LTS report 2019-05-01 to 2019-05-31
LTS report 2019-05-01 to 2019-05-31
This time period I used 10 hours.
LTS Infrastructure
For the project LTS Infrastructure, I used 2 hours in the following tasks:
- security tracker / python3
security tracker / python3
Jessie Package Support
For the project Jessie Package Support, I used 8 hours in the following tasks:
- gradle
- jquery
- libvirt
- wordpress
gradle
- Send email to debian-lts mailing list.
- Mark package as no-DSA in Jessie.
jquery
- Investigate CVE-2019-11358, Prototype Pollution.
- Apply patch for CVE-2019-11358 to Jessie version.
- Send email to debian-lts mailing list.
- Attempt to debug why building jquery gives 1 byte min.js file.
- Fix build problem with jquery package. Not sure how this package ever got built.
- Upload to Debian and prepare DLA-1777-1.
- Create PR to add DLA-1777-1 to website.
libvirt
- Send new patch using CVE-2016-10746 to mailing list.
- Upload libvirt 1.2.9-9+deb8u6 to Jessie.
- Reserve DLA-1772-1.
- Upload and announce DLA-1772-1
- Create PR to add DLA to website PR#128.
wordpress
- CVE-2017-1000600: Find and add references to tracker.
- CVE-2018-1000773: Attempt to find information on CVE-2018-1000773, which is related to CVE-2017-1000600 (incomplete fix).