[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian (E)LTS report for April 2026

In April 2026 I've worked on the below listed packages for Freexian (E)LTS [1].
This is my fourteenth month involved with the (E)LTS efforts.

Many thanks to Freexian and our sponsors [2] for providing this opportunity!


# Packages

inetutils
=========

inetutils/bullseye (LTS) --> 3 CVEs --> DLA-4527-1
backported patches from bookworm, replaced custom cve fix with upstreams fix,
fixed up bullseye specific build issues, resolved gnulib backporting issues,
released update.

inetutils/buster,stretch (ELTS) --> 3 CVEs --> ELA-1692-1
backported security fixes from LTS upload mentioned above, resolved more
gnulib backporting issues and published ELA.

libde265
========

libde265/bullseye (LTS)	-> 3 CVEs handled, 2 unresolved upstream skipped. -->
DLA-4550-1
backported patches from upstream, published update and announcement.

libde265/buster,stretch (ELTS) --> 3 CVEs, 2 unresolved upstream skipped -->
ELA-1698-1
backported patches from upstream, published update and announcement.


policykit-1
===========

Low priority DoS issues. Team-upload fixing CVE-2026-4897 in sid.

Fixed this issue + another outstanding issue in bullseye (LTS) --> DLA-4553-1
Skipped open issue which has previously been deemed better handled on
kernel side.

Fixed the one open issue (same as sid) in buster --> ELA-1702-1
Same issue + 2 more unadressed issues in stretch. Backported patches from
upstream and resolved conflicts. --> ELA-1703-1


# Other

The SPU and OSPU for glib2.0 and gvfs has been processed.
[gvfs-spu][gvfs-ospu][glib-spu][glib-ospu]

Participated in team meeting.

# References

[1]  https://www.freexian.com/lts/
[2]  https://www.freexian.com/lts/debian/#sponsors
[DLA-4527-1] https://lists.debian.org/debian-lts-announce/2026/04/msg00006.html
[ELA-1692-1] https://www.freexian.com/lts/extended/updates/ela-1692-1-inetutils/
[DLA-4550-1] https://lists.debian.org/debian-lts-announce/2026/04/msg00032.html
[ELA-1698-1] https://www.freexian.com/lts/extended/updates/ela-1698-1-libde265/
[DLA-4553-1] https://lists.debian.org/debian-lts-announce/2026/04/msg00034.html
[ELA-1702-1] https://www.freexian.com/lts/extended/updates/ela-1702-1-policykit-1/
[ELA-1703-1] https://www.freexian.com/lts/extended/updates/ela-1703-1-policykit-1/
[glib-spu] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128227
[glib-ospu] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128228
[gvfs-spu] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132174
[gvfs-ospu] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132175
Reply to: