[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

LTS/ELTS Report for November 2019

For November I spent 24.5 hours on the following LTS tasks:

- ampache: CVE-2019-12385, CVE-2019-12386 worked with upstream on a
  patch that applied to the version in jessie; finalized fix and
  published final package/advisory
- libqb: CVE-2019-12779, investigate and triage; discussed with upstream
  and other LTS folks; concluded that libqb in jessie should be EOL
- ghostscript: CVE-2019-14869
- symfony: multiple issues (CVE-2019-18886, CVE-2019-18887, and
  CVE-2019-18888 fix; some others triaged as not affecting symfony in
- debian-security-support: related to libqb EOL
- php-horde: worked on patching CVE-2019-12094; corresponding with
  security team regarding assignment of CVE-2019-12094/CVE-2019-12095
  and the possibility of a third and separate vulnerability that may
  require CVE assignment
- nss: CVE-2019-11745

I also spent 21.5 hours on the following ELTS tasks:

- nss: CVE-2019-11745
- bash: CVE-2019-18276 triage
- openjdk-7: backport Markus' openjdk-7 jessie package and work on
  autopkgtest implementation for wheezy



Roberto C. Sánchez

Reply to: