability in FX processing - CVE-2026-27798 Important TuxCare License Agreement CVE-2026-25795 CVE-2026-24481 CVE-2026-25799 CVE-2026-25796 CVE-2026-27798 CVE-2026-26283 CVE-2026-25798 CVE-2026-26066 Debian 10 * SECURITY UPDATE: fix vulnerability in MSL coder - debian/patches/CVE-2026-25988.patch: fix vulnerability in MSL coder - CVE-2026-25988 * SECURITY UPDATE: fix path traversal via policy bypass - debian/patches/CVE-2026-25965.patch: fix path traversal via policy bypass - CVE-2026-25965 * SECURITY UPDATE: fix vulnerability in PNG coder - debian/patches/CVE-2026-30883.patch: fix vulnerability in PNG coder - CVE-2026-30883 * SECURITY UPDATE: fix NULL pointer dereference in MSL parser - debian/patches/CVE-2026-23952.patch: fix NULL pointer dereference in MSL parser - CVE-2026-23952 * SECURITY UPDATE: fix vulnerability in sixel coder - debian/patches/CVE-2026-25970.patch: fix vulnerability in sixel coder - CVE-2026-25970 Important TuxCare License Agreement CVE-2026-25988 CVE-2026-25965 Debian 10 * SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53101.patch: fix vulnerability in image handling - CVE-2025-53101 * SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53014.patch: fix vulnerability in image handling - CVE-2025-53014 * SECURITY UPDATE: fix heap-based buffer overflow in blob handling - debian/patches/CVE-2025-57807.patch: fix heap-based buffer overflow in blob handling - CVE-2025-57807 * SECURITY UPDATE: fix heap-based buffer overflow in XBM coder - debian/patches/CVE-2026-23876.patch: fix heap-based buffer overflow in XBM coder - CVE-2026-23876 * SECURITY UPDATE: fix buffer overflow in SUN coder - debian/patches/CVE-2026-25897.patch: fix buffer overflow in SUN coder - CVE-2026-25897 * SECURITY UPDATE: fix buffer overflow in PCD coder - debian/patches/CVE-2026-26284.patch: fix buffer overflow in PCD coder - CVE-2026-26284 * SECURITY UPDATE: fix vulnerability in MSL coder - debian/patches/CVE-2026-25968.patch: fix vulnerability in MSL coder - CVE-2026-25968 * SECURITY UPDATE: fix buffer overflow in YUV coder - debian/patches/CVE-2026-25986.patch: fix buffer overflow in YUV coder - CVE-2026-25986 * SECURITY UPDATE: fix buffer overflow in MAP coder - debian/patches/CVE-2026-25987.patch: fix buffer overflow in MAP coder - CVE-2026-25987 * SECURITY UPDATE: fix buffer overflow in UIL and XPM coders - debian/patches/CVE-2026-25898.patch: fix buffer overflow in UIL and XPM coders - CVE-2026-25898 * SECURITY UPDATE: fix heap-use-after-free in MSL coder - debian/patches/CVE-2026-25983.patch: fix heap-use-after-free in MSL coder - CVE-2026-25983 * SECURITY UPDATE: fix stack overflow via infinite recursion in MSL, SVG, and draw handling - debian/patches/CVE-2026-25971.patch: fix stack overflow via infinite recursion in MSL, SVG, and draw handling - CVE-2026-25971 Critical TuxCare License Agreement CVE-2025-57807 CVE-2026-25986 CVE-2026-25968 CVE-2026-25897 CVE-2026-25987 CVE-2026-25971 CVE-2025-53101 CVE-2026-25967 CVE-2026-26284 CVE-2025-53014 CVE-2026-23876 CVE-2026-25983 CVE-2026-22770 CVE-2026-25898 /etc/els-release Debian 10 LTS \(ELS by TuxCare\) 1 libtomcat9-embed-java libtomcat9-java tomcat9 tomcat9-admin tomcat9-common tomcat9-docs tomcat9-examples tomcat9-user apache2 apache2-bin apache2-data apache2-dev apache2-doc apache2-ssl-dev apache2-suexec-custom apache2-suexec-pristine apache2-utils libapache2-mod-md libapache2-mod-proxy-uwsgi lemon libsqlite3-0 libsqlite3-dev libsqlite3-tcl sqlite3 sqlite3-doc libnginx-mod-http-auth-pam libnginx-mod-http-cache-purge libnginx-mod-http-dav-ext libnginx-mod-http-echo libnginx-mod-http-fancyindex libnginx-mod-http-geoip libnginx-mod-http-headers-more-filter libnginx-mod-http-image-filter libnginx-mod-http-lua libnginx-mod-http-ndk libnginx-mod-http-perl libnginx-mod-http-subs-filter libnginx-mod-http-uploadprogress libnginx-mod-http-upstream-fair libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-nchan libnginx-mod-rtmp libnginx-mod-stream nginx nginx-common nginx-doc nginx-extras nginx-full nginx-light busybox busybox-static busybox-syslogd udhcpc udhcpd openvpn libapache2-mod-php7.3 libphp7.3-embed php7.3 php7.3-bcmath php7.3-bz2 php7.3-cgi php7.3-cli php7.3-common php7.3-curl php7.3-dba php7.3-dev php7.3-enchant php7.3-fpm php7.3-gd php7.3-gmp php7.3-imap php7.3-interbase php7.3-intl php7.3-json php7.3-ldap php7.3-mbstring php7.3-mysql php7.3-odbc php7.3-opcache php7.3-pgsql php7.3-phpdbg php7.3-pspell php7.3-readline php7.3-recode php7.3-snmp php7.3-soap php7.3-sqlite3 php7.3-sybase php7.3-tidy php7.3-xml php7.3-xmlrpc php7.3-xsl php7.3-zip ctdb libnss-winbind libpam-winbind libsmbclient libsmbclient-dev libwbclient-dev libwbclient0 python-samba registry-tools samba samba-common samba-common-bin samba-dev samba-dsdb-modules samba-libs samba-testsuite samba-vfs-modules smbclient winbind binutils binutils-aarch64-linux-gnu binutils-alpha-linux-gnu binutils-arm-linux-gnueabi binutils-arm-linux-gnueabihf binutils-common binutils-dev binutils-doc binutils-for-build binutils-for-host binutils-hppa-linux-gnu binutils-hppa64-linux-gnu binutils-i686-gnu binutils-i686-kfreebsd-gnu binutils-i686-linux-gnu binutils-ia64-linux-gnu binutils-m68k-linux-gnu binutils-mips-linux-gnu binutils-mips64el-linux-gnuabi64 binutils-mipsel-linux-gnu binutils-multiarch binutils-multiarch-dev binutils-powerpc-linux-gnu binutils-powerpc-linux-gnuspe binutils-powerpc64-linux-gnu binutils-powerpc64le-linux-gnu binutils-riscv64-linux-gnu binutils-s390x-linux-gnu binutils-sh4-linux-gnu binutils-source binutils-sparc64-linux-gnu binutils-x86-64-kfreebsd-gnu binutils-x86-64-linux-gnu binutils-x86-64-linux-gnux32 libbinutils libxml2 libxml2-dev libxml2-doc libxml2-utils python-libxml2 python3-libxml2 libperl-dev libperl5.28 perl perl-base perl-debug perl-doc perl-modules-5.28 sudo sudo-ldap bash bash-builtins bash-doc bash-static squid squid-cgi squid-common squid-purge squid3 squidclient vim vim-athena vim-common vim-doc vim-gtk vim-gtk3 vim-gui-common vim-nox vim-runtime vim-tiny xxd zsh zsh-common zsh-dev zsh-doc zsh-static tar tar-scripts libodbc1 odbcinst odbcinst1debian2 unixodbc unixodbc-dev ansible ansible-doc expat libexpat1 libexpat1-dev dmidecode bind9 bind9-doc bind9-host bind9utils dnsutils libbind-dev libbind-export-dev libbind9-161 libdns-export1104 libdns1104 libirs-export161 libirs161 libisc-export1100 libisc1100 libisccc-export161 libisccc161 libisccfg-export163 libisccfg163 liblwres161 wget quagga quagga-bgpd quagga-core quagga-doc quagga-isisd quagga-ospf6d quagga-ospfd quagga-pimd quagga-ripd quagga-ripngd libglib2.0-0 libglib2.0-bin libglib2.0-data libglib2.0-dev libglib2.0-dev-bin libglib2.0-doc libglib2.0-tests rsync libnss-myhostname libnss-mymachines libnss-resolve libnss-systemd libpam-systemd libsystemd-dev libsystemd0 libudev-dev libudev1 systemd systemd-container systemd-coredump systemd-journal-remote systemd-sysv systemd-tests udev dpkg dpkg-dev dselect libdpkg-dev libdpkg-perl gdb gdb-minimal gdb-multiarch gdb-source gdbserver libecpg-compat3 libecpg-dev libecpg6 libpgtypes3 libpq-dev libpq5 postgresql-11 postgresql-client-11 postgresql-doc-11 postgresql-plperl-11 postgresql-plpython-11 postgresql-plpython3-11 postgresql-pltcl-11 postgresql-server-dev-11 openssh-client openssh-server openssh-sftp-server openssh-tests ssh ssh-askpass-gnome git git-all git-cvs git-daemon-run git-daemon-sysvinit git-doc git-el git-email git-gui git-man git-mediawiki git-svn gitk gitweb cups cups-bsd cups-client cups-common cups-core-drivers cups-daemon cups-ipp-utils cups-ppdc cups-server-common libcups2 libcups2-dev libcupsimage2 libcupsimage2-dev dirmngr gnupg gnupg-agent gnupg-l10n gnupg-utils gnupg2 gpg gpg-agent gpg-wks-client gpg-wks-server gpgconf gpgsm gpgv gpgv-static gpgv-win32 gpgv2 scdaemon libssl-dev libssl-doc libssl1.1 openssl curl libcurl3-gnutls libcurl3-nss libcurl4 libcurl4-doc libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev krb5-admin-server krb5-doc krb5-gss-samples krb5-k5tls krb5-kdc krb5-kdc-ldap krb5-kpropd krb5-locales krb5-multidev krb5-otp krb5-pkinit krb5-user libgssapi-krb5-2 libgssrpc4 libk5crypto3 libkadm5clnt-mit11 libkadm5srv-mit11 libkdb5-9 libkrad-dev libkrad0 libkrb5-3 libkrb5-dev libkrb5support0 imagemagick imagemagick-6-common imagemagick-6-doc imagemagick-6.q16 imagemagick-6.q16hdri imagemagick-common imagemagick-doc libimage-magick-perl libimage-magick-q16-perl libimage-magick-q16hdri-perl libmagick++-6-headers libmagick++-6.q16-8 libmagick++-6.q16-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libmagick++-dev libmagickcore-6-arch-config libmagickcore-6-headers libmagickcore-6.q16-6 libmagickcore-6.q16-6-extra libmagickcore-6.q16-dev libmagickcore-6.q16hdri-6 libmagickcore-6.q16hdri-6-extra libmagickcore-6.q16hdri-dev libmagickcore-dev libmagickwand-6-headers libmagickwand-6.q16-6 libmagickwand-6.q16-dev libmagickwand-6.q16hdri-6 libmagickwand-6.q16hdri-dev libmagickwand-dev perlmagick 0:9.0.31-1~deb10u12+tuxcare.els1 amd64 0:2.4.59-1~deb10u1+tuxcare.els2 0:2.4.59-1~deb10u1+tuxcare.els2 amd64 0:3.31.1-4ubuntu0.7+tuxcare.els1 0:3.31.1-4ubuntu0.7+tuxcare.els1 amd64 0:1.14.2-2+deb10u5+tuxcare.els1 0:1.14.2-2+deb10u5+tuxcare.els1 amd64 1:1.30.1-4+tuxcare.els1 1:1.30.1-4+tuxcare.els1 amd64 0:2.4.7-1+deb10u1+tuxcare.els1 amd64 0:7.3.31-1~deb10u7+tuxcare.els1 0:7.3.31-1~deb10u7+tuxcare.els1 amd64 2:4.9.5+dfsg-5+deb10u5+tuxcare.els1 2:4.9.5+dfsg-5+deb10u5+tuxcare.els1 amd64 0:2.31.1-16+tuxcare.els1 0:2.31.1-16+tuxcare.els1 amd64 0:2.9.4+dfsg1-7+deb10u6+tuxcare.els1 0:2.9.4+dfsg1-7+deb10u6+tuxcare.els1 amd64 0:2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els5 0:2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els5 amd64 0:2.31.1-16+tuxcare.els2 0:2.31.1-16+tuxcare.els2 amd64 0:5.28.1-6+deb10u1+tuxcare.els1 0:5.28.1-6+deb10u1+tuxcare.els1 amd64 0:1.8.27-1+deb10u6+tuxcare.els1 amd64 0:5.0-4+tuxcare.els1 0:5.0-4+tuxcare.els1 amd64 0:4.6-1+deb10u10+tuxcare.els1 0:4.6-1+deb10u10+tuxcare.els1 0:9.0.31-1~deb10u12+tuxcare.els3 amd64 2:8.1.0875-5+deb10u6+tuxcare.els2 2:8.1.0875-5+deb10u6+tuxcare.els2 amd64 0:7.3.31-1~deb10u7+tuxcare.els2 0:7.3.31-1~deb10u7+tuxcare.els2 amd64 0:2.31.1-16+tuxcare.els4 0:2.31.1-16+tuxcare.els4 amd64 0:5.7.1-1+deb10u1+tuxcare.els1 0:5.7.1-1+deb10u1+tuxcare.els1 amd64 0:1.30+dfsg-6+deb10u1+tuxcare.els1 amd64 2:8.1.0875-5+deb10u6+tuxcare.els3 2:8.1.0875-5+deb10u6+tuxcare.els3 amd64 0:2.4.59-1~deb10u1+tuxcare.els3 0:2.4.59-1~deb10u1+tuxcare.els3 amd64 1:1.30.1-4+tuxcare.els2 1:1.30.1-4+tuxcare.els2 amd64 0:4.6-1+deb10u10+tuxcare.els2 0:4.6-1+deb10u10+tuxcare.els2 amd64 0:2.3.6-0.1+tuxcare.els1 amd64 2:8.1.0875-5+deb10u6+tuxcare.els5 2:8.1.0875-5+deb10u6+tuxcare.els5 amd64 0:2.31.1-16+tuxcare.els5 0:2.31.1-16+tuxcare.els5 amd64 0:2.31.1-16+tuxcare.els6 0:2.31.1-16+tuxcare.els6 0:2.7.7+dfsg-1+deb10u2+tuxcare.els1 amd64 0:2.2.6-2+deb10u7+tuxcare.els1 amd64 0:2.31.1-16+tuxcare.els8 0:2.31.1-16+tuxcare.els8 amd64 2:8.1.0875-5+deb10u6+tuxcare.els9 2:8.1.0875-5+deb10u6+tuxcare.els9 amd64 1:1.30.1-4+tuxcare.els3 1:1.30.1-4+tuxcare.els3 amd64 2:4.9.5+dfsg-5+deb10u5+tuxcare.els2 2:4.9.5+dfsg-5+deb10u5+tuxcare.els2 amd64 2:8.1.0875-5+deb10u6+tuxcare.els13 2:8.1.0875-5+deb10u6+tuxcare.els13 amd64 0:3.2-1+tuxcare.els1 amd64 1:9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1 1:9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1 amd64 2:4.9.5+dfsg-5+deb10u5+tuxcare.els3 2:4.9.5+dfsg-5+deb10u5+tuxcare.els3 amd64 0:1.20.1-1.1+tuxcare.els1 amd64 0:1.2.4-3+tuxcare.els1 0:1.2.4-3+tuxcare.els1 amd64 0:2.58.3-2+deb10u6+tuxcare.els1 0:2.58.3-2+deb10u6+tuxcare.els1 amd64 0:3.1.3-6+tuxcare.els1 amd64 0:241-7~deb10u10+tuxcare.els1 amd64 0:4.6-1+deb10u10+tuxcare.els3 0:4.6-1+deb10u10+tuxcare.els3 amd64 2:4.9.5+dfsg-5+deb10u5+tuxcare.els4 2:4.9.5+dfsg-5+deb10u5+tuxcare.els4 amd64 0:1.19.8+tuxcare.els1 0:1.19.8+tuxcare.els1 amd64 0:8.2.1-2+tuxcare.els1 0:8.2.1-2+tuxcare.els1 amd64 0:11.22-0+deb10u2+tuxcare.els1 0:11.22-0+deb10u2+tuxcare.els1 amd64 2:4.9.5+dfsg-5+deb10u5+tuxcare.els5 2:4.9.5+dfsg-5+deb10u5+tuxcare.els5 amd64 2:8.1.0875-5+deb10u6+tuxcare.els14 2:8.1.0875-5+deb10u6+tuxcare.els14 amd64 1:7.9p1-10+deb10u4+tuxcare.els1 1:7.9p1-10+deb10u4+tuxcare.els1 amd64 2:4.9.5+dfsg-5+deb10u5+tuxcare.els7 2:4.9.5+dfsg-5+deb10u5+tuxcare.els7 amd64 1:7.9p1-10+deb10u4+tuxcare.els2 1:7.9p1-10+deb10u4+tuxcare.els2 amd64 1:2.20.1-2+deb10u9+tuxcare.els1 1:2.20.1-2+deb10u9+tuxcare.els1 amd64 0:7.3.31-1~deb10u7+tuxcare.els3 0:7.3.31-1~deb10u7+tuxcare.els3 amd64 0:2.2.10-6+deb10u10+tuxcare.els1 0:2.2.10-6+deb10u10+tuxcare.els1 amd64 1:2.20.1-2+deb10u9+tuxcare.els2 1:2.20.1-2+deb10u9+tuxcare.els2 amd64 1:2.20.1-2+deb10u9+tuxcare.els3 1:2.20.1-2+deb10u9+tuxcare.els3 amd64 0:2.2.12-1+deb10u2+tuxcare.els1 0:2.2.12-1+deb10u2+tuxcare.els1 amd64 0:2.2.6-2+deb10u7+tuxcare.els2 amd64 0:1.1.1n-0+deb10u6+tuxcare.els1 0:1.1.1n-0+deb10u6+tuxcare.els1 amd64 0:1.1.1n-0+deb10u6+tuxcare.els2 0:1.1.1n-0+deb10u6+tuxcare.els2 amd64 0:2.58.3-2+deb10u6+tuxcare.els2 0:2.58.3-2+deb10u6+tuxcare.els2 amd64 0:7.64.0-4+deb10u9+tuxcare.els1 0:7.64.0-4+deb10u9+tuxcare.els1 amd64 2:8.1.0875-5+deb10u6+tuxcare.els15 2:8.1.0875-5+deb10u6+tuxcare.els15 amd64 0:1.17-3+deb10u6+tuxcare.els1 0:1.17-3+deb10u6+tuxcare.els1 amd64 0:7.64.0-4+deb10u9+tuxcare.els2 0:7.64.0-4+deb10u9+tuxcare.els2 amd64 0:7.64.0-4+deb10u9+tuxcare.els3 0:7.64.0-4+deb10u9+tuxcare.els3 amd64 0:2.2.6-2+deb10u7+tuxcare.els3 0:9.0.31-1~deb10u12+tuxcare.els4 amd64 2:8.1.0875-5+deb10u6+tuxcare.els16 2:8.1.0875-5+deb10u6+tuxcare.els16 amd64 0:4.6-1+deb10u10+tuxcare.els4 0:4.6-1+deb10u10+tuxcare.els4 amd64 0:2.2.12-1+deb10u2+tuxcare.els2 0:2.2.12-1+deb10u2+tuxcare.els2 amd64 0:2.31.1-16+tuxcare.els10 0:2.31.1-16+tuxcare.els10 amd64 8:6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2 8:6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2 amd64 8:6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3 8:6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3 amd64 8:6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4 8:6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4 amd64 8:6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1 8:6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1