(E)LTS and Debian report for April 2023
Hi,
I am funded by Freexian SARL and thus reporting about my work in
April 2023.
(E)LTS
======
I issued DLA-3393-1 and ELA-836-1 for protobuf in buster, stretch and
jessie. In that process, I deemed three out of six vulnerabilities (all
being denial of service conditions in the Java implementation) as not
backportable. The others were backportable with noticeable changes. I
also assisted with reviewing the dnsmasq update.
Debian funding
==============
The changes to dpkg proposed as DEP17 were heavily discussed in April.
The solution space has significantly widened and I spend significant
time analyzing the effects of moving all files to their canonical
locations and their impacts on various tools such as dpkg, dpkg-divert,
update-alternatives, and dpkg-statoverride.
Debian
======
As usual, I continued maintaining rebootstrap. During the freeze, there
is little breakage in the toolchain, so I could handle issues for
specific architectures including loong64, a new riscv32 architecture,
sparc (32), and x32. I sent patches for 13 cross build failures in
unstable. As a side quest of DEP17, I looked into missing Breaks +
Replaces declarations and files 104 rc bugs about them.
Helmut
Reply to: