I've worked during december on the below listed packages, for Freexian
LTS/ELTS [1]

Many thanks to Freexian and our sponsors [2] for providing this opportunity!

LTS
===

angular.js
--------------

I uploaded angular.js PU fixing remaining CVEs in bookworm and allowing smooth 
upgrade from bullseye

squid
--------

I  uploaded PU fixing remaing problem in bookworm and allowing smooth upgrade 
from bullseye

libsndfile
-------------
I Release DLA 4402-1 fixing CVE-2021-4156

paramiko
-------------------
Release DLA-4409-1 fixing CVE-2022-24302 and avoiding a regression from buster

rails
------

Upload fixes to bookworm and trixie
Fix CVE-2025-24293/CVE-2025-55193
Upload to bullseye and release DLA 4416-1

sudo
-------

propose to maintainer a fix of remaining CVEs in bullseye
Reviewed by maintainer

ansible
----------

Investigate why ansible fail on autopkgtest. Thansk to roberto for clue

openjpeg2
---------------
I triaged upstream CVE
Fix CVE-2025-50952
Release DLA 4424-1

imagemagick

Fix sid
Backport and prorpose PU for trixie and bookworm
Investigate with upstream CVE-2025-68469
Fix CVE-2025-65955, CVE-2025-66628, CVE-2025-68469, CVE-2025-68618, 
CVE-2025-68950, CVE-2025-69204
Release DLA 4429-1

ELTS
====

bind9
--------

Continue to investigate feasability of using upstream git version;
Add dhcp test

keystone
-------------

Triage CVE-2025-65073 suggest ignore
Further investigate asked by FD why olso is needed and give some facts

ruby-rack
--------------

For buster
* Fix CVE-2019-16782 and regression associated
* Fix CVE-2025-32441, CVE-2025-59830
* Fix CVE-2025-6177[0-2], this were full rewrite of existing patches
* Identify a regression in bullseye
Begin to backport to stretch
backport of  CVE-2025-46727 
backport CVE-2025-61919, CVE-2025-61780, CVE-2025-598307
Wait for review by maintainer.

imagemagick
--------------------

determine CVE-2025-68469 does not affects buster
Fix CVE-2025-65955, CVE-2025-66628, CVE-2025-68618, CVE-2025-68950, 
CVE-2025-69204
Fix stretch
Investigate test failure on buster/stretch

other
====

audit and add regression from buster to dla-needed
attempt meeting

Cheers

rouca

[1]  https://www.freexian.com/lts/
[2]  https://www.freexian.com/lts/debian/#sponsors

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply via email to