Debian LTS and ELTS - May 2023

To: debian-lts@lists.debian.org
Subject: Debian LTS and ELTS - May 2023
From: Sylvain Beucler <beuc@beuc.net>
Date: Thu, 1 Jun 2023 11:15:31 +0200
Message-id: <[🔎] 20230601091531.GA8608@mail.beuc.net>

Here is my public monthly report.

Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/lts/debian/#sponsors


LTS

- python2.7
  - First LTS upload
  - Fixes in past triage
  - Fix test suites for impacted Python packages
  - DLA 3432-1 (9 CVEs)
    https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html

- sysstat
  - DLA 3434-1 (1 CVE)
    https://lists.debian.org/debian-lts-announce/2023/05/msg00026.html


ELTS

- python2.7
  - Fix mutiple test suite issues: backport official fixes;
    investigate freezes; refresh all SSL certificates; update external
    test servers; add, fix or re-enable tests for past CVEs
  - Improve one past fix, drop one for a future vulnerability
  - Tidy Git branches on Salsa
  - ELA-853-1 (6 CVEs, jessie & stretch)
    https://www.freexian.com/lts/extended/updates/ela-853-1-python2.7/


Documentation and tooling

- Follow-up again on obsolete but supported packages that may lack
  active CVE triage (such as python2)
  - Associate past sqlite3 CVEs to sqlite + buster triage (2013-2019)
  - Help document further ELTS triage (from Tobias' ELA), add to LTS
    queue, fix-up test suite in packages database
  - This concludes the work initiated in March
    https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/50

- LTS Documentation
  - TestSuites: refresh index
    https://lts-team.pages.debian.net/wiki/TestSuites.html
  - TestSuites: python2: new page
    https://lts-team.pages.debian.net/wiki/TestSuites/python2.html
  - Development: some re-ordering, some rephrasing, tidy styling
    https://lts-team.pages.debian.net/wiki/Development.html
  - freexian.gitlab.io: refresh URLs

- Tooling: rework work queue report ('find-work'): ensure single copy
  of information, merge common code
  (private tooling planned to be made public)

- Start/coordinate discussion on making stable-security build logs
  public after package release
  https://salsa.debian.org/lts-team/lts-extra-tasks/-/issues/51

- Help on LTS/ELTS IRC channels, and on debian-lts mailing list
  https://lists.debian.org/debian-lts/2023/05/msg00021.html
  https://lists.debian.org/debian-lts/2023/05/msg00027.html
  https://lists.debian.org/debian-lts/2023/05/msg00028.html

- Plan further notices about coordinating with specific package
  maintainers (lts-do-call-me), after a reminder from said maintainer

- Internal discussions on Git workflow, and packages claimfiles
  format/workflow

- IRC Meeting
  http://meetbot.debian.net/debian-lts/2023/debian-lts.2023-05-25-13.58.html

-- 
Sylvain Beucler
Debian LTS Team

Reply to:

Next by Date: Make stable-security build logs public after embargo
Next by thread: Make stable-security build logs public after embargo
Index(es):
- Date
- Thread