Debian LTS and ELTS - September 2020

To: Debian LTS <debian-lts@lists.debian.org>
Subject: Debian LTS and ELTS - September 2020
From: Sylvain Beucler <beuc@beuc.net>
Date: Thu, 1 Oct 2020 18:30:43 +0200
Message-id: <[🔎] efb38bd9-9e34-8409-51f6-5f226ee7c604@beuc.net>

Here is my transparent report for my work on the Debian Long Term Support (LTS) and Debian Extended Long Term Support (ELTS), which extend the security support for past Debian releases, as a paid contributor.

In September, the monthly sponsored hours were split evenly among contributors depending on their max availability - I was assigned 19.75h for LTS (out of my 30 max; all done) and 20h for ELTS (out of my 20 max; all done).

ELTS - Jessie

qemu: jessie triage: finish work started in August
qemu: backport 5 CVE fixes, perform virtual and physical testing, security upload ELA-283-1
libdbi-perl: global triage: clarifications, confirm incomplete and attempt to get upstream action, request new CVE following discussion with security team
libdbi-perl: backport 5 CVE fixes, test, security upload ELA-285-1

LTS - Stretch

qemu: stretch triage, while working on ELTS update; mark several CVEs unaffected, update patch/status
wordpress: global triage: reference new patches, request proper CVE to fix our temporary tracking
wordpress: revamp package: upgrade to upstream's stable 4.7.5->4.7.18 to ease future updates, re-apply missing patches, fix past regression and notify maintainer, security upload DLA-2371-1
libdbi-perl: common work with ELTS, security upload DLA-2386-1
public IRC team meeting

Documentation/Scripts

LTS/TestSuites/wordpress: new page with testsuite import and manual tests
LTS/TestSuites/qemu: minor update
wiki.d.o/Sympa: update Sympa while using it as a libdbi-perl reverse-dep test (update for newer versions, explain how to bootstrap admin access)
www.d.o/lts/security: import a couple missing announcements and notify uploaders about procedures
Check status for pdns-recursor, following user request
Check status for golang-1.7 / CVE-2019-9514 / CVE-2019-9512
Attempt to improve cooperation after seeing my work discarded and redone as-is, which sadly isn't the first time; no answer
Historical analysis of our CVE fixes: experiment to gather per-CVE tracker history

--
https://blog.beuc.net/posts/Debian_LTS_and_ELTS_-_September_2020/

Reply to:

Next by Date: (E)LTS report for September 2020
Next by thread: (E)LTS report for September 2020
Index(es):
- Date
- Thread