Debian LTS and ELTS - March 2024
Here is my public monthly report.
Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/lts/debian/#sponsors
LTS
- cacti
- Finalize triple lts/oldstable/stable upload
- DLA-3765-1
https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html
- DSA 5646-1
https://lists.debian.org/debian-security-announce/2024/msg00054.html
- Coordinate with Cacti upstream to address incomplete fix
(CVE-2024-29894 / GHSA-grj5-8fcj-34gh)
- Front Desk (week 11)
- Mark 4 packages for update
- Triage or precise triage for 15+ CVEs
- Tidy work queue (dla-needed.txt)
- Help refine triage logic following multiple package drops
https://lists.debian.org/debian-lts/2024/03/msg00027.html
https://lists.debian.org/debian-lts/2024/03/msg00035.html
no-dsa vs. no-dla (internal list)
Re-add 1 package, drop 2 packages
- Fix multiple missing package records in internal database and
notify past FD to update workflow
- Feedback on tracking LTS -> oldstable/stable synchronization
https://lists.debian.org/debian-lts/2024/03/msg00038.html
https://lists.debian.org/debian-lts/2024/03/msg00044.html
ELTS
- python3.4
- Finalize Salsa test suite fixes
- Fix unreferenced vulnerability in heappq Module and check
python2.7 upload
- ELA-1056-1
https://www.freexian.com/lts/extended/updates/ela-1056-1-python3.4/
- Front-Desk (weeks 10 and 11)
- Associate CVEs from newer, branched Debian packages with different
names to older ELTS packages (golang*, postgres*, unbound*,
tomcat*)
- Mark 5 supported packages for update
- Triage or precise triage for 15+ CVEs
Documentation and tooling
- Tooling
- salsa: Make timeout action explicit in the logs
https://salsa.debian.org/salsa-ci-team/pipeline/-/merge_requests/481
- package-operations: don't pre-create Git repos anymore as Front-Desk
(internal)
- LTS Documentation
- Git Workflow: warn about various/silent timeouts
https://lts-team.pages.debian.net/git-workflow-lts.html
- Development: Git-related checks
https://lts-team.pages.debian.net/wiki/Development.html#publish-the-git-repository-and-tags
- Development: clean-up e-mail announcement section
https://lts-team.pages.debian.net/wiki/Development.html#announce-the-update
https://wiki.debian.org/DebianMailingLists#PGP-based_approvals
- package database: fix-up python* TestSuites pages
- ELA procedure: suggest website commit message
(internal)
- ELTS local autopkgtest/qemu: reference truncation issue
(internal)
- ELTS staging system (currently opt-in)
- Debug/feedback for ci.freexian.com
- Update upcoming ELA documentation
rdeps status updated ~every hour
Fix missing dcut suite
(internal)
- IRC meeting
--
Sylvain Beucler
Debian LTS Team
Reply to: