During the month of January 2023 and on behalf of Freexian, I worked on the following:
* DLA-3270-1: net-snmp 5.7.3+dfsg-5+deb10u4
CVE-2022-44793 and CVE-2022-44792
https://lists.debian.org/msgid-search/Y8Nreff/4mms8...@debian.org
* DLA-3271-1: node-minimatch 3.0.4-3+deb10u1
CVE-2022-3517
https://lists.debian.org/msgid-search/y8qa+jo13podb...@debian.org
* DLA-3284-1: libapache-session-ldap-perl 0.4-1+deb10u1
CVE-2020-36658 (filed that one and triaged it as it was needed for
LemonLDAP::NG in some configurations for its CVE-2020-16093 fix)
https://lists.debian.org/msgid-search/y9uqaz+ipzomj...@debian.org
* DLA-3285-1: libapache-session-browseable-perl 1.3.0-1+deb10u1
CVE-2020-36659 (filed that one and triaged it as it was needed for
LemonLDAP::NG in some configurations for its CVE-2020-16093 fix)
https://lists.debian.org/msgid-search/y9uqf5z4nlvkr...@debian.org
* DLA-3287-1: lemonldap-ng 2.0.2+ds-7+deb10u8
CVE-2020-16093 and CVE-2022-37186
https://lists.debian.org/msgid-search/y9vbkneclvewf...@debian.org
* DLA-3289-1: dojo 1.14.2+dfsg1-1+deb10u3
CVE-2020-4051 and CVE-2021-23450
https://lists.debian.org/msgid-search/Y9ZMomJAkSfQWW/0...@debian.org
* DLA-3291-1: node-object-path 0.11.4-2+deb10u2
CVE-2021-23434 and CVE-2021-3805
https://lists.debian.org/msgid-search/y9aco2albhu2m...@debian.org
* DLA-3299-1: node-qs 6.5.2-1+deb10u1
CVE-2022-24999
https://lists.debian.org/msgid-search/Y9g+J/xmu6qw4...@debian.org
Thanks to the sponsors for financing this work, and to Freexian for
coordinating!
--
Guilhem.
signature.asc
Description: PGP signature
