This month I was allocated 11 hours. I used 11 hours in which I worked on the following: * Triaged kde-runtime's CVE-2016-7787 further and found that it can't cause problems on wheezy. As a fruit of the triaging I provided patch for kdesudo which is affected, too, in sid and jessie. * [DLA 707-1] sudo security update (CVE-2016-7032 and CVE-2016-7076) The preparation included fixing the fix for CVE-2016-7076, which caused a regression. The fix for the regression has been accepted by upstream an I also prepared a fixed package in the packaging repository for sudo's maintainer who can fix the vulnerability in sid easily now. * [DLA 708-1] mysql-5.5 security update (CVE-2016-5584, CVE-2016-7440) * [SECURITY] [DLA 710-1] akonadi update This adapted akonadi to mysql-5.5-s new behavior. * After digging into sendmail's potential vulnerability I marked it as no-dsa for Wheezy * [DLA 714-1] wireshark security update (4 CVE-s) Cheers, Balint
Attachment:
signature.asc
Description: OpenPGP digital signature