Hi, I am funded by Freexian SARL and thus reporting about my work in October 2022.
LTS === I issued DLA-3133-1 for lighttpd fixing a denial of service vulnerability in buster. I issued DLA-3152-1 for glibc fixing 14 CVEs in buster and triaged a few more. Thus far one regression has surfaced. Partial upgrades can break iconv (#1021973). ELTS ==== I issued ELA-697-1 for libraw fixing 7 CVE in stretch and rechecked all CVEs due to prior misclassification. I prepared an update of glibc in jessie and stretch and called for testing the update. Packages available at: https://subdivi.de/~helmut/glibc_elts/ Further changes pending. Debian ====== I continued maintaining rebootstrap. As part of this, I've sent patches to various packages (bash, gcc, libunistring, systemd). While the majority is fixing regressions, I also made some progress on hurd and musl this month. I attended the CTTE monthly meeting. I sent patches for 38 cross build failures. A significant fraction of this is inside the qt6 ecosystem. Helmut
