I've worked during June 2025 on the below listed packages, for
Freexian LTS/ELTS

Many thanks to Freexian and sponsors for providing this 
opportunity!

LTS/ELTS:
===

 * commons-beanutils: Uploaded 1.9.4-1+deb11u1. Released [DLA 4229-1]
                      Fixed CVE-2025-48734 for buster ELTS and upload
                      on its way.

 * libpgjava: Marked CVE-2025-49146 as <not-affected>[1] for bookworm and
              bullseye.

 * freeradius: Fixed CVE-2022-41859 CVE-2022-41860 CVE-2022-41861 and
               uploaded 3.0.21+dfsg-2.2+deb11u2. Released [DLA 4232-1]

 * nextcloud-desktop: There are 11 CVEs including the postponed
                      ones. Started working on it.

 * pgpool2: Pinged maintainer, not worked on a fix for CVE-2025-46801
            in bullseye/bookworm.

 * pgagent: Still working on the backport of CVE-2025-0218 for buster.    

---
[1] - https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/46b0f68c8e1221d859490ce61a1f2ce02ae1fb59
https://lists.debian.org/debian-lts-announce/2025/06/msg00027.html
https://lists.debian.org/debian-lts-announce/2025/06/msg00030.html