[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

My Debian LTS activities in March 2016



Hello everybody,

The last month of March, I spent 10 paid hours by Freexian on LTS, mainly on
this:

* squid3: After the problems found backporting the patch for
  CVE-2016-2569 to squeeze, I have investigated further on this bug,
  and I found a new DoS that has been fixed by upstream in 3.5.16.
  Unfortunately, the fix requires substantial changes on squid3 and
  this issue remains open in wheezy and jessie, for the moment.

* librsvg: I have prepared packages that fix CVE-2015-7557 for wheezy and
  jessie. These are part of the recent point releases.

* debian-security-support: I worked on check-support-status to make it
  warn the users not only when installed packages are already no longer
  supported, but when an EOL is coming. The package uploaded to sid
  closes #818843 and #819493, and I am currently working to unify the
  package for the different debian releases and close #762594.

Thanks to all Debian LTS users to make this project possible,

Santiago

Attachment: signature.asc
Description: PGP signature


Reply to: