[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

LTS/ELTS Report for September 2018

For September I spent 15 hours on the following LTS tasks:

- qemu: triage/investigate CVE-2017-11334, CVE-2018-12617,
  CVE-2018-15746 (all were deferred)
- ghostscript: CVE-2018-16543 (I made an attempt at a fix but ended up
  turning it back over to Markus, who was able to complete a fix)
- php5: CVE-2018-17082 (prepared an update from the new upstream release
- sympa: review and upload an update for CVE-2018-1000671 by Abhijith PA
- imagemagick: CVE-2018-16329, CVE-2018-16412, CVE-2018-16413,
  CVE-2018-16642, CVE-2018-14551, CVE-2018-16643 (there are still more
  CVEs to address in the next upload; I will continue working on those)

I also spent 16 hours on the following ELTS tasks:

- mupdf: triage/investigate CVE-2018-16647, CVE-2018-16648 (both were
- openssh: CVE-2018-15473, prepared an update and a regression update
  following reports of problems with the initial update
- lcms/lcms2: CVE-2018-16435, prepared updates for both packages
- php5: CVE-2018-17082, backported patch from 5.6.38 and prepared update
- nss: CVE-2018-12384, backported upstream patch and now waiting on
  upstream bug to become public for access to a reproducer to confirm
  the fix



Roberto C. Sánchez

Reply to: