package release.debian.org tags 958814 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details ============== Package: cups Version: 2.2.10-6+deb10u3 Explanation: fix heap buffer overflow [CVE-2020-3898] and "the `ippReadIO` function may under-read an extension field" [CVE-2019-8842]