Hi, I am funded by Freexian SARL and thus reporting about my work in December 2022.
LTS === * I issued DLA-3223-1 for giflib. * I reviewed the joblib DLA and reopened it. * I issued DLA-3226-1 for cgal. * I issued DLA-3233-1 for leptonlib. * I started working on exiv2, but ran out of time. * I started working on heimdal. My January report will contain more information about this and why I skip all the details. ELTS ==== * I issued ELA-74[7]-1 for libraw (mostly done in November). * I issued ELA-751-1 for giflib. * I issued ELA-753-1 for krb5. * I triaged cgal, which turned out to be fixed. * I stared work on leptonlib. A number of issues were fixed upstream by hiding them behind a developer mode and having them disabled by default. A discussion on how to deal with this is ongoing given the risk of regressions vs the risk of exploitation. Your input on this question is welcome. For reference, the relevant change is https://github.com/DanBloomberg/leptonica/commit/24cca39cbeafd7943fb6ec723c9c1f525c24eb9f * I started working on exiv2, but ran out of time. * I started working on heimdal. My January report will contain more information about this and why I skip all the details. Debian ====== The majority of my rebootstrap was dropping applied patches and fixing up after regressions. I filed 14 patches fixing cross build failures. I sent a patch for gcc to make __has_include_next work. I issued a stable update for leptonlib. I uploaded a new tool for creating and running ephemeral virtual machines based on Debian called debvm to experimental. Check https://salsa.debian.org/helmutg/debvm for details. Helmut
