During the month of June 2025 and on behalf of Freexian, I worked on the
following:
roundcube
-
Uploaded 1.4.15+dfsg.1-1+deb11u5 and issued DLA-4211-1.
https://lists.debian.org/msgid-search/?m=aezcd1sdbdr5t...@debian.org
* CVE-2025-49113: Post-Auth RCE via PHP Object Deserialization.
LTS:
cyrus-imapd:
- Marked CVE-2024-34055 (sole unfixed CVE) as ignored due to being
too intrusive to backport, following upstream and bullseye.
dcmtk:
- Determined that CVE-2024-27628 does not affect <= bullseye
- Released DLA-3847-1, fixing CVE-2021-41687, CVE-2021-41688
CVE-2021-41689, CVE
Hi,
Here is my June 2024 report for the Freexian LTS/ELTS initiative [1].
Many thanks to Freexian and sponsors [2] for providing this opportunity.
# clamav 1.0.x
In order to backport clamav 1.0.x, we need a newer version of
rustc/cargo in (E)LTS releases. I was able to backport clamav to
bul
In July I worked on the samba testing framework, which can now provision
bootable Debian VMs effortlessy, and also Windows VMs with the correct guest
agents. I have also packaged rhsrvany [0] in the process.
The provisioning part of the test framework will also be useful for other
functional t
DLAs released:
DLA-3443-1 wireshark
CVE-2023-2856 CVE-2023-2858 CVE-2023-2879 CVE-2023-2952
DLA 3445-1 cpio
CVE-2019-14866 CVE-2021-38185
DLA-3470-1 owslib
CVE-2023-27476
DLA-3472-1 libx11
CVE-2023-3138
DLA-3474-1 systemd
CVE-2022-3821
DLA-3475-1 trafficserver
CVE-2022-47184 CVE-2023-30631 CV
I've worked during June 2023 on the below listed packages, for Freexian
LTS/ELTS [1]
Many thanks to Freexian and our sponsors [2] for providing this opportunity!
LTS:
nvidia-cuda-tools:
Triaging with the result that an update probably
does not make sense as fixed for CVEs are not availabl
hi,
in June 2021 I spent 3.5h managing (E)LTS contributors:
- dispatch work hours for LTS and ELTS
- prepare the monthly Freexian blog post published on raphaelhertzog.com
- mail and irc communication, incl.
- semi-automatic unclaim packages
- too many claimed packages
- missing DLAs on www
Hi,
During the month of June I spent 29h on LTS working on:
- triaging
- redmine security update
- webwml parser squeeze issue
- libx11 security update
- firefox-esr security update
- isc-dhcp security update
- caribou regression update
- thunderbird security update
- apache2 security update
- n
Hi,
During the month of June I spent 4h on LTS working on:
- reviewed stretch-lts MR
- prepared batik update
- CVE triaging
- started working on a lts no-dsa review script
As for ELTS I spent 9h working on:
- final changes to distro-config branch improvements, and deployment
- prepared batik up
Hi, during the month of June I spent 16h (of 17 assigned) on LTS on the
following tasks:
- CVE triaging
- php5 update
- looked at vim update, coordinated with maintainer
- poppler update
- dbus update
- thunderbird update
- firefox-esr update
- another thunderbird update
During the month of July
Hi,
Last month I spent 17h working on the Debian LTS:
- security tracker extends support
- security tracker check-syntax improvements
- firefox-esr 60 (pytoml, cargo)
- openjdk-7 update
- xen triage
- phpmyadmin update (started to look at it but left it to Abhijith who had a
lead start)
- libgcry
11 matches
Mail list logo
