[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian LTS and ELTS - February 2023

Here is my public monthly report.

Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.


- golang-github-opencontainers-selinux
  - Pre-requisite for runc update below
  - DLA 3322-1 

- runc
  - prepare security update for 4 CVEs
  - identify and coordonate CVE re-introduction with upstream project
  - give time for upstream to react, otherwise will publish a partial update

- apache2
  - review and test other contributor's (Lee) planned update
  - help debug issues with storing package history in Git

- python-werkzeug
  - DLA 3346-1

- Front Desk (week 49, February half)
  - Triage or precise triage for 5 CVEs
  - Coordinate administrative issue with DLA 3316-1
    (not-affected for postgresql < v12)


- Help investigate pillow regression causing issue in python-django

- Review missing CVEs in renamed packages with other contributor (Adrian)

- Front Desk (week 49, February half)
  - Mark 7 supported packages for update
  - Associate CVEs from newer, branched emacs*, golang*, php7*,
    postgresql*, python3* and ruby* Debian packages to older ELTS
    packages (+ send internal note on caveat related to those entries)
  - Triage or precise triage for <10 CVEs

Documentation and tooling

- LTS Documentation 
  - TestSuites: golang: document rdep availability for rebuilds + clarifications
  - TestSuites: autopkgtest: update for buster + clarifications
  - TestSuites: php: fix syntax
  - Force-refresh publication after Salsa runner downtime

- ELTS Documentation (private)
  - information-for-extended-lts-contributors: emphasize common setup
    issue with security-tracker ELTS fork

- Newcomers help
  - Report misplaced commit
  - Answer questions on IRC (processes, packages priority)
  - Help identify/source LTS start date for debian-timeline

- Monthly meeting (using Jitsi)

Sylvain Beucler
Debian LTS Team

Reply to: