In January 2020, I have worked on the Debian LTS project for 20 hours (of 20 hours planned).
Due to a reduced need of developers in Freexian's ELTS project for Debian wheezy, I have moved my activity completely over to the LTS project (and also took the amount of assigned hours with me).
LTS Work
- LTS: Frontdesk: Follow-up on emails, send out DLAs on behalf of Utkarsh Gupta (due to keyring issues).
- LTS: CVE Bug Triaging for Debian jessie LTS: puppet, openjpeg2, suricata, hiredis, ksh, python-pysaml2, qemu, salt, wireshark, wordpress.
- Upload to jessie-security: openjpeg2 (DLA-2081-1 [1], 1 CVE).
- Upload to jessie-security: suricata (DLA-2087-1 [2], 1 CVE).
- Upload to jessie-security: libsolv (DLA-2088-1 [3], 1 CVE).
- Upload to jessie-security: openjpeg2 (DLA-2089-1 [4], 1 CVE).
- Upload to jessie-security: qtbase-opensource-src (DLA-2092-1 [5], 1 CVE).
- CVE Bug Triaging / Introspection spamassassin, prepare upstream backport for jessie LTS (not yet clear, if that is the way to go) [6].
Other security related work for Debian
- Prepare libsolv oldstable-pu and stable-pu uploads (1 CVE).
- Do an italc oldstable-pu upload (14 CVEs) [package prepared earlier].
References
- [1] https://lists.debian.org/debian-lts-announce/2020/01/msg00025.html
- [2] https://lists.debian.org/debian-lts-announce/2020/01/msg00032.html
- [3] https://lists.debian.org/debian-lts-announce/2020/01/msg00034.html
- [4] https://lists.debian.org/debian-lts-announce/2020/01/msg00035.html
- [5] https://lists.debian.org/debian-lts-announce/2020/02/msg00000.html
- [6] https://lists.debian.org/debian-lts/2020/01/msg00076.html (follow thread)