(E)LTS and Debian report for October 2022

To: debian-lts@lists.debian.org
Subject: (E)LTS and Debian report for October 2022
From: Helmut Grohne <helmut@subdivi.de>
Date: Tue, 1 Nov 2022 12:45:27 +0100
Message-id: <[🔎] Y2EG1ygp5W7kmfz7@alf.mars>
Mail-followup-to: Helmut Grohne <helmut@subdivi.de>, debian-lts@lists.debian.org

Hi,

I am funded by Freexian SARL and thus reporting about my work in
October 2022.

LTS
===

I issued DLA-3133-1 for lighttpd fixing a denial of service
vulnerability in buster.

I issued DLA-3152-1 for glibc fixing 14 CVEs in buster and triaged a few
more.  Thus far one regression has surfaced. Partial upgrades can break
iconv (#1021973).

ELTS
====

I issued ELA-697-1 for libraw fixing 7 CVE in stretch and rechecked all
CVEs due to prior misclassification.

I prepared an update of glibc in jessie and stretch and called for
testing the update. Packages available at:
https://subdivi.de/~helmut/glibc_elts/ Further changes pending.

Debian
======

I continued maintaining rebootstrap. As part of this, I've sent patches
to various packages (bash, gcc, libunistring, systemd). While the
majority is fixing regressions, I also made some progress on hurd and
musl this month.

I attended the CTTE monthly meeting.

I sent patches for 38 cross build failures. A significant fraction of
this is inside the qt6 ecosystem.

Helmut

Reply to:

Prev by Date: clickhouse - Please review
Next by Date: Re: Roll existing backports into ELTS update for distro-info-data?
Previous by thread: Re: clickhouse - Please review
Next by thread: Debian LTS and ELTS - October 2022
Index(es):
- Date
- Thread