[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

(E)LTS and Debian report for October 2022


I am funded by Freexian SARL and thus reporting about my work in
October 2022.


I issued DLA-3133-1 for lighttpd fixing a denial of service
vulnerability in buster.

I issued DLA-3152-1 for glibc fixing 14 CVEs in buster and triaged a few
more.  Thus far one regression has surfaced. Partial upgrades can break
iconv (#1021973).


I issued ELA-697-1 for libraw fixing 7 CVE in stretch and rechecked all
CVEs due to prior misclassification.

I prepared an update of glibc in jessie and stretch and called for
testing the update. Packages available at:
https://subdivi.de/~helmut/glibc_elts/ Further changes pending.


I continued maintaining rebootstrap. As part of this, I've sent patches
to various packages (bash, gcc, libunistring, systemd). While the
majority is fixing regressions, I also made some progress on hurd and
musl this month.

I attended the CTTE monthly meeting.

I sent patches for 38 cross build failures. A significant fraction of
this is inside the qt6 ecosystem.


Reply to: