ELTS report March 2025
======================

1. I have been the ELTS frontdesk from 24.03.2025 to 30.03.2025. I was
   responsible for triaging newly discovered CVE in packages such as vim, augeas,
   geshi, gnupg2, libxslt, pandas, xorg-server, mariadb, mercurial, atop, exim4,
   php-horde, squid3, varnish, zvbi, cifs-utils, corosync, erlang, ffmpeg,
   fig2dev, golang-1.11, golang-go.crypto, golang-golang-x-oauth2, gunicorn,
   libdata-entropy-perl, libmatio, mbedtls, mongo-c-driver, rabbitmq-server,
   simplesamlphp and tomcat9.

2. ELA-1376-1. Issued a security update for tomcat9 fixing 1 CVE in buster.

3. ELA-1377-1. Issued a security update for tomcat8 fixing 1 CVE in stretch and
               jessie.

4. ELA-1378-1. Issued a security update for tomcat7 fixing 1 CVE in jessie.

5. I prepared a security update to fix CVE-2024-47072 for libxstream-java in jessie and buster.

6. I have been working on fixing 20 CVE in edk2 the open source implementation
   of the Unified Extensible Firmware Interface. Currenty I am trying to
   synchronize the patches between the release in bookworm, bullseye and
   buster.