Wrt https://lists.debian.org/debian-lts-announce/2018/12/msg0.html
The internal IDs from the tracker _not_ meant for external publication,
this will only lead to stupid chain reactions where external parties
pick them up and then they perpetuate.
Either simply write "no CVE allocated" or rath
Hi,
Here is my ELTS report for November.
I was allocated 6 hours. I have spent 0.5 of them in the following
tasks:
* CVE triage for libsndfile and sysstat.
For a variety of reasons, among others the difficulties to find ELTS work,
I'll temporarily pause my ELTS involvement and focus again on De
Hi,
Here is my LTS report for November.
I was allocated 15 hours. I have spent all of them in the following
tasks:
* openjpeg2:
Continue my investigations on CVE-2018-18088, finish patch and get it
reviewed by upstream (actually merged). Triage CVE-2018-5785 as not
affecting Jessie (vulne
Hi,
In November I was allocated 4h and I spent all of them doing the following:
* uriparser: Fixed CVE-2018-19198, CVE-2018-19199 and CVE-2018-19200.
The DLA was properly sent [1].
* qemu: Tested the update provided by Santiago.
* rails: Mark CVE-2018-16476 as not-affected in Jessie.
[1] https
