LTS Report for April 2018 - Abhijith PA
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
April 2018 was my third month as a Debian LTS paid contributor. I was
assigned 10 hours but I only able to do 5. I am carrying rest to May.
I have spent these hours on;
* sharutils: Investigated on CVE-2018-1000097 and marked wheezy version
as not-affected. (Wheezy version has a buffer size for shell process
input)
* drupal7: Backported CVE-2018-7602 on the same day of upstream
disclosure :). Thanks to Emilio Pozuelo Monfort for uploading. [1]
* ocaml: Initially backported CVE-2018-9838 but later marked as no-dsa
to follow Debian-security team.
Regards,
Abhijith PA
[1] https://lists.debian.org/debian-lts-announce/2018/04/msg00030.html
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAlrsOtAACgkQhj1N8u2c
KO9CeQ/9Fyr6avFpd7lGsT7mhjm1hKNKI68jvpuQ8MeS+D0DA5QEHC7WilUYfHRa
VNAKwkgHcmX998pYxw6X7XloNoeivkxiNXA1J+yESjcWYuEQ5vHn92YuHwvEF5Cl
9nXy6ZHBsyIvZVdL/9MwVBhUSePVo7JLWfCEwM4IFY7tVNY43zX8xLzgZCjnhP1p
N+K7Z/GPt0kb2Bx5a8QnUL5w+DneUDfbQfgb58qBp5/8UefkUUupqD0uKtiIB1G0
HnI9BHnl/JZihR5X/L0P/HB/JpOc9K7WaNXH7C+P/bu6q4R8ed2kLSnR4aVLrS5Z
SC891Go3z8BmNakBcbnATZyaW1ajMTdoaGd8m5VlMuCbVgvupIJ8THY0hhQ1/TAa
UXKQmyAiqY+nhiFHZiU1jZ1muSI+WxjCRF/wJScLJLH3KM1WG4663BI47wWQ7Xdb
JzAEnbIcWYPtd8QIWBTxHOlc3ejLgcRsSL5Tm1M5wwSha5lZGKA5cUAt3sR9W+ax
heoGRi2/9HoqOgnwweN4u+6cPU+lkZViAW8Ak3Yo56wXoU45HyyV2g548CPjSIs3
7PC7rg0s7RmGkoQYjmf0h0E7GSQv8SEe0ZjoeOp7gCRkWXKx7Ku0bjdHM8oFIqZN
EhNVnvy+Ek81RpSGAVIS1VdmAVuZ09C3UCRwmv/LK8J1uOqY/sY=
=w2ZU
-----END PGP SIGNATURE-----
Reply to: