In October 2025 I've worked on the below listed packages for Freexian LTS/ELTS [1].
This is my eigth month and finally back to making some progress after a few
months of having problem finding time to dedicate to this task.
Many thanks to Freexian and our sponsors [2] for providing this opportunity!
LTS
====
First I worked on php-horde-css-parser to address CVE-2020-13756.
The issue was still unfixed in sid, so work began there where I also had
to fix up autopkgtest which where broken because of phpunit breaking
compatibility. Once sid was tagged in git and uploaded to the archive,
I proceeded to adress the problem in bullseye (LTS) and published DLA-4333-1.
I then moved on to work on pgagent addressing CVE-2025-0218. Working on
mangling the patch to apply was a non-trivial challenge which took some time.
Once the update was released I published DLA 4338-1.
I also managed to start working on an update of bind9 for bullseye (LTS)
which is not yet published. The update package should be mostly done
but testing and releasing it still remains. This will be done and reported
about in the upcoming month.
ELTS
====
After adressing php-horde-css-parser in sid and bullseye (LTS), I also prepared
the update for buster (ELTS) to address CVE-2020-13756 publishing ELA-1541-1.
Doing this work also ment I had to update myself on the new debusine based
workflow. The updated workflow documentation was very good and checking out
the new parts of the getting started documentation got me set up pretty
quickly. This was my first time using debusine for ELTS. The only part that
confused me was when signing the upload and it moved over to britney2 it
first said rejected, but that resolved itself after a few hours.
I worked on xrdp update for buster (ELTS) to address CVE-2023-{40184,42822} and
CVE-2024-39917. Since I had not worked on the LTS update before starting this,
I worked in a possibly non-optimal fashion on this. I investigated the upstream
situation and found the 0.9.x branch there had alot of changes and patches
needed backporting. Once I had that handled, I realized that I should have
looked at the LTS/DLA and when comparing results I found that we had pretty
similar results which gave me confidence that I had done the job properly
atleast. I had no previous experience using xrdp but got a good chance to
test it out while setting up the test environment and using it, which was
a nice experience. The setup was alot easier than I had expected.
Finally I published ELA-1552-1 for this work.
I also attended the team meeting on jitsi. Here I learned that I could also
use debusine for LTS (not only ELTS), which I'll try when I get a chance!
I want to send a special thanks to jochensp and others on the
#debian-lts and #debian-elts IRC channels for being very helpful.
Regards,
Andreas Henriksson
[1] https://www.freexian.com/lts/
[2] https://www.freexian.com/lts/debian/#sponsors
[DLA-4333-1] https://lists.debian.org/debian-lts-announce/2025/10/msg00013.html
[ELA-1541-1] https://www.freexian.com/lts/extended/updates/ela-1541-1-php-horde-css-parser/
[DLA-4338-1] https://lists.debian.org/debian-lts-announce/2025/10/msg00018.html
[ELA-1552-1] https://www.freexian.com/lts/extended/updates/ela-1552-1-xrdp/
Attachment:
signature.asc
Description: PGP signature