LTS:

amanda:
- Released DLA-3880-1, fixing CVE-2022-37703, CVE-2022-37704,
  CVE-2022-37705 and CVE-2023-30577.

aom:
- Released DLA-3881-1, fixing CVE-2024-5171.

bluez:
- Released DLA-3879-1, fixing CVE-2021-3658, CVE-2021-41229,
  CVE-2021-43400, CVE-2022-0204, CVE-2022-39176, CVE-2022-39177,
  CVE-2023-27349, CVE-2023-50229 and CVE-2023-50230.

calibre:
- Released DLA-3862-1, fixing CVE-2021-44686 and CVE-2023-46303.

exfatprogs:
- Released DLA-3861-1, fixing CVE-2023-45897.

libxml2:
- Released DLA-3878-1, fixing CVE-2016-3709 and CVE-2022-2309.

systemd:
- Released DLA-3859-1, fixing CVE-2023-7008, CVE-2023-50387
  and CVE-2023-50868.


ELTS:

bluez:
- Released ELA-1177-1, fixing CVE-2023-50229 CVE-2023-50230
  in stretch and buster, and CVE-2023-27349 in stretch.

gdk-pixbuf:
- Released ELA-1151-1, fixing CVE-2022-48622 in jessie, stretch
  and buster.

hsqldb1.8.0:
- Released ELA-1178-1, fixing CVE-2023-1183 in jessie.

indent:
- Released ELA-1156-1, fixing CVE-2023-40305 and CVE-2024-0911
  in buster.

libxml2:
- Released ELA-1176-1, fixing CVE-2022-2309 in jessie, stretch
  and buster and CVE-2016-3709 in buster.

python-aiosmtpd:
- Released ELA-1147-1, fixing CVE-2024-27305 and CVE-2024-34083
  in buster.

systemd:
- Determined that CVE-2023-50387 does not affect jessie.
- Determined that CVE-2023-50868 does not affect jessie.
- Fixed the autopkgtest in stretch and buster.
- Released ELA-1165-1, fixing CVE-2023-7008, CVE-2023-50387
  and CVE-2023-50868 in stretch and buster.

suricata:
- Determined that CVE-2024-32663 does not affect <= buster.
- Determined that CVE-2024-38535 does not affect <= buster.
- Released ELA-1162-1, fixing CVE-2019-10050, CVE-2019-10051,
  CVE-2019-10052, CVE-2019-10053, CVE-2019-10054, CVE-2019-10055,
  CVE-2019-10056, CVE-2019-15699, CVE-2019-16410, CVE-2019-16411,
  CVE-2019-18625, CVE-2019-18792, CVE-2019-1010279, CVE-2021-35063,
  CVE-2021-37592 and CVE-2024-37151 in buster.

wpa:
- Released ELA-1153-1, fixing CVE-2024-5290 in jessie, stretch
  and buster.


Note:
Some of the above advisories were published in September, but are listed 
for August (and won't be listed in September) since most of the work was
done in August.

Reply via email to