LTS Report for February 2018
For February I spent 27.5 hours on the following tasks:
- bind9: #889285 was reported as a possible instance of CVE-2017-3139
(that CVE had been officially documented as RedHat-specific);
investigated the reported problem, concluded that the issue was most
likely CVE-2017-3139, but as ISC was not certain, CVE-2018-5735 was
assigned; built and uploaded 1:9.8.4.dfsg.P1-6+nmu2+deb7u20
- audacity: uploaded 2.0.1-1+deb7u1 to address CVE-2016-2540
- graphicsmagick: uploaded 1.3.16-1.1+deb7u18 to address CVE-2018-6799
- leptonlib: reviewed Abhijith PA's upload request
- gcc-4.6/gcc-4.7: Worked on backporting jmm's retpoline patches from
gcc-4.9 (no work has been done on gcc-4.7 as yet, but both are
triaged)
Regards,
-Roberto
--
Roberto C. Sánchez
Reply to: