I've worked during december on the below listed packages, for Freexian LTS/ELTS [1]
Many thanks to Freexian and our sponsors [2] for providing this opportunity! LTS === angular.js -------------- I uploaded angular.js PU fixing remaining CVEs in bookworm and allowing smooth upgrade from bullseye squid -------- I uploaded PU fixing remaing problem in bookworm and allowing smooth upgrade from bullseye libsndfile ------------- I Release DLA 4402-1 fixing CVE-2021-4156 paramiko ------------------- Release DLA-4409-1 fixing CVE-2022-24302 and avoiding a regression from buster rails ------ Upload fixes to bookworm and trixie Fix CVE-2025-24293/CVE-2025-55193 Upload to bullseye and release DLA 4416-1 sudo ------- propose to maintainer a fix of remaining CVEs in bullseye Reviewed by maintainer ansible ---------- Investigate why ansible fail on autopkgtest. Thansk to roberto for clue openjpeg2 --------------- I triaged upstream CVE Fix CVE-2025-50952 Release DLA 4424-1 imagemagick Fix sid Backport and prorpose PU for trixie and bookworm Investigate with upstream CVE-2025-68469 Fix CVE-2025-65955, CVE-2025-66628, CVE-2025-68469, CVE-2025-68618, CVE-2025-68950, CVE-2025-69204 Release DLA 4429-1 ELTS ==== bind9 -------- Continue to investigate feasability of using upstream git version; Add dhcp test keystone ------------- Triage CVE-2025-65073 suggest ignore Further investigate asked by FD why olso is needed and give some facts ruby-rack -------------- For buster * Fix CVE-2019-16782 and regression associated * Fix CVE-2025-32441, CVE-2025-59830 * Fix CVE-2025-6177[0-2], this were full rewrite of existing patches * Identify a regression in bullseye Begin to backport to stretch backport of CVE-2025-46727 backport CVE-2025-61919, CVE-2025-61780, CVE-2025-598307 Wait for review by maintainer. imagemagick -------------------- determine CVE-2025-68469 does not affects buster Fix CVE-2025-65955, CVE-2025-66628, CVE-2025-68618, CVE-2025-68950, CVE-2025-69204 Fix stretch Investigate test failure on buster/stretch other ==== audit and add regression from buster to dla-needed attempt meeting Cheers rouca [1] https://www.freexian.com/lts/ [2] https://www.freexian.com/lts/debian/#sponsors
signature.asc
Description: This is a digitally signed message part.
