During the month of May 2026 and on behalf of Freexian, I worked on the following:
python3 ------- Uploaded python3.9/3.9.2-1+deb11u7 in Debian LTS, and issued DLA-4583-1, fixing: * CVE-2025-13462 * CVE-2026-0672 * CVE-2026-2297 * CVE-2026-3644 * CVE-2026-4224 * CVE-2026-4519 Additionally, I uploaded python3.11/3.11.2-6+deb12u8 in Debian oldstable, cf. <https://bugs.debian.org/1136382> libarchive ---------- Uploaded 3.4.3-2+deb11u4 in Debian LTS, and issued DLA-4563-1, fixing: * CVE-2026-4111 * CVE-2026-4424 * CVE-2026-4426 * CVE-2026-5121 Additionally, I uploaded the following: * Debian stable: 3.7.4-4+deb13u1 cf. <https://bugs.debian.org/1135713> * Debian oldstable: 3.6.2-1+deb12u4 cf. <https://bugs.debian.org/1135715> systemd ------- Version 252.39-1~deb12u2 was uploaded to Debian oldstable, cf. <https://tracker.debian.org/news/1748276/accepted-systemd-25239-1deb12u2-source-into-oldstable-proposed-updates/> Thanks ------ Thanks to our sponsors for making this possible, and to Freexian for handling the offering: <https://www.freexian.com/lts/debian/#sponsors>. -- Arnaud
