[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

March Report


March 2017 was my seventh month as a payed Debian LTS contributor.

I was allocated 13.5 hours. Because of personal problems forcing me
to set aside my free software activites, I could only spend 4 of them
doing the following tasks:

* Continue to investigate CVE-2016-8685 in potrace. All in all, the
  issue is probably going to be marked no-dsa since it is not critical
  and upstream patch only fixes the issue for low optimization levels,
  turning this issue into a hardly debuggable and time consuming problem.

* Investigate CVE-2017-6596 in partclone. I could not reproduce the
  issue on Debian yet (wheezy/jessie/stretch) and asked upstream for his

April is going to be a quieter month, and I should be able to spend all
of my assigned hours.

Best Regards,

             Hugo Lefeuvre (hle)    |    www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E

Attachment: signature.asc
Description: PGP signature

Reply to: