[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

LTS report for September


Last month I spent 27h doing the following:

- gdk-pixbuf update
- libgd2 update
- jbig2dec: upstream claimed that this was already fixed. Investigated the claim
and verified that this was indeed fixed with a previous security update that was
already in all supported releases
- apache2 update for optionsbleed vulnerability
- emacs23 update
- newsbeuter: reviewed/sponsored update
- fontforge: investigated issues, no-dsa
- bzr update
- cacti: investigated issue, confusing as the CVE looks like a duplicate of
older ones, which we already fixed in the past. Marked as such
- weechat: investigated issue and ways to trigger it, determined a DLA was
warranted and prepared it
- db: prepared updates for db, db4.7 and db4.8 and called for testing
- ruby: discussed current issues and potential solutions with Antoine
- firefox-esr security update for 52.4esr
- investigated and triaged lots of packages (eglibc, trafficserver, libarchive,
libsndfile, libmad, binutils, ocaml, ledger, mosquitto, mcollective...)


Reply to: