[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

My Debian LTS activities in February 2016

Hello everybody,

From the 13.50 hours that I had available in the last February,
sponsored through Freexian, I spent twelve on the following:

* cpio: I uploaded the package that fixes CVE-2016-2037.
  See [DLA 415-1](https://lists.debian.org/debian-lts-announce/2016/02/msg00007.html).
* gtk+2.0: I prepared two DLAs. First, I released package for
  [DLA 419-1](https://lists.debian.org/debian-lts-announce/2016/02/msg00011.html).
  Then, Tor Perkins made me aware about vulnerabilities related to gdk-pixbuf
  that were present in the Squeeze's gtk+2.0 package, then addressed by
  the [DLA 434-1](https://lists.debian.org/debian-lts-announce/2016/02/msg00026.html)
* squid3: I uploaded the [DLA 445-1](https://lists.debian.org/debian-lts-announce/2016/02/msg00037.html)
  and the subsequent reversion fix [DLA 445-2](https://lists.debian.org/debian-lts-announce/2016/03/msg00001.html).
  From the three open CVEs related to Squid 3.X in the last Squid Cache
  Security Update Advisory, I was able to finally fix the CVE-2016-2571.

I have also helped to announce the end-of-life of Squeeze LTS for the
end of the month. As always, thanks to all who have been contributing to
strength Debian through Squeeze LTS, and a general Debian LTS now. It
has been been a pleasure to take care of this "old" penguin and I think
the next versions deserve, at least, a similar care.



Attachment: signature.asc
Description: Digital signature

Reply to: