I've worked during June on the below listed packages, for Freexian LTS/ELTS [1] Many thanks to Freexian and our sponsors [2] for providing this opportunity! ELTS ==== krb5 ------- I released ELA-1450-1 fixing CVE-2025-3576 twitter-bootstrap3 --------------------------- I released ELA-1454-1 fixing CVE-2025-1647 libreoffice --------------- I Backported CVE-2024-7788 and CVE-2025-1080 I Triaged CVE-2025-1080 for jessie not affected I Released ELA systemd ------------ I Triaged CVEs, I determined that CVE-2025-4598 is for an incomplete fix of CVE-2022-4415. mariadb-10.3 ------------------- I fixed salsa CI I Backported CVE-2023-52970, some functionnalities like RETURNING syntax are not present so extra care is needed. I Triaged other CVEs Due to complexity of fixes this is under review mariadb-10.1 ------------------- I begin to backport from 10.3 LTS === angular.js -------------- Fix and triagge all remaining CVE No upstream support (EOL) Test with PoC Add autopkgtest During the test found a ReDoS on jsdom (out of security support by jsdom) jsdom --------- Fix jsdom in order to allow testing to angular dcmtk --------- Review work of Andreas Henriksson Backport autopkgtest suite Backport fix of CVE-2025-2357 Upload as DLA 4227-1 Other ===== Attempt meeting I was on front desk duty A special thanks to santiago, beuc, kanashiro and roberto for testing. Cheers rouca [1] https://www.freexian.com/lts/ [2] https://www.freexian.com/lts/debian/#sponsors
Attachment:
signature.asc
Description: This is a digitally signed message part.