[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian LTS and ELTS - April 2023

Here is my public monthly report.

Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/services/debian-lts.html#sponsors


LTS

- Front Desk
  - Mark 6 packages for update
  - Triage or precise triage for 10+ CVEs
  - Update a few pending packages status
  - Report issues about 2 recent DLAs to contributors

- golang-1.11
  - Sync past bullseye CVE fixes to buster (first DLA)
  - Fix build issue when using 'debuild' tool
  - Investigate and fix test suite issues on arm64 buildds
  - DLA-3395-1
    https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html
  - Investigate and fix new test suite issues on 32-bit armhf system
    on 64-bit host (thanks to carnil and pochu for their assistance)
  - DLA-3395-2
    https://lists.debian.org/debian-lts-announce/2023/04/msg00022.html


ELTS

- Front Desk
  - Associate CVEs from newer, branched 'emacs*', 'golang-*',
    'ruby2.*' and 'tomcat*' Debian packages to older ELTS packages
  - Mark 5 supported packages for update
  - Triage or precise triage for 15+ CVEs

- golang-1.7
  - Re-check following work on golang-1.11 in LTS
  - Impacted CVEs already fixed, nothing to do


Documentation and tooling

- Follow-up again on obsolete but supported packages that may lack
  active CVE triage (such as python2)
  - Continue discussion with the Debian Security Team
    https://lists.debian.org/debian-lts/2023/04/msg00001.html
    https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/50
  - Add 'gnupg1' to security-support-limited
    https://salsa.debian.org/debian/debian-security-support/-/merge_requests/15
  - Match python2.7 open CVEs with python3.*, mark python2.7 for update
    https://deb.freexian.com/extended-lts/tracker/source-package/python2.7
  - Start matching sqlite open CVEs with sqlite3
    https://deb.freexian.com/extended-lts/tracker/source-package/sqlite
  - Prepare LTS-specific transitions file for bin/related-packages.py,
    to do this work again on a regular basis

- LTS Documentation
  - TestSuites: golang: documentation following buster first DLA
    https://lts-team.pages.debian.net/wiki/TestSuites/golang.html

- Clarify internal warning about planned unsupported ELA

- Help on LTS/ELTS IRC channels

- Team meeting cancelled due to low planned attendance and agenda items
  https://lts-team.pages.debian.net/wiki/Meetings.html


-- 
Sylvain Beucler
Debian LTS Team
Reply to: