In January 2019, I have worked on the Debian LTS project for 10 hours and on the Debian ELTS project for 2 hours (of originally planned 6 + 1 hours) as a paid contributor. The non-worked 5 ELTS hours I have given back to the pool of available work hours.
LTS Work
- Fix one CVE issue in sssd (DLA-1635-1 [1]).
- Fix five CVE issues in libjpeg-turbo (DLA 1638-1 [2]).
- Fix some more CVE issues in libav (DLA-1654-1 [3]).
- FreeRDP: patch rebasing and cleanup.
- FreeRDP: Testing the proposed uploads, sending out a request for testing [4], provide build previews, some more patch work.
- Give feedback to the Debian stable release team on the planned FreeRDP 1.1 uploads to Debian jessie LTS and Debian stretch.
- Some little bit of CVE triaging during my LTS frontdesk week (a very quiet week it seemed to me)
The new FreeRDP versions have been uploaded at the beginning of February 2019 (I will mention that properly in my next month's LTS work summary, but you may already want to take a glimnpse at DLA-1666-1 [5]).
ELTS Work
- Start working on OpenSSH security issues currently effecting Debian wheezy ELTS (and also Debian jessie LTS).
The pressing and urgent fixes for OpenSSH will be uploaded during the coming week.
Thanks to all LTS/ELTS sponsors for making these projects possible.
light+love
Mike
References
- [1] https://lists.debian.org/debian-lts-announce/2019/01/msg00011.html
- [2] https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html
- [3] https://lists.debian.org/debian-lts-announce/2019/02/msg00005.html
- [4] https://sunweavers.net/blog/node/81
- [5] https://lists.debian.org/debian-lts-announce/2019/02/msg00015.html