[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

(E)LTS activity for June


This month activity consisted to:
- release  ELA-865-1 for imagemagick
- release  ELA-869-1 for  php-phpseclib including introducing a test suite.
- release  ELA-875-1 for libxpm
- Triage yajl. Fix was not release but yajl is embed in other package. Check if this CVE affects other package and evaluate severity.
- Release lua5.3 ELA-879-1 
- Triage CVE-2021-43519 with  Guilhem Moulin. find that is does not affect lua <5.4.
- Release ELA for  postgres 9.6 and postgres 9.4
- For postgresql investigate CVE-2023-2455 and found we are not affected because optimization that trigger this bug was introduced only in 9.6
- release DLA for docker-registry
- Triage grpc, fix are hard to backport
- Triage libusrsctp
- release  dla-3457 for maradns
- release dla-3459 for libxpm
- avahi release a fix for CVE-2021-3468
- docker.io: backport a hard to fix CVE-2023-28842, CVE-2023-28841, CVE-2023-28840. Wait for review.

I also participate to LTS meeting, and help other members.

Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.



Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: