Debian LTS and ELTS - October 2021

To: debian-lts@lists.debian.org
Subject: Debian LTS and ELTS - October 2021
From: Sylvain Beucler <beuc@beuc.net>
Date: Tue, 2 Nov 2021 19:22:45 +0100
Message-id: <[🔎] 20211102182245.GA13417@mail.beuc.net>

Here is my public monthly report.

Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/services/debian-lts.html#sponsors


LTS

- apache2
  - Gather pending regression fixes
  - DLA 2776-1
    https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html

- uwsgi
  - investigate regression and coordinate with upstream
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995368
    https://bz.apache.org/bugzilla/show_bug.cgi?id=65616
  - prepare packages for testing
    https://lists.debian.org/debian-lts/2021/10/msg00022.html
  - DLA 2768-2
    https://lists.debian.org/debian-lts-announce/2021/10/msg00016.html

- redmine: DLA 2787-1
  https://lists.debian.org/debian-lts-announce/2021/10/msg00013.html

- python-babel
  - clarify misclassified CVE
    https://lists.debian.org/debian-lts/2021/10/msg00039.html
    https://github.com/python-babel/babel/pull/782
  - DLA 2790-1
    https://lists.debian.org/debian-lts-announce/2021/10/msg00018.html

- php7.0: DLA 2794-1
  https://lists.debian.org/debian-lts-announce/2021/10/msg00021.html

- CVEs triage: libreoffice
  - help secteam test and triage new vulnerabilities
  - no upload needed for LTS/ELTS


ELTS

- apache2
  - common work with LTS
  - ELA-491-1
    https://deb.freexian.com/extended-lts/updates/ela-491-1-apache2/

- uwsgi
  - common work with LTS
  - ELA-487-2
    https://deb.freexian.com/extended-lts/updates/ela-487-2-uwsgi/

- php5
  - common work with LTS
  - ELA-503-1
    https://deb.freexian.com/extended-lts/updates/ela-503-1-php5/

- CVEs triage
  - track unfixed CVEs in related packages (cf. new tooling below)
  - common libreoffice work with LTS
  - clean-up python-babel CVE status


Documentation and tooling

- Answer user security report for PHP
  https://lists.debian.org/debian-security/2021/10/msg00003.html

- Repost tiff DLA
  https://lists.debian.org/debian-lts/2021/10/msg00012.html
  https://lists.debian.org/debian-lts-announce/2021/10/msg00004.html

- Discuss LTS hours dispatch change proposal

- LTS documentation
  - Notes on regression updates
    https://wiki.debian.org/LTS/Development
  - Expand PHP testing procedures for FPM
    https://wiki.debian.org/LTS/TestSuites/php

- Tracking related source packages
  https://salsa.debian.org/security-tracker-team/security-tracker/-/merge_requests/88
  https://bugs.debian.org/738172
  - fix: don't self-reference related packages
  - pre-merge auxilliary function

- Team video meeting

-- 
Sylvain Beucler
Debian LTS Team

Reply to:

Prev by Date: We haul any kind of freight, all quotes are free.
Next by Date: (E)LTS Report
Previous by thread: We haul any kind of freight, all quotes are free.
Next by thread: (E)LTS Report
Index(es):
- Date
- Thread