Debian LTS and ELTS - May 2023
Here is my public monthly report.
Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/lts/debian/#sponsors
LTS
- python2.7
- First LTS upload
- Fixes in past triage
- Fix test suites for impacted Python packages
- DLA 3432-1 (9 CVEs)
https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html
- sysstat
- DLA 3434-1 (1 CVE)
https://lists.debian.org/debian-lts-announce/2023/05/msg00026.html
ELTS
- python2.7
- Fix mutiple test suite issues: backport official fixes;
investigate freezes; refresh all SSL certificates; update external
test servers; add, fix or re-enable tests for past CVEs
- Improve one past fix, drop one for a future vulnerability
- Tidy Git branches on Salsa
- ELA-853-1 (6 CVEs, jessie & stretch)
https://www.freexian.com/lts/extended/updates/ela-853-1-python2.7/
Documentation and tooling
- Follow-up again on obsolete but supported packages that may lack
active CVE triage (such as python2)
- Associate past sqlite3 CVEs to sqlite + buster triage (2013-2019)
- Help document further ELTS triage (from Tobias' ELA), add to LTS
queue, fix-up test suite in packages database
- This concludes the work initiated in March
https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/50
- LTS Documentation
- TestSuites: refresh index
https://lts-team.pages.debian.net/wiki/TestSuites.html
- TestSuites: python2: new page
https://lts-team.pages.debian.net/wiki/TestSuites/python2.html
- Development: some re-ordering, some rephrasing, tidy styling
https://lts-team.pages.debian.net/wiki/Development.html
- freexian.gitlab.io: refresh URLs
- Tooling: rework work queue report ('find-work'): ensure single copy
of information, merge common code
(private tooling planned to be made public)
- Start/coordinate discussion on making stable-security build logs
public after package release
https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/51
- Help on LTS/ELTS IRC channels, and on debian-lts mailing list
https://lists.debian.org/debian-lts/2023/05/msg00021.html
https://lists.debian.org/debian-lts/2023/05/msg00027.html
https://lists.debian.org/debian-lts/2023/05/msg00028.html
- Plan further notices about coordinating with specific package
maintainers (lts-do-call-me), after a reminder from said maintainer
- Internal discussions on Git workflow, and packages claimfiles
format/workflow
- IRC Meeting
http://meetbot.debian.net/debian-lts/2023/debian-lts.2023-05-25-13.58.html
--
Sylvain Beucler
Debian LTS Team
Reply to: