Hi,
This month activity consisted to:
- release UWSGI fixing CVE-2023-27522 initially reported against apache2 but
than may affects old version of uwsgi. I have reported this finding to the CVE
database and CVE was updated.
- the main part of the work was on imagemagick package:
* CVE-2021-36
During the month of May 2023 and on behalf of Freexian, I worked on the
following:
* DLA-3424-1 for python-ipaddress=1.0.17-1+deb10u1
CVE-2020-14422
https://lists.debian.org/msgid-search/?m=zglark8btpj4t...@debian.org
* DLA-3425-1 for sqlparse=0.2.4-1+deb10u1
CVE-2023-30608
ht
Version: 3.1.12~ds-3+deb10u2
Thanks for your report and the detailed replies. I could reproduce the problem
and identify a wrongly applied commit in libatalk/adouble/ad_open.c. After
applying a new patch to fix it, the AppleDouble v2 format seems to work as
intended again. I'm going to close this
Hello Wanna-build team,
I'm part of the Debian LTS Team, and along with the Security Team, we're
looking into making embargo'd build logs eventually public.
See https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/51
Typical use case: when the LTS Team is working on the first LTS securit
Here is my public monthly report.
Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/lts/debian/#sponsors
LTS
- python2.7
- First LTS upload
- Fixes in past triage
- Fix test suites for impacted Python packages
- DLA 3432
