Debian (E)LTS report for August 2025

To: debian-lts@lists.debian.org
Subject: Debian (E)LTS report for August 2025
From: Lee Garrett <debian@rocketjump.eu>
Date: Tue, 2 Sep 2025 14:27:16 +0200
Message-id: <[🔎] f3803891-0554-498b-99e9-7db1e4a13a37@rocketjump.eu>

Hi everyone,

In August I worked on fixing git in bullseye, namely:
- CVE-2025-48384

And validated that git/bullseye is unaffected by CVE-2025-48385. I also did somecleanup on the patches of the previous two CVEs I worked on from last month andalso attempted to reproduce the CVE-2025-27613 with the unpatched git versionsince the patch is quite large, however I could not trigger the security hole.

I did some changes to the git LTS repo to conform to DEP-14. I also startedpatching git/bookworm. Since the patching workflow for the Debian packaging repois unclear to me, I decided to add bookworm to the LTS repo and follow standardDEP-14/gbp practice.


Thanks to our sponsors for financing this work, and to Freexian for coordinating!

Regards,
Lee Garrett,
Debian LTS Team

Reply to:

Prev by Date: Re: Bug#1101807: atril: Atril crash when trying to open the print dialog
Next by Date: Re: Issues fixed in buster and bookworm but not in bullseye
Previous by thread: Debian (E)LTS report for August 2025
Next by thread: Debian LTS and ELTS report for August 2025
Index(es):
- Date
- Thread