I've worked during October on the below listed packages, for Freexian LTS/ELTS [1]
Many thanks to Freexian and our sponsors [2] for providing this opportunity! LTS === apache2 ------------ I fixed regression in unstable I fixed a regression in bookworm DSA 5729-2 I fixed a regression in bullseye DLA-3921-1 I Identify fix for regression #1076554 and backport. Test is on going horde --------- I port ckeditor3 use to ckeditor4. I am waiting for test case and confirmation by maintainer Libreoffice --------------- I fix CVE-2024-7788 and release DLA-3915-1 docker --------- I propose a PU for CVE-2024-41110 and made 20.10.24+dfsg1-1+deb12u1 I release DLA-3917-1 pymongo ------------- I release DLA-3889-1 fixing CVE-2024-5629. python-reportlab ------------------------- I propsose a PU #1085009 for CVE-2023-33733. Accepted as DSA I backport to bullseye and release DLA-3917-1 dom-purify ----------------- Following audit of cacti (that embed dompurify), I reported CVE-2024-47875, CVE-2024-45801 and CVE-2024-48910 I check embded code copy open bug against mediawiki texlive ---------- Fix CVE-2023-32668 and CVE-2024-25262 for bullseye. I release DLA-3941-1 ELTS ==== mariadb-10.3 ------------------- I Release ELA-1192-1 fixing CVE-2024-21096 mariadb-10.1 ------------------- Backport CVE-2024-21096, and fix CVE-2022-3162, CVE-2022-31623, CVE-2022-31624, CVE-2022-47015, I Release /ELA-1221-1 libreoffice -------------- Port to stretch CVE-2024-7788 fix and release ELA-1205-1 python2.7 -------------- Backport fix for CVE-2023-27043 and CVE-2024-6232 (this one by rewriting the fix). I am backporting the other fixes Note python2.7 is not supported by upstream on these CVE apache2 ------------ Backport fixes of CVE-2024-38473 and regression fixes to buster I test sympa for regression I identify a problem with salsaci infrastructure. perl ------ I backport fix for CVE-2020-16156 and CVE-2023-31484 I investigate failure in jessie I am currently waiting testsuite Texlive --------- Backport to buster and stretch CVE-2023-32668 and CVE-2024-25262 fixes I am waiting for testsuite infrastructure. Other ===== I attend montly meeting. A special thanks to santiago and roberto for testing. Cheers rouca [1] https://www.freexian.com/lts/ [2] https://www.freexian.com/lts/debian/#sponsors
signature.asc
Description: This is a digitally signed message part.
