Hi, January was my 1st month as a Debian LTS paid contributor. I was assigned 8 hours and I spent 6.5 hours for the following:
transfig: + Fixed CVE-2018-16140, CVE-2019-14275, CVE-2019-19555, tested, uploaded and released DLA. + Investigate CVE-2019-19746 and CVE-2019-19797, but they were not reproducible in Debian. python-apt: + Fixes for CVE-2019-15795 and CVE-2019-15796 were prepared and uploaded by its maintainer Julian Andres Klode. I published DLA. yara: + Investigate CVE-2019-19648, still no upstream fix yet. sudo: + Fixed CVE-2019-18634, tested, uploaded and released DLA. Best, Dylan
