Hi, On Sun, Nov 26, 2023 at 6:05 PM Utkarsh Gupta <utka...@freexian.com> wrote: > > Hi Adrian, > > Thanks for working on tiff. I saw the ELA-909/DLA-3513 fixes a bunch > of things in buster, stretch, and jessie. Great, thanks for that. > However, https://deb.freexian.com/extended-lts/tracker/source-package/tiff > looks a bit odd to see that (old)stable are the only releases with no > fixes, can you please prep fixes for that, too, in coordination with > security team and the maintainer? > > We've been trying to fix such issues and it'll be great if we can > bridge such issues. Many thanks. >
Thanks for ping on the tiff issue - there are updates prepared on security-master for (old)stable to fix CVE-2023-3576, CVE-2023-40745 and CVE-2023-41175. I was waiting for autopkgtest results during the weekend and it appears to be all good now, will release them shortly. Regards, Aron
