[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian LTS and ELTS report: February 2025



Hello everyone,

Here’s my monthly report for the work I’ve done for Debian LTS
and ELTS in March 2025.

Thanks to Freexian and sponsors for making this possible:
https://www.freexian.com/lts/debian/#sponsors

LTS
===

nginx

  I have uploaded an update for nginx fixing CVE-2025-23419 and
  CVE-2024-7347 that I have previously prepared last month. Since Jan,
  the Debian maintainer, uploaded a stable update fixing CVE-2025-23419,
  in order to avoid regressions for users upgrading from bullseye I
  needed to prepare an upload fixing the other bug.
  This has been approved, and I uploaded another nginx package version
  into proposed-updates.

mbedtls

  I started work on an update to mbedtls.
  There are a bunch of CVEs that the most recent 2.16 version fixes, but it also
  brings a few updates that have previously been questioned by the release
  team (https://bugs.debian.org/1006169#20). Instead, I took a route of
  cherry-picking the relevant fixes only.
  This is still a work in progress at the moment.

ELTS
====

I haven’t done anything for ELTS this month.

-- 
Cheers,
  Andrej


Reply to: