Debian LTS and ELTS - December 2021

[Sylvain Beucler <beuc@beuc.net>]

Here is my public monthly report.

Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/services/debian-lts.html#sponsors


LTS

- librecad: DLA-2838-1
  https://lists.debian.org/debian-lts-announce/2021/12/msg00002.html

- salt
  - common work with ELTS
  - identify and backport regression / follow-up for 5 CVEs
  - work in progress, under peer-review

- spip
  - detect and fix issues in previous uploads
  - DLA-2867-1
    https://lists.debian.org/debian-lts-announce/2021/12/msg00032.html

- slurm-llnl: work in progress, synchronized jessie-lts update to stretch

- CVEs triage
  - puppet: check 2 CVEs and drop
  - CVE-2021-36160/apache2: reference upstream'd regression patch
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995368


ELTS

- salt
  - newly supported package: triage all pending CVEs
  - backport CVE fixes, fix prior regression, test
  - work in progress: under peer-review

- CVEs triage
  - related packages check
  - pdns-recursor supportability analysis


Documentation and tooling

- ELTS procedure for newly supported packages: test and provide
  initial workflow based on my April work

- LTS documentation
  - salt: clarify and expand testing procedures (SSH, TLS)
    https://wiki.debian.org/LTS/TestSuites/salt
  - slurm-llnl: clarify and add more basic commands
    https://wiki.debian.org/LTS/TestSuites/slurm-llnl

- Comment on draft of questions for the Debian developers survey
  (internal list)

- libspring-java: discuss supportability and request EOL
  https://lists.debian.org/debian-lts/2021/12/msg00007.html
  https://salsa.debian.org/debian/debian-security-support/-/merge_requests/13


-- 
Sylvain Beucler
Debian LTS Team