LTS report for January 2019 - Abhijith PA
January 2019 was my 12th month as a Debian LTS paid contributor. I was
assigned 12 hours and I spend all of them for the following:
* libraw: There are 29 vulnerabilities reported against libraw. Almost
all of them are results of fuzz testing. Marked CVE-2017-14348,
CVE-2018-20337, CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 as
no DSA for jessie.
* mxml: Fixed CVE-2016-4570, CVE-2016-4571, CVE-2018-20004. Uploaded
and released DLA[1]
* drupal7: Fixed CVE-2019-6339. Tested, uploaded and released DLA[2]
CVE-2019-6338 will be fixed after CVE-2018-1000888.
Regards
Abhijith PA
[1] - https://lists.debian.org/debian-lts-announce/2019/01/msg00018.html
[2] - https://lists.debian.org/debian-lts-announce/2019/02/msg00004.html
Reply to: