March Report

To: debian-lts@lists.debian.org
Subject: March Report
From: Brian May <bam@debian.org>
Date: Thu, 15 Mar 2018 17:15:30 +1100
Message-id: <[🔎] 87a7v9q2yl.fsf@silverfish.pri>

In March I had 10 hours allocated, and I used all 10 hours on the
following tasks:

Research various packages, including postgresql-9.1 and libreoffice.

Update security tracker entries for various packages.

postgresql-9.1
* Apply patches for CVE-2018-7536 and CVE-2018-7537, both
  concerned with DOS attacks in regexps.
* Correspondance concerning postgresql-9.1 status in wheezy.

python-django
* Update debian/wheezy branch with missing security updates.
* Upload fixed version to Debian LTS archive.
* Send DLA 1303-1 advisory.

tiff
* Research tiff CVE-2018-7456.
* Add information http://bugzilla.maptools.org/show_bug.cgi?id=2778#c1
* Reproduce the issue.
* Create patch to fix CVE-2018-7456.
* Debug compiler optimizing bug with proposed fix.
* Sent email concerning above problem to debian-lts.
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: March Report
  - From: Brian May <bam@debian.org>

Prev by Date: tiff / CVE-2018-7456
Next by Date: Re: tiff / CVE-2018-7456
Previous by thread: Re: tiff / CVE-2018-7456
Next by thread: Re: March Report
Index(es):
- Date
- Thread