[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

April Report


April 2018 was my 20th month as a payed Debian LTS contributor.

I was allocated 20.5 hours. I have spent all of them in the following

* Continue my Ming work:
 - Finish to prepare patch for ming issue #121, test it and get it
   merged. Also ask for CVE number. (2.5h)

 - Prepare, test and upload ming 1:0.4.4-1.1+deb7u8 (DLA 1343-1).
   This upload was fairly long to test since it ships more than
   eight fixes, including all patches from last month and the one
   for issue #121.

* Continue my tiff and tiff3 work:

 - Finish patch for CVE-2018-7456 and get it merged by upstream.

 - Prepare, test and upload tiff 4.0.2-6+deb7u19 and
   tiff3 3.9.6-11+deb7u10 (DLA 1346-1, DLA 1347-1).

 - Try to reproduce CVE-2018-8905, investigate, and start to prepare
   a patch addressing it. These investigations required a very large
   amount of work, lots of specification reading (TIFF, LZW) and
   debugging. You can find a good summary of my investigations on the
   Debian bug report. I have a patch draft which I hope to be able to
   submit in the next days.

Next month I intend to finish my tiff work and dedicate as many hours as
possible to libav.

Best Regards,

             Hugo Lefeuvre (hle)    |    www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA

Attachment: signature.asc
Description: PGP signature

Reply to: