Hi, I was working on three packages this month. For pdns-recursor in Buster, I added patches for CVE-2020-14196 and CVE-2020-25829. Unfortunately, the upload is currently still blocked by #1067124. Thus, no DLA has been issued yet. I also prepared patches for dnsmasq in Buster to fix CVE-2019-14834, CVE-2021-3448, CVE-2022-0934, CVE-2023-28450. Due to the complexity of the patch for CVE-2021-3448, the update requires extensive testing, which is done at the time of writing. Further, I prepared an update for python-django in Stretch for CVE- 2023-43665, CVE-2024-24680, and CVE-2024-27351. The upload and the release of the ELA will take place within the next few days. Thanks to Freexian and Freexian's sponsors for making these projects possible: <https://www.freexian.com/lts/debian/#sponsors>. Regards, Daniel
Attachment:
signature.asc
Description: This is a digitally signed message part