In February 2019, I have worked on the Debian LTS project for 6 hours (of originally planned 10 hours) and on the Debian ELTS project for another 6 hours as a paid contributor. The non-worked 4 LTS hours I will carry over into March 2019.
LTS Work
- Upload and announce FreeRDP security fixes and RDP v6 / CredSSP v3 proto updates (DLA-1666-1 [1])
ELTS + LTS Work (shared hours)
- Chew on OpenSSH security fixes. Esp. CVE-2019-6111 caused me headaches with the final result that the said fix for CVE-2019-6111 did not fix it entirely. See Debian bug #923486 [2].
CVE-2019-6111 has already been amended fully now in Debian unstable's and stable's version of OpenSSH. For jessie LTS a fixed version will be provided within the next couple of days.