LTS: amanda: - Released DLA-3880-1, fixing CVE-2022-37703, CVE-2022-37704, CVE-2022-37705 and CVE-2023-30577.
aom: - Released DLA-3881-1, fixing CVE-2024-5171. bluez: - Released DLA-3879-1, fixing CVE-2021-3658, CVE-2021-41229, CVE-2021-43400, CVE-2022-0204, CVE-2022-39176, CVE-2022-39177, CVE-2023-27349, CVE-2023-50229 and CVE-2023-50230. calibre: - Released DLA-3862-1, fixing CVE-2021-44686 and CVE-2023-46303. exfatprogs: - Released DLA-3861-1, fixing CVE-2023-45897. libxml2: - Released DLA-3878-1, fixing CVE-2016-3709 and CVE-2022-2309. systemd: - Released DLA-3859-1, fixing CVE-2023-7008, CVE-2023-50387 and CVE-2023-50868. ELTS: bluez: - Released ELA-1177-1, fixing CVE-2023-50229 CVE-2023-50230 in stretch and buster, and CVE-2023-27349 in stretch. gdk-pixbuf: - Released ELA-1151-1, fixing CVE-2022-48622 in jessie, stretch and buster. hsqldb1.8.0: - Released ELA-1178-1, fixing CVE-2023-1183 in jessie. indent: - Released ELA-1156-1, fixing CVE-2023-40305 and CVE-2024-0911 in buster. libxml2: - Released ELA-1176-1, fixing CVE-2022-2309 in jessie, stretch and buster and CVE-2016-3709 in buster. python-aiosmtpd: - Released ELA-1147-1, fixing CVE-2024-27305 and CVE-2024-34083 in buster. systemd: - Determined that CVE-2023-50387 does not affect jessie. - Determined that CVE-2023-50868 does not affect jessie. - Fixed the autopkgtest in stretch and buster. - Released ELA-1165-1, fixing CVE-2023-7008, CVE-2023-50387 and CVE-2023-50868 in stretch and buster. suricata: - Determined that CVE-2024-32663 does not affect <= buster. - Determined that CVE-2024-38535 does not affect <= buster. - Released ELA-1162-1, fixing CVE-2019-10050, CVE-2019-10051, CVE-2019-10052, CVE-2019-10053, CVE-2019-10054, CVE-2019-10055, CVE-2019-10056, CVE-2019-15699, CVE-2019-16410, CVE-2019-16411, CVE-2019-18625, CVE-2019-18792, CVE-2019-1010279, CVE-2021-35063, CVE-2021-37592 and CVE-2024-37151 in buster. wpa: - Released ELA-1153-1, fixing CVE-2024-5290 in jessie, stretch and buster. Note: Some of the above advisories were published in September, but are listed for August (and won't be listed in September) since most of the work was done in August.
