[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian LTS report for June 2024



During the month of June 2024 and on behalf of Freexian, I worked on the
following:

python-idna
-----------

Upload 2.10-1+deb11u1 and 3.3-1+deb12u1 to (o)s-pu to fix CVE-2024-3651
(potential DoS issue).

roundcube
---------

Uploaded 1.3.17+dfsg.1-1~deb10u6 and issued DLA-3835-1.
https://lists.debian.org/msgid-search/?m=ZnBC_IKjXI65y_Po@debian.org

  * CVE-2024-37383: XSS via SVG animate attributes.
  * CVE-2024-37384: XSS via list columns from user preferences.

Thanks to the sponsors for financing the above, and to Freexian for
coordinating!
-- 
Guilhem.

Attachment: signature.asc
Description: PGP signature


Reply to: