LTS: booth: - Released DLA-3894-1, fixing CVE-2024-3049. - Provided the package for DSA-5777-1, fixing CVE-2024-3049 in bookworm.
nghttp2: - Released DLA-3898-1, fixing CVE-2024-28182. - Submitted a package fixing CVE-2024-28182 in the next bookworm point release. php-twig: - Released DLA-3888-1, fixing CVE-2024-45411. puredata: - Released DLA-3895-1, fixing CVE-2023-47480. - Submitted a package fixing CVE-2023-47480 in the next bookworm point release. mediawiki: - Released DLA-3896-1, fixing CVE-2023-51704. ruby-httparty: - Released DLA-3900-1, fixing CVE-2024-22049. ruby-loofah: - Released DLA-3901-1, fixing CVE-2022-23514, CVE-2022-23515 and CVE-2022-23516. ruby-rails-html-sanitizer: - Released DLA-3902-1, fixing CVE-2022-23517, CVE-2022-23518, CVE-2022-23519, CVE-2022-23520 and CVE-2022-32209. sqlite3: - Determined that CVE-2021-31239 does not affect <= bullseye. - Released DLA-3907-1, fixing CVE-2021-36690 and CVE-2023-7104. - Submitted a package fixing CVE-2023-7104 in the next bookworm point release. trafficserver: - Released DLA-3897-1, fixing CVE-2023-38522, CVE-2024-35161 and CVE-2024-35296. wireshark: - Determined that CVE-2021-4183 does not affect bullseye. - Determined that CVE-2023-0414 does not affect bullseye. - Released DLA-3906-1, fixing CVE-2021-4181, CVE-2021-4182, CVE-2021-4184, CVE-2021-4185, CVE-2021-4186, CVE-2021-4190, CVE-2022-0581, CVE-2022-0582, CVE-2022-0583, CVE-2022-0585, CVE-2022-0586, CVE-2022-3190, CVE-2022-4344, CVE-2022-4345, CVE-2023-0411, CVE-2023-0412, CVE-2023-0413, CVE-2023-0415, CVE-2023-0416, CVE-2023-0417, CVE-2023-0666, CVE-2023-0667, CVE-2023-0668, CVE-2023-1161, CVE-2023-1992, CVE-2023-1993, CVE-2023-1994, CVE-2023-2855, CVE-2023-2856, CVE-2023-2858, CVE-2023-2879, CVE-2023-2906, CVE-2023-2952, CVE-2023-3648, CVE-2023-3649, CVE-2023-4511, CVE-2023-4512, CVE-2023-4513, CVE-2023-6175, CVE-2024-0208, CVE-2024-0209, CVE-2024-0211, CVE-2024-2955, CVE-2024-4853, CVE-2024-4854, CVE-2024-8250 and CVE-2024-8645. - Submitted a package fixing CVE-2024-0208, CVE-2024-0209, CVE-2024-0211, CVE-2024-2955, CVE-2024-4853, CVE-2024-4854, CVE-2024-4855, CVE-2024-8250 and CVE-2024-8645 in the next bookworm point release. ELTS: iproute2: - Released ELA-1185-1, fixing CVE-2019-20795 in buster. libpam-tacplus: - Released ELA-1180-1, fixing CVE-2016-20014 in buster. sqlite3: - Released ELA-1191-1, fixing CVE-2019-19244, CVE-2021-36690 and CVE-2023-7104 in buster. wireshark: - Determined that CVE-2024-0209 does not affect buster. - Released ELA-1188-1, fixing CVE-2023-0667, CVE-2023-3649, CVE-2023-4512, CVE-2024-0211, CVE-2024-2955, CVE-2024-4853, CVE-2024-4854, CVE-2024-8250 and CVE-2024-8645 in buster and stretch. zeromq3: - Determined that CVE-2021-20237 does not affect jessie. - Released ELA-1184-1, fixing CVE-2021-20234, CVE-2021-20235 and CVE-2021-20237 in buster.
