This month I had 10 hours and I used 10.0 hours on the following tasks: * exiv2: developed patch for CVE-2017-17669 that was accepted upstream (https://github.com/Exiv2/exiv2/issues/187). * exiv2, dojo, python2.6, python2.7: Researched and reviewed various security issues. Maked all as minor issues, not worth fixing. * krb5: Researched CVE-2018-5709 and CVE-2018-5710, unfortunately details are still private. * python-crypto: Apply patch for CVE-2018-6594, built, uploaded to wheezy-security, and announced * suricata: Researched CVE-2018-6794 issue. Regards -- Brian May <bam@debian.org>
Attachment:
signature.asc
Description: PGP signature