Debian LTS and ELTS - May 2021
Here is my public monthly report.
Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/services/debian-lts.html#sponsors
LTS
– jetty/jetty9
– all-dists triage (11 CVEs)
– fix new build failure due to newer tomcat8 in stretch/LTS
– DLA 2661-1
https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html
– curl
– backport URL API (pre-requisite for CVE-2021-22876 fix)
– coordinate testing
– DLA-2664-1
https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html
– djvulibre
– all-dists triage: identify upstream patches
– DLA-2667-1
https://lists.debian.org/debian-lts-announce/2021/05/msg00022.html
ELTS
– jetty/jetty9
– common work with LTS
– ELA-429-1
https://deb.freexian.com/extended-lts/updates/ela-429-1-jetty/
– curl
– common work with LTS
– ELA-431-1
https://deb.freexian.com/extended-lts/updates/ela-431-1-curl/
– phpseclib: determine CVE-2021-30130 affected versions
– djvulibre
– common work with LTS
– ELA-434-1
https://deb.freexian.com/extended-lts/updates/ela-434-1-djvulibre/
Documentation and tooling
– debian-security-support: automatically report unsupported ecosystems
(postponed by maintainers)
provided working jessie backport for evaluation and/or immediate use
https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/20
– debian-security-support: version-based check bug
(merge still pending)
clarified commit message on maintainers request
https://salsa.debian.org/debian/debian-security-support/-/merge_requests/9
– LTS doc: clarifications following change of coordinator
https://wiki.debian.org/LTS/Development
– jetty: testing procedures
https://wiki.debian.org/LTS/TestSuites/jetty
– Close task "CVE triage and no-dsa": done independently
https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/5
– golang: answer on EOL suggestion & golang-gogoprotobuf triage
https://lists.debian.org/debian-lts/2021/05/msg00029.html
– i2pd: redirect i2pd request
https://lists.debian.org/debian-lts/2021/05/msg00081.html
– samba: dialogue with upstream on handling and testing security
issues in Debian
https://lists.debian.org/debian-security/2021/05/msg00010.html
https://lists.debian.org/debian-security/2021/05/msg00013.html
--
Sylvain Beucler
Debian LTS Team
Reply to: