Hello Jacob,
On 07/07/2026 22:36, Jacob Barthelmeh wrote:
I would like to patch some of the CVE’s for the wolfSSL bundle in Bookworm,
please redirect me as needed. The prepared security updates fix some of the
recent wolfSSL CVEs (tracked in #1140765 and #1140815) have been uploaded to
mentors and I would appreciate a review and upload to the security archive.
* bookworm (LTS): wolfssl 5.5.4-2+deb12u3 (bookworm-security)
https://mentors.debian.net/debian/pool/main/w/wolfssl/wolfssl_5.5.4-2+deb12u3.dsc
Am still in the process of reviewing some of the older CVE listings and will
follow up with additional patches to resolve them. Looking forward to your
review feedback and, if it looks good, sponsorship/upload. Happy to adjust
anything as needed.
On 12/07/2026 16:36, Utkarsh Gupta wrote:
On Sun, Jul 12, 2026 at 4:46 PM Bastian Germann <[email protected]> wrote:
The changes are fine from my perspective. I have never uploaded
a LTS version. Is it the regular Upload Queue and what distribution
name ist expected in the changelog?
It's the same as the stable security uploads. Use "bookworm-security"
in d/ch and dput to security-master.
Let me know if you have any other questions or concerns.
It's great that people at wolfSSL can provide fixes for bookworm :)
Note that we had to mark wolfssl for bookworm as end-of-life ~1.5 month ago:
https://salsa.debian.org/debian/debian-security-support/-/blob/master/security-support.deb12
"wolfssl non-supported 5.5.4-2+deb12u2 Crypto library difficult to
support in the longterm; see: https://bugs.debian.org/1138294"
We might revert/postpone this decision if there's upstream interest to
maintain wolfssl 5.5/bookworm. What are your plans?
Cheers!
Sylvain Beucler
Debian LTS Team