Hello everyone, Here’s my monthly report for the work I’ve done for Debian LTS and ELTS in December 2025.
Thanks to Freexian and sponsors for making this possible: https://www.freexian.com/lts/debian/#sponsors LTS === I’ve been working on two new vulnerabilities in mbedtls. I’m trying to backport patches to make vulnerable operations constant-time. Unfortunately, because of how old the version in bullseye is, the porting work is non-trivial, and I wasn’t able to complete it yet. I will continue working on it in January. I will also try to co-ordinate with the maintainer to fix these issues in bookworm as well. I’ve also been backporting security fixes for Python 3.9. Most of the work’s been done, but I still need to resolve some regressions I’m observing when running the built-in test suite. ELTS ==== No work done this month. -- Cheers, Andrej
