Hi,
Here is my (E)LTS report for July.
---
LTS
July 2018 was my 23rd month as a payed Debian LTS contributor.
I was allocated 24.5 hours. I have spent 7.75h of them in the following
tasks:
* Continue to work on jetty CVEs. I am still unable to reproduce them,
especially CVE-2018-12536, even after help from upstream. These
issues are not important enough to spend any more time on them, so I
am going to mark them no dsa. Furthermore these versions are not
covered by upstream anymore and, according to them, backporting patches
is going to be very costly because the code base has evolved a lot.
---
ELTS
June 2018 was my 2nd month as a payed Debian ELTS contributor.
I was allocated 8.5h. I have spent 1.5h of them in the following tasks:
* Try to reproduce CVE-2018-5360 in libtiff, without success. We don't
have enough information at the moment, and it is very unlikely that we
will have any more in the future. I have marked it no-dsa.
---
Remaining hours
I am currently very occupied by my Ring & Debian work as well as in my
personal life and couldn't find any more time to work on LTS tasks. I am
sorry for holding back all these hours. I will return all unused hours
to the pool and reduce my number of requested hours for now.
Best Regards,
Hugo
--
Hugo Lefeuvre (hle) | www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
Attachment:
signature.asc
Description: PGP signature