LTS report September 2024
=========================

1. I have been the LTS frontdesk from 16.09.2024 to 22.09.2024 and investigated
   and triaged CVE in several packages including pcp, assimp, clickhouse,
   freeimage, node-send, protobuf, rust-lexical-core, weechat, wolfssl,
   intel-mediasdk, 389-ds-base, docker.io, nghttp2, puma, pure-data, sogo,
   spip and libreoffice.

2. I investigated all open CVE in wordpress, the popular PHP content
   management framework, and found that most of them did not even affect Debian
   "Bullseye" or were of minor importance. Thus a security update was not
   necessary.

3. I prepared a release for exim4 and addressed four open CVE. The patch for
   one of the issues was incomplete which I noticed while testing the update.
   The release will either happen on 11.10.2024 or Monday, 14.10.2024.

4. I continued the backport of the patches for tomcat9.

5. I prepared and tested a security update for ffmpeg which is also due to be
   released.