Debian 11 rear CVE-2024-23301

To: "debian-lts@lists.debian.org" <debian-lts@lists.debian.org>
Subject: Debian 11 rear CVE-2024-23301
From: Schöke, Karsten <Karsten.Schoeke@geobasis-bb.de>
Date: Tue, 9 Dec 2025 08:13:44 +0000
Message-id: <[🔎] 410b8becd1d7468ca279f1c8a86a24ba@geobasis-bb.de>

Hello,

I've been maintainer for rear for quite some time.

After updating the source package upstream, I'm now working on patching CVE-2024-23301 [1]. 
I've set up a PU [2] for bookworm and already uploaded it to the archive.

Now I also wanted to perform an LTS upload for bullseye and planned to follow these instructions [3].

I'm allowed to do this as a regular DM?
Can I use the existing DLA [4] that's used in buster for bullseye as well?

Thanks and best regards,
Karsten

[1] https://security-tracker.debian.org/tracker/source-package/rear
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121776
[3] https://lts-team.pages.debian.net/wiki/Development.html
[4] https://security-tracker.debian.org/tracker/DLA-3733-1

Reply to:

Follow-Ups:
- Re: Debian 11 rear CVE-2024-23301
  - From: Sylvain Beucler <beuc@beuc.net>

Prev by Date: (E)LTS report for November 2025
Next by Date: Re: Debian 11 rear CVE-2024-23301
Previous by thread: (E)LTS report for November 2025
Next by thread: Re: Debian 11 rear CVE-2024-23301
Index(es):
- Date
- Thread