During the month of June 2024 and on behalf of Freexian, I worked on the
following:

python-idna
-----------

Upload 2.10-1+deb11u1 and 3.3-1+deb12u1 to (o)s-pu to fix CVE-2024-3651
(potential DoS issue).

roundcube
---------

Uploaded 1.3.17+dfsg.1-1~deb10u6 and issued DLA-3835-1.
https://lists.debian.org/msgid-search/?m=znbc_ikjxi65y...@debian.org

  * CVE-2024-37383: XSS via SVG animate attributes.
  * CVE-2024-37384: XSS via list columns from user preferences.

Thanks to the sponsors for financing the above, and to Freexian for
coordinating!
-- 
Guilhem.

Attachment: signature.asc
Description: PGP signature

Reply via email to