Hello!

I've worked on the packages mentioned below, for Freexian LTS/ELTS [1].

Many thanks to Freexian and our sponsors [2] for providing this opportunity!

# LTS
## postgresql
- Work on fix for CVE-2026-6637, CVE-2026-6479, CVE-2026-6478, CVE-2026-6477,
  CVE-2026-6475, CVE-2026-6474, CVE-2026-6473. Release DLA-4646-1.

## beets
- Sponsor beets 1.4.9-7+deb11u1 to fix CVE-2026-42052, kudos to Pieter Lenaerts
  <plenae.org>. Release DLA-4641-1.

## gdcm
- Release DLA 4652-1 to fix: CVE-2024-22373, CVE-2024-22391, CVE-2024-25569,
  CVE-2025-11266, CVE-2025-48429, CVE-2025-52582, CVE-2025-53618, CVE-2025-53619
  and CVE-2026-3650

## bind9
- Work on CVE-2026-5950, CVE-2026-5946, CVE-2026-3592 and CVE-20263039. Patches
  are in pair review.

## libssh2
- Work on CVE-2026-58051. CVE-2026-58050, CVE-2026-7598 and CVE-2026-15661.
  Send patches to review

# ELTS
## krb5
- Mark CVE-2026-40355 and CVE-2026-40356 as not affected in buster and stretch.

## corosync
- Release ELA-1746-1 to fix CVE-2026-35091 and CVE-2026-35092 for Buster an
  Stretch.

## python3
- Work in several CVEs for buster. Patches are in pair review.

[1] https://www.freexian.com/lts/
[2] https://www.freexian.com/lts/debian/#sponsors

-- 
cheers,
        Emmanuel Arias

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  [email protected]
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: 13796755BBC72BB8ABE2AEB5 FA9DEC5DE11C63F1
 ⠈⠳⣄

Attachment: signature.asc
Description: PGP signature

Reply via email to