Hi everyone,
For ELTS I fixed a few autopkgtests in dnsmasq after review by Lucas Kanashiro
and finally uploaded dnsmasq on jessie and stretch, fixing:
- CVE-2023-50868 ("NSEC3" issue)
- CVE-2023-50387 ("keytrap" issue)
For LTS I fixed jinja2 in bookworm:
CVE-2024-56201
CVE-2024-56326
I also worked on fixing CVE-2024-11079 in ansible/bullseye, that however
introduced regressions and needs more work.
Thanks to our sponsors for financing this work, and to Freexian for
coordinating!
Regards,
Lee Garrett,
Debian LTS Team
