In June 2017, my 5th month as a debian-lts contributor, I was allocated
14.7 hours and I used all the 14.7 hours.
In this time I did the following:
* Reviewed changes for xen.
* Updated and released security update for pidgin. Fixed:
CVE-2016-2365 CVE-2016-2366 CVE-2016-2367 CVE-2016-2368
CVE-2016-2369 CVE-2016-2370 CVE-2016-2371 CVE-2016-2372
CVE-2016-2373 CVE-2016-2374 CVE-2016-2375 CVE-2016-2376
CVE-2016-2377 CVE-2016-2378 CVE-2016-2380 CVE-2016-4323
* Updated and released binutils. Fixed:
* CVE-2016-2226.patch: Exploitable buffer overflow
* CVE-2016-4487.patch: Invalid write due to a use-after-free to array btypevec
* CVE-2016-4488.patch: Invalid write due to a use-after-free to array ktypevec
* CVE-2016-4489.patch: Invalid write due to integer overflow
* CVE-2016-4490-1.patch: Write access violation
* CVE-2016-4490-2.patch: Write access violation
* CVE-2016-4492_CVE-2016-4493.patch: Read/write access violations
* CVE-2016-6131.patch: Libiberty Demangler segfaults
* CVE-2016-XXXX.patch: Stack buffer overflow when printing bad bytes in
Intel Hex objects
* Researched security fix for kde4libs. In particular CVE-2016-6232.
Brian May <email@example.com>