LTS report November 2022 ========================== 1. DLA-3207-1 | DSA-5283-1. Issued a security update of jackson-databind fixing 3 CVE in Buster and Bullseye. 2. DLA-3203-1. Issued a security update of nginx fixing 3 CVE in Buster. 3. DLA-3208-1. Issued a security update of varnish fixing 2 CVE in Buster. 4. DLA-3209-1. Issued a security update of ini4j fixing 1 CVE in Buster. 5. DSA-5290-1. Issued a security update of commons-configuration2 fixing 1 CVE in Bullseye. 6. Triaged CVE-2022-45062 in xfce4-settings as not-affected. 7. Triaged CVE-2022-3168,CVE-2022-20128 in android-platform-system-core as no-dsa in Buster. 8. DSA-5294-1 | DLA-3219-1. Issued a security update of jhead prepared by Joachim Reichel and reviewed by myself fixing 2 CVE in Buster and Bullseye. 9. DLA-3234-1. Issued a security update of hsqldb fixing 1 CVE in Buster. 10. DSA-5299-1. Issued a security update of openexr fixing 7 CVE in Bullseye. 11. Prepared patches and triaged 22 CVE for a security update of openexr in Buster. The work is ongoing.