During the month of August 2023 and on behalf of Freexian, I worked on the following: * DLA-3515-1 for cjose=0.6.1+dfsg1-1+deb10u1 [CVE-2023-37464] https://lists.debian.org/msgid-search/?m=ZMzS4JlH%2BWyKbyQm@debian.org * DLA-3551-1 for otrs2=6.0.16-2+deb10u1 [CVE-2019-11358, CVE-2019-12248, CVE-2019-12497, CVE-2019-12746, CVE-2019-13458, CVE-2019-16375, CVE-2019-18179, CVE-2019-18180, CVE-2020-1765, CVE-2020-1766, CVE-2020-1767, CVE-2020-1769, CVE-2020-1770, CVE-2020-1771, CVE-2020-1772, CVE-2020-1773, CVE-2020-1774, CVE-2020-1776, CVE-2020-11022, CVE-2020-11023, CVE-2021-21252, CVE-2021-21439, CVE-2021-21440, CVE-2021-21441, CVE-2021-21443, CVE-2021-36091, CVE-2021-36100, CVE-2021-41182, CVE-2021-41183, CVE-2021-41184, CVE-2022-4427 and CVE-2023-38060] https://lists.debian.org/msgid-search/?m=ZO/cyVbROBJ6%2BVDv@debian.org * nodjs: Triage CVE-2023-30581, CVE-2023-30588, CVE-2023-30589, CVE-2023-32002, CVE-2023-32006 and CVE-2023-32559. Fix CVE-2023-30590 in git but defer the upload to a later point (that CVE alone doesn't warrant a DLA). Thanks to the sponsors for financing the above, and to Freexian for coordinating! -- Guilhem.
Attachment:
signature.asc
Description: PGP signature