Dear LTS team, shifting over from the Security Team now that the corresponding DSA-6343-1 has been released for Trixie:
On Fri, Jun 12, 2026 at 08:52:45PM +0200, Moritz Mühlenhoff wrote: > Am Wed, Jun 10, 2026 at 04:52:20PM +0200 schrieb Florian Ernst: > > Concerning > > https://security-tracker.debian.org/tracker/CVE-2026-44235 > > and > > https://security-tracker.debian.org/tracker/CVE-2026-44236 > > DSA has been released, thanks! > > The LTS team is also in the process of adopting updates > for Bookworm, so if you have a patch for bookworm you can > also hand it over to them. All patches are on specific branches at <https://salsa.debian.org/debian/librabbitmq/-/branches>. I backported the upstream patches that were used for DSA-6343-1 now also onto the debian/bookworm and debian/bullseye branches. The patches were pretty straightforward, and the affected upstream files had not changed much since bullseye, so this looks like a relatively easy-to-digest fruit for anyone to pick. Still, I haven't done any further testing of these branches myself so far. Please feel free to base any (E)LTS update on this as to your liking, thanks. And please let me know if further adjustments would be required or if there is anythings else I should rather do on my side. Cheers, Flo
signature.asc
Description: PGP signature
