[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian LTS and ELTS - May 2021



Here is my public monthly report.

Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/services/debian-lts.html#sponsors


LTS

– jetty/jetty9
  – all-dists triage (11 CVEs)
  – fix new build failure due to newer tomcat8 in stretch/LTS
  – DLA 2661-1
    https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html

– curl
  – backport URL API (pre-requisite for CVE-2021-22876 fix)
  – coordinate testing
  – DLA-2664-1
    https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html

– djvulibre
  – all-dists triage: identify upstream patches
  – DLA-2667-1
    https://lists.debian.org/debian-lts-announce/2021/05/msg00022.html


ELTS

– jetty/jetty9
  – common work with LTS
  – ELA-429-1
    https://deb.freexian.com/extended-lts/updates/ela-429-1-jetty/

– curl
  – common work with LTS
  – ELA-431-1
    https://deb.freexian.com/extended-lts/updates/ela-431-1-curl/

– phpseclib: determine CVE-2021-30130 affected versions

– djvulibre
  – common work with LTS
  – ELA-434-1
    https://deb.freexian.com/extended-lts/updates/ela-434-1-djvulibre/


Documentation and tooling

– debian-security-support: automatically report unsupported ecosystems
  (postponed by maintainers)
  provided working jessie backport for evaluation and/or immediate use
  https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/20

– debian-security-support: version-based check bug
  (merge still pending)
  clarified commit message on maintainers request
  https://salsa.debian.org/debian/debian-security-support/-/merge_requests/9

– LTS doc: clarifications following change of coordinator
  https://wiki.debian.org/LTS/Development
– jetty: testing procedures
  https://wiki.debian.org/LTS/TestSuites/jetty

– Close task "CVE triage and no-dsa": done independently
  https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/5

– golang: answer on EOL suggestion & golang-gogoprotobuf triage
  https://lists.debian.org/debian-lts/2021/05/msg00029.html
– i2pd: redirect i2pd request
  https://lists.debian.org/debian-lts/2021/05/msg00081.html

– samba: dialogue with upstream on handling and testing security
  issues in Debian
  https://lists.debian.org/debian-security/2021/05/msg00010.html
  https://lists.debian.org/debian-security/2021/05/msg00013.html

-- 
Sylvain Beucler
Debian LTS Team


Reply to: