LTS report 2018-05-01 to 2018-05-31
LTS report 2018-05-01 to 2018-05-31
This time period I used 10 hours.
Wheezy Package Support
For the project Wheezy Package Support, I used 10 hours in the following tasks:
- cacti
- calibre
- efail
- firebird2.5
- glusterfs
- libspring-java
cacti
- Research security issues for CVE-2018-10061 and CVE-2018-10061.
- 10 upstream patches (that I can see).
- Marked issues no-dsa in wheezy.
calibre
- Sent response to previous email. Unclear if calibre security fix has any significant benefits.
- Research security issues for CVE-2018-10061 and CVE-2018-10061.
- 10 upstream patches (that I can see).
- Sent email to debian security team.
- Mark CVE-2018-7889 as no-dsa in wheezy.
efail
- Investigate CVE-2017-17689 efail security issues with encrypted emails.
firebird2.5
- Backport fix from 3.0.3.32900.ds4-3 for CVE-2017-11509.
- Test backported fix.
- Build and upload for testing.
- Push git changes.
- Announce firefird2.5 2.5.2.26540.ds4-1~deb7u4 package available for testing.
- Build package for release.
- Upload to Debian and create advisory notice.
glusterfs
- Research security vulnerability CVE-2018-1088.
libspring-java
- Research CVE-2018-1272, CVE-2018-1272 and CVE-2018-1275.