I was also affected by this bug. I worked around it by manually renaming /usr/share/doc/libxrender1/changelog.Debian.gz before installing each of the libxrender package updates:
I installed each of the packages separately from the /var/cache/apt/archives directory with dpkg -i. So, it was something like this: mv /usr/share/doc/libxrender1/changelog.Debian.gz /usr/share/doc/libxrender1/changelog.Debian.gz.old dpkg -i libxrender1_1%3a0.9.7-1+deb7u1+b1_amd64.deb mv /usr/share/doc/libxrender1/changelog.Debian.gz /usr/share/doc/libxrender1/changelog.Debian.gz.old2 dpkg -i libxrender1_1%3a0.9.7-1+deb7u1+b1_i386.deb After verifying that installing gave no errors and that there were no broken packages anymore, I removed the .old* versions. Note that having both i386 and amd64 packages of libxrender on the same system is probably quite common: I'd expect it to be needed by people who run 32-bit Wine or 32-bit proprietary software on 64-bit Linux systems. As a side-note, I find it strange that, according to the changelog, this security build was made in 2013, yet we only receive it in 2015! Is something wrong with the date in the changelog, or did it really take so long to roll out this security update? CJP -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org