LTS/ELTS Report for June 2018

To: debian-lts@lists.debian.org
Subject: LTS/ELTS Report for June 2018
From: Roberto C. Sánchez <roberto@debian.org>
Date: Sun, 1 Jul 2018 07:16:19 -0400
Message-id: <[🔎] 20180701111618.uefrtn6vovmw7szv@connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, debian-lts@lists.debian.org

For June I spent 36.5 hours on the following:

- [LTS] imagemagick: CVE-2018-11251, CVE-2018-11624, CVE-2018-11625,
  CVE-2018-12599, CVE-2018-12600
- [LTS] php5: multiple issues
- [LTS] graphicsmagick: CVE-2016-5239, CVE-2017-11102, CVE-2017-11139,
  CVE-2017-11140, CVE-2017-11403, CVE-2017-11637
- [LTS] tomcat8: triage, upstream EOL, CVE-2018-1304, CVE-2018-1305
- [LTS] graphicsmagick: CVE-2016-5239, CVE-2017-11102, CVE-2017-11139,
  CVE-2017-11140, CVE-2017-11403, CVE-2017-11637, CVE-2017-11641,
  CVE-2017-11642, CVE-2017-11722
- [LTS] jessie transition
- [LTS/ELTS] exiv2: CVE-2018-10958, CVE-2018-10999, CVE-2018-10998,
  CVE-2018-11531, CVE-2018-11531, CVE-2018-12264, CVE-2018-12265
  (the patches for these CVEs also applied cleanly to the stretch
  package, so I prepared that package and the Security Team accepted it)
- [ELTS] wheezy transition
- [ELTS] gnupg: CVE-2018-12020
- [ELTS] ghostscript: CVE-2018-11645
- [ELTS] perl: CVE-2018-12015
- [ELTS] libgcrypt11: CVE-2018-0495 triage (did not affect package)
- [ELTS] tiff3: CVE-2018-10779, CVE-2018-10801, CVE-2018-10963 triage
  (did not affect package)

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

Next by Date: jetty/jetty8/jetty9 not affected by CVE-2018-12538
Next by thread: jetty/jetty8/jetty9 not affected by CVE-2018-12538
Index(es):
- Date
- Thread