Hi, I was examining and working on multiple packages in April. I continued working on the upload of dnsmasq for Buster and continued testing the complex updates. I also started working on h2o for Buster and runc for Bullseye. While I checked some of the packages in the TODO list, I researched multiple CVEs (e.g. CVE-2023-49288, CVE-2021-41089, CVE-2023-25809) and tracked down the missing patches, and then either added the necessary links, or marked them accordingly in the CVE list. During this, I also examined lucene-solr for Buster. The outstanding issues in Buster were resolved in later Debian package releases (3.6.2+dfsg-23) by simply removing the affected server component. In the following discussion with Markus, he suggested to mark this package as EOL for Buster. Thus, no upload has been made here. Thanks to Freexian and Freexian's sponsors for making these projects possible: https://www.freexian.com/lts/debian/#sponsors). Regards, Daniel
Attachment:
signature.asc
Description: This is a digitally signed message part