LTS report for March 2021 - Abhijith PA
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
March was my 37th month as a Debian LTS paid contributor. I was
assigned 9 hours and I spent all of them for the following;
* smarty3: Backported patches for CVE-2018-13982, CVE-2021-26119,
CVE-2021-26120, CVE-2018-16831. Tested and uploaded. [DLA 2618-1][1]
* privoxy: Released [DLA 2587-1][2] and webpage announcements
for privoxy_3.0.26-3+deb9u2 uploaded by Roland Rosenfeld.
* gsoap: There are 5 CVEs remaining. Combing through the upstream
source for patches. Pinged upstream dev for help.
* ruby-activerecord-session-store: Marked CVE-2019-25025 as ignored[3]
Regards
Abhijith PA
[1] - https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html
[2] - https://lists.debian.org/debian-lts-announce/2021/03/msg00009.html
[3] - https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6228ca3b86631280837cb1601bb368e316fc4307
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmBtg84ACgkQhj1N8u2c
KO+SZA//RCzhQwfRgguFvfxCutIQuh6/R+3YkOKQZLjHqiY4X2Fu74s04Ad5MqaV
Zba46j47zDjHBldEkDw7QLbCWUkGXDgdW84GuaJPsYRN1TczQIKemcCyJOg9mQpc
oBv0odkfKtcyH5+Vpd9SrVQI9OBpmMA0kf91jbpTPgXVpkiqVNIfB4HkuJjdmZHh
a+brF6+64j7eKu+rLdo2OMQRchv6LyNdYs3uVQF00LpRIb3IzzpbuRm4yX8XkQZC
LYAZZkT8vgtTWsUx7Q3fyAuz+TrDrphA7DHxzGi6RsBhLvll2Y8FL5Su2T5tc6Zs
P3DqzfFbHdoJhi4E+xTU9tRcyjFYv2cwNh/H+z4/l4rTtPr8mQuPXjFKgbCRNxPC
g6X2h4IL49H2zkU+eLoYqTGR+6xvN+76KXudm6A6uAQeM4IJdKtBANsbg8B+Qtu5
vmC7nEBIMsozdOXbzBV8MRhmsPtRTaRW8IfPc8xqnCt/NfvkjUj7V/HCWryS7JRj
QfzJjJMRtoqNvdiCd25vGYCUOMdTM6RI9962YfPE7oKL/nbq9ggwvDvdspP79Hwq
duiigMn9+cEHFbjhBvU4/yAgFdICjOCCZggl49qBeYC0tZWCjRHbkS+mektsIpK+
Y2Ex5FhR9zmbJ9r++s3vCprXopo9vD/EzmwnOAsaFGN9UorOG2k=
=C5i6
-----END PGP SIGNATURE-----
Reply to: