Hello everyone,

can anyone share what does in mean in practical terms for Bookworm users?
Will we be exposed to vulnerabilities? Are there alternative packages suggested?
What should we do with this? Speed up the upgrade to Trixie?

Thanks

On Sat, 30 May 2026 12:39:09 -0300 Santiago Ruano =?iso-8859-1?Q?Rinc=F3n?= <[email protected]> wrote:
Package: debian-security-support
Version: 1:14+2026.05.07
Severity: normal
X-Debbugs-Cc: [email protected], Debian Security Team 
<[email protected]>

As per the input from the security team (thanks a lot!), this is a list
of packages whose security support during the LTS period of bookworm is
too complex or unfeasible:

crypto libraries with a few limited rdeps and not really meaningful long
term support:
- mbedtls
- wolfssl

packages for which the security team issued a DSA for trixie-security,
but for which some significant vulnerabilities were found to tricky to
backport to bookworm:
- smb4k (https://bugs.debian.org/1136949)
- lxd
- opennds

completely inactive upstream with open security issues:
- mimetex

open security issues but no rdeps, so no real use (it was only added for
gitlab):
- ruby-saml

Cheers,

 -- Santiago



Reply via email to