LTS:
apr:
- Determined that CVE-2023-49582 (sole unfixed CVE)
does not affect the binary package in bullseye.
ghostscript:
- Determined that CVE-2024-46952 does not affect <= bullseye.
- Released DLA-3965-1, fixing CVE-2024-46951, CVE-2024-46953,
CVE-2024-46955 and CVE-2024-46956.
glib2.0:
-
I've worked during November 2024 on the below listed packages, for
Freexian LTS/ELTS [1]
Many thanks to Freexian and sponsors [2] for providing this opportunity!
smarty3 (DLA-3956-1, ELA-1237-1)
Fixed threeCVEs for smarty3, a PHP templating engine.
CVE-2018-2504
Hi everyone,
in October I worked on dnsmasq in bullseye, manually verifying via the proof of
concept provided by the original security researchers that the patches applied
previous month fix the security issues. During the LTS review process some
smaller issues were identified and changed, and
I've worked during november 2023 on the below listed packages, for Freexian
LTS/ELTS [1]
Many thanks to Freexian and our sponsors [2] for providing this opportunity!
ELTS:
The work consisted to fix libreoffice both for stretch and jessie.
I have fixed CVE-2020-12801 CVE-2020-12802 CVE-2020
LTS:
trafficserver:
- Released DLA-3645-1, fixing CVE-2023-41752 and CVE-2023-44487.
galera-3:
- Determined that CVE-2023-5157 in galera-4 does not affect galera-3.
gimp:
- Released DLA-3659-1, fixing CVE-2022-30067, CVE-2023-2
and CVE-2023-4.
- Determined that CVE-2023-3 does not
I've worked during November 2023 on the below listed packages, for
Freexian LTS/ELTS [1]
Many thanks to Freexian and sponsors [2] for providing this opportunity!
LTS:
freerdp2: (DLA-3654-1)
Third time is a charme. After tackling it in September and October,
with DLA-3606-1 fixing a lo
I've worked during november 2023 on the below listed packages, for Freexian
LTS/ELTS [1]
Many thanks to Freexian and our sponsors [2] for providing this opportunity!
ELTS:
python3.5
---
Folowing previous month work, I have finalized to fix testsuite, by
regenerating certifica
Hi,
in November 2022, on behalf of Freexian and through my company velocitux
UG, I have worked on the following LTS tasks:
DLA-3180-1: python-scciclient security update
=
Fixed CVE-2022-2996 for missing TLS certificate verification. Also,
helped to pre
During the month of November, I spent 17h on LTS working on
- remove no-dsa tags script
- udisks2
- security-tracker improvements
- CVE triaging
- mbedtls
For ELTS, I spent 14h working on
- remove no-dsa tags script
- update-nvd sec-tracker checks
- udisks2
- jqueryui
- openjdk-7
- CVE triaging
hi,
in December 2020 I spent 3.5h managing (E)LTS contributors:
- dispatching work hours for LTS and ELTS
- preparing the monthly Freexian blog post published on raphaelhertzog.com
- mail and irc communication, incl.
- semi-automatic unclaim packages
- too many claimed packages
- missing DL
Hi,
During the last month I have spent 22.75h on LTS working on:
- thunderbird security updates
- libproxy security update
- security-tracker improvements
- firefox-esr security update
- drupal7 announcements
- lts meeting
- postgresql-9.6 announcement
- xorg-server security update
- preparation
LTS:
Hours worked:
13 hours
DLA 2452 libdatetime-timezone-perl
Updated timezone data
DLA 2462 cimg
CVE-2020-25693
DLA 2472 mutt
CVE-2020-28896
DLA 2473 vips
CVE-2020-20739
ELTS:
Hours worked:
2 hours
libdatetime-timezone-perl
Updated timezone data
hi,
in November 2020 I spent 8h managing (E)LTS contributors:
- dispatching work hours for LTS and ELTS
- preparing, runninng und post-processing the monthly team meeting on IRC
- preparing the monthly Freexian blog post published on raphaelhertzog.com
- mail and irc communication, incl.
- semi
Hi,
During the month of November I worked on the Thunderbird update after the
toolchain update work for Firefox ESR 68 made that possible. I also spent time
working on build fixes for Firefox (on armhf for jessie, as well as various
other issues on stretch). Those will also benefit Thunderbird. Th
Hi,
In November, I spent 38h in Debian LTS, on the following tasks:
Finished the rustc and cargo bootstrap, which allowed to update firefox-esr and
thunderbird. There was a problem with rustc on i386, which I investigated and
finally fixed, allowing firefox-esr/thunderbird to build there too. The
15 matches
Mail list logo
