Debian LTS and ELTS - December 2020

Sylvain Beucler Sat, 02 Jan 2021 10:02:47 -0800

Here is my public monthly report.

Thanks to our sponsors for making this possible, and to Freexian forhandling the offering.

https://www.freexian.com/services/debian-lts.html#sponsors


LTS

- mongodb: prepare EOL
  https://lists.debian.org/debian-lts-announce/2020/12/msg00009.html
- sympa
  - request CVE-2020-29668
  - DLA 2499-1
    https://lists.debian.org/debian-lts-announce/2020/12/msg00026.html
  - coordinate and prepare DSA-4818, sync'ing 5 issues to buster
    https://www.debian.org/security/2020/dsa-4818
- awstats
  - request CVE-2020-29600 and CVE-2020-35176
  - DLA 2506-1
    https://lists.debian.org/debian-lts-announce/2020/12/msg00035.html
- xerces-c
  - DLA 2498-1, matching ELA-330-1
    https://lists.debian.org/debian-lts-announce/2020/12/msg00025.html
  - coordinate and prepare DSA-4814, matching DLA 2498-1
    https://www.debian.org/security/2020/dsa-4814
- imagemagick
  - more triage, clarify important issues with upstream and reporter
  - request CVE-2020-29599
    clarify different vectors in each Debian version
- Reactivity report: reference slowdowns due to upstreams
  https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/13

ELTS

- mongodb: ensure no open medium/critical vulnerability affects jessie
- xerces-c: ELA-330-1
  https://deb.freexian.com/extended-lts/updates/ela-330-1-xerces-c/
- imagemagick: common work with LTS, determine jessie-specific vector
- lxml: tidy triage
- p11-kit: finish triage, not vulnerable

--
Sylvain Beucler
Debian LTS Team

Debian LTS and ELTS - December 2020

Reply via email to