Hello, This is my October 2024 monthly report for the Freexian LTS/ELTS [1] initiative. Many thanks to Freexian and sponsors [2] for providing this opportunity!
LTS: ==== I spent most of the time working on the nss package for Debian Bullseye, plus some work to sync security changes with Debian Bookworm. Some highlights: * research CVE-2024-7531 -- this took a good chunk of time, despite of it being a “low” security problem. Result is that Debian Bullseye is not affected. * prepared Debian Bookworm update for CVE-2024-6602, CVE-2024-6609 and CVE-2024-0743 in sync with Debian Bullseye (not uploaded yet, will do next month) * published DLA-3937-1 with Debian Bullseye updates ELTS: ==== Similarly, I also worked on the nss package for Debian Buster/Stretch/Jessie Some highlights: * iterated on CVE-2024-6602 and CVE-2024-6609 * some autopkgtest fixes * got all packages built and uploaded to the staging area (no ELA sent yet, will do next month) regards. [1] https://www.freexian.com/lts/ [2] https://www.freexian.com/lts/debian/#sponsors
