[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian LTS Report for September 2016


September 2016 was my first month as a payed Debian LTS Team member.
After doing two small uploads to wheezy-security in August and got to
know the LTS Team workflow, this month I was allocated 9 hours by
Freexian. I spent all 9 hours on working on security updates to Debian

In particular, I worked on the following issues:

*  DLA 612-1: libtomcrypt PKCS#1 RSA signature verification
*  DLA 617-1: libarchive out of bounds and denial of service
*  DLA 625-1: libcurl escape/unescape integer overflows
*  DLA 627-1: pdns qname's length>255b, missing zone size limits
*  worked on mat issue with embeded images in PDFs (#826101)

For reference, these were the issues I worked on in August:

*  DLA 584-1: libsys-syslog-perl opportunistic loading of modules
*  DLA 589-1: mupdf out of bounds write access to memory locations

I first published my September report at


Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: