Debian (E)LTS report for January 2025

To: debian-lts@lists.debian.org
Subject: Debian (E)LTS report for January 2025
From: Lee Garrett <debian@rocketjump.eu>
Date: Wed, 12 Feb 2025 21:27:10 +0100
Message-id: <[🔎] 8411a3e8-f4a9-4e6b-bab6-8bb9512573c9@rocketjump.eu>

Hi everyone,

In January I released ansible-core 2.14.18-0+deb12u2 to bookworm [1] fixing:
- CVE-2024-8775
- CVE-2024-9902
- CVE-2024-11079
This also included some updates to the autopkgtests.

I also debugged and fixed some regressions caused by the dnsmasq/bookworm uploadin December, which caused autopkgtests for vagrant to fail, and also caused aconffile prompt surprising to some users. [2]


On the ELTS side I prepared uploads for dnsmasq on jessie and stretch, fixing:
- CVE-2023-50868 ("NSEC3" issue)
- CVE-2023-50387 ("keytrap" issue)
and also updating/fixing the autopkgtests in the process.

Thanks to our sponsors for financing this work, and to Freexian for coordinating!

Regards,
Lee Garrett,
Debian LTS Team

[1]https://tracker.debian.org/news/1600965/accepted-ansible-core-21418-0deb12u2-source-into-proposed-updates/


[2] https://bugs.debian.org/1079941#37
    https://bugs.debian.org/1093274

Reply to:

Prev by Date: Re: Request for sponsorship of xen 4.20 to experimental
Next by Date: Bug#1095913: ca-certificates: missing mozilla/Sectigo_Public_Server_Authentication_Root_R46.crt in bookworm and earlier
Previous by thread: Debian (E)LTS report for January 2025
Next by thread: Re: Bug#1073508: Bug#1074338: Bug#1073508: Bug#1074338: src:libxml2: fails to migrate to testing for too long: unresolved RC issue
Index(es):
- Date
- Thread