[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

LTS Activity report for August 2017

during August I worked 10 of the allocated 10 hours on LTS. During this
time I did the following:

- Triaged 10+ Xen XSAs and forwarded the results to credativ so they can
  prepare an updated package.

- Triaged sevaral qemu CVEs and released DLA-1070-1 and DLA-1071-1 to
  fix the ones that affect Wheezy in qemu-kvm and qemu by backporting
  the upstream patches. Triaged more CVEs towards the end of the month.

- Look into CVE-2017-7526 and release DLA-1080-1 to fix this in gnupg by
  applying the upstream patches. Also prepared an upload for Jessie.

- Investigated libdbd-mysql-perl CVEs (#866821 and #866818), pinged
  upstream that reverted an already applied patch for one of them and
  added clarifications to the BTS.

- Prepared patches for tcpdump CVEs CVE-2017-11541 and CVE-2017-11542
  and sent them upstream. CVE-2017-11543 was not reproducible on either
  Wheezy or Stretch.

- Prepared thunderbird 52.3 for wheezy. Upload is pending an enigmail

 -- Guido

Attachment: signature.asc
Description: PGP signature

Reply to: