Hi, September 2016 was my first month as a payed Debian LTS Team member. After doing two small uploads to wheezy-security in August and got to know the LTS Team workflow, this month I was allocated 9 hours by Freexian. I spent all 9 hours on working on security updates to Debian Wheezy.
In particular, I worked on the following issues: * DLA 612-1: libtomcrypt PKCS#1 RSA signature verification * DLA 617-1: libarchive out of bounds and denial of service * DLA 625-1: libcurl escape/unescape integer overflows * DLA 627-1: pdns qname's length>255b, missing zone size limits * worked on mat issue with embeded images in PDFs (#826101) For reference, these were the issues I worked on in August: * DLA 584-1: libsys-syslog-perl opportunistic loading of modules * DLA 589-1: mupdf out of bounds write access to memory locations I first published my September report at https://blog.freesources.org/posts/2016/09/debian_lts_report_2016_09/ Cheers, jonas
signature.asc
Description: OpenPGP digital signature
