[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian LTS and ELTS -- March 2024


I was working on three packages this month.

For pdns-recursor in Buster, I added patches for CVE-2020-14196 and
CVE-2020-25829. Unfortunately, the upload is currently still blocked by
#1067124. Thus, no DLA has been issued yet.

I also prepared patches for dnsmasq in Buster to fix CVE-2019-14834,
CVE-2021-3448, CVE-2022-0934, CVE-2023-28450. Due to the complexity of
the patch for CVE-2021-3448, the update requires extensive testing,
which is done at the time of writing. 

Further, I prepared an update for python-django in Stretch for CVE-
2023-43665, CVE-2024-24680, and CVE-2024-27351. The upload and the
release of the ELA will take place within the next few days.

Thanks to Freexian and Freexian's sponsors for making these projects
possible: <https://www.freexian.com/lts/debian/#sponsors>.

Regards, Daniel

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: