I've worked during November 2025 on the below listed packages, for Freexian LTS/ELTS [1].
Many thanks to Freexian and sponsors [2] for providing this opportunity! LTS === - Published DLA-4367-1 for keystone/bullseye to fix CVE-2025-65073 and the accompaining fix for swift (DLA-4366-1) to work with the updated keystone package. (https://lists.debian.org/debian-lts-announce/2025/11/msg00010.html) (https://lists.debian.org/debian-lts-announce/2025/11/msg00009.html) - Zigo prepared, tested and uploaded the fixes (thanks!), I just did the paperwork. - Started to work on ffmpeg for bullseye to fix pending CVEs. ELTS ==== - Worked on gdk-pixbuf's CVE-2025-7345/buster,stretch. - Finished testing and final touches before publishing the ELA. - Published ELA-1570-1 for gdk-pixbuf/buster,stretch to fix CVE-2025-7345. (https://www.freexian.com/lts/extended/updates/ela-1570-1-gdk-pixbuf/) - Started to work on ffmpeg for buster/stretch to fix pending CVEs. Tooling, Documentation and Misc ================================ - Attended (E)LTS meeting partially. - Filled gdk-pixbuf's bookworm-pu to fix CVE-2025-7345 (#1121041). (https://bugs.debian.org/1121041) - Explored and documented how to create incus ELTS VM images. Drafted a detailed blog post, but it needs to be condesated (a lot) to go to lts-team website in the technical workflows. (https://github.com/charles2910/charles2910.github.io/blob/draft/post-about-incus-elts-vms/_posts/2025-11-05-elts-incus-vm-images.md) - Prepared a list of the packages to migrate from lts-team/packages to openstack-team group on salsa. (https://salsa.debian.org/lts-team/lts-extra-tasks/-/work_items/99) - Documented extra steps when releasing a DLA for a vulnerability without a CVE assignment. (https://salsa.debian.org/lts-team/lts-extra-tasks/-/work_items/100) Best regards, Charles [1] https://www.freexian.com/lts/ [2] https://www.freexian.com/lts/debian/#sponsors
