[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian (E)LTS report for October 2024



Hi everyone,

in October I worked on dnsmasq in bullseye, fixing

- CVE-2022-0934
- CVE-2023-28450
- CVE-2023-50387
- CVE-2023-50868

The last two patches fix the "keytrap" and "NSEC3" issue, which were quite difficult to backport. I have also contacted the security researchers of the two vulnerabilities who have provided me with a test environment to verify the functionality of the backport.

I'm also in the process backporting the last two CVE patches for buster.

Thanks to our sponsors for financing this work, and to Freexian for coordinating!

Regards,
Lee Garrett,
Debian LTS Team


Reply to: