Hello everyone, Here’s my monthly report for the work I’ve done for Debian LTS and ELTS in February 2025.
Thanks to Freexian and sponsors for making this possible: https://www.freexian.com/lts/debian/#sponsors LTS === golang-glog I have uploaded what seemed a fairly simple update fixing a symlink-related vulnerability for golang-glog, but that resulted a series of updates to packages that build-depend on it, namely docker.io, golang-grpc-gateway, mtail, prometheus-mongodb-exporter. rust-openssl A simple update, but similarly to golang-glog, I still need to check if there are any packages embedding the code of the Rust openssl crate and rebuild them. nginx I’m preparing an update for nginx fixing CVE-2025-23419 and CVE-2024-7347. I’m also considering fixing CVE-2020-36309, but that one has a bit more potential to break things, so I need to figure out a way to test it properly. I will probably end up uploading it as a part of a separate DLA. ELTS ==== I haven’t done anything for ELTS this month. -- Cheers, Andrej
