I've worked during March 2026 on the below listed packages, for Freexian LTS/ELTS [1] busybox ======= The acutal upload of the oldstable-proposed-updates for busybox that was done early March has now been accepted by the oldstable release team. libpng1.6 - DSA-6189-1, DLA-4521-1, ELA-1673-1, ELA-1674-1 ========================================================== fixing CVE-2026-33416, CVE-2026-33636 Another set of CVEs have been found in libpng1.6, one potentially allowing a RCE. I've prepared fixes for all suites, stable and oldstable was fixed in coordination with the security team. pillow (ELTS) ============= There is ongoing work for pillow, targeting buster and stretch. This will be completed in April [1] https://www.freexian.com/lts/ [2] https://www.freexian.com/lts/debian/#sponsors Cheers, -- tobi
Attachment:
signature.asc
Description: PGP signature