Here is my public monthly report.
Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/lts/debian/#sponsors
LTS
- p7zip / p7zip-rar
- Continue work from past month (the p7zip fork is now unmaintained,
and (newer) 7zip package doesn't share details on individual CVE
fixes, hampering security support)
- First step: fix bookworm
- Review 7zip packaging (not p7zip; in particular bookworm->trixie)
- Propose 7zip backport with minimal impact, by importing 25.01 on
top of the bookworm packaging, plus selected patches, and CI setup
https://lists.debian.org/debian-lts/2026/02/msg00019.html
- To be continued next month
ELTS
- Python
- Continue work from past month
- 5 updates to various python 3.x, 2.x, and pypy[v2]
- Backport Python 3.x fixes to upstream-EOL'd older Python 3.x
versions, then to EOL'd 2.7.x versions, then to pypy
- Ignore a couple low-severity CVEs in older versions, when the
backport would be too likely to introduce regressions
- Prove that a few CVEs did not affect older versions
- Improve tests: fix test suite issues in indep builds (mistakenly
run under fakeroot), fix testsuite issues with new sbuild-based
build environment, disable one heavy test in pypy (already
disabled elsewhere), tidy Salsa CI setup
- Clean-up python3.5 Git repository on Salsa (mismatch with archive)
- Investigate python-django regression and propose fix to maintainer
- python3.11 upcoming PU: warn against regression in fixed CVEs
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126814#17
- ELA-1639-1
https://www.freexian.com/lts/extended/updates/ela-1639-1-pypy/
ELA-1640-1
https://www.freexian.com/lts/extended/updates/ela-1640-1-python2.7/
ELA-1641-1
https://www.freexian.com/lts/extended/updates/ela-1641-1-python3.5/
ELA-1642-1
https://www.freexian.com/lts/extended/updates/ela-1642-1-python3.7/
Common documentation and tooling
- Public documentation
- Technical workflows: drop obsolete pbuilder and ansible section
https://lts-team.pages.debian.net/technical-workflows.html
- TestSuites: python3: run new tests w/o fixing a vulnerability (using quilt);
reference Python-Fedora Git repository
https://lts-team.pages.debian.net/wiki/TestSuites/python3.html
- Review merge requests
https://salsa.debian.org/lts-team/lts-team.pages.debian.net/-/merge_requests/28
https://salsa.debian.org/lts-team/lts-team.pages.debian.net/-/merge_requests/29
- January recap
https://lists.debian.org/debian-lts/2026/02/msg00022.html
- Private documentation: reviews merge requests
- Front Desk shadowing
Prepare charles' first FD week, answer questions, check activity
- Front Desk not-shadowing
Revert erroneous related-cves.py use and re-run it properly
https://salsa.debian.org/freexian-team/extended-lts/security-tracker/-/commit/687d12ffb81e66cd7e6593f0a48f2c27355277e8
- Tooling
- Help check cvehist disk space again (false alarm)
https://salsa.debian.org/lts-team/cvehist
- CSAF exporter: contribute code to detect changes advisories
(DSA/DLA/ELA) since a given Git commit
- debusine: report issues
piuparts error, apt-get sigsegv
https://salsa.debian.org/freexian-team/debusine.debian.net/support/-/issues/6
piuparts, stretch and /var/lib/dpkg/available
https://salsa.debian.org/freexian-team/debusine.debian.net/support/-/issues/7
- Team meeting (Jitsi)
--
Sylvain Beucler
Debian LTS Team
