LTS/ELTS Report for November 2018
For November I spent 13.75 hours on the following LTS tasks:
- icu: triage CVE-2018-18928, vulnerable code was not present
- libapache-mod-jk: prepared update for CVE-2018-11759 which involved
backporting new upstream release; upload pending guidance from
maintianers and security team on corresponding uploads for stable and
unstable
- symfony: multiple issues, backported patches to fix identified
vulnerabilities; remaining task is to resolve build/unit test failures
which likely depend on previous commits in history (i.e., identify
those commits and add the necessary patches to the package)
- php5: CVE-2018-19518, worked on reproducing
I also spent 10 hours on the following ELTS tasks:
- icu: triage CVE-2018-18928, vulnerable code was not present
- libapache-mod-jk: prepared update for CVE-2018-11759 which involved
backporting new upstream release; upload pending guidance from
maintianers and security team on corresponding uploads for stable and
unstable
- nss: CVE-2018-12384, contacted Mozilla Security Team and they made
upstream bug report public; began working on reproducing vulnerability
- php5: CVE-2018-19518, worked on reproducing
Regards,
-Roberto
--
Roberto C. Sánchez
Reply to: