Debian LTS report for July 2023

To: debian-lts@lists.debian.org
Subject: Debian LTS report for July 2023
From: Guilhem Moulin <guilhem@debian.org>
Date: Tue, 1 Aug 2023 12:22:45 +0200
Message-id: <[🔎] fq1198npavjt6Qjn@debian.org>
Mail-followup-to: debian-lts@lists.debian.org

During the month of July 2023 and on behalf of Freexian, I worked on the
following:

  * DLA-3488-1 for node-tough-cookie=2.3.4+dfsg-1+deb10u1
    [CVE-2023-26136]
    https://lists.debian.org/msgid-search/?m=ZKxrmNkoIqoIF2cM@debian.org

  * DLA-3493-1 for symfony=3.4.22+dfsg-2+deb10u2
    [CVE-2021-21424, CVE-2022-24894 and CVE-2022-24895]
    https://lists.debian.org/msgid-search/?m=ZK3jf8MjQVYMd9hz@debian.org

  * DLA-3496-1 for lemonldap-ng=2.0.2+ds-7+deb10u9
    [CVE-2023-28862 and fix incorrect backport for CVE-2021-20874]
    https://lists.debian.org/msgid-search/?m=ZLEmv3QcZPjL92aO@debian.org

  * DLA-3499-1 for libapache2-mod-auth-openidc=2.3.10.2-1+deb10u3
    [CVE-2021-39191 and CVE-2022-23527]
    https://lists.debian.org/msgid-search/?m=ZLcXcSYVNie6POhb@debian.org

  * DLA-3507-1 for pandoc=2.2.1-3+deb10u1
    [CVE-2023-35936 and CVE-2023-38745, plus responsible disclosure for
    the latter]
    https://lists.debian.org/msgid-search/?m=ZMAeCNO5W6pxB%2BDr@debian.org

Thanks to the sponsors for financing the above, and to Freexian for
coordinating!
-- 
Guilhem.

Attachment: signature.asc
Description: PGP signature

Reply to:

Next by Date: Debian LTS report for July 2023
Next by thread: Debian LTS report for July 2023
Index(es):
- Date
- Thread