LTS report 2019-11-01 to 2019-11-30
LTS report 2019-11-01 to 2019-11-30
This time period I used 10 hours.
Jessie Package Support
For the project Jessie Package Support, I used 5 hours and 20 minutes in the following tasks:
- 389-ds-base
- angular.js
- ansible
- ruby-openid
389-ds-base
- Research problem.
- Unable to get any details except brief summary of problem.
- Look for patch.
- Look for solution that was used by RHEL package version
389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f.src.rpm
without success. - Look for patch in upstream git respository without success.
- Upstream bug returns 404.
angular.js
- CVE-2019-14863: One line fix required.
- Upstream fix: git.
- Apply patch to Jessie version.
- Send patch to debian-lts.
- Upstream fix: git.
- Apply patch to Jessie version.
- Upload fixed package.
- Post DLA-1995-1.
- Add DLA-1995-1 to website.
ansible
- CVE-2019-14846: Easy to fix.
- CVE-2019-14858: Can’t find applicable code.
- CVE-2019-14864: Can’t find applicable code.
ruby-openid
LTS Infrastructure
For the project LTS Infrastructure, I used 4 hours and 40 minutes in the following tasks:
- Automatically strip no-dsa tags by gen-DLA