Hi,
Here is my LTS report for December 2019.
I was allocated 12 hours. I have spent all of them in the following
tasks:
freeimage:
+ prepare, test and upload 3.15.4-4.2+deb8u2 (DLA-2031-1, DSA-4593-1).
+ investigate CVE-2019-12214 and CVE-2019-12212, finally postpone them.
xcftools:
+ create a reproducer for CVE-2019-5086 and write a patch (still waiting
for some external review).
+ start to investigate CVE-2019-5087.
imagemagick:
+ investigate regression #870273 and write a patch. Investigating this
issue was fairly painful, but I'm glad we managed to get rid of this 2+yo
regression.
+ prepare, test and upload 8:6.8.9.9-5+deb8u19 (DLA-2049-1).
libexif:
+ investigate CVE-2019-9278 and prepare a patch derived from the Android
fix (work in progress).
regards,
Hugo
--
Hugo Lefeuvre (hle) | www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
Attachment:
signature.asc
Description: PGP signature