[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian LTS and ELTS - December 2023

Here is my public monthly report.

Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.


- Front Desk (week 48, December half)
  - Mark 5 packages for update
  - Triage or precise triage for <10 CVEs
  - Tidy golang-1.11 buster triage

- cacti
  - Continue triaging CVEs growing backlog, for buster
  - Identify 2 incorrect bullseye patches, coordinate with package maintainer
  - Precise stable triage for <10 CVEs


- Front-Desk
  - Associate CVEs from newer, branched Debian packages with different
    names to older ELTS packages (cfengine*, golang*)
  - Mark 2 supported packages for update
  - Identify incorrect CVE in ELA-997-1/python3.5

- freerdp [v1]
  - Continue triaging CVEs backlog (synchronized with freerdp2 2 months ago)
  - Fix regression in past CVE-2020-11096 fix
  - Update and testing setup in progress

Documentation and tooling

- Provide feedback on various internal tasks
  (lts-do-call-me/lts-do-not-call files handling, ELTS support for
  gnupg1 and binutils, documentation tooling configuration)

- Open task to check the CVE list consistency in data/DLA/list and

- Propose action to handle stable-security private build logs

- Help on (non-LTS) debian-security list

- Documentation
  - Development: dereference website updates instructions which got automated
  - TestSuites: new xfreerdp entry

- Jitsi team meeting

Sylvain Beucler
Debian LTS Team

Reply to: