Hello everybody, From the 13.50 hours that I had available in the last February, sponsored through Freexian, I spent twelve on the following: * cpio: I uploaded the package that fixes CVE-2016-2037. See [DLA 415-1](https://lists.debian.org/debian-lts-announce/2016/02/msg00007.html). * gtk+2.0: I prepared two DLAs. First, I released package for [DLA 419-1](https://lists.debian.org/debian-lts-announce/2016/02/msg00011.html). Then, Tor Perkins made me aware about vulnerabilities related to gdk-pixbuf that were present in the Squeeze's gtk+2.0 package, then addressed by the [DLA 434-1](https://lists.debian.org/debian-lts-announce/2016/02/msg00026.html) * squid3: I uploaded the [DLA 445-1](https://lists.debian.org/debian-lts-announce/2016/02/msg00037.html) and the subsequent reversion fix [DLA 445-2](https://lists.debian.org/debian-lts-announce/2016/03/msg00001.html). From the three open CVEs related to Squid 3.X in the last Squid Cache Security Update Advisory, I was able to finally fix the CVE-2016-2571. I have also helped to announce the end-of-life of Squeeze LTS for the end of the month. As always, thanks to all who have been contributing to strength Debian through Squeeze LTS, and a general Debian LTS now. It has been been a pleasure to take care of this "old" penguin and I think the next versions deserve, at least, a similar care. Cheers, Santiago
Attachment:
signature.asc
Description: Digital signature