LTS report for March 2018 - Abhijith PA
This is my second month as a Debian LTS paid contributor. I was assigned
8hours and I spend all of it for the following.
* golang: Continued my work on Backporting CVE-2018-7187.
Thanks to Chris Lamb for uploading and releasing DLA
* zsh: Backport CVE-2014-10070, CVE-2014-10071, CVE-2014-10072,
CVE-2016-10714, CVE-2017-18206. Test, upload (and released DLA by
* graphite2: Initial Plan was to backport CVE-2018-7999 and worked on
it. But later decided to tag it as 'no-DSA' to follow security team.
* uwsgi: Investigated on CVE-2018-7490 and later decided not to upload
as it is not affecting wheezy without the uwsgi-plugin-php. Thanks to
Gero Treuner for the patch and review.
* libvncserver: Backport CVE-2018-7225, test and release DLA.
Thanks to Lundqvist for uploading.
In my volunteer time I also prepared a security update for
phpmyadmin in oldstable, but no feedback yet. If someone could
review and upload, it will be great.
 test instance running my buid: http://22.214.171.124:9001/phpmyadmin/
(pm me for credentials)